current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Sign up ×
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. It's 100% free, no registration required.
up vote 6 down vote favorite

So I can use this netcat command to check if a UDP port is open:

$  nc -vz -u 10.1.0.100 53
Connection to 10.1.0.100 53 port [udp/domain] succeeded!

Unlike TCP, UDP is connectionless (fire and forget). So at a high level does anyone know how netcat knows the UDP port is open? Does it ask for a reply or something like that?

Thanks!!

share|improve this question

2 Answers 2

up vote 7 down vote accepted

Judging by the specific output Connection to Connection to 10.1.0.100 53 port [udp/domain] succeeded! you are using openbsd-netcat.

Looking at the code for that the test is to bind to the UDP socket, i.e. there is an open connection: 

              if (vflag || zflag) {
                            /* For UDP, make sure we are connected. */
                            if (uflag) {
                                    if (udptest(s) == -1) {
                                            ret = 1;
                                            continue;
                                    }
                            }

                            /* Don't look up port if -n. */
                            if (nflag)
                                    sv = NULL;
                            else {
                                    sv = getservbyport(
                                        ntohs(atoi(portlist[i])),
                                        uflag ? "udp" : "tcp");
                            }

                            fprintf(stderr,
                                "Connection to %s %s port [%s/%s] "
                                "succeeded!\n", host, portlist[i],
                                uflag ? "udp" : "tcp",
                                sv ? sv->s_name : "*");

udptest issues around 3 writes to the open socket. There is a note that this doesn't work for IPv6 and fails after around 100 ports checked.

So while the other suggestion may be valid, I don't think that's happening in this particular case.

share|improve this answer
    
so udptest is the function I am looking for and it answers my question. From the link you provided "* udptest() * Do a few writes to see if the UDP port is there" – Patrick McMahon yesterday
    
Yes, I just checked that and saw the writes as well. Revised answer. – rocky yesterday
    
@PatrickMcMahon - if this answers your question, then accept it by clicking on the large tick. – cas 20 hours ago
up vote 5 down vote

There is an ICMP message to signalize that a port, even an UDP one, is closed. So if a host sends this message then the port can be assumed to be closed.

https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol#Destination_unreachable

share|improve this answer
1  
Note that because UDP is connectionless, you cannot reliably distinguish an open port from a firewalled port from a lost packet. – Mark 22 hours ago
    
Very true. And theoretically it would also be possible that you get the packet and the port is not really closed. – phk 22 hours ago

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.