function::inet_get_ip_source - Linux

Overview

inet_get_ip_source obtains the source IP address of an established TCP connection. This command is a valuable tool for troubleshooting network connectivity issues and investigating suspicious traffic.

Syntax

inet_get_ip_source [-46] -p pid [-u uid]

Options/Flags

• -4: Use IPv4.
• -6: Use IPv6.
• -p PID: Specify the process ID (PID) of the connection to examine.
• -u UID: Specify the user ID (UID) of the process.

Examples

Get the source IP address of a specific connection:

inet_get_ip_source -4 -p 12345

Get the source IP address of all TCP connections listening on port 80:

sudo inet_get_ip_source -4 -p `pidof httpd`

Get the source IP address of all connections owned by a specific user:

inet_get_ip_source -u 1000

Common Issues

• Permission denied: Ensure you have sufficient privileges to access information about the specified process or user.
• No source IP found: The connection may not be established or the source IP may be unavailable.

Integration

inet_get_ip_source can be used in conjunction with other Linux commands for advanced tasks, such as:

• netstat to identify active network connections.
• lsof to list open files and connections.
• tcpdump to capture network traffic.

Related Commands

• netstat -anp: List active network connections with their source IP addresses.
• ip addr: Display network interface information.