Viewing Active Network Sockets

The Diagnostics > Sockets page prints a list of active TCP/IP sockets for both IPv4 and IPv6 used by the firewall itself.

Note

The output of this command only shows sockets used by the firewall OS for daemons or other programs on the firewall. It does not show connections for traffic passing through the firewall.

This list is useful for determining which IP addresses and ports are in use by various firewall processes and/or packages. The firewall interprets the contents of the page from the output of the FreeBSD command sockstat.

By default the page only displays listening sockets. Click Show all socket connections to also display sockets in use by the firewall for connections to external hosts.

Each row in the output contains the following information:

User

The operating system user who owns the socket (e.g. root)

Command

The command which holds the socket. This might be a daemon or a program making an outbound connection.

PID

The process ID of the command holding the socket.

FD

The file descriptor number of the socket.

Proto

The transport protocol and address family combined (e.g. TCP4, UDP6, UDP46).

Local

The local IP address and port number associated with this socket.

Foreign

The remote IP address and port number associated with this socket.