port with no proc id

depontius · Advocate Joined: 05 May 2004 Posts: 3529

When I run "netstat -tupln" I get an open tcp port with a proc/PID of "-". After a bit of poking around I find that that happens when something in the kernel opens a port. I've also used "unhide" with a range of options, and nothing gets un-hidden, so I'm presuming it really is a kernel port.

Is there a way to find out what in the kernel is listening on that port?
I'd like to know what it is, so I can either rest easy or un-configure that option in my next kernel build.
_________________
.sigs waste space and bandwidth

pietinger · Posted: Fri Feb 28, 2025 7:46 pm Post subject:

Do you have a TCP-port-number? Do you have enabled CONFIG_DNS_RESOLVER in your kernel .config?
_________________
https://wiki.gentoo.org/wiki/User:Pietinger

zen_desu · Tux's lil' helper Joined: 25 Oct 2024 Posts: 143

depontius · Advocate Joined: 05 May 2004 Posts: 3529

It's a high port, somewhere in the 30k range, not 32. I have CONFIG_DNS_RESOLVER=m in my config, not sure why I have even that. I just did an lsmod and see that it's loaded and being used by nfsv4, which I am running. Not sure what's up with that, but I have a direction to look now, at least. Thanks. I sure wish there were a simpler way to draw the lines here.
_________________
.sigs waste space and bandwidth

zen_desu · Tux's lil' helper Joined: 25 Oct 2024 Posts: 143

depontius · Advocate Joined: 05 May 2004 Posts: 3529

Incidentally, I don't have wireguard on this machine. I was aware of that possibility, but knew it didn't apply. However I do have the kernel DNS resolver and the module is indeed loaded. I guess I don't have to worry, though I'd like to understand this better in order to fully ease my mind. As I said earlier, it would be really nice to see a straight line drawn between the open port and something, even if it doesn't have a proc/PID.
_________________
.sigs waste space and bandwidth

zen_desu · Tux's lil' helper Joined: 25 Oct 2024 Posts: 143