[<prev] [next>] [day] [month] [year] [list]
Message-ID: <DM5PR01MB2812871BCF7C026223782698AC649@DM5PR01MB2812.prod.exchangelabs.com>
Date: Tue, 25 Apr 2023 15:18:10 +0000
From: John Fleming <john@...kefishsolutions.com>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: How to find information about kernel based open ports?
Is there anyway to query to the kernel for open sockets? This is more from an administrative point of view. For example NFSD.ko and VXLAN.ko can create listening sockets (maybe that isn't the correct term). I was going to ask if I can tell which kernel module had a port open, but I guess in theory a module could be built into the kernel so I'm really not sure how to propperly ask the question.
But basically is their a way to query the kernel for open sockets in the case of a socket being opening by the kernel and not say a process.
Here is the best I can find using netstat. I see the PID/Program name is "-" which tells me it's the kernel (I think), but I don' t know anything beyond that. If I unload vxlan the listening port goes away, but that is more trial and error.
root@...pute01:/proc/net# netstat -nlp | egrep -- '4789|PID'
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:4789 0.0.0.0:* -
Proto RefCnt Flags Type State I-Node PID/Program name Path
root@...pute01:/proc/net#
My goal would be have some information about all kernel based listeners, hopefully beyond it's the kernel listening (it's the nfs subsystem, vxlan, whatever else).
Please CC me on all replies as I'm not subscribed.
Powered by blists - more mailing lists