Created
September 26, 2020 02:51
-
-
Save awakecoding/14ae283e0018a6e9e77ba23c1f4d26f2 to your computer and use it in GitHub Desktop.
PowerShell netstat wrapper
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-Netstat | |
| { | |
| $netstat = Get-Command -Name 'netstat' -ErrorAction SilentlyContinue | |
| if (-Not $netstat) { | |
| Write-Warning "netstat command not available" | |
| return ,@() | |
| } | |
| if ($IsLinux) { | |
| # Linux netstat: | |
| # Proto Recv-Q Send-Q Local Address Foreign Address State | |
| # tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN | |
| # tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN | |
| # tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN | |
| $output = netstat -an --tcp | grep LISTEN | |
| foreach ($line in $output) { | |
| $line = $line.Trim() | |
| $line = $line -Split '\s+' # split line by whitespace | |
| $Protocol = $line[0] | |
| $LocalAddress = $line[3] | |
| $ForeignAddress = $line[4] | |
| $State = $line[5] | |
| # Linux uses ':' separator for port | |
| $LocalPort = $($LocalAddress -Split ':')[-1] -as [int] | |
| [PSCustomObject]@{ | |
| Protocol = $Protocol | |
| LocalAddress = $LocalAddress | |
| LocalPort = $LocalPort | |
| ForeignAddress = $ForeignAddress | |
| State = $State | |
| } | |
| } | |
| } | |
| elseif ($IsMacOS) { | |
| # macOS netstat: | |
| # Proto Recv-Q Send-Q Local Address Foreign Address (state) | |
| # tcp46 0 0 *.8080 *.* LISTEN | |
| # tcp4 0 0 127.0.0.1.631 *.* LISTEN | |
| $output = netstat -an -p tcp | grep LISTEN | |
| foreach ($line in $output) { | |
| $line = $line.Trim() | |
| $line = $line -Split '\s+' # split line by whitespace | |
| $Protocol = $line[0] | |
| $LocalAddress = $line[3] | |
| $ForeignAddress = $line[4] | |
| $State = $line[5] | |
| # macOS uses '.' separator for port, replace it with ':' | |
| $LocalAddress = $LocalAddress -Replace '(.+)\.(\d+)', '$1:$2' | |
| $LocalPort = $($LocalAddress -Split ':')[-1] -as [int] | |
| [PSCustomObject]@{ | |
| Protocol = $Protocol | |
| LocalAddress = $LocalAddress | |
| LocalPort = $LocalPort | |
| ForeignAddress = $ForeignAddress | |
| State = $State | |
| } | |
| } | |
| } | |
| else { # Windows | |
| # Windows netstat: | |
| # Proto Local Address Foreign Address State | |
| # TCP 0.0.0.0:135 0.0.0.0:0 LISTENING | |
| # TCP 192.168.25.132:4489 0.0.0.0:0 LISTENING | |
| $output = netstat -an -p tcp | findstr LISTEN | |
| foreach ($line in $output) { | |
| $line = $line.Trim() | |
| $line = $line -Split '\s+' # split line by whitespace | |
| $Protocol = $line[0] | |
| $LocalAddress = $line[1] | |
| $ForeignAddress = $line[2] | |
| $State = $line[3] | |
| # Windows uses ':' separator for port | |
| $LocalPort = $($LocalAddress -Split ':')[-1] -as [int] | |
| # Normalize TCP state names according to | |
| # https://tools.ietf.org/html/rfc793#section-3.2 | |
| if ($State -eq 'LISTENING') { | |
| $State = 'LISTEN' | |
| } | |
| [PSCustomObject]@{ | |
| Protocol = $Protocol | |
| LocalAddress = $LocalAddress | |
| LocalPort = $LocalPort | |
| ForeignAddress = $ForeignAddress | |
| State = $State | |
| } | |
| } | |
| } | |
| } | |
| function Get-LocalTcpPorts | |
| { | |
| $netstat = Get-Netstat | |
| if ($netstat) { | |
| $netstat | Select-Object -ExpandProperty 'LocalPort' | |
| } else { | |
| return ,@() | |
| } | |
| } | |
| # Check if a TCP port is already taken: | |
| # $(Get-LocalTcpPorts).Contains(3389) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment