Detecting listening servers in multi-ip jails

[Dirk Engling]

Hello,

until jails could be bound to several ip addresses, my convenience
feature in ezjail to check for and warn about listening services in the
host system and other jails worked simply by asking:

listeners_ip=`sockstat -4 -l | grep "${ip}:[[:digit:]]"`
listeners_all=`sockstat -4 -l | grep "*:[[:digit:]]"`

Now where ip adresses are not rewritten on listen() calls anymore,
services in jails can bind to 0.0.0.0 as well and will match the latter,
although they don't really cause the trouble I want to warn users about
(unless, of course the jail really is bound to the same ip address and
the service then binds to 0.0.0.0).

Now I can, using "nc -z", test if the service really listens. That
allows me to filter and only report those services that actually
respond. However, this is far from clean.

Are there other ways to relibly test for listening services on any port
for a given ip address?

Thanks in advance,

  erdgeist