LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   is there a traceroute-like tool that shows ports as well as IP addresses? (https://www.linuxquestions.org/questions/linux-newbie-8/is-there-a-traceroute-like-tool-that-shows-ports-as-well-as-ip-addresses-786022/)

carolus 01-31-2010 01:19 PM
is there a traceroute-like tool that shows ports as well as IP addresses?
 
Is there some traceroute-like tool that shows ports as well as IP addresses?

This is more for seeing how NAT works (on my home network) than for a practical need.

Tinkster 01-31-2010 01:23 PM
not that I'm aware of ... you can always script it and use
a combo of traceroute and nmap to get what you asked for.

carolus 01-31-2010 01:38 PM
Quote:
Originally Posted by Tinkster (Post 3847348)
you can always script it and use
a combo of traceroute and nmap to get what you asked for.
Can this tell which ports are being used for a specific connection? For example, which ports on my router are being used for this connection to LinuxQuestions? And if I am simultaneously connected to LinuxQuestions from another computer on my network, what ports does that connection use? The IP address for both local computers is the same, so NAT in the router must be fudging the ports.

Skimming the man page for nmap, it does not appear capable of tracking a given connection the way that traceroute does.

Tinkster 01-31-2010 01:43 PM
Ummm ... I'm confused.

I assumed that when you asked about tracerout and ports you wanted
to know which ports are open on machines along the route.

If you want to know what ports your local machine uses for which
connection use
Code:
netstat -tdn
(for all tcp and udp ports in numeric representation)

And no, an external tool won't be able to tell which ip & port
a connection is going to from a different machine. Only the
router itself could do that (or if you stuck a Linux box in
between the router and the others as a packet sniffer).

carolus 01-31-2010 02:08 PM
Quote:
Originally Posted by Tinkster (Post 3847373)
an external tool won't be able to tell which ip & port
a connection is going to from a different machine. Only the
router itself could do that (or if you stuck a Linux box in
between the router and the others as a packet sniffer).
traceroute will give the IP's but not the ports. I have both a wireless router (under my control) and a combination DSL modem-router (supplied and configured by the ISP) and I would like an external way of viewing how the two routers in series are handling NAT by fudging the ports. I was hoping there might be an easy and educational way.

jschiwal 01-31-2010 02:15 PM
You may prefer looking at "netstat -tdp". It will show the protocols, domain names and the program (such as firefox) that the traffic is for.

If you use "netstat -tdpc", the output will be continuous. Did you look at the netstat output? It lists the destination address, local address and the ports. As suggested you could run

Since you are interested in how networking works, learning these tools is probably where you want to start. There is an excellent book "Network Administrators Guide" on the www.tldp.org website.

Also, this site http://www.grc.com/nat/nat.htm explains how NAT routers work including having two NAT routers in series.

NAT doesn't fudge ports. It records the source IP, destination IP and port, then then changes the outgoing packets source IP to that of your ISPs assigned address. While the source IP address is mangled, the destination IP address isn't changed. That is how you can have two NAT routers in series.

Quote:
The IP address for both local computers is the same
Be sure to study what a TCP header looks like. It has source and destination IP addresses and ports.


All times are GMT -5. The time now is 12:40 PM.