Read and write to TCP or UDP sockets with common bash tools

exec 5<>/dev/tcp/; cat <&5 & cat >&5; exec 5>&-
Ever needed to test firewalls but didn't have netcat, telnet or even FTP? Enter /dev/tcp, your new best friend. /dev/tcp/(hostname)/(port) is a bash builtin that bash can use to open connections to TCP and UDP ports. This one-liner opens a connection on a port to a server and lets you read and write to it from the terminal. How it works: First, exec sets up a redirect for /dev/tcp/$server/$port to file descriptor 5. Then, as per some excellent feedback from @flatcap, we launch a redirect from file descriptor 5 to STDOUT and send that to the background (which is what causes the PID to be printed when the commands are run), and then redirect STDIN to file descriptor 5 with the second cat. Finally, when the second cat dies (the connection is closed), we clean up the file descriptor with 'exec 5>&-'. It can be used to test FTP, HTTP, NTP, or can connect to netcat listening on a port (makes for a simple chat client!) Replace /tcp/ with /udp/ to use UDP instead.

By: tyzbit
2015-07-30 21:12:38

What Others Think

Useful stuff to know. But I can make it a bit shorter. In bash there's : (colon) operator that does nothing (mostly), so you can shorten your while loop to: while :; do ... done . Next, you read stdin using 'read' and echoing it. 'cat' does that (a non-useless use of cat :-) while :; do cat; done . Also you may want to expand you description to explain HOW it works. What the 'exec' statement is doing. Why you need the trap on EXIT. . Finally the examples you give are a bit misleading. If you use the command on you get a redirect to https page (OK, so it works, but it's not a great example). Also, you can't test FTP because IIRC you make an outgoing call on port 20 and FTP makes an incoming call on port 21.
flatcap · 339 weeks ago
@flatcap, you're absolutely right, I've edited the command and it's shorter and much simpler. On the topic of FTP, the control channel is 21 so you will be able to navigate, list directories and so forth. Port 20 is used for data, so you cannot transfer files with this (and I should hope you don't expect to be able to!)
tyzbit · 339 weeks ago
Very nice :-)
flatcap · 339 weeks ago
I vote this for the best commandlinefu ever.
brx75x · 339 weeks ago
It's very cool, but not exactly universal. /dev/tcp is not available on all Linux systems. As I understand it, it's not on any Debian-based (including, of course, Ubuntu) systems. I imagine you could probably do something like this with netcat on those systems.
unixmonkey89071 · 339 weeks ago
I tested this specifically on an Ubuntu system and expect it should work across most distributions, but this does require a reasonably up to date version of bash.
tyzbit · 339 weeks ago
Archlinux: no /dev/tcp. (So this indicates it's not in the latest kernel or in the latest systemd. And, of course, bash version is 'bleeding edge' - 4.3.39(1) ) Centos 6: no /dev/tcp (Indicating it's not in older kernels.) Seriously doubt this exists on Solaris, any of the BSD's, Slackware, Gentoo, CoreOS or osX. So rather limited in scope ): So while it's neat, it's certainly not the 'best ever command line fu.' Also, apt-get install netcat (or, you know, downloading the source for hobbit's netcat and compiling) is probalby less difficult to remember. Not to mention socat...
unixmonkey89507 · 338 weeks and 3 days ago
tyzbit: which Ubuntu did you test against? /dev/tcp and /dev/udp are not available on Ubuntu Trusty (which is the latest LTS, likely to be on most servers.)
unixmonkey89507 · 338 weeks and 3 days ago
Ok, I did some more research; /dev/tcp and /dev/udp are not mappings to /dev, but builtins _IF_ bash is built with this functionality. For most server systems, it's not (as this could be a gigantic security hole.) It might be the case on some desktop systems, but as said, not Arch, Centos, Debian, and none of the Ubuntu's I tested. For this to actually work on most systems, you need to rebuild bash and enable this. Configuring and then commpiling bash (many files) versus Hobbit's original netcat (one file)... I'm going with netcat for simplicity.
unixmonkey89507 · 338 weeks and 3 days ago
great that i found this forum. People here are great. Learned alot. Keep posting more Cutting
Killersmile · 43 weeks and 3 days ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this? is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.


Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: