Viewing Active Network Sockets

The Diagnostics > Sockets page prints a list of active TCP/IP sockets for both IPv4 and IPv6 used by the firewall itself.


The output of this command only shows sockets used by the firewall OS for daemons or other programs on the firewall. It does not show connections for traffic passing through the firewall.

This list is useful for determining which IP addresses and ports are in use by various firewall processes and/or packages. The firewall interprets the contents of the page from the output of the FreeBSD command sockstat.

By default the page only displays listening sockets. Click Show all socket connections to also display sockets in use by the firewall for connections to external hosts.

Each row in the output contains the following information:


The operating system user who owns the socket (e.g. root)


The command which holds the socket. This might be a daemon or a program making an outbound connection.


The process ID of the command holding the socket.


The file descriptor number of the socket.


The transport protocol and address family combined (e.g. TCP4, UDP6, UDP46).


The local IP address and port number associated with this socket.


The remote IP address and port number associated with this socket.