Find Out What Ports Are Listening / Open On My Linux & FreeBSD Server

Author: Vivek Gite Last updated: March 16, 2016 13 comments
How do I find open ports on Linux or FreeBSD Unix server?

There are different commands on both Linux and UNIX server to see what TCP/UDP ports are listening or open on your server. You can use netstat command, which prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships, etc. Another (and suggested) option is to use the lsof command, which lists open files, and ports on Linux, FreeBSD, Solaris and other Unixish systems.

netstat command to find open ports

The syntax is:
# netstat --listen
OR
# netstat -l
Sample outputs from my Debian 8.x Linux server:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:953           *:*                     LISTEN     
tcp        0      0 localhost:6010          *:*                     LISTEN     
tcp        0      0 localhost:4700          *:*                     LISTEN     
tcp        0      0 *:nfs                   *:*                     LISTEN     
tcp        0      0 *:afpovertcp            *:*                     LISTEN     
tcp        0      0 localhost:mysql         *:*                     LISTEN     
tcp        0      0 *:51084                 *:*                     LISTEN     
tcp        0      0 *:40495                 *:*                     LISTEN     
tcp        0      0 *:sunrpc                *:*                     LISTEN     
tcp        0      0 *:http                  *:*                     LISTEN     
tcp6       0      0 [::]:41864              [::]:*                  LISTEN     
tcp6       0      0 [::]:37833              [::]:*                  LISTEN     
tcp6       0      0 [::]:35658              [::]:*                  LISTEN     
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN     
tcp6       0      0 [::]:http               [::]:*                  LISTEN     
tcp6       0      0 [::]:domain             [::]:*                  LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
udp        0      0 *:59997                 *:*                                
udp        0      0 *:37610                 *:*                                
udp        0      0 *:755                   *:*                                
udp        0      0 nas01.nixcraft.n:domain *:*                                
udp        0      0 localhost:domain        *:*                                
udp        0      0 *:54469                 *:*                                
udp        0      0 *:mdns                  *:*                                
udp6       0      0 [::]:34235              [::]:*                             
udp6       0      0 [::]:36451              [::]:*                             
udp6       0      0 [::]:sunrpc             [::]:*                             
udp6       0      0 [::]:58606              [::]:*                             
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     16912    /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     11796    /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     11799    /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     18844    @/tmp/dbus-FStDtp4tGA

To display open ports and established TCP connections, enter:
$ netstat -vatn
To display only open UDP ports try the following command:
$ netstat -vaun
If you want to see FQDN (full dns hostname), try removing the -n flag:
$ netstat -vat
FreeBSD/OS X Unix user try the following command:
$ netstat -na | grep -i LISTEN
$ netstat -f inet -na | grep -i LISTEN
Sample outputs:

tcp6       0      0  ::1.52698              *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49153        *.*                    LISTEN     
tcp4       0      0  127.0.0.1.49152        *.*                    LISTEN     
tcp4       0      0  *.22                   *.*                    LISTEN     
tcp6       0      0  *.22                   *.*                    LISTEN

lsof Command Examples

To display the list of open ports, enter:
# lsof -i
To display all open files, use:
# lsof
To display all open IPv4 network files in use by the process whose PID is 9255, use:
# lsof -i 4 -a -p 9255
Another example:
# lsof -iTCP -sTCP:LISTEN
Sample outputs:

COMMAND    PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
rpcbind   1004     root    8u  IPv4  14248      0t0  TCP *:sunrpc (LISTEN)
rpcbind   1004     root   11u  IPv6  14251      0t0  TCP *:sunrpc (LISTEN)
rpc.statd 1013    statd    9u  IPv4  14331      0t0  TCP *:51084 (LISTEN)
rpc.statd 1013    statd   11u  IPv6  14335      0t0  TCP *:54585 (LISTEN)
sshd      1031     root    3u  IPv4  15629      0t0  TCP *:ssh (LISTEN)
sshd      1031     root    4u  IPv6  15631      0t0  TCP *:ssh (LISTEN)
named     1034     bind   20u  IPv6  13184      0t0  TCP *:domain (LISTEN)
named     1034     bind   21u  IPv4  13188      0t0  TCP localhost:domain (LISTEN)
named     1034     bind   22u  IPv4  13190      0t0  TCP nas01.nixcraft.net.in:domain (LISTEN)
named     1034     bind   23u  IPv4  14835      0t0  TCP localhost:953 (LISTEN)
named     1034     bind   24u  IPv6  15643      0t0  TCP ip6-localhost:953 (LISTEN)
mysqld    1654    mysql   10u  IPv4  16911      0t0  TCP localhost:mysql (LISTEN)
lighttpd  1679 www-data    4u  IPv4  18535      0t0  TCP *:http (LISTEN)
lighttpd  1679 www-data    5u  IPv6  18536      0t0  TCP *:http (LISTEN)
afpd      1709     root    6u  IPv4  18703      0t0  TCP *:afpovertcp (LISTEN)
cnid_meta 1710     root    5u  IPv4  16316      0t0  TCP localhost:4700 (LISTEN)
rpc.mount 1739     root    9u  IPv4  16332      0t0  TCP *:52053 (LISTEN)
rpc.mount 1739     root   11u  IPv6  16336      0t0  TCP *:41859 (LISTEN)
rpc.mount 1739     root   13u  IPv4  16340      0t0  TCP *:40495 (LISTEN)
rpc.mount 1739     root   15u  IPv6  16344      0t0  TCP *:35658 (LISTEN)
rpc.mount 1739     root   17u  IPv4  16348      0t0  TCP *:60881 (LISTEN)
rpc.mount 1739     root   19u  IPv6  16352      0t0  TCP *:37833 (LISTEN)
sshd      1975    vivek   11u  IPv6  19711      0t0  TCP ip6-localhost:6010 (LISTEN)
sshd      1975    vivek   12u  IPv4  19712      0t0  TCP localhost:6010 (LISTEN)

A Note About FreeBSD Users

You can use the sockstat command lists open Internet or UNIX domain sockets, enter:
$ sockstat
$ sockstat -l
$ sockstat -4 -l
$ sockstat -6 -l
Sample outputs:

Fig.01: sockstat command on FreeBSD


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 13 comments so far... add one


Related Tutorials
CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
13 comments… add one
  • vinod Jun 22, 2007 @ 9:43

    I used lsof command in freebsd 5 i am not getting any output for checking tcp/udp ports which are listening or open on my server

    Reply Link
    • doru001 Jan 4, 2011 @ 13:29

      sudo?

      Reply Link
    • 🐧 nixCraft Jan 5, 2011 @ 7:06

      Yes, you must be root and use sockstat command.

      Reply Link
  • ramakrishna Jun 5, 2008 @ 11:27

    What is the equivalent port for com9 on linux?How do i find out com port equivalents in linux?Thanks

    Reply Link
  • Rudi Aug 4, 2008 @ 13:27

    on FreeBSD you can also use sockstat to list open sockets

    Reply Link
  • Ruwinda Fernando Jun 29, 2009 @ 8:58

    correction :- should be
    netstat -l, –listening :- to get list the listening sockets.

    BR.
    ruwinda.

    Reply Link
  • Jon Nov 17, 2010 @ 22:58

    lsof -i (to get an idea of ports out there)

    netstat -a | grep
    example: netstat -a | grep 4449

    If nothing is returned like below the port is free
    $ netstat -a | grep 4449
    $

    Reply Link
  • Jacob Apr 1, 2012 @ 15:11

    Hello There.

    My name is Jacob and I’m running a hosting business. I have 2 dedicated servers at the moment and they’re both Linux Debian 6.0. I have some troubles with my dedicated IP’s. Some server on my dedicated server is having the port 0000 or 0. It takes all the dedicated IP’s and I don’t know how to find where its located or how to close it. I know the pid and I can see it’s running some where but the location I cant see. Please help me. It’s a big problem I’ve been trying to figure out.

    Reply Link
  • sovan Dec 9, 2012 @ 9:51

    there are some command to find out the all open port…bt there have any command to find out all the port,which are listing or not?that means have any command to show list of all ports?????

    Reply Link
    • NublaII Aug 1, 2014 @ 14:35

      Try this:
      open tcp, udp, listening, program, numeric, ipv4
      netstat -tulpn4

      Reply Link
  • sovan Dec 9, 2012 @ 10:00

    how do i find out what ports are listeningopen/off on my linuxfreebsd server?how do i find the port,which are not listening.i just want to see list of all port.

    Reply Link
  • maram Apr 29, 2016 @ 13:35

    how i send the list to local email?

    Reply Link
  • Binh Thanh Nguyen Dec 5, 2017 @ 11:19

    Thanks, nice tips

    Reply Link

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum

Next FAQ:

Previous FAQ:

FEATURED ARTICLES

Sign up for my newsletter