On Linux, I can use netstat -pntl | grep $PORT or fuser -n tcp $PORT to find out which process (PID) is listening on the specified TCP port. How do I get the same information on Mac OS X?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
On macOS High Sierra, use this command:
lsof -nP -i4TCP:$PORT | grep LISTEN
On older versions, use one of the following forms:
lsof -nP -iTCP:$PORT | grep LISTEN
lsof -nP -i:$PORT | grep LISTEN
Substitute $PORT with the port number or a comma-separated list of port numbers.
Prepend sudo (followed by a space) if you need information on ports below #1024.
The -n flag is for displaying IP addresses instead of host names. This makes the command execute much faster, because DNS lookups to get the host names can be slow (several seconds or a minute for many hosts).
The -P flag is for displaying raw port numbers instead of resolved names like http, ftp or more esoteric service names like dpserve, socalia.
See the comments for more options.
回答2:
You can also use:
sudo lsof -i -n -P | grep TCP
This works in Mavericks.
回答3:
Since Yosemite (10.10), up to Mojave (10.14), every version of macOS supports this:
sudo lsof -iTCP -sTCP:LISTEN -n -P
回答4:
Update January 2016
Really surprised no-one has suggested:
lsof -i :PORT_NUMBER
to get the basic information required. For instance, checking on port 1337:
lsof -i :1337
Other variations, depending on circumstances:
sudo lsof -i :1337
lsof -i tcp:1337
You can easily build on this to extract the PID itself. For example:
lsof -t -i :1337
which is also equivalent (in result) to this command:
lsof -i :1337 | awk \'{ print $2; }\' | head -n 2 | grep -v PID
Quick illustration:
![\"enter](\"https://i.stack.imgur.com/VCAKo.gif\")
For completeness, because frequently used together:
To kill the PID:
kill -9 <PID>
# kill -9 60401
or as a one liner:
kill -9 $(lsof -t -i :1337)
回答5:
This works in Mavericks (OSX 10.9.2).
sudo lsof -nP -iTCP:$PORT -sTCP:LISTEN
回答6:
on OS X you can use the -v option for netstat to give the associated pid.
type:
netstat -anv | grep [.]PORT
the output will look like this:
tcp46 0 0 *.8080 *.* LISTEN 131072 131072 3105 0
The PID is the number before the last column, 3105 for this case
回答7:
On macOS, here\'s an easy way to get the process ID that\'s listening on a specific port with netstat. This example looks for a process serving content on port 80:
find server running on port 80
netstat -anv | egrep -w [.]80.*LISTEN
sample output
tcp4 0 0 *.80 *.* LISTEN 131072 131072 715 0
The 2nd from the last column is the PID. In above, it\'s 715.
options
-a - show all ports, including those used by servers
-n - show numbers, don\'t look up names. This makes the command a lot faster
-v - verbose output, to get the process IDs
-w - search words. Otherwise the command will return info for ports 8000 and 8001, not just \"80\"
LISTEN - give info only for ports in LISTEN mode, i.e. servers
回答8:
On the latest macOS version you can use this command:
lsof -nP -i4TCP:$PORT | grep LISTEN
If you find it hard to remember then maybe you should create a bash function and export it with a friendlier name like so
vi ~/.bash_profile
and then add the following lines to that file and save it.
function listening_on() {
lsof -nP -i4TCP:\"$1\" | grep LISTEN
}
Now you can type listening_on 80 in your Terminal and see which process is listening on port 80.
回答9:
On Snow Leopard (OS X 10.6.8), running \'man lsof\' yields:
lsof -i 4 -a
(actual manual entry is \'lsof -i 4 -a -p 1234\')
The previous answers didn\'t work on Snow Leopard, but I was trying to use \'netstat -nlp\' until I saw the use of \'lsof\' in the answer by pts.
回答10:
I am a Linux guy. In Linux it is extremely easy with netstat -ltpn or any combination of those letters. But in Mac OS X netstat -an | grep LISTEN is the most humane. Others are very ugly and very difficult to remember when troubleshooting.
回答11:
lsof -n -i | awk \'{ print $1,$9; }\' | sort -u
This displays who\'s doing what. Remove -n to see hostnames (a bit slower).
回答12:
For the LISTEN, ESTABLISHED and CLOSED ports
sudo lsof -n -i -P | grep -i TCP
For the LISTEN ports only
sudo lsof -n -i -P | grep -i LISTEN
For a specific LISTEN port, ex: port 80
sudo lsof -n -i -P | grep -i \":80 (LISTEN)\"
Or if you just want a compact summary [no service/apps described]
netstat -an | grep \'LISTEN \'
Explaining the items used:
-n suppress the host name
-i for IPv4 and IPv6 protocols
-P omit port names
-a [over netstat] for all sockets
-n [over netstat] don\'t resolve names
Tested on High Sierra 10.13.3
BTW, the last syntax netstat works on linux too
回答13:
This did what I needed.
ps -eaf | grep `lsof -t -i:$PORT`
回答14:
I made a small script to see not only who is listening where but also to display established connections and to which countries. Works on OSX Siera
#!/bin/bash
printf \"\\nchecking established connections\\n\\n\"
for i in $(sudo lsof -i -n -P | grep TCP | grep ESTABLISHED | grep -v IPv6 |
grep -v 127.0.0.1 | cut -d \">\" -f2 | cut -d \" \" -f1 | cut -d \":\" -f1); do
printf \"$i : \" & curl freegeoip.net/xml/$i -s -S | grep CountryName |
cut -d \">\" -f2 | cut -d\"<\" -f1
done
printf \"\\ndisplaying listening ports\\n\\n\"
sudo lsof -i -n -P | grep TCP | grep LISTEN | cut -d \" \" -f 1,32-35
#EOF
Sample output
checking established connections
107.178.244.155 : United States
17.188.136.186 : United States
17.252.76.19 : United States
17.252.76.19 : United States
17.188.136.186 : United States
5.45.62.118 : Netherlands
40.101.42.66 : Ireland
151.101.1.69 : United States
173.194.69.188 : United States
104.25.170.11 : United States
5.45.62.49 : Netherlands
198.252.206.25 : United States
151.101.1.69 : United States
34.198.53.220 : United States
198.252.206.25 : United States
151.101.129.69 : United States
91.225.248.133 : Ireland
216.58.212.234 : United States
displaying listening ports
mysqld TCP *:3306 (LISTEN)
com.avast TCP 127.0.0.1:12080 (LISTEN)
com.avast TCP [::1]:12080 (LISTEN)
com.avast TCP 127.0.0.1:12110 (LISTEN)
com.avast TCP [::1]:12110 (LISTEN)
com.avast TCP 127.0.0.1:12143 (LISTEN)
com.avast TCP [::1]:12143 (LISTEN)
com.avast TCP 127.0.0.1:12995 (LISTEN)
com.avast [::1]:12995 (LISTEN)
com.avast 127.0.0.1:12993 (LISTEN)
com.avast [::1]:12993 (LISTEN)
Google TCP 127.0.0.1:34013 (LISTEN)
This may be useful to check if you are connected to north-korea! ;-)
回答15:
This is a good way on macOS High Sierra:
netstat -an |grep -i listen
回答16:
Inspired by user Brent Self:
lsof -i 4 -a | grep LISTEN
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/VCAKo.gif', '推荐 伤终究还是伤i 的文章《Who is listening on a given TCP port on Mac OS X?》','https://www.manongdao.com/article-8464.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}