[Q] IPtables, Port numbers.....
brettw at cray.com.au
Fri Jun 7 22:19:32 EST 2002
On Fri, 7 Jun 2002, Donovan J. Edye wrote:
> I have been looking at my firewall logs and was wondering what the best way
> was to trace what had actually caused the entry. Naturally I can see the
> source IP address but was wondering how I could associate the port
> information with the process that generated it. Another way - How can you
> determine the ports in use by a system? I have access to some of the source
> machines and wanted to track the process that generated the packet(s).
The tool I would use is lsof. e.g. lsof -i TCP to see who owns TCP
/) _ _ _/_/ / / / _ _//
/_)/</= / / (_(_/()/< ///
More information about the linux