Check if port is open or closed on a Linux server?
Solution 1:
You can check if a process listens on a TCP or UDP port with netstat -tuplen
.
To check whether some ports are accessible from the outside (this is probably what you want) you can use a port scanner like Nmap from another system. Running Nmap on the same host you want to check is quite useless for your purpose.
Solution 2:
Quickest way to test if a TCP port is open (including any hardware firewalls you may have), is to type, from a remote computer (e.g. your desktop):
telnet myserver.com 80
Which will try to open a connection to port 80 on that server. If you get a time out or deny, the port is not open :)
Solution 3:
OK, in summary, you have a server that you can log into. You want to see if something is listening on some port. As root, run:
netstat -nlp
this will show a listing of processes listening on TCP and UDP ports. You can scan (or grep) it for the process you're interest in,and/or the port numbers you expect to see.
If the process you expect isn't there, you should start up that process and check netstat again. If the process is there, but it's listening on a interface and port that you did not expect, then there's a configuration issue (e.g., it could be listening, but only on the loopback interface, so you would see 127.0.0.1:3306 and no other lines for port 3306, in the case of the default configuration for MySQL).
If the process is up, and it's listening on the port you expect, you can try running a "telnet" to that port from your Macbook in your office/home, e.g.,
telnet xxxxxxxxxxxx.co.uk 443
That will test if (assuming standard ports) that there's a web server configured for SSL. Note that this test using telnet is only going to work if the process is listening on a TCP port. If it's a UDP port, you may as well try with whatever client you were going to use to connect to it. (I see that you used port 224. This is masqdialer, and I have no idea what that is).
If the service is there, but you can't get to it externally, then there's a firewall blocking you. In that case, run:
iptables -L -n
This will show all the firewall rules as defined on your system. You can post that, but, generally, if you're not allowing everything on the INPUT chain, you probably will need to explicitly allow traffic on the port in question:
iptables -I INPUT -p tcp --dport 224 -j ACCEPT
or something along those lines. Do not run your firewall commands blindly based on what some stranger has told you on the Internet. Consider what you're doing.
If your firewall on the box is allowing the traffic you want, then your hosting company may be running a firewall (e.g., they're only allowing SSH (22/tcp), HTTP (80/tcp) and HTTPS (443/tcp) and denying all other incoming traffic). In this case, you will need to open a helpdesk ticket with them to resolve this issue, though I suppose there might be something in your cPanel that may allow it.
Solution 4:
I use the combo of netstat
and lsof
:
netstat -an | grep <portnumber>
lsof -i:<portnumber>
To see if the port is being used, and what is using it.
Solution 5:
If you are connected to the system and can run a command as root then you can check the output of iptables
iptables -L -vn
this will list the firewall rules and which ports are open target ACCEPT
and any explicitly closed ports target REJECT
.