获取Windows下某进程监听的TCP/UDP端口
1、在Windows下用CMD netstat命令可以获得当前进程监听端口号的信息,如netstat -ano可以看到IP、port、状态和监听的PID。
那么可以执行CMD这个进程得到监听的端口号信息,C#代码如下:
//进程id
int pid = ProcInfo.ProcessID; //存放进程使用的端口号链表
List<int> ports = new List<int>(); Process pro = new Process();
pro.StartInfo.FileName = "cmd.exe";
pro.StartInfo.UseShellExecute = false;
pro.StartInfo.RedirectStandardInput = true;
pro.StartInfo.RedirectStandardOutput = true;
pro.StartInfo.RedirectStandardError = true;
pro.StartInfo.CreateNoWindow = true;
pro.Start();
pro.StandardInput.WriteLine("netstat -ano");
pro.StandardInput.WriteLine("exit");
Regex reg = new Regex("\\s+", RegexOptions.Compiled);
string line = null;
ports.Clear();
while ((line = pro.StandardOutput.ReadLine()) != null)
{
line = line.Trim();
if (line.StartsWith("TCP", StringComparison.OrdinalIgnoreCase))
{
line = reg.Replace(line, ",");
string[] arr = line.Split(',');
if (arr[] == pid.ToString())
{
string soc = arr[];
int pos = soc.LastIndexOf(':');
int pot = int.Parse(soc.Substring(pos + ));
ports.Add(pot);
}
}
else if (line.StartsWith("UDP", StringComparison.OrdinalIgnoreCase))
{
line = reg.Replace(line, ",");
string[] arr = line.Split(',');
if (arr[] == pid.ToString())
{
string soc = arr[];
int pos = soc.LastIndexOf(':');
int pot = int.Parse(soc.Substring(pos + ));
ports.Add(pot);
}
}
}
pro.Close();
2、如果不执行CMD进程,如何获得?可以参考这篇文章http://www.cnblogs.com/BoyXiao/archive/2012/02/20/2359273.html
文章介绍了使用Windows API获得进程和端口的映射关系:
(1)根据进程 ID 获得该进程所打开的所有的 TCP 和 UDP 端口。
(2)根据端口号来获得打开该端口的进程。
C语言代码如下:
// ProcessorPort.cpp : 定义 DLL 应用程序的导出函数。
// #include "stdafx.h" #include <Windows.h>
#include <Psapi.h>
#include <Iprtrmib.h>
#include <Winsock2.h> #pragma comment(lib,"Psapi.lib")
#pragma comment(lib,"Iphlpapi.Lib")
#pragma comment(lib,"WS2_32.lib") enum TcpOrUdp
{
TcpType,
UdpType
}; typedef struct
{
DWORD dwState; //连接状态
DWORD dwLocalAddr; //本地地址
DWORD dwLocalPort; //本地端口
DWORD dwRemoteAddr; //远程地址
DWORD dwRemotePort; //远程端口
DWORD dwProcessId; //进程标识
}MIB_TCPEXROW,*PMIB_TCPEXROW; typedef struct
{
DWORD dwLocalAddr; //本地地址
DWORD dwLocalPort; //本地端口
DWORD dwProcessId; //进程标识 }MIB_UDPEXROW,*PMIB_UDPEXROW; typedef struct
{
DWORD dwState; //连接状态
DWORD dwLocalAddr; //本地地址
DWORD dwLocalPort; //本地端口
DWORD dwRemoteAddr; //远程地址
DWORD dwRemotePort; //远程端口
DWORD dwProcessId; //进程标识
DWORD Unknown; //待定标识
}MIB_TCPEXROW_VISTA,*PMIB_TCPEXROW_VISTA; typedef struct
{
DWORD dwNumEntries;
MIB_TCPEXROW table[ANY_SIZE];
}MIB_TCPEXTABLE,*PMIB_TCPEXTABLE; typedef struct
{
DWORD dwNumEntries;
MIB_TCPEXROW_VISTA table[ANY_SIZE];
}MIB_TCPEXTABLE_VISTA,*PMIB_TCPEXTABLE_VISTA; typedef struct
{
DWORD dwNumEntries;
MIB_UDPEXROW table[ANY_SIZE];
}MIB_UDPEXTABLE,*PMIB_UDPEXTABLE; //=====================================================================================//
//Name: DWORD AllocateAndGetTcpExTableFromStack() // //
//Descripion: 该函数仅仅只在 Windows XP,Windows Server 2003 下有效 //
//=====================================================================================//
typedef DWORD (WINAPI *PFNAllocateAndGetTcpExTableFromStack)(
PMIB_TCPEXTABLE *pTcpTabel,
bool bOrder,
HANDLE heap,
DWORD zero,
DWORD flags
); //=====================================================================================//
//Name: DWORD AllocateAndGetUdpExTableFromStack() //
//Descripion: 该函数仅仅只在 XP,Windows Server 2003 下有效 //
//=====================================================================================//
