How do I open the TCP or UDP ports under UNIX / Linux like operating systems?
A port is an application-specific or process-specific software construct serving as a communications endpoint and it is identified by its number such as TCP port number 80 . It is used by TCP and UDP of the Internet Protocol Suite. A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535.
UNIX / Linux +------------------+ | Networking stack | | eth0 | +------------------+ | +------------------+ | Apache process |--> Binding port 80 @ 220.127.116.11 IP +------------------+
In the above example Apache process associates its input and output channel file descriptors (fd) with a port number 80 and an IP address 18.104.22.168. This is known as binding. It is used to send and receive web pages via UNIX / Linux operating system’s networking stack (software). In other words communication is done using application ports. When you start the Apache you open port 80 for communication. Common services such as web, mail, pop3 et all use use specifically reserved, well-known port numbers for receiving service requests from client hosts. The well-known ports are defined the Internet Assigned Numbers Authority (IANA). Type the following command to see list well-known of TCP and UDP port numbers:
$ less /etc/services
grep -w 80 /etc/services
www 80/tcp http # WorldWideWeb HTTP www 80/udp # HyperText Transfer Protocol
Typically port number less than 1024 are used by well know network servers such as Apache. Under UNIX and Linux like oses root (super user) privileges are required to open privileged ports. Almost all clients uses a high port numbers for short term use. This is also known as an ephemeral port. For example Apache use TCP port 80
Server Client w/ Firefox +----------+ +----------------+ | Apache | | connects using | | TCP Port | | an ephemeral | | 80 @ |<-----> eth0 <----> | port # | |22.214.171.124| | 46025 | +----------+ +----------------+
The port numbers are divided into three ranges:
- Well Known Ports: those from 0 through 1023.
- Registered Ports: those from 1024 through 49151
- Dynamic and/or Private Ports: those from 49152 through 65535
You can increase local port range by typing the following command (Linux specific example):
# echo 1024 65535 > /proc/sys/net/ipv4/ip_local_port_range
You can also increase or decrease socket timeout (Linux specific example):
# echo 2000 > /proc/sys/net/ipv4/tcp_keepalive_time
Common Well Known Port Numbers
The following are used by UNIX / Windows / Linux / BSD / OS X and all other server operating systems or network devices (see /etc/services file):
- 21: FTP Server
- 22: SSH Server (remote login)
- 25: SMTP (mail server)
- 53: Domain Name System (Bind 9 server)
- 80: World Wide Web (HTTPD server)
- 110: POP3 mail server
- 143: IMAP mail server
- 443: HTTP over Transport Layer Security/Secure Sockets Layer (HTTPDS server)
- 445: microsoft-ds, Server Message Block over TCP
How Do I See Open Ports and Socket Information Under UNIX or Linux?
You can use the netstat command:
# netstat -tulpn
FreeBSD specific example:
# sockstat -l
To list open IPv4 connections use the lsof command:
# lsof -Pnl +M -i4
The ss command is used to dump socket statistics. It allows showing information similar to netstat command. It can display more TCP and state information than other tools
# ss -s
# ss -l
# ss -pl
# ss -o state established '( dport = :smtp or sport = :smtp )'
Each TCP or UDP port is opened using a UNIX service or daemon such as Apache web server. You can also write a program using C, C++, Perl, Shell or Bash to open any port. You can also use utilities such as nc command .
Apache Server Example (open TCP port 80)
Start the Apache web server under FreeBSD as follows to open TCP port 80:
# /usr/local/etc/rc.d/apache22 forcestart
# /usr/local/etc/rc.d/apache22 start
To displays listening sockets (open ports) under FreeBSD, enter:
# sockstat -l
# netstat -nat | grep LISTEN
You should see port 80 opened under FreeBSD. Under CentOS or Redhat (RHEL) Linux, you can open port 80 using the following commands:
# service httpd start
# chkconfig httpd on
# netstat -tulpn | grep :80
All port numbers are encoded in the transport protocol packet header, and they can be read by other components of the network stack such as firewall. Firewall can be used for port forwarding or denying access to open port. For example, block an abusing IP address called 126.96.36.199 using UNIX firewall. In other words, Apache port is open but it may be blocked by UNIX (pf) or Linux (iptables) firewall. You also need to open port at firewall level. In this example, open tcp port 80 using Linux iptables firewall tool:
# /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# service iptables save
- tcp4 0 0 *.5555 *.* LISTEN
tcp4 0 0 10.1.3.29.53 *.* LISTEN
tcp4 0 0 192.168.56.1.53 *.* LISTEN
tcp4 0 0 188.8.131.52.53 *.* LISTEN
tcp4 0 0 127.0.0.1.953 *.* LISTEN
tcp4 0 0 127.0.0.1.53 *.* LISTEN
tcp4 0 0 127.0.0.1.631 *.* LISTEN
tcp6 0 0 ::1.631 *.* LISTEN
Create a file called echo_server.py:
#!/usr/bin/python # Demo server to open port 8888 # Modified from Python tutorial docs import socket HOST = '127.0.0.1' # Hostname to bind PORT = 8888 # Open non-privileged port 8888 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((HOST, PORT)) s.listen(1) conn, addr = s.accept() print 'Connected by', addr while 1: data = conn.recv(1024) if not data: break conn.send(data) conn.close()
Create a file called echo_client.py:
#!/usr/bin/python # Demo client program # Modified from Python tutorial docs import socket HOST = '127.0.0.1' # Set the remote host, for testing it is localhost PORT = 8000 # The same port as used by the server s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((HOST, PORT)) s.send('Where there is love there is life') data = s.recv(1024) s.close() print 'Received', repr(data)
Save and close the file. Run it as follows:
$ chmod +x *.py
Start server, enter:
$ netstat -nat | grep LISTEN
On a second console connect to the localhost and port being listened on using echo_client.py:
Programming Language Specific Examples
Discussion regarding Sockets and TCP/IP network programming is beyond the scope of this FAQ. I suggest you visit the following web-pages:
- Port Numbers: The Internet Assigned Numbers Authority (IANA).
- Python documentation: See networking and sockets section.
- TCP: Transmission Control Protocol.
- Perl specific TCP/IP networking using IO::Socket::INET.
- UNIX socket: Programming in C UNIX System Calls and Subroutines using C.
- man pages - ss, netstat, lsof, sockstat, nc, services, ntsysv
Sysadmin because even developers need heroes!!!Share this tutorial on: