Hello,
How do you find out all the TCP ports taken by a Linux and Windows OS.
Also, how do you tell the OS not to use certain TCP ports (assuming they are not already taken by some other process).

I want to find out these information either via a kernel level applicaction or user level application.

I prefer user level application.

Thanks in advance.

if you havent guessed it yet there arent many people with your love for sockets here :) you might want to try asking on comp.os.linux.networking or maybe one of the linux.* kernel newsgroups

Nothing wrong with sockets :) I just missed this thread, somehow.

Anyway, on a *nix system, an app like netstat can give you all the port info you want. And if you don't want the OS using a certain port, you have two/three solutions of varying complexity/correctness (depending on the situation).

1. Hack the TCP/IP code of your kernel.
2. Instantiate a kernel-level firewall such as Linux's iptables.
3. Instantiate a firewall that is exterior to the kernel, but effectively blocks all communication from that machine.

Originally posted by Strike
1. Hack the TCP/IP code of your kernel.
2. Instantiate a kernel-level firewall such as Linux's iptables.
3. Instantiate a firewall that is exterior to the kernel, but effectively blocks all communication from that machine.

Note that these last two will not prevent the OS from using the ports. Rather, they will simply force the packets to be dropped. The OS will still merrily hand the ports out to any process that asks for them, (or asks for a random unused port). For example, if you direct your kernel to block port 80, via ipchains/iptables, Apache can still bind to that port. It just won't recieve any traffic.

As for telling the kernel not to use a specific port, I'm not aware of any way to do that short of hacking the kernel.

Quoted by slimy:
As for telling the kernel not to use a specific port, I'm not aware of any way to do that short of hacking the kernel.

Hello,
Thanks for all the replies, when using TCP sockets to create applications, sockets do create ports to listen and these ports must be unique and unused?
How can I find out what ports are taken by sockets and prevent sockets from using the ports I am using, is there a way to do that?
I already have some answers given below about finding the used TCP ports, but how can I tell the sockets not to use the ports I want to use?

Thanks again.

Okay, I'm not clear on what you are asking now (because what has been said answers your questions the way I read it).

Yes, TCP sockets, when created, bind themselves to ports so that they can be used. You can find out what ports are taken by using a tool like netstat. You can only prevent the sockets from ever binding to the port by hacking the kernel code. You can create the effect of "no socket ever does anything with these ports" by instantiating a firewall somewhere between your OS and any other end-users.

To keep the OS from using certain ports, just bind to them yourself. That'll definitely work for listening sockets, and should probably even work for outgoing sockets.

Jeremy

I think what you are asking is:

How do I know which ports are free so that I can let my code bind to a port that isn't used by another program? And how do I stop other programs binding to the ports I will be using in my program?

This is really an irrelevant question since you don't want your server program to dynamically use different ports, doing so would mean your client has to scan your box to find the correct port to connect to. What you need to do is find a generally unused port number and use that. A quick google will find many listings of the commonly assigned port numbers.

Short version: use port 13724.

Long version:
Am I correct in assuming you are writing a server program? If so, I think I understand your question.

I'm going to assume a Unix system, but things should be pretty much the same for Win32.

There a several ranges of ports in TCP/IP:
Priviledged: 0 - 1024
Unpriviledged: 1024 - 65536
Local Ports: 32768 - 61000
(actually, the local port range is configurable. On Linux, see /proc/sys/net/ipv4/ip_local_port_range)

Priviledged ports can only be used by processes owned by root. Unpriviledged ports can be used by anyone.

Port numbers can be handed out by the OS in 2 ways:
1) process requests a specific port number, or
2) process requests a non-specific port number.

In the former case, the process will get the number it asks for, unless the port is already in use. This is how servers usually work. Some clients which act like servers (notably Napster and other peer-to-peer apps) also bind to specific ports.

In the case of clients, they tend to not really care what port they get. So when they ask the OS for a port, they'll get an unused local port (32768 - 61000).

So if you want a standard port for your app to run on, you can pick any non-local port (i.e.: any port in the range 0 - 32767). But which port should you pick? Well, keep in mind that if you use a port below 1024, only root will be able to run your app. You also don't want to pick a port that is used by some common application, like 21 (ftp), 80 (http), 6000-6010 (X- Windows), or 6688 (napster). Also, note that you probably shouldn't use ports beyond the local port range (61000 +), as IP Masqing typically uses them.

You can get a list of commonly used ports by looking in /etc/services, and checking out Robert Graham's excellent Firewall Forensics page at:
www.robertgraham.com/pubs/firewall-seen.html

If you don't see the port being used in either of those, it's a pretty safe bet to use that port.

Now, this won't guarantee that the port isn't going to be used by someone else. If I want to run napster (which uses port 6688), and some other user on my system is already running it, I'm out of luck. A good napster client, however, will alert me of the error and allow me to configure it to use a different port. The only way to guarantee that someone else isn't using the port I need is to use a priviledged port. But you need to be root to do that, which makes sense, since only root should be able to "reserve" ports like this. Of course, if root tries to run multiple servers which use the same port, he's got no one to blame but himself.

The bottom line is that you can't tell the system "don't use this port". But by selecting a port that is outside the local port range, you can guarante that the system won't just hand off the port you want to some process that asks for a random port (since only local ports are used for this purpose). You can't, however, guarantee that some other process won't specifically ask for the port you want. But since only servers typically ask for ports, and the ports they ask for are well documented, you just select a non-local port that isn't used by some standard protocol. Like 13724. No one uses that.