Is there any command which checks that a certain process is listening to a port.
I have tried check_tcp but it does not output which process is listening to a port
Its output was:
TCP OK - 0.000 second response time on port 8443|time=0.000421s;;;0.000000;10.000000
I didn't see anything on the Nagios Plugins Exchange to meet your needs, so I wrote one to be used with NRPE.
https://github.com/jlyoung/nagios_check_listening_port_linux
Output looks like this:
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 80
OK. nginx found listening on port 80 for the following address(es): [0.0.0.0] | 'listening_on_expected_port'=1;;;;
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 9999
CRITICAL - No process named nginx could be found listening on port 9999 | 'listening_on_expected_port'=0;;;;
Related
I have a google compute running CentOS 7, and I wrote up a quick test to try and communicate with it over port 9000 (from my home PC) - but I'm unexpectedly getting network errors.
This happens both with my test script (which attempts to send a payload) and even with plink.exe (which I'm just using to check the port availability).
>plink.exe -v -raw -P 9000 <external_IP>
Connecting to <external_IP> port 9000
Failed to connect to <external_IP>: Network error: Connection refused
Network error: Connection refused
FATAL ERROR: Network error: Connection refused
I've added my external IP to googles firewall (https://console.cloud.google.com/networking/firewalls) and set to allow ingress traffic over port 9000 (it's the lowest priority, at 1000)
I also updated firewalld in CentOS to allow TCP traffic over the port:
Redirecting to /bin/systemctl start firewalld.service
[foo#bar ~]$ sudo firewall-cmd --zone=public --add-port=9000/tcp --permanent
success
[foo#bar ~]$ sudo firewall-cmd --reload
success
I've confirmed my listener is running on port 9000
[foo#bar ~]$ netstat -npae | grep 9000
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1000 18381 1201/python3
By default, CentOS 7 doesn't use iptables (just to be sure, I confirmed it wasn't running)
Am I missing something?
NOTE: Actual external IP replaced with <external_IP> placeholder
Update:
If I nmap my listener over port 9000 from the CentOS 7 compute instance over a local IP, like 127.0.0.1 I get some results. Interestingly, if I make the same nmap call over the servers external IP -- nadda. So this has to be a firewall, right?
external call
[foo#bar~]$ nmap <external_IP> -Pn
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 00:33 UTC
Nmap scan report for <external_IP>.bc.googleusercontent.com (<external_IP>)
Host is up (0.00043s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
3389/tcp closed ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 4.87 seconds
Internal Call
[foo#bar~]$ nmap 127.0.0.1 -Pn
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05-25 04:36 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
9000/tcp open cslistener
Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
In this case software running on the backend VM must be listening any IP (0.0.0.0 or ::), your's is listening to "127.0.0.1:9000" and it should be "0.0.0.0:9000".
The way to fix that it's to change the service config to listen to 0.0.0.0 instead of 127.0.0.1 .
Cheers.
I have a periodical problem in a server with Plesk, the Port 80 is not listened but 7080 is listened so the websites do not respond on the Port 80.
#netstat -tlpn | grep :80
#netstat -tlpn | grep :7080
tcp 0 0 :::7080 :::* LISTEN 3009/httpd
# plesk sbin nginxmng -s
Enabled
I resolve this problem executing the following commands but after few minutes the problem returns periodically:
pkill -9 nginx
# service nginx start
Starting nginx: [ OK ]
# /usr/local/psa/admin/bin/nginxmng -d
# /usr/local/psa/admin/bin/nginxmng -e
# service nginx restart
Starting nginx: [ OK ]
Source: https://support.plesk.com/hc/en-us/articles/213926725-Websites-do-not-respond-on-80-port-but-respond-properly-on-7080-port
How can i finally fix this error? I am thinking to add a crontab running the commands that i have used to solve the error but i think that it is not a good idea.
I am trying to setup the flume agent to collect the log events from Rsyslog, but I dont have root permission/sudoer to figure out which port syslog is running on/ and where it is running on TCP or UDP so I can configure flume agent accordingly.
Is there any way to know exactly what is the port that Rsyslog deamon running on?
Below are command that I have used to identify Rsyslog Deamon process
ldnpsr000001131$ ps -ef | grep syslog
root 4874 1 0 Feb04 ? 00:00:14 /sbin/rsyslogd -i /var/run/syslogd.pid -c 4
You may try netstat -natupel |grep syslog and you'll get all connections : active and listening
If I have a host with two IPs, say 192.168.0.2 and 192.168.0.3 and I run a container like this:
docker run -p 192.168.0.3:80:80 some_container
and then I run another container like this:
docker run -p 80:80 some_other_container
Then what happens?
A) Second command fails with "address already in use" OR
B) some_other_container has its port 80 exposed on 192.168.0.2 while some_container has its port 80 exposed on 192.168.0.3 ?
If it's A) then how can I make this work in such a way that "some_container" always has its port 80 exposed on 192.168.0.3 and "some_other_container" which is started with "-p" (cannot specify IP) always exposes its ports on 192.168.0.2 ?
The first question is easy enough to answer with a quick test:
$ docker run -itd -p 127.0.0.1:80:80 nginx
acdf03bd196d2241d4f776ff701eab6222cc80bfb1b4dd06bc65af0a3625e602
$ docker run -itd -p 80:80 nginx
b75938101d9c8a28b0d7d220b0046a4f8884fb82e9bc337c65d48a214bc3e54f
docker: Error response from daemon: driver failed programming external connectivity on endpoint lonely_kirch (c144b82f83c7ab1c527c25d9a6807d37069a7382181f9bf98bb1b1cd93976313): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use.
Unless you want to rewrite the linux network stack (not recommended), I believe your options are to either pass the IP to your second run command, pass a default IP to the docker daemon (dockerd -ip 192.168.0.2), or pick a different port.
This has to be a simple problem. I'm using boot2docker. If I ssh into boot2docker:
docker#boot2docker:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
89ec1492d7c7 mycontainer:latest "/bin/sh -c nginx" 35 seconds ago Up 35 seconds 80/tcp, 0.0.0.0:80->1000/tcp desperate_mestorf
Then curl:
docker#boot2docker:~$ curl localhost:1000 curl: (7) Failed connect to
localhost:1000; Connection refused
docker#boot2docker:~$ curl
localhost:80 curl: (56) Recv failure: Connection reset by peer
Curl'd on port 80 just to make sure I'm not going crazy. Then I connect to my containers bash:
docker#boot2docker:~$ docker exec -i -t 89ec1492d7c7 bash
root#89ec1492d7c7:/srv/www# curl localhost
<!DOCTYPE html><html><head><link rel="stylesheet" href="/main.css"></head><body><h1>Welcome to Harp.</h1><h3>This is yours to own. Enjoy.</h3></body></html>root
Boom! It works, even tried this while leaving the default port 80. What's really weird is I have other containers on my box that I can get to. Even outside of my boot2docker VM (which I'm only using to take one more thing out of the equation). This must be simple right?
just another the same question in Unable to connect to Docker Nginx build
Here is the way to connect nginx docker container service:
docker ps # confirm nginx is running, which you have done.
docker port desperate_mestorf # get the ports, for example: 80/tcp, 0.0.0.0:80->1000/tcp
boot2docker ip # get the IP address, for example: 192.168.59.103
So now, you should be fine to connect to:
http://192.168.59.103:1000