loading...
Cover image for How to properly close a port?

How to properly close a port?

sylwiavargas profile image Sylwia Vargas Updated on ・2 min read

This is a thing I need to google every now and then so here's a simple recipe for closing neglected ports on MacOS, Windows and Linux.


Mac OS

Here are the steps:

1. Find the process ID (PID) of the port (replace the 'portNumber' with the number)

sudo lsof -i :portNumber

This will give you a response as follows — copy the PID number for the next step:

2. Kill the process

First, try this (replace PID with the number you copied above):

kill PID

Now, test if it's closed by connecting to the port (replace portNumber with the actual port number):

nc localhost portNumber

If it returns immediately with no output, the port isn't open. However, if it returns some input, try to kill it with:

kill -9 PID

Again, try to connect. If it's still running, try this:

sudo kill -9 PID


Windows

Here are the steps for Windows:

1. Find the process ID (PID) of the port (replace the 'portNumber' with the number)

netstat -ano | findstr :portNumber

Copy the PID number for the next step.

2. Kill the process

First, try this (replace typeyourPIDhere with the number you copied above):

taskkill /PID typeyourPIDhere /F

Run the first command again to see if it's closed.


Linux

Here are the steps for Linux (courtesy of mayankjoshi)

1. Get a list of all open processes

$top

2. Kill a process

kill pid kills the process by process id
killall pname kills the process by name
-9 for forceful killing in both kill and killall
Use sudo if it's a root process.

Discussion

pic
Editor guide
Collapse
richardherbert profile image
Richard Herbert

I always have an issue with port 80. The macOS just doesn't want to let it go for non-root users.

Do you have any further suggestions as your script doesn't seem to work for me.

Collapse
sylwiavargas profile image
Sylwia Vargas Author

Yeah. I had a port 80 problem when Dropbox was running in the background. As soon as I changed that (i.e. now Dropbox only runs when I open it instead of when I switch the laptop on), my problem was fixed. You can see what occupies your port 80 by running sudo lsof -i :YourPortNumber.
changing your root permissions? unix.stackexchange.com/questions/1...

Collapse
richardherbert profile image
Richard Herbert

Yes, I've tried the DropBox trick but still macOS won't let my process use port 80 unless I start that process as root.

Not sure how that link you offered helps?

Thread Thread
sylwiavargas profile image
Sylwia Vargas Author

Eh how annoying. Well you could add root permissions to other users and then you should be able to close the port.

Thread Thread
richardherbert profile image
Richard Herbert

Ah, is that what that link was about?

Thread Thread
sylwiavargas profile image
Thread Thread
richardherbert profile image
Richard Herbert

Okay, I’ll take a closer look and let you know how I get on.

Thanks for your help.

Thread Thread
richardherbert profile image
Richard Herbert

@sylwia - That link seemed to be about file permissions rather than process permissions.

See my reply to Mateusz where I use the insight provided and find my solution,

Collapse
mateuszjarzyna profile image
Mateusz Jarzyna

I’s standard, security behavior. You cannot open port <1024 as standard user, you need root permision on both macOS and Linux systemy. Because of security.

When someone will hack into your server, the hacker cannot kill your HTTP server and run phishing site on you domain because he need root privilages.

Collapse
richardherbert profile image
Richard Herbert

Well, that makes sense.

Armed with this knowledge I researched port forwarding and discovered pf (packet filtering) which lead me to salferrarello.com/mac-pfctl-port-f... which was the answer to my issue.

Thanks for the insight!

Collapse
capsel profile image
CapSel

Do not use lsof on live Linux (and possibly FreeBSD) servers. In very rare conditions it can cause entire server to hang - hardware reboot needed.

Instead use ss (fast!) and if you really have to then netstat (sloooww, cpu hog).

Collapse
sylwiavargas profile image
Sylwia Vargas Author

Thank you! I don't think I propose it in the post 🤔
What do you think about the steps proposed by mayankjoshi that I integrated into the blog post:

  1. Get a list of all open processes $top
  2. Kill a process kill pid kills the process by process id killall pname kills the process by name -9 for forceful killing in both kill and killall Use sudo if it's a root process.

Would you add anything?

Collapse
capsel profile image
CapSel

ss -tnlp and netstat -tnlp shows pid of processes, their names and their open/listening (aka server) ports. There are tons of tutorials @google about these two commands. top on the other hand does not show open ports. Depending on the OS it can have some shortcuts to kill.

As to root and sudo I would be very careful. You may end up with a surprise ;) You can kill some system service like X server, print spooler, OS upgrade process.

kill (pid) and killall (matching a name) sends signals to processes. Without a name of a signal given default one is used - SIGTERM. This is just "asking" process to exit - similar to alt+f4. The -9 signal is a SIGKILL signal - usually just called kill. It cannot be ignored by processes.

After killing process that had opened TCP port it make take a while before this port is closed. It hangs in OS in special state - only thing you can do is wait or reboot.

Sooner or later you're going to need kill some process to free some port. It's a good idea to glance some docs/manuals (man ss, man netstat) to have some vague memories about what each of these commands can do. Every command is useful. Everyone has their favourite set. Do an experiment - but before you do save your files.

Collapse
mayankjoshi profile image
mayank joshi

In Linux

$top to see the list of open process

Killing a process

kill pid

  • kills the process by process id

killall pname

  • kills the process by name

-9 for forceful killing in both kill and killall

Use sudo if it's a root process.

Collapse
sylwiavargas profile image
Sylwia Vargas Author

Thank you! I'll add it right away!

Collapse
mayankjoshi profile image
mayank joshi

Actually the URL to my profile is incorrect.😅😅

Thread Thread
sylwiavargas profile image
Sylwia Vargas Author

🤦‍♀️corrected!

Collapse
ajnasz profile image
Lajos Koszti

It's not closing a port, but stopping a process. You close ports using firewall usually.

Collapse
mayankjoshi profile image
mayank joshi

When a process is killed, the ports are automatically Freed.

When I was doing TCP up connection I Freed same port for reuse using this method itself.

Collapse
ajnasz profile image
Lajos Koszti

Luckily, if you stop the application, the port will be released. The title says How to properly close a port?, not how to kill a process. What if you want the keep the process running but don't want to listen on that port anymore?

Thread Thread
mayankjoshi profile image
mayank joshi

I don't think it is possible to free a port held by a process without killing the same process.

Collapse
sylwiavargas profile image
Sylwia Vargas Author

Sure. I decided for this title because that's what my students google — the post is in my budding series primarily for my students at a coding bootcamp ❤️