Manually closing a port from commandline
I want to close an open port which is in listening mode between my client and server application. Is there any manual command line option in Linux to close a port? NOTE: I came to know that «only the application which owns the connected socket should close it, which will happen when the application terminates.» I don’t understand why it is only possible by the application which opens it . But I’m still eager to know if there is any other way to do it.
No, opened ports belong to the process which opened them, there is no control possible from outside. Which is a good thing, or all applications would have to anticipate their open ports (and files) being messed with. However, you can block traffic to a port by firewalling (iptables), but that will not close and give up the port for other use.
A lot of responders missed the point of this question. It is nonsense to declare that only the application that owns the port can disconnect it. I can disconnect it by walking up to the box and pulling the ethernet cable out of the socket, or by killing the application at the other end of the connection! The application must be written to handle this. So — how do you test to be sure the application is written properly without requiring physical intervention and/or control of the other computer?
«. there is no control possible from outside.» That’s an important remark, that’s guided me to the next question, how can i be the part of the process from the outside? GDB.
@JürgenStrobel There is indeed control possible from outside — both tcpkill and ss can do exactly what is asked for. Because opened ports do not truly belong to a process; they are kernel resources, with some rights assigned to a process, but still existing only at the kernel’s pleasure.
@tom-anderson DaleW: tcpkill is a firewalling tool, and I did mention this option. You can prevent traffic to a port, which is different than closing a port (socket).
15 Answers 15
I had same problem, the process must keep alive but the socket must close. Closing a socket in a running process is not impossible but difficult:
call close($fileDescriptor) //does not need ; at end. sudo lsof -np $pid gives me about 200 lines and I’m confused about how to find desired FD. In my case process is a Chrome tab and i’m trying to close opened websockets.
A row typically looks like: firefox 14812 szupervigyor 97u IPv4 32814564 0t0 TCP 192.168.2.4:40385->173.194.39.65:https (ESTABLISHED) as: process_name pid user fd[opened_for] protocol device inode protocol_data_toString
* A row typically looks like: firefox 14812 szupervigyor 97u IPv4 32814564 0t0 TCP 192.168.2.4:40385->173.194.39.65:https (ESTABLISHED) as: process_name pid user fd[opened_for] protocol device inode protocol_data_toString You need to know the remote ip address and find on the last col. In my example the 97 is the FileDescriptor. Searching is difficult if you opened multiple connection to the target host.
If you want to simulate the socket being closed by the remote end (e.g. the peer exiting) it’s better to use shutdown : call shutdown($fileDescriptor, 0) .
You’re kind of asking the wrong question here. It isn’t really possible to simply «close a port» from outside the application that opened the socket listening on it. The only way to do this is to completely kill the process that owns the port. Then, in about a minute or two, the port will become available again for use. Here’s what’s going on (if you don’t care, skip to the end where I show you how to kill the process owning a particular port):
Ports are resources allocated by the OS to different processes. This is similar to asking the OS for a file pointer. However, unlike file pointers, only ONE process at a time may own a port. Through the BSD socket interface, processes can make a request to listen on a port, which the OS will then grant. The OS will also make sure no other process gets the same port. At any point, the process can release the port by closing the socket. The OS will then reclaim the port. Alternatively, if the process ends without releasing the port, the OS will eventually reclaim the port (though it won’t happen immediately: it’ll take a few minutes).
Now, what you want to do (simply close the port from the command-line), isn’t possible for two reasons. First, if it were possible, it would mean one process could simply steal away another process’s resource (the port). This would be bad policy, unless restricted to privileged processes. The second reason is it is unclear what would happen to the process that owned the port if we let it continue running. The process’s code is written assuming that it owns this resource. If we simply took it away, it would end up crashing on it’s own, so OS’s don’t let you do this, even if you’re a privileged process. Instead, you must simply kill them.
Anyway, here’s how to kill a process that owns a particular port:
That will output the line corresponding to the process holding port , for example:
tcp 0 0 *:8000 *:* LISTEN 4683/procHoldingPort In this case, procHoldingPort is the name of the process that opened the port, 4683 is its pid, and 8000 (note that it is TCP) is the port number it holds.
Then, look in the last column, you’ll see /. Then execute this:
If that doesn’t work (you can check by re-running the netstat command). Do this:
In general, it’s better to avoid sending SIGKILL if you can. This is why I tell you to try kill before kill -9 . Just using kill sends the gentler SIGTERM.
Like I said, it will still take a few minutes for the port to re-open if you do this. I don’t know a way to speed this up. If someone else does, I’d love to hear it.
How to Close open Ports manually in Ubuntu / Linux
When running any kind of server application like http or ftp server, or doing socket programming, it might so happen that a server program when recompiled/rerun fails to bind to a particular port number because that port number is already in use.
In such a case, you can either restart the system or close the port manually.
To close the port number manually first the process name/id has to be found out that is holding the port open and then use the kill command on that process.
