Solaris Command to Stop Listening on a Port
Solution 1
Well. You need to find the process that's gone zombie, or has ceased being usable, to find the port that's still open. If you know the process name or PID, that's very helpful to use with commands like pfiles
, preap
, and pkill
.
I have a script that can search PIDs or process-names for open ports.
#!/usr/bin/ksh -p
process=$1
# if $1 is all numbers, then assume it's a PID, and get the parent process.
if [[ $process = +([0-9]) ]]; then
for pid in $( ptree $process | grep '^[0-9]' | awk '{print $1}' ); do
pfiles $pid | egrep "^$pid:|sockname"
done
else
# if $1 is/has letters, then assume it's a process name, and grep accordingly.
for pid in $( ptree | grep $process | grep '^[0-9]' | awk '{print $1}' ); do
pfiles $pid | egrep "^$pid:|sockname"
done
fi
That will print the PID, processname, and any sockets open for any process that matches $1.
Once you know exactly which PID is holding that socket open, and not being usable, you can use one of the pkill
or preap
commands to forcibly close that PID and the file descriptors it has open.
Solution 2
If the port is still in the listening state, then the application is still somehow running. Use the command lsof -i to check which process is still listening and kill it.
If you don't have the lsof tool installed, you have to search the ps -ef for still running processes of your application.
shivam oberoi
Updated on September 18, 2022Comments
-
shivam oberoi over 1 year
I have a legacy application (that I do not control) that occasionally crashes without properly closing the ports it is listening on. Is there a Solaris command to stop listening on a given port, short of rebooting the box?
-
peterh over 11 yearsWhoops. Just be aware that the execution of
pfiles
command will shortly halt the process. I've seen processes crash because of somebody executing thepfiles
command on them. It is rare that this will happen but you should be prepared for this. You can install 'lsof' as described elsewhere on this page but it uses an undocumented hack into Solaris afaik. I believe that with Solaris 11 onwards you potentially have other options through the Dtrace tcp provider.