[Q] IPtables, Port numbers.....

Brett Worth brettw at cray.com.au
Fri Jun 7 22:19:32 EST 2002

On Fri, 7 Jun 2002, Donovan J. Edye wrote:

> I have been looking at my firewall logs and was wondering what the best way
> was to trace what had actually caused the entry. Naturally I can see the
> source IP address but was wondering how I could associate the port
> information with the process that generated it. Another way - How can you
> determine the ports in use by a system? I have access to some of the source
> machines and wanted to track the process that generated the packet(s).

The tool I would use is lsof.  e.g. lsof -i TCP to see who owns TCP


  /) _ _ _/_/ / / /  _ _//
 /_)/</= / / (_(_/()/< ///

More information about the linux mailing list