How I can get ports associated to the application that opened them?

Question

I need to get a list of all opened ports on my machine and what application opened them. I need to get this information programmatically.

Thanks.

Answer 1

You have to implement the following:

1. socket=ls -l /proc/<pid>/fd | grep socket | sed 's/.*socket:\[//' | sed 's/\]//'

2. grep $socket /proc/net/tcp

3. Parse the output from the previous command (second entry contains port information)

Answer 2

I was hoping a cleverer answer would appear. I did just this (programmatically in Python), in an attempt to rewrite a program called NetHogs. My version is here, specifically here is the module in Python used to parse the table from /proc. If you're not Python literate (go learn it), then take a look at the original NetHogs, which uses a blend of C/C++ (and is a bit painful to read hence the rewrite).

It's worth noting that extensive or quickly repeated attempts to parse socket information from /proc is very CPU intensive, as the operating system has to handle every syscall made, and parse internal structures dynamically. As such you'll find some caching, and timing assumptions made in the source of both projects I've linked you to.

The short of it is, you need to relate the socket inodes given for each process in /proc/<pid>/fd to the connections given in /proc/net/<proto>. Again, example parsing, and how to locate all of these are present in both projects.

Answer 3

exec('netstat');

Answer 4

The information about open files (including sockets) can be dug out of the /proc directory.

This article gives a lot of detail and gets you started.

Answer 5

ss -nltup 
netstat -ltupn
lsof  -iTCP -sTCP:LISTEN

Edit: Ah sorry, not programmatic. But helpful if you want to fork a process. No point in re-inventing the wheel every time.