如何获取其他进程的TCP / UDP套接字对的远程端口
[英]How Do I Get The Remote Port of TCP/UDP Socket Pair of Some Other Process
问题描述
On Linux, suppose we have the PID of some process which is running on the machine. 
在Linux上,假设我们具有正在计算机上运行的某些进程的PID。 Is it possible to get all the remote ports of all socket pairs this process has? 是否可以获取此过程中所有套接字对的所有远程端口? How? 怎么样?
We are able to get the ports which are owned by this process by parsing the outputs of executing netstat -anp | grep PID 通过解析执行netstat -anp | grep PID的输出,我们可以获得该进程所拥有的端口netstat -anp | grep PID netstat -anp | grep PID , I can do it by getting the IP address of this machine via getifaddrs() then drag the part after xxx.xxx.xxx.xxx:. netstat -anp | grep PID ,我可以通过getifaddrs()获取本机的IP地址,然后将其拖到xxx.xxx.xxx.xxx:之后来实现。 But I am not able to know the ip addresses of the other ends which is communicating with target process. 但是我不知道与目标进程通信的另一端的IP地址。
1 个解决方案
解决方案1
1 2013-10-24 12:32:04
TCP Use netstat -n to show remote addresses and ports. TCP使用netstat -n显示远程地址和端口。
UDP Note that the above doesn't apply to UDP because UDP doesn't have the concept of "connections", hence cannot have a remote address and port. UDP请注意,以上内容不适用于UDP,因为UDP没有“连接”的概念,因此不能具有远程地址和端口。 Instead, each UDP message has a source address and port and is handled by a single socket in the destination process. 而是,每个UDP消息都有一个源地址和端口,并在目标进程中由单个套接字处理。 I'm sure there are other ways, but personally I used wireshark to catch UDP packets. 我确定还有其他方法,但是我个人使用wireshark捕获UDP数据包。 As you may have realized, you won't know the remote address until you actually receive a message. 您可能已经意识到,直到您实际收到一条消息,您才知道远程地址。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.