cheat:lsof
# To list all IPv4 network files:
sudo lsof -i4
# To list all IPv6 network files:
sudo lsof -i6
# To list all open sockets:
lsof -i
# To list all listening ports:
lsof -Pnl +M -i4
# To find which program is using the port 80:
lsof -i TCP:80
# To list all connections to a specific host:
lsof -i@192.168.1.5
# To list all processes accessing a particular file/directory:
lsof <path>
# To list all files open for a particular user:
lsof -u <username>
# To list all files/network connections a command is using:
lsof -c <command>
# To list all files a process has open:
lsof -p <pid>
# To list all files open mounted at /mount/point:
# (Particularly useful for finding which process(es) are using a mounted USB stick or CD/DVD.)
lsof +f -- <mount-point>
tldr:lsof
# lsof
# Lists open files and the corresponding processes.
# Note: Root privileges (or sudo) is required to list files opened by others.
# More information: <https://manned.org/lsof>.
# Find the processes that have a given file open:
lsof path/to/file
# Find the process that opened a local internet port:
lsof -i :port
# Only output the process ID (PID):
lsof -t path/to/file
# List files opened by the given user:
lsof -u username
# List files opened by the given command or process:
lsof -c process_or_command_name
# List files opened by a specific process, given its PID:
lsof -p PID
# List open files in a directory:
lsof +D path/to/directory
# Find the process that is listening on a local IPv6 TCP port and don't convert network or port numbers:
lsof -i6TCP:port -sTCP:LISTEN -n -P
$
cheat.sh