2009-03-15 15:27 
老徐 解决办法:
Listing all the pids:
———————
/usr/bin/ps -ef | sed 1d | awk ‘{print $2}’
Mapping the files to ports using the PID:
————-
/usr/proc/bin/pfiles <PID> 2>/dev/null | /usr/xpg4/bin/grep <PID>
or
/usr/bin/ps -o pid -o args -p <PID> | sed 1d
Mapping the sockname to port using the port number:
———————-
for i in `ps -e|awk ‘{print $1}’`; do echo $i; pfiles $i 2>/dev/null | grep ‘port: 8080′; done
or
pfiles -F /proc/* | nawk ‘/^[0-9]+/ { proc=$2} ; /[s]ockname: AF_INET/ { print proc “\n ” $0 }’
There were two explanations why “lsof” did not show, what was expected:
1) One thing that might prevent lsof to print all, is if the ports are controlled by inetd
or some such (i.e. there is nothing actively listening on them until you try talking to them).
Also, try telneting to the port and then run lsof while the telnet session is connected.
2) On Solaris 10, using “lsof -i” to show mapping of processes to TCP ports incorrectly shows all
processes that have socket open as using port 65535, for example:
sshd 8005 root 8u IPv4 0x60007ebdac0 0t0 TCP *:65535
(LISTEN)
sendmail 1116 root 5u IPv4 0x60007ecce00 0t0 TCP *:65535
(LISTEN)
This is a known bug in lsof that can _not_ be fixed because of differences between Solaris 10
and previous versions. So the useful “lsof -i :<port>” is now not useful.
发表于 Uncategorized 
标签: 
