how to find network connections from a PID - linux

I have a PID and i am trying to find the network connections that are attached to that PID.
i have placed the pid into a variable $PID.
So far I have tried using netstat to do it. I have tried the following
netstat -p | grep $PID
netstat | grep $PID
but these do not seem to grep anything or find what im looking for. What would be the best way to find these?

strace will do the job:
strace -p $PID -f -e trace=network -s 10000
-s 1000 increases the maximum string size to print, which is 32 by default.
Check out this question on unix.stackexchange.com for alternatives.

You can also use netstat. Just replace -p with -nap.
netstat -nap | grep {CMD-of-PID}
its from cmd of pid actually.

Related

how can I kill a process in a shell script

My bash script has:
ps aux | grep foo.jar | grep -v grep | awk '{print $2}' | xargs kill
However, I get the following when running:
usage: kill [ -s signal | -p ] [ -a ] pid ...
kill -l [ signal ]
Any ideas, how to fix this line?
In general, your command is correct. If a foo.jar process is running, its PID will be passed to kill and (should) terminate.
Since you're getting kill's usage as output, it means you're actually calling kill with no arguments (try just running kill on its own, you'll see the same message). That means that there's no output in the pipeline actually reaching xargs, which in turn means foo.jar is not running.
Try running ps aux | grep foo.jar | grep -v grep and see if you're actually seeing results.
As much as you may enjoy a half dozen pipes in your commands, you may want to look at the pkill command!
DESCRIPTION
The pkill command searches the process table on the running system and signals all processes that match the criteria
given on the command line.
i.e.
pkill foo.jar
Untested and a guess at best (be careful)
kill -9 $(ps -aux | grep foo.jar | grep -v grep | awk '{print $2}')
I re-iterate UNTESTED as I'm not at work and have no access to putty or Unix.
My theory is to send the kill -9 command and get the process id from a sub shell command call.

Shell Script CentOS - Killing process by reading it's config file and getting the port

I am looping through folders with Java applications and getting the config file for each.
app1/config.yml
app2/config.yml
etc.
I then pull the port from this config file by using:
port= cat app1/config.yml | grep 90 | cut -d: -f2
I want to use the port to kill the application, I did find this code that does half of what I want it to do:
kill $(sudo lsof -t -i:4990)
I want to use the variable stored in port to execute the kill command, but I can't get it to work, what is the correct way to use the command, I have tried multiple ways:
kill $(sudo lsof -t -i:$port)
kill $(sudo lsof -t -i:port)
kill $(sudo lsof -t -i:"$port")
kill $(sudo lsof -t -i:'$port')
But none of these work, I keep getting errors.
Any help would be appreciated
You're not setting port correctly, you left out the $(...) around the command.
port=$(cat app1/config.yml | grep 90 | cut -d: -f2)
kill $(sudo lsof -t -i:$port)

get thread count on HP-UX

how can I get thread count on HP-UX
I am using
ps -eLf| grep java | wc -l and
ps -L -p $PID |wc -l
on liunx and solaris, but it seems can't use on HP-UX
I have tried ps uH p $PID on HP-UX, but it seems can't too.
Does any one have solution for this?
please help ^_^
'ps -ef |grep -i java |wc -l ' >> is the best workaround (this will count your grep command as well, so if it results in value 'x' then total tthread in execution is 'x-1' actually. )

how to use kill SIGUSR2 in bash?

I use iptraf to monitor the network traffic in linux, and the shell command is(make iptraf running in background):
iptraf -s eth0 -f -B -L ./traffic.dat
if I want to get the result, I have to stop iptraf first, so I use the shell command:
kill -SIGUSR2 $pid
however, I could not stop iptraf if I move these shell commands into a bash script file(net.sh), and I get an error:
kill: SIGUSR2: invalid signal specification
I use 'kill -l' in the script file(net.sh), and I find there is no parameter which name is SIGUSR2. and I would get nothing if I use USR2 or -9.
the complete script file is:
iptraf -s eth0 -f -B -L ./temp.txt
pid=`ps -ef | grep iptraf | grep -v grep | awk '{print $2}'`
kill -USR2 $pid
cat temp.txt
I get nothing after these commands.
what shoud I do if I want to get the result?
SIGUSR2 is architecture depended and can have a value out of 31, 12 or 17. This is described in man 7 signal. You'll have to find out which value is appropriate for your system. Usually this is done by having a look into:
/usr/include/asm/signal.h
On my system - Ubuntu 12.04 AMD 64 - it has a value of 12:
#define SIGUSR2 12
Once you know the proper numeric value for SIGUSR2 on your system, you can send this signal using:
kill -SIGNO PID
# In this case
kill -12 PID
On my Linux box it works.
I ran an infinite loop (pid = 4574), then I ran
#!/bin/bash
kill -l | grep USR2
kill -SIGUSR2 4574
kill -l has showed the signal and kill -SIGUSR2 has sent the signal (killing the process).
Check if you are running Bash or some other shell (e.g., dash, busybox, etc.)
Cross-platform way to do this: use -s without the SIG prefix. E.g.,:
kill -s USR2 $pid
This seems to work on both MacOS and linux.

shell script to kill the process listening on port 3000? [duplicate]

This question already has answers here:
How to kill a process running on particular port in Linux?
(34 answers)
Closed 4 years ago.
I want to define a bash alias named kill3000 to automate the following task:
$ lsof -i:3000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ruby 13402 zero 4u IPv4 2847851 0t0 TCP *:3000 (LISTEN)
$ kill -9 13402
alias kill3000="fuser -k -n tcp 3000"
Try this:
kill -9 $(lsof -i:3000 -t)
The -t flag is what you want: it displays PID, and nothing else.
Update
In case the process is not found and you don't want to see error message:
kill -9 $(lsof -i:3000 -t) 2> /dev/null
Assuming you are running bash.
Update
Basile's suggestion is excellent: we should first try to terminate the process normally will kill -TERM, if failed, then kill -KILL (AKA kill -9):
pid=$(lsof -i:3000 -t); kill -TERM $pid || kill -KILL $pid
You might want to make this a bash function.
Another option using using the original lsof command:
lsof -n -i:3000 | grep LISTEN | awk '{ print $2 }' | uniq | xargs kill -9
If you want to use this in a shell script, you could add the -r flag to xargs to handle the case where no process is listening:
... | xargs -r kill -9
fuser -k 3000/tcp should also work
How about
alias kill3000="lsof -i:3000 | grep LISTEN | awk '{print $2}' | xargs kill -9"
fuser -n tcp 3000
Will yield the output of
3000/tcp: <$pid>
So you could do:
fuser -n tcp 3000 | awk '{ print $2 }' | xargs -r kill

Resources