Geek Answers Handbook

Defining Listening Ports Using Python

When translating some scripts from bash, I come across many uses of netstat -an to find out if one of our services is listening. Although I know that I can just use subprocess.call or another popen, I would prefer to use a pythonic solution, so I do not use the unix environment in which we work.

From what I read, the socket module should have something, but I have not seen anything that checks for listening ports. Maybe I do not understand a simple trick, but so far I know how to connect to the socket, and write something that lets me know when this connection failed. But not necessarily, I found something that specifically checks the port to see if it is being tapped.

Any ideas?

+4
source share
4 answers

How about trying to connect ...

import socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) result = s.connect_ex(('127.0.0.1', 3306)) if result == 0: print('socket is open') s.close()
+9
source

I know this question is old, but I am writing this for beginners. If you want to identify listening ports on your system, you can use the code below.

 from socket import * Port = 0 #First port. while Port <= 65535: #Port 65535 is last port you can access. try: try: Socket = socket(AF_INET, SOCK_STREAM, 0) #Create a socket. except: print("Error: Can't open socket!\n") break #If can't open socket, exit the loop. Socket.connect(("127.0.0.1", Port)) #Try connect the port. If port is not listening, throws ConnectionRefusedError. Connected = True except ConnectionRefusedError: Connected = False finally: if(Connected and Port != Socket.getsockname()[1]): #If connected, print("{}:{} Open \n".format("127.0.0.1", Port)) #print port. Port = Port + 1 #Increase port. Socket.close() #Close socket.
+3
source

You can either try connecting to the port in question or emulate netstat .

The execution of the latter will be OS specific. On Linux, you can learn /proc/net/tcp . It looks like this:

  sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:C809 00000000:0000 0A 00000000:00000000 00:00000000 00000000 117 0 8381 1 ffff8802f22a8000 300 0 0 2 -1 1: 00000000:16CC 00000000:0000 0A 00000000:00000000 00:00000000 00000000 1026 0 14336 1 ffff8802f2249440 300 0 0 2 -1 2: 00000000:006F 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 7876 1 ffff8802f2248000 300 0 0 2 -1 3: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 8163 1 ffff8802f3578000 300 0 0 2 -1 4: 0100007F:0277 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 981582 1 ffff8800d7a53600 300 0 0 2 -1 5: 00000000:0019 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 9129 1 ffff8802edc886c0 300 0 0 2 -1 6: 00000000:021A 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 9016 1 ffff8802edc88000 300 0 0 2 -1 7: 00000000:2B1C 00000000:0000 0A 00000000:00000000 00:00000000 00000000 1026 0 783709 1 ffff8803119cca40 300 0 0 2 -1 8: 00000000:977C 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 24292 1 ffff8802f224e540 300 0 0 2 -1

You are looking for rows with 0A in the st ("status") column. The numbers after the colon in local_address are C809 , 16CC , etc. - These are the TCP port numbers (in hexadecimal format) in which listening processes are present.

+2
source

On Linux, we can use strace to see netstat -ln read and parse various values ​​from the / proc file system.

 $ strace netstat -ln 2>&1| grep '/proc' open("/proc/net/tcp", O_RDONLY) = 3 open("/proc/net/tcp6", O_RDONLY) = 3 open("/proc/net/udp", O_RDONLY) = 3 open("/proc/net/udp6", O_RDONLY) = 3 open("/proc/net/raw", O_RDONLY) = 3 open("/proc/net/raw6", O_RDONLY) = 3 open("/proc/net/unix", O_RDONLY) = 3 open("/proc/net/ipx/socket", O_RDONLY) = -1 ENOENT (No such file or directory) open("/proc/net/ipx", O_RDONLY) = -1 ENOENT (No such file or directory) open("/proc/net/ax25", O_RDONLY) = -1 ENOENT (No such file or directory) open("/proc/net/x25", O_RDONLY) = -1 ENOENT (No such file or directory) open("/proc/net/x25", O_RDONLY) = -1 ENOENT (No such file or directory) open("/proc/net/nr", O_RDONLY) = -1 ENOENT (No such file or directory)

So, you can just read these files with Python and extract the data you need.

 $ cat /proc/net/tcp sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:0050 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 8190 1 00000000 300 0 0 2 -1 1: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 6458 1 00000000 300 0 0 2 -1 2: 0100007F:0277 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 10425 1 00000000 300 0 0 2 -1 3: 8D0BA8C0:8801 689255D1:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 1680975 1 00000000 24 4 16 6 -1 4: 8D0BA8C0:D142 97E67D4A:01BB 06 00000000:00000000 03:000012E8 00000000 0 0 0 3 00000000 5: 8D0BA8C0:D1A1 96E67D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 1672130 1 00000000 24 4 18 5 -1 6: 8D0BA8C0:D148 97E67D4A:01BB 01 00000000:00000000 00:00000000 00000000 1000 0 1679875 1 00000000 24 4 20 5 -1

Listening sockets will have a remote address of 00000000: 0000

Addresses: port pairs are in hexadecimal format. See: * How can I map each / proc / net / tcp entry to every open socket?

You can cross reference / proc // fd. For example, sshd works on my laptop.

 $ cat /var/run/sshd.pid 522 
 $ sudo ls -l /proc/522/fd total 0 lrwx------ 1 root root 64 2011-09-15 21:32 0 -> /dev/null lrwx------ 1 root root 64 2011-09-15 21:32 1 -> /dev/null lrwx------ 1 root root 64 2011-09-15 21:32 2 -> /dev/null lrwx------ 1 root root 64 2011-09-15 21:32 3 -> socket:[6456] lrwx------ 1 root root 64 2011-09-15 21:32 4 -> socket:[6458]

Socket 6456 corresponds to inode 6458 specified in the second row / Proc / Net / TCP.

This way you can get all this information from proc, but you can end up reventing netstat -lntp

+2
source

More articles:


All Articles