typedef DWORD (WINAPI *PFNAllocateAndGetUdpExTableFromStack)(
PMIB_UDPEXTABLE *pUdpTable,
bool bOrder,
HANDLE heap,
DWORD zero,
DWORD flags
); //=====================================================================================//
//Name: DWORD InternalGetTcpTable2() //
//Descripion: 该函数在 Windows Vista 以及 Windows 7 下面效 //
//=====================================================================================//
typedef DWORD (WINAPI *PFNInternalGetTcpTable2)(
PMIB_TCPEXTABLE_VISTA *pTcpTable_Vista,
HANDLE heap,
DWORD flags
); //=====================================================================================//
//Name: DWORD InternalGetUdpTableWithOwnerPid() //
//Descripion: 该函数在 Windows Vista 以及 Windows 7 下面效 //
//=====================================================================================//
typedef DWORD (WINAPI *PFNInternalGetUdpTableWithOwnerPid)(
PMIB_UDPEXTABLE *pUdpTable,
HANDLE heap,
DWORD flags
); //=====================================================================================//
//Name: DWORD GetProcessIdByPort() //
//Descripion: 根据端口号得到打开该端口号的进程ID(支持 XP,Server 2003,Vista,Win7) //
//=====================================================================================//
extern "C" __declspec(dllexport) DWORD __stdcall GetProcessIdByPort(TcpOrUdp type, DWORD dwPort)
{
HMODULE hModule = LoadLibraryW(L"iphlpapi.dll");
if (hModule == NULL)
{
return ;
} if(type == TcpType)
{
// 表明查询的是 TCP 信息
PFNAllocateAndGetTcpExTableFromStack pAllocateAndGetTcpExTableFromStack;
pAllocateAndGetTcpExTableFromStack =
(PFNAllocateAndGetTcpExTableFromStack)GetProcAddress(hModule, "AllocateAndGetTcpExTableFromStack");
if (pAllocateAndGetTcpExTableFromStack != NULL)
{
// 表明为 XP 或者 Server 2003 操作系统
PMIB_TCPEXTABLE pTcpExTable = NULL;
if (pAllocateAndGetTcpExTableFromStack(&pTcpExTable, TRUE, GetProcessHeap(), , AF_INET) != )
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
} for (UINT i = ; i < pTcpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只查询我们需要的进程数据
if(dwPort == ntohs(0x0000FFFF & pTcpExTable->table[i].dwLocalPort))
{
DWORD dwProcessId = pTcpExTable->table[i].dwProcessId;
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwProcessId;
}
} if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
}
else
{
// 表明为 Vista 或者 7 操作系统
PMIB_TCPEXTABLE_VISTA pTcpExTable = NULL;
PFNInternalGetTcpTable2 pInternalGetTcpTable2 =
(PFNInternalGetTcpTable2)GetProcAddress(hModule, "InternalGetTcpTable2");
if (pInternalGetTcpTable2 == NULL)
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
} if (pInternalGetTcpTable2(&pTcpExTable, GetProcessHeap(), ))
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
} for (UINT i = ;i < pTcpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只查询我们需要的进程数据
if(dwPort == ntohs(0x0000FFFF & pTcpExTable->table[i].dwLocalPort))
{
DWORD dwProcessId = pTcpExTable->table[i].dwProcessId;
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwProcessId;
}
} if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
}
}
else if(type == UdpType)
{
// 表明查询的是 UDP 信息
PMIB_UDPEXTABLE pUdpExTable = NULL;
PFNAllocateAndGetUdpExTableFromStack pAllocateAndGetUdpExTableFromStack;
pAllocateAndGetUdpExTableFromStack =
(PFNAllocateAndGetUdpExTableFromStack)GetProcAddress(hModule,"AllocateAndGetUdpExTableFromStack");
if (pAllocateAndGetUdpExTableFromStack != NULL)
{
// 表明为 XP 或者 Server 2003 操作系统
if (pAllocateAndGetUdpExTableFromStack(&pUdpExTable, TRUE, GetProcessHeap(), , AF_INET) != )
{
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
} for (UINT i = ; i < pUdpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只查询我们需要的进程数据
if (dwPort == ntohs(0x0000FFFF & pUdpExTable->table[i].dwLocalPort))
{
DWORD dwProcessId = pUdpExTable->table[i].dwProcessId;
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwProcessId;
}
} if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
}
else
{
// 表明为 Vista 或者 7 操作系统
PFNInternalGetUdpTableWithOwnerPid pInternalGetUdpTableWithOwnerPid;
pInternalGetUdpTableWithOwnerPid =
(PFNInternalGetUdpTableWithOwnerPid)GetProcAddress(hModule, "InternalGetUdpTableWithOwnerPid");
if (pInternalGetUdpTableWithOwnerPid != NULL)
{
if (pInternalGetUdpTableWithOwnerPid(&pUdpExTable, GetProcessHeap(), ))
{
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
} for (UINT i = ; i < pUdpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只查询我们需要的进程数据
if (dwPort == ntohs(0x0000FFFF & pUdpExTable->table[i].dwLocalPort))
{
DWORD dwProcessId = pUdpExTable->table[i].dwProcessId;
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwProcessId;
}
}
} if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return ;
}
}
else
{
FreeLibrary(hModule);
hModule = NULL; return -;
}
} //===========================================================================================//
//Name: DWORD GetAllPortByProcessId() //
//Descripion: 根据进程ID得到该进程所打开的所有的端口号,并且在 dwAllPort 数组中返回所有端口号//
// 其中 dwMaxLen 为数组的长度,函数的返回值为进程所打开的端口的数目 //
// (支持 XP,Server 2003,Vista,Win7) //
//===========================================================================================//
extern "C" __declspec(dllexport) DWORD __stdcall GetAllPortByProcessId(TcpOrUdp type, DWORD dwProcessId, DWORD * dwAllPort, DWORD dwMaxLen)
{
DWORD dwPortCount = ;
HMODULE hModule = LoadLibraryW(L"iphlpapi.dll");
if (hModule == NULL)
{
return dwPortCount;
} if(type == TcpType)
{
// 表明查询的是 UDP 信息
PFNAllocateAndGetTcpExTableFromStack pAllocateAndGetTcpExTableFromStack;
pAllocateAndGetTcpExTableFromStack = (PFNAllocateAndGetTcpExTableFromStack)GetProcAddress(hModule, "AllocateAndGetTcpExTableFromStack");
if (pAllocateAndGetTcpExTableFromStack != NULL)
{
// 表明为 XP 或者 Server 2003 操作系统
PMIB_TCPEXTABLE pTcpExTable = NULL;
if (pAllocateAndGetTcpExTableFromStack(&pTcpExTable, TRUE, GetProcessHeap(), , AF_INET) != )
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
} for (UINT i = ; i < pTcpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只获取我们要查询的进程的 Port 信息
if(dwProcessId == pTcpExTable->table[i].dwProcessId)
{
if(dwPortCount < dwMaxLen)
{
dwAllPort[dwPortCount] = ntohs(0x0000FFFF & pTcpExTable->table[i].dwLocalPort);
dwPortCount++;
}
}
} if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
}
else
{
// 表明为 Vista 或者 7 操作系统
PMIB_TCPEXTABLE_VISTA pTcpExTable = NULL;
PFNInternalGetTcpTable2 pInternalGetTcpTable2 = (PFNInternalGetTcpTable2)GetProcAddress(hModule, "InternalGetTcpTable2");
if (pInternalGetTcpTable2 == NULL)
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
} if (pInternalGetTcpTable2(&pTcpExTable, GetProcessHeap(), ))
{
if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
} for (UINT i = ;i < pTcpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只获取我们要查询的进程的 TCP Port 信息
if(dwProcessId == pTcpExTable->table[i].dwProcessId)
{
if(dwPortCount < dwMaxLen)
{
dwAllPort[dwPortCount] = ntohs(0x0000FFFF & pTcpExTable->table[i].dwLocalPort);
dwPortCount++;
}
}
} if (pTcpExTable)
{
