How to ping a TCP or UDP port

ping is limited to the ICMP layer and so can't be of use when checking if a TCP or UDP port is open or not. Here is what I normally do if I am working on both ends of the connection to see what's happening with the packets.

on the target system (ie. the box we want to ping) you run tcpdump so that it watches for your IP address on the specific port you are trying to see something on. In this example I am trying to see packets coming in on the NRPE port 5666 from the IP

tcpdump -i eth0 -n host and port 5666

Once packets start coming in I will see the output from tcpdump.

On the other end (the side from where I am pinging) I use nmap combined with watch to continually try the port I am interested in:

watch -n 5 "nmap -P0 -sT -p5666"

for UDP pings it is almost the same:

watch -n 5 "nmap -P0 -sU -p5666"

As you can see, UDP pings are done the same as TCP pings except for the -sU instead of -sT. nmap can take a while to timeout so it's better to tell watch to wait 5 seconds before the next attempt. This is NOT a perfect solution. It will only help you determine if the packets are arriving and leaving the target server.

If you do not have tcpdump running on the target end then you will not be able to tell if the/a firewall is the problem or if the target system is the problem.

While the above is running just start making your changes. This is a simple way to get certain firewall rules worked out.



I have recently located a small project based on what I have posted above. Basically it helps to simplify the process and make sure the settings are done correctly that you are assured the best possible results. The project is called l4ping and can be found on github here.

/var/www/ · Last modified: 2012/07/11 09:14 by wadmin
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki