lsof print numeric ports - unix

How do you get lsof to produce numeric port information instead of attempting to resolve the port to service name?
For example, I want TCP *:http (LISTEN) to give me TCP *:80 (LISTEN) in-fact if at all possible I never want to see another service name in lsof print-out ever again. So if there is a way to make numeric ports the default I would like to understand how to do that as well.

Run lsof -P.
And make sure the P goes before the i, if you combine the option with -i:
lsof -Pi
According to man lsof, -P inhibits the conversion of port numbers to port names for network files. Inhibiting the conversion may make lsof run a little faster. It is also useful when port name lookup is not working properly."

Sometimes handy is:
lsof -Pi
When I tried losf -iP it gave me some trash, so make sure P goes first.
As a side note: lsof -3.14 will provide the same trash, don't try this.

Related

Why "lsof -wni tcp:3000"

When I encounter "a server is already running" I use below command to solve this issue
lsof -wni tcp:3000"
kill -9 pid
I undertand lsof, but don't understand why "-wni", does anybody know what "-wni" stands for?
Also I could use lsof -i tcp:3000, but what is the difference between lsof -i tcp:3000 and lsof -wni tcp:3000?
Thanks.
You can run man lsof to find out those flags.
-w Enables (+) or disables (-) the suppression of warning messages.
-n inhibits the conversion of network numbers to host names for network files. Inhibiting conversion may make lsof run faster.
It is also useful when host name lookup is not working properly.
-i [i] selects the listing of files any of whose Internet address matches the address specified in i. If no address is specified,
this option selects the listing of all Internet and x.25 (HP-UX) network files.

IP tables rules which allows only the communicate with IP which are assigned

I have ubuntu server with few vps running, mostly shared between friends and colleagues, it is from Hetzner,
I also have 2 set of ips ranging from 5.9.237.xxx to 5.9.237.xxx & 5.9.248.xxx to 5.9.248.xxx.
Today they locked my server due to different IP set on the VPS which is causing the problem, now i have KVM access, and they asked me to set up an IP TABLE rule which only allow to communicate the IP which are assigned and ignore the rest,
How to do this? Am a bit lost,
My OS is Ubuntu, and i want command that will ignore all the ips except the set of ip i give.
Thank You.
You need to drop all (careful with iptables, you can block yourself out) you should learn how your distro handles them .. here are the command s that after a reboot will reset back to normal so temp to test.. .
iptables -A INPUT -i eth0 -j DROP
iptables -I INPUT -i eth0 -s 10.10.10.0/24 -j ACCEPT
or of course specify certain ips
iptables -I INPUT -i eth0 -s 10.10.10.118 -j ACCEPT
there is alot more to iptables then this but this should get you started

Setup an ssh jump when the second connection uses gsissh

I can run the following command to accomplish what I am trying to do, however I would like to setup entries in my ~/.ssh/config to handle a transparent jump:
ssh -tt login.domain.org gsissh -tt -p 2222 remote.behind.wall.domain.org
Note that the second hop MUST be made with gsissh, some info can be found here: http://toolkit.globus.org/toolkit/docs/5.0/5.0.4/security/openssh/pi/
AFAIK this precludes the standard use of netcat or the -W flag in the ProxyCommand option in the .ssh/config. I think this is because ssh will try to use ssh instead of gsissh on the intermediate machine.
If I put something like this in my .ssh/config it will hop through to the target machine, but when I exit I will land in a shell on the intermediate machine and it borks my ControlMaster setup—the next time I try to ssh to the final destination I end up on the intermediate machine
Host dest
HostName login.domain.org
PermitLocalCommand yes
LocalCommand gsissh -p 2222 remote.behind.wall.domain.org
Also, it seems that trickery using -L or -R is disabled for security reasons.
I would love some help if anybody has any tips.
Thanks

Checking how many connections are established on specified port

How can I check, how many connections are established for example on port 80 and then write it to the file using bash console?
I've read that netstat can do this, but I can not find , what exactly should I do with that, as I'm newbie on "Unix" systems.
You probably want sockstat if you're on FreeBSD:
sockstat -c -L -P tcp -p 80

A standard Unix command-line tool for piping to a socket

I have some applications, and standard Unix tools sending their output to named-pipes in Solaris, however named pipes can only be read from the local storage (on Solaris), so I can't access them from over the network or place the pipes on an NFS storage for networked access to their output.
Which got me wondering if there was an analogous way to forward the output of command-line tools directly to sockets, say something like:
mksocket mysocket:12345
vmstat 1 > mysocket 2>&1
Netcat is great for this. Here's a page with some common examples.
Usage for your case might look something like this:
Server listens for a connection, then sends output to it:
server$ my_script | nc -l 7777
Remote client connects to server on port 7777, receives data, saves to a log file:
client$ nc server 7777 >> /var/log/archive
netcat (also known as nc) is exactly what you're looking for. It's getting to be reasonably standard, but not available on all systems.
socat seems to be a beefed-up version of netcat, with lots more features, but less commonly available.
On Linux, you can also use /dev/tcp/<host>/<port>. See the Advanced Bash-Scripting Guide for more information.
netcat will help establish a pipe over the network.
You may want to use one of:
ssh: secure (encrypted), already installed out-of-the-box on Solaris - but you have to set up a keypair for non-interactive sessions
e.g. vmstat 2>&1 | ssh -i private.key oss#remote.node "cat >vmstat.out"
netcat: simple to set up - but insecure and open to attacks
see http://www.debian-administration.org/articles/58 etc.
Everyone is on the right track with netcat. But I want to add that if you are piping into nc and expecting a response, you will need to use the -q <seconds> option. From the manual:
-q seconds
after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever.
For instance, if you want to interact with your SSH Agent you can do something like this:
echo -en '\x00\x00\x00\x01\x0b' | nc -q 1 -U $SSH_AUTH_SOCK | strings
A more complete example is at https://gist.github.com/RichardBronosky/514dbbcd20a9ed77661fc3db9d1f93e4
* I stole this from https://ptspts.blogspot.com/2010/06/how-to-use-ssh-agent-programmatically.html

Resources