This is a thing I need to google every now and then so here's a simple recipe for closing neglected ports on MacOS, Windows and Linux.
Mac OS
Here are the steps:
1. Find the process ID (PID) of the port (replace the 'portNumber' with the number)
sudo lsof -i :portNumber
This will give you a response as follows — copy the PID number for the next step:
2. Kill the process
First, try this (replace PID with the number you copied above):
kill PID
Now, test if it's closed by connecting to the port (replace portNumber with the actual port number):
nc localhost portNumber
If it returns immediately with no output, the port isn't open. However, if it returns some input, try to kill it with:
kill -9 PID
Again, try to connect. If it's still running, try this:
sudo kill -9 PID
Windows
Here are the steps for Windows:
1. Find the process ID (PID) of the port (replace the 'portNumber' with the number)
netstat -ano | findstr :portNumber
Copy the PID number for the next step.
2. Kill the process
First, try this (replace typeyourPIDhere with the number you copied above):
taskkill /PID typeyourPIDhere /F
Run the first command again to see if it's closed.
Linux
Here are the steps for Linux (courtesy of mayankjoshi)
1. Get a list of all open processes
$top
2. Kill a process
kill pid
kills the process by process id
killall pname
kills the process by name
-9
for forceful killing in both kill and killall
Use sudo
if it's a root process.
Top comments (23)
Do not use
lsof
on live Linux (and possibly FreeBSD) servers. In very rare conditions it can cause entire server to hang - hardware reboot needed.Instead use
ss
(fast!) and if you really have to thennetstat
(sloooww, cpu hog).Thank you! I don't think I propose it in the post 🤔
What do you think about the steps proposed by mayankjoshi that I integrated into the blog post:
Would you add anything?
ss -tnlp
andnetstat -tnlp
shows pid of processes, their names and their open/listening (aka server) ports. There are tons of tutorials @google about these two commands.top
on the other hand does not show open ports. Depending on the OS it can have some shortcuts to kill.As to
root
andsudo
I would be very careful. You may end up with a surprise ;) You can kill some system service like X server, print spooler, OS upgrade process.kill
(pid) andkillall
(matching a name) sends signals to processes. Without a name of a signal given default one is used - SIGTERM. This is just "asking" process to exit - similar to alt+f4. The-9
signal is a SIGKILL signal - usually just calledkill
. It cannot be ignored by processes.After killing process that had opened TCP port it make take a while before this port is closed. It hangs in OS in special state - only thing you can do is wait or reboot.
Sooner or later you're going to need kill some process to free some port. It's a good idea to glance some docs/manuals (man ss, man netstat) to have some vague memories about what each of these commands can do. Every command is useful. Everyone has their favourite set. Do an experiment - but before you do save your files.
just wanted to say thanks for the info :)
I always have an issue with port 80. The macOS just doesn't want to let it go for non-root users.
Do you have any further suggestions as your script doesn't seem to work for me.
Yeah. I had a port 80 problem when Dropbox was running in the background. As soon as I changed that (i.e. now Dropbox only runs when I open it instead of when I switch the laptop on), my problem was fixed. You can see what occupies your port 80 by running
sudo lsof -i :YourPortNumber
.changing your root permissions? unix.stackexchange.com/questions/1...
Yes, I've tried the DropBox trick but still macOS won't let my process use port 80 unless I start that process as root.
Not sure how that link you offered helps?
Eh how annoying. Well you could add root permissions to other users and then you should be able to close the port.
Ah, is that what that link was about?
Exactly :)
Okay, I’ll take a closer look and let you know how I get on.
Thanks for your help.
@sylwia - That link seemed to be about file permissions rather than process permissions.
See my reply to Mateusz where I use the insight provided and find my solution,
I’s standard, security behavior. You cannot open port <1024 as standard user, you need root permision on both macOS and Linux systemy. Because of security.
When someone will hack into your server, the hacker cannot kill your HTTP server and run phishing site on you domain because he need root privilages.
Well, that makes sense.
Armed with this knowledge I researched port forwarding and discovered
pf
(packet filtering) which lead me to salferrarello.com/mac-pfctl-port-f... which was the answer to my issue.Thanks for the insight!
In Linux
$
top
to see the list of open processKilling a process
kill pid
killall pname
-9
for forceful killing in both kill and killallUse sudo if it's a root process.
Thank you! I'll add it right away!
Actually the URL to my profile is incorrect.😅😅
🤦♀️corrected!
It's not closing a port, but stopping a process. You close ports using firewall usually.
When a process is killed, the ports are automatically Freed.
When I was doing TCP up connection I Freed same port for reuse using this method itself.
Luckily, if you stop the application, the port will be released. The title says How to properly close a port?, not how to kill a process. What if you want the keep the process running but don't want to listen on that port anymore?
I don't think it is possible to free a port held by a process without killing the same process.
Sure. I decided for this title because that's what my students google — the post is in my budding series primarily for my students at a coding bootcamp ❤️