When configuring the server, it is often necessary to check whether the server port is open. If there are only one or two servers, this is easy to do, use the nc command to view them one by one.
However, if your server is in a cluster, then there are many ports to be checked? If you still manually check one by one, the efficiency will be very low, and your name will appear in the list of layoffs at the end of the year 🙂
In this case, we can use the Shell script together with the nc command to achieve our purpose. Besides, no matter how many servers there are and how many ports need to be checked, this goal can be completed efficiently.
In this article, we use Shell scripts to meet two requirements:
- Scan whether one port of multiple servers is open
- Scan multiple servers to see if numerous ports are open
Before we start, let us understand the nc command.
nc command introduction
nc is the abbreviation of netcat. It uses a TCP or UDP network protocol connection to read or write data and can be directly called by third-party programs or scripts.
Besides, it is a mighty network debugging tool because it can create almost all the connection methods required.
The nc tool mainly has three functional modes: connection mode, monitoring mode, and channel mode. Its general use format is as follows:
$ nc [-options] [HostName or IP] [PortNumber]
Next, we will use the shell script combined with the nc command to achieve our two needs.
Scan whether one port of multiple servers is open
We first put all the server addresses to be queried in the server-list.txt file, each address on a separate line, as shown below:
# cat server-list.txt
192.168.1.2
192.168.1.3
192.168.1.4
192.168.1.5
192.168.1.6
192.168.1.7
Then, we use the for loop to scan the corresponding server ports in server-list.txt in turn. Here, we examine whether port 22 is open.
# vi port_scan.sh
#!/bin/sh
for server in `more server-list.txt`
do
#echo $i
nc -zvw3 $server 22
done
Finally, we can give this script executable permissions.
$ chmod +x port_scan.sh
After that, we can use this script to automatically check whether the 22 ports of multiple servers have been opened in sequence.
# sh port_scan.sh
Connection to 192.168.1.2 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.3 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.4 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.5 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.6 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.7 22 port [tcp/ssh] succeeded!
Scan multiple servers for multiple ports to see if they are open
Here, we also put all the server addresses to be queried in a server-list.txt file, each address on a separate line. The demonstration will not be repeated here. Similarly, we also put the server ports to be queried in another port-list.txt file, each port on a separate line, as shown below:
# cat port-list.txt
22
80
Then, we use the for loop to scan sequentially whether the ports listed in the corresponding server port-list.txt in server-list.txt are open. Note that two for loops are used here, the first layer is the server list, and the second layer is the port list.
# vi multiple_port_scan.sh
#!/bin/sh
for server in `more server-list.txt`
do
for port in `more port-list.txt`
do
#echo $server
nc -zvw3 $server $port
echo ""
done
done
Don’t forget to give this script executable permissions.
$ chmod +x multiple_port_scan.sh
We can use this script to automatically check whether multiple ports of multiple servers have been opened in sequence.
# sh multiple_port_scan.sh
Connection to 192.168.1.2 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.2 80 port [tcp/http] succeeded!
Connection to 192.168.1.3 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.3 80 port [tcp/http] succeeded!
Connection to 192.168.1.4 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.4 80 port [tcp/http] succeeded!
Connection to 192.168.1.5 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.5 80 port [tcp/http] succeeded!
Connection to 192.168.1.6 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.6 80 port [tcp/http] succeeded!
Connection to 192.168.1.7 22 port [tcp/ssh] succeeded!
Connection to 192.168.1.7 80 port [tcp/http] succeeded!