Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

tcpip and ports

Status
Not open for further replies.
madra

madra

MIS
Feb 12, 2003
95
GB
How can I verify that a port will allow traffic in ?

Not exactly sure how to ask this question technically, but the basics are this.

Connect:Direct (application) customer sends a file to our AIX server. It passes through everything (customer firewall, internet, our firewall etc...) establishes a link, but then gets - session rejected - message.

There is a route to the IP address (NAT address) for our firewall with the correct gateway on the server. The port is LISTENing.

I just need to confirm that the port will let traffic through.

Hope that makes some sense.

thanks


madra
 
Sort by date Sort by votes
You could double check that the service is LISTENING using the command "netstat -an | grep LISTEN" and verify the expected entry is listed.

To verify connectivity, you could use tcpdump on the server:

Code: 
tcpdump -nn -i $ETH port $SERVERPORT and host $CLIENT-IP

06:38:00.552795 IP [b][COLOR=green]$CLIENT-IP.2749[/color][/b] > [COLOR=blue][b]$SERVER-IP.23[/b][/color]: [b][COLOR=red]S[/color][/b] 3460291001:3460291001(0) win 65535 <mss 1260,nop,nop,sackOK>
06:38:00.552852 IP [COLOR=blue][b]$SERVER-IP.23[/b][/color] > [b][COLOR=green]$CLIENT-IP.2749[/color][/b]: [b][COLOR=red]S[/color][/b] 3887154712:3887154712(0) [b][COLOR=red]ack[/color][/b] 3460291002 win 65535 <mss 1460>
06:38:00.552987 IP [b][COLOR=green]$CLIENT-IP.2749[/color][/b] > [COLOR=blue][b]$SERVER-IP.23[/b][/color]: . [b][COLOR=red]ack[/color][/b] 1 win 65535

[b]This will show the TCP handshake for the connection, assuming the protocol is TCP :).[/b]

The above listing shows that connectivity and session setup at the tcp/ip level has taken place. If successful, you can move on to troubleshooting the application. After successful connection an ESTABLISHED entry should be listed in the output of the command "netstat -an | grep ESTAB".

man tcpdump

Ethan
 
Upvote 0 Downvote
With lsof you can see what port is listening by process. lsof is in the Linux toolbox. For example, to see what's runing on port 1521, do this (mind the line wrap):

[tt]
# lsof -i :1521
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
oracle 790754 orap 14u IPv4 0xf10000f3042b8358 0t1055779 TCP oraprod.foo.bar.com:1521->mickey.foo.bar.com:38297 (ESTABLISHED)
tnslsnr 901178 orap 8u IPv4 0xf10000f30424bb58 0t0 TCP oraprod.hrms.mil.ca:1521 (LISTEN)
[/tt]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Locked
  • Question
What are reservations and how do you set them?
Replies
0
Views
222
emze
E
jkc2023
  • Locked
  • Question
AIX TL and SP upgrade
Replies
0
Views
298
jkc2023
jkc2023
Dan Gaeta
  • Locked
  • Question
Power 740 and HMC
Replies
1
Views
268
pa2nc
pa2nc
vipermaus
  • Locked
  • Question
IBM 615-6C3 Fans missing fault (1011 7620 and 1011 7611)
Replies
0
Views
144
vipermaus
vipermaus
BunnyMerah
  • Locked
  • Question
Using sed to find matched patterns and append
Replies
1
Views
105
johnherman
johnherman

Part and Inventory Search

Sponsor

Back
Top