Find pid with lsof — The lsof command can be used to find the pid and command name of the program or application that is currently using the port. Here is a quick example:
$ lsof -i :8888 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 8461 enlightened 11u IPv6 138527 0t0 UDP *:8888
In the above example it is seen that port 8888 is being held in use by the command java with pid 8461. Now kill the process by doing any of the following
$ kill 8461 or $ killall -9 8461 or $ killall -9 java
Find process/pid with netstat — The netstat command can also be used to find out which process is holding a certain port number
$ netstat -u -ap (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 *:18347 *:* - udp 0 0 localhost:11211 *:* - udp 0 0 localhost:36254 localhost:36254 ESTABLISHED - udp 0 0 localhost:domain *:* - udp 0 0 *:ipp *:* - udp 0 0 *:42038 *:* - udp 0 0 *:17500 *:* 4090/dropbox udp 0 0 *:mdns *:* - udp 0 0 localhost:58797 localhost:7777 ESTABLISHED 9831/ncat udp 0 0 localhost:42724 localhost:domain ESTABLISHED - udp6 0 0 [::]:46282 [::]:* - udp6 0 0 [::]:mdns [::]:* - udp6 0 0 [::]:9999 [::]:* 11598/java
The port we want to close here is 9999. And netstat shows that the pid is «11598» and command name is «java». Over here we used the -u for udp port. If its a tcp port then the «-u» switch is not needed.
To make the search process easier, simply pipe the output of netstat to grep and look for the exact port number
$ sudo netstat -ap | grep :9050 tcp 0 0 localhost:9050 *:* LISTEN 1613/tor
Once the process id/name is found end it with the kill command.
Find pid with fuser — This is yet another command to find the pid/process holding a certain port number. The sytanx is as follows:
fuser -k -n protocol portno
$ fuser -k -n udp 7777 7777/udp: 11774
Conclusion
The above examples show how to find specific process and its pid that are using a given port number. Once you know the port number you can just kill that process and free the port.
Note that if the process was initially launched with root privileges then you would need root privileges to kill it as well.
A Tech Enthusiast, Blogger, Linux Fan and a Software Developer. Writes about Computer hardware, Linux and Open Source software and coding in Python, Php and Javascript. He can be reached at [email protected] .
How to Find Open Ports and Close Them in Linux
Troubleshooting networks? Here’s how to find the open ports and close those open ports in the Linux command line.
So you are dealing with a critical server where you have to maintain security at any cost. And closing ports to block unwanted traffic is the first step you’d take.
Find open ports in Linux
In this tutorial, I am going to use the ss command to find open ports.
You can use the -l option with the ss command to get listening ports. But to be more specific, I’m going with -lt to get listening TCP ports:
Similarly, if you want to have a list of both TCP and UDP in the listening state, you can use the given command:
And to get the listening port of each service, you can use -n and for more fine-tuned results, you can always use the grep command:
Enough of finding open ports, let’s jump to how you can close them.
Close open ports in Linux
To close the port, first, you will need to stop the service and to find the service name, you can use the same ss command with -p option:
sudo ss -tulnp | grep LISTEN
As you can see, the NGINX is utilizing port number 80. So let’s stop it using the given command:
sudo systemctl stop nginxAs it will enable itself on every boot and you can alter this behavior using the given command:
sudo systemctl disable nginxFor better results, I would recommend changing firewall rules.
Here, I’m going to block port no 80 (used by NGINX) in UFW (which is pre-installed in Ubuntu).
First, let’s check the status of UFW:
And if it shows inactive , you can use the given command to enable it:
Now, you just have to pair the deny option with the port number :
Wrapping Up
This was my take on how you can find and close open ports in Linux. I hope you will find this helpful.
And if you have any queries, let me know in the comments.
Freeing up a TCP/IP port? [closed]
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
11 Answers 11
As the others have said, you’ll have to kill all processes that are listening on that port. The easiest way to do that would be to use the fuser(1) command. For example, to see all of the processes listening for HTTP requests on port 80 (run as root or use sudo ):
If you want to kill them, then just add the -k option.
To kill a specific port in Linux use the below command
sudo fuser -k Port_Number/tcp replace Port_Number with your occupied port.
netstat -anp|grep «port_number»
It will show the port details. Go to last column. It will be in this format . For example :- PID/java
lsof -n -i :'port-number' | grep LISTEN java 4744 (PID) test 364u IP0 asdasdasda 0t0 TCP *:port-number (LISTEN) . and that happens if you don’t have permission to see the process. try sudo netstat to actually see the PIDs 🙂
I was trying to kill a port on an amazon ec2 instance via putty cli. Forever said it had no processes running but the port(4200 for an angular app) was still open.This is the only command that worked for me.
In both cases you can use the sudo command if needed.
BEWARE: fuser kills the process not the port. Which means if the port’s stuck in limbo, can it work at all? This is not the right answer.
You can use tcpkill (part of the dsniff package) to kill the connection that’s on the port you need:
sudo tcpkill -9 port PORT_NUMBER The «netstat —programs» command will give you the process information, assuming you’re the root user. Then you will have to kill the «offending» process which may well start up again just to annoy you.
Depending on what you’re actually trying to achieve, solutions to that problem will vary based on the processes holding those ports. For example, you may need to disable services (assuming they’re unneeded) or configure them to use a different port (if you do need them but you need that port more).
Kill the process that is listening to the port in question. I believe netstat shows you process ids.