HeapFree(GetProcessHeap(), , pTcpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
}
}
else if(type == UdpType)
{
// 表明查询的是 UDP 信息
PMIB_UDPEXTABLE pUdpExTable = NULL;
PFNAllocateAndGetUdpExTableFromStack pAllocateAndGetUdpExTableFromStack;
pAllocateAndGetUdpExTableFromStack = (PFNAllocateAndGetUdpExTableFromStack)GetProcAddress(hModule,"AllocateAndGetUdpExTableFromStack");
if (pAllocateAndGetUdpExTableFromStack != NULL)
{
// 表明为 XP 或者 Server 2003 操作系统
if (pAllocateAndGetUdpExTableFromStack(&pUdpExTable, TRUE, GetProcessHeap(), , AF_INET) != )
{
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
} for (UINT i = ; i < pUdpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只获取我们要查询的进程的 UDP Port信息
if(dwProcessId == pUdpExTable->table[i].dwProcessId)
{
if(dwPortCount < dwMaxLen)
{
dwAllPort[dwPortCount] = ntohs(0x0000FFFF & pUdpExTable->table[i].dwLocalPort);
dwPortCount++;
}
}
} if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
}
else
{
// 表明为 Vista 或者 7 操作系统
PFNInternalGetUdpTableWithOwnerPid pInternalGetUdpTableWithOwnerPid;
pInternalGetUdpTableWithOwnerPid = (PFNInternalGetUdpTableWithOwnerPid)GetProcAddress(hModule, "InternalGetUdpTableWithOwnerPid");
if (pInternalGetUdpTableWithOwnerPid != NULL)
{
if (pInternalGetUdpTableWithOwnerPid(&pUdpExTable, GetProcessHeap(), ))
{
if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
} for (UINT i = ; i < pUdpExTable->dwNumEntries; i++)
{
// 过滤掉数据,只获取我们要查询的进程的 UDP Port信息
if(dwProcessId == pUdpExTable->table[i].dwProcessId)
{
if(dwPortCount < dwMaxLen)
{
dwAllPort[dwPortCount] = ntohs(0x0000FFFF & pUdpExTable->table[i].dwLocalPort);
dwPortCount++;
}
}
}
} if (pUdpExTable)
{
HeapFree(GetProcessHeap(), , pUdpExTable);
} FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
}
}
else
{
FreeLibrary(hModule);
hModule = NULL; return dwPortCount;
}
}
如果要在.Net平台下使用,将其编译成DLL,使用PInvoke得到DLL导出函数就可以了。
C#测试代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices; namespace ProcessorPortDllTest
{
public enum TcpOrUdp
{
TcpType,
UdpType
}; public class ProcessPortHelper
{
[DllImport("ProcessorPort.dll",CallingConvention = CallingConvention.StdCall)]
public extern static uint GetProcessIdByPort(TcpOrUdp type, uint dwPort); [DllImport("ProcessorPort.dll",CallingConvention = CallingConvention.StdCall)]
public extern static uint GetAllPortByProcessId(TcpOrUdp type, uint dwProcessId, uint[] dwAllPort, uint dwMaxLen);
} class Program
{
static void Main(string[] args)
{
uint port = ;
uint processorId = ProcessPortHelper.GetProcessIdByPort(TcpOrUdp.TcpType, port);
Console.WriteLine("Port {0} is using by processor {1}",port,processorId); uint processorId1 = ; uint[] TcpPorts = new uint[];
uint count = ProcessPortHelper.GetAllPortByProcessId(TcpOrUdp.TcpType, processorId1, TcpPorts, (uint)TcpPorts.Length);
Console.WriteLine("Processor {0} is using TCP port: ", processorId1);
for (uint i = ; i < count; ++i)
{
Console.WriteLine(TcpPorts[i]);
} uint[] UdpPorts = new uint[];
uint count1 = ProcessPortHelper.GetAllPortByProcessId(TcpOrUdp.UdpType, processorId1, UdpPorts, (uint)UdpPorts.Length);
Console.WriteLine("Processor {0} is using UDP port: ", processorId1);
for (uint i = ; i < count1; ++i)
{
Console.WriteLine(UdpPorts[i]);
}
Console.ReadKey();
}
}
}
获得进程监听TCP/UDP端口号的DLL:ProcessorPort.rar
获取Windows下某进程监听的TCP/UDP端口的更多相关文章
- Windows下修改Oracle监听端口
先放开防火墙的端口,再来改监听端口. 只有一个实例: net stop OracleOraDb11g_home1TNSListener 再运行 NET Manager 修改实例名与Listener的端 ...
