Sushil Verma

Sushil Verma

A DevOps Practitioner, and Blockchain visionary with 11+ years of Software Development experience as a DevOps Engineering, Cloud Platform Specialist, Tech Lead, Cloud SME, Software Engineer, and fixer of broken project modules.

Watch TCP and UDP Ports in Linux

Posted: | Last updated: | 1 minute read

In Operating System a port is a logical construct that identifies a specific process/application or service and each network service running on a Linux system uses a particular protocol (the most common being the TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)) and a port number for communicating with other processes or services.

In this article, you will learn how to list and monitor or watch running TCP and UDP ports in real-time with a socket summary on a Linux system.

List All Open Ports in Linux

vagrant@ubuntu-bionic:/$ sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      628/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1344/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      1344/sshd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           628/systemd-resolve
udp        0      0 10.0.2.15:68            0.0.0.0:*                           608/systemd-network

Output:

vagrant@ubuntu-bionic:/$ sudo ss -tulpn
Netid       State         Recv-Q        Send-Q                   Local Address:Port               Peer Address:Port
udp         UNCONN        0             0                        127.0.0.53%lo:53                      0.0.0.0:*            users:(("systemd-resolve",pid=628,fd=12))
udp         UNCONN        0             0                     10.0.2.15%enp0s3:68                      0.0.0.0:*            users:(("systemd-network",pid=608,fd=18))
tcp         LISTEN        0             128                      127.0.0.53%lo:53                      0.0.0.0:*            users:(("systemd-resolve",pid=628,fd=13))
tcp         LISTEN        0             128                            0.0.0.0:22                      0.0.0.0:*            users:(("sshd",pid=1344,fd=3))
tcp         LISTEN        0             128                               [::]:22                         [::]:*            users:(("sshd",pid=1344,fd=4))

From the output of the above command, the State column shows whether a port is in a listening state LISTEN or not.

In the above command, the flag:

  • -t – enables listing of TCP ports.
  • -u – enables listing of UDP ports.
  • -l – prints only listening sockets.
  • -n – shows the port number.
  • -p – show process/program name.

Watch TCP and UDP Open Ports in Real-Time

However, to watch TCP and UDP ports in real-time, you can run the netstat or ss tool with the watch utility as shown.

$ sudo watch netstat -tulpn
Every 2.0s: netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      628/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1344/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      1344/sshd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           628/systemd-resolve
udp        0      0 10.0.2.15:68            0.0.0.0:*                           608/systemd-network

$ sudo watch ss -tulpn
Every 2.0s: ss -tulpn

Netid State   Recv-Q   Send-Q         Local Address:Port     Peer Address:Port
udp   UNCONN  0        0              127.0.0.53%lo:53            0.0.0.0:*      users:(("systemd-resolve",pid=628,fd=12))
udp   UNCONN  0        0           10.0.2.15%enp0s3:68            0.0.0.0:*      users:(("systemd-network",pid=608,fd=21))
tcp   LISTEN  0        128            127.0.0.53%lo:53            0.0.0.0:*      users:(("systemd-resolve",pid=628,fd=13))
tcp   LISTEN  0        128                  0.0.0.0:22            0.0.0.0:*      users:(("sshd",pid=1344,fd=3))
tcp   LISTEN  0        128                     [::]:22               [::]:*      users:(("sshd",pid=1344,fd=4))

Note: To exit from watch, press Ctrl+C.

You may also enjoy

Alpine Docker Image - DevOps utility tools?

December 17, 2019  |  1 minute read

Inception: Many times a DevOps Engineer needs to troubleshoot in the live environment. To troubleshoot the issue sometime we need to have a container with f...

How to install Softwares in Alpine Linux?

November 18, 2019  |  1 minute read

Alpine Linux uses the Alpine Package Keeper (APK) package manager to install, upgrade, and remove software packages. The APK package manager is designed to b...

What is Alpine Linux?

October 13, 2019  |  2 minute read

Inception: The Alpine was first released in 2005. It's a Security oriented, lightweight and efficient Linux distribution. It's heavily used in the container...