nc检测端口的方法:
# nc -v -w 10 %IP% -z %PORT%
-v 显示指令执行过程。
-w 设置等待连线的时间。
-u 表示使用UDP协议
-z 使用0输入/输出模式,只在扫描通信端口时使用。
例1:扫描指定的8080端口
# nc -v -w 10 -z 192.168.0.100 8080
Connection to 192.168.0.100 8080 port [tcp/http] succeeded!
例2:扫描20到25的端口范围,并详细输出。
# nc -v -w 2 -z 192.168.0.100 20-25
nc: connect to 192.168.0.100 port 20 (tcp) failed: Connection refused
nc: connect to 192.168.0.100 port 21 (tcp) failed: Connection refused
Connection to 192.168.0.100 22 port [tcp/ssh] succeeded!
nc: connect to 192.168.0.100 port 23 (tcp) failed: Connection refused
nc: connect to 192.168.0.100 port 24 (tcp) failed: Connection refused
nc: connect to 192.168.0.100 port 25 (tcp) failed: Connection refused
例3:扫描1到65535的端口范围,只输出打开的端口(去掉-v参数即可)
# nc -w 1 -z 192.168.0.100 1-65535
Connection to 192.168.0.100 22 port [tcp/ssh] succeeded!
Connection to 192.168.0.100 80 port [tcp/http] succeeded!
Connection to 192.168.0.100 2121 port [tcp/scientia-ssdb] succeeded!
Connection to 192.168.0.100 4004 port [tcp/pxc-roid] succeeded!
Connection to 192.168.0.100 8081 port [tcp/tproxy] succeeded!
Connection to 192.168.0.100 11211 port [tcp/*] succeeded!
批量检测端口的脚本:
我们在/tmp下建立一个文本文档aa.txt,里面写上ip和端口号:
线上设备,后两位Ip数字划掉了
我们建立一个aa.sh的脚本,内容如下:
#!/bin/bash
cat /tmp/aa.txt | while read line
do
nc -w 10 -z $line >/dev/null 2>&1
if [ $? -eq 0 ]
then
echo $line:ok
else
echo $line:fail | mutt -s "端口错误" fantefei@163.com
fi
done
加执行权限:chmod +x aa.sh
执行./aa.sh
因为上面的有几个端口没开,所以我们查看一下报警邮件