Using sed and awk to return a list of TCP and UDP ports that have an 'established' connection.

Category: Software and Systems Engineering
Author: Sean O'Donnell
Thu, Jun. 12th, 2008 @ 2:13:56 (MDT)

The following command will return a list of 'established' TCP and UDP connections on a computer running a Linux-based OS.

netstat -punt | grep -i "udp\|tcp" | awk {'print $4"\t"$1 '} | sed s/.*://

The command above will output a 2-column tab-delimited list, containing the port number, and protocol (TCP/6, UDP/6).

The majority of processes you'll see may be client connections, primarily the really 'high' ports (e.g. 33000 and above), also referred to as 'dynamic' ports.

These ports often require special firewall (ACL) rules and/or routing tables in order to secure in-bound connections that were initiated by an out-bound request, while blocking in-bound connections NOT initiated by an out-bound request.

Copyleft (<) 1998-2019