- (转) windows 下ORA-12514:TNS 监听问题
在使用Orcale数据库的时候不知道各位是否遇到过如图的监听问题(或者显示类似的问题),以下方法就是来解决这样的问题的. 首先右击计算机,选择管理.选择左侧栏的服务与应用程序,右侧栏选服务. ...
- Windows下查看机器监听端口
1.查看所有端口占用情况 在开始-运行-cmd,输入:netstat –ano可以查看所有进程 2.查看指定端口的占用情况 netstat -an |findstr :21
- linux系统实现多个进程监听同一个端口
通过 fork 创建子进程的方式可以实现父子进程监听相同的端口. 方法:在绑定端口号(bind函数)之后,监听端口号之前(listen函数),用fork()函数生成子进程,这样子进程就可以克隆父进程, ...
- 关于获取Windows下性能参数的总结
Windows下特定进程或者所有进程的CPU.物理内存.虚拟内存等性能参数的获取方法小结,包括如何在MFC中以及如何使用C#语言来获取参数. VC API:GlobalMemoryStatus 获取全 ...
- python使用wmi模块获取windows下的系统信息监控系统-乾颐堂
Python用WMI模块获取Windows系统的硬件信息:硬盘分区.使用情况,内存大小,CPU型号,当前运行的进程,自启动程序及位置,系统的版本等信息. 本文实例讲述了python使用wmi模块获取w ...
- Windows下查看进程及结束进程命令[转]
Windows下查看进程及结束进程命令 1)查看占用8080端口的进程号 >netstat –aon | findstr “8080” 结果:TCP 0.0.0.0:8080 ...
- Windows下tomcat进程监控批处理程序
在Windows下tomcat进程监控批处理程序脚本如下: @echo off ::tomcat安装目录 set _tomcatDir=E:\myFiles\apache-tomcat-8.5.31 ...
- Windows平台下Oracle监听服务启动过程中日志输出
Windows平台下Oracle监听服务启动过程中日志输出记录. 日志目录:D:\app\Administrator\diag\tnslsnr\WIN-RU03CB21QGA\listener\tra ...
随机推荐
- windows下的socket网络编程
windows下的socket网络编程 windows下的socket网络编程 clinet.c 客户端 server.c 服务器端 UDP通信的实现 代码如下 已经很久没有在windows下编程了, ...
- hibernate query.list() 返回的数据类型
在hibernate中,用hql语句查询实体类,采用list方法的返回结果为一个List,该List中封装的对象分为以下三种情况: 1.查询全部字段的情况下,如"from 实体类" ...
- eclipes的Spring注解SequenceGenerator(name="sequenceGenerator")报错的解决方式
eclipes的Spring注解SequenceGenerator(name="sequenceGenerator")报错的解决方式 右键项目打开Properties—>JA ...
- MY_FIRSH_MODULE
模块描述 将30个字节的内存空间模仿成设备文件.每次读写不超过30个字节. 模块加载成功之后,需建立设备文件 mknod /dev/mydev c 231 0 模块代码 #include <li ...
- ubuntu hash sum mismatch error
$ sudo rm -rf /var/lib/apt/lists/* $ sudo apt-get update from: askubuntu.com
- 左侧导航栏复制粘贴保存html即可
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/ ...
- Java中对List集合内的元素进行顺序、倒序、随机排序的示例代码
import java.util.Collections; import java.util.LinkedList; import java.util.List; public class Test ...
- IOS lib(.a)库冲突解决办法
在引入第三方lib(.a)库时,经常会由于第三方lib库中又引入同你现有工程相同的开源代码而造成.o冲突,最近在集成汉王名片识别时发生ASIHttp的.o冲突.我想说的是像这种开源的使用率很高的源代码 ...
- vc++创建文件目录
#include "stdafx.h" #include <iostream> #include <fstream> #include <string ...
- Java for LeetCode 224 Basic Calculator
Implement a basic calculator to evaluate a simple expression string. The expression string may conta ...