查询本地监听端口对应应用

powershell

Get-NetTCPConnection -State Listen | 
Select-Object -Property LocalAddress, LocalPort, 
@{Name="ProcessId";Expression={$_.OwningProcess}}, 
@{Name="ProcessName";Expression={(Get-Process -Id $_.OwningProcess).Name}} | 
Format-Table -AutoSize

bash

{ echo "端口 进程 PID" && ss -tlpn | awk '/^LISTEN/ {print $4, $6}' | awk -F' ' '{print $1, $2, $NF}' | cut -d':' -f2,3 | awk -F',' '{print $1, $2}'| sed -E 's/:|"//g; s/users|pid=|1]|\]//g;; s/\(\(//g' | sed '/^$/d' |awk 'NF'; } | column -t





# ipv6显示优化
{
    echo "端口 进程 PID"
    ss -tlpn | awk '/^LISTEN/ {
        # 处理地址部分
        split($4, addr, ":")
        port = addr[length(addr)]
        
        # 处理进程信息部分
        split($6, proc, /[",\[\]]/)
        name = proc[2]
        pid = proc[4]
        
        print port, name, pid
    }' | column -t
}


{     echo "端口 进程 PID";     ss -tlpn | awk '/^LISTEN/ {
        split($4, addr, ":")
        port = addr[length(addr)]
        
        split($6, proc, /[",\[\]]/)
        name = proc[2]
        pid = proc[4]
        
        # 去掉"pid="前缀
        pid = substr(pid, 5)
        
        print port, name, pid
    }'; } | column -t


{     echo "端口 监听IP 进程 PID";     ss -tlpn | awk '/^LISTEN/ && $4 !~ /::/ {
        # 提取IP和端口
        addr = $4
        split(addr, parts, ":")
        ip = parts[1]
        port = parts[2]
        
        # 处理进程信息
        split($6, proc, /[",\[\]]/)
        name = proc[2]
        pid = proc[4]
        gsub(/pid=/, "", pid)
        
        print port, ip, name, pid
    }'; } | column -t



{ 
    echo "协议 本地地址 ← 远程地址 状态"
    ss -ntu 2>/dev/null | awk '
    function process_addr(addr) {
        # 去掉方括号
        gsub(/[\[\]]/, "", addr)
        
        # 转换IPv6映射的IPv4地址
        if (addr ~ /::ffff:[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/) {
            gsub(/::ffff:/, "", addr)
            return addr
        }
        # 纯IPv6地址返回空（用于跳过）
        else if (addr ~ /^::/ || addr ~ /^[0-9a-fA-F:]+$/) {
            return ""
        }
        # 普通IPv4地址直接返回
        else {
            return addr
        }
    }
    
    /^tcp.*ESTAB/ {
        local = process_addr($5)
        remote = process_addr($6)
        
        if (local == "" || remote == "") next
        
        printf "%-4s %-25s ← %-25s %-10s\n", $1, local, remote, $2
    }'
} | column -t


{ 
    echo "本地IP       本地端口   远程IP       远程端口"
    ss -ntu 2>/dev/null | awk '
    /^tcp.*ESTAB/ {
        local = $5
        remote = $6
        
        # 去掉方括号
        gsub(/[\[\]]/, "", local)
        gsub(/[\[\]]/, "", remote)
        
        # 跳过纯IPv6地址（::1, ::等），但保留IPv6映射的IPv4
        if ((local ~ /^::[^f]/ || local ~ /^[0-9a-fA-F:]+$/) && local !~ /::ffff:/) next
        if ((remote ~ /^::[^f]/ || remote ~ /^[0-9a-fA-F:]+$/) && remote !~ /::ffff:/) next
        
        # 转换IPv6映射的IPv4地址
        gsub(/::ffff:/, "", local)
        gsub(/::ffff:/, "", remote)
        
        # 拆分IP和端口
        split(local, local_parts, ":")
        split(remote, remote_parts, ":")
        
        local_ip = local_parts[1]
        local_port = local_parts[2]
        remote_ip = remote_parts[1]
        remote_port = remote_parts[2]
        
        # 简化127.0.0.1显示为localhost
        if (local_ip == "127.0.0.1") local_ip = "localhost"
        if (remote_ip == "127.0.0.1") remote_ip = "localhost"
        
        printf "%-12s %-8s %-12s %-8s\n", local_ip, local_port, remote_ip, remote_port
    }'
} | column -t