Block process from using port
Clash Royale CLAN TAG#URR8PPP up vote
2
down vote
favorite
For some reason, Foxit Reader likes to listen on port 23119. I don't know why it does this.
I want to block a specific process (Foxit Reader) from using a specific port (23119), becacuse it interferes with other programs that use this port (and actually do something useful).
How can I do it?
networking
asked Apr 12 at 15:28
becko
2,905123774
 |Â
show 1 more comment
up vote
2
down vote
favorite
For some reason, Foxit Reader likes to listen on port 23119. I don't know why it does this.
I want to block a specific process (Foxit Reader) from using a specific port (23119), becacuse it interferes with other programs that use this port (and actually do something useful).
How can I do it?
networking
asked Apr 12 at 15:28
becko
2,905123774
1
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23
 |Â
show 1 more comment
up vote
2
down vote
favorite
up vote
2
down vote
favorite
For some reason, Foxit Reader likes to listen on port 23119. I don't know why it does this.
I want to block a specific process (Foxit Reader) from using a specific port (23119), becacuse it interferes with other programs that use this port (and actually do something useful).
How can I do it?
networking
asked Apr 12 at 15:28
becko
2,905123774
For some reason, Foxit Reader likes to listen on port 23119. I don't know why it does this.
I want to block a specific process (Foxit Reader) from using a specific port (23119), becacuse it interferes with other programs that use this port (and actually do something useful).
How can I do it?
networking
networking
asked Apr 12 at 15:28
becko
2,905123774
asked Apr 12 at 15:28
becko
2,905123774
asked Apr 12 at 15:28
becko
2,905123774
asked Apr 12 at 15:28
becko
2,905123774
asked Apr 12 at 15:28
becko
2,905123774
2,905123774
1
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23
 |Â
show 1 more comment
1
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23
1
1
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23
 |Â
show 1 more comment
1 Answer
1
active
oldest
votes
up vote
1
down vote
Here are four ways. Pick one you like best.
IPTables (the Linux Firewall) can intercept inbound packets, so the listener never receives them. IPTables is part of the Linux kernel, included with every install of Ubuntu. Several simpler frontends to IPTables (ufw, gufw) are in the Ubuntu repositories. This is the easiest method for most users...however your case is unusual (port conflict), so it may not work for you.
An AppArmor rule could prevent port use by an individual program...if/when this functionality is finally implemented (See LP:796588). However, the act of prevention might crash the program.
The application itself may offer a setting. You may need to approach the upstream developers and ask nicely for this. They might say yes, or not - they might have the listener there for a very good, innocent reason.
When using open source software, you can edit the source and recompile. Of course, this requires many requisite skills, and is recommended for fairly advanced users only.
Since your case is a port conflict (two applications trying to use the same port), one possible solution is to start the application you want bound to the port first. After the port is bound, then you are free to start Foxit Reader.
answered Apr 13 at 16:01
user535733
5,77222436
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
Here are four ways. Pick one you like best.
IPTables (the Linux Firewall) can intercept inbound packets, so the listener never receives them. IPTables is part of the Linux kernel, included with every install of Ubuntu. Several simpler frontends to IPTables (ufw, gufw) are in the Ubuntu repositories. This is the easiest method for most users...however your case is unusual (port conflict), so it may not work for you.
An AppArmor rule could prevent port use by an individual program...if/when this functionality is finally implemented (See LP:796588). However, the act of prevention might crash the program.
The application itself may offer a setting. You may need to approach the upstream developers and ask nicely for this. They might say yes, or not - they might have the listener there for a very good, innocent reason.
When using open source software, you can edit the source and recompile. Of course, this requires many requisite skills, and is recommended for fairly advanced users only.
Since your case is a port conflict (two applications trying to use the same port), one possible solution is to start the application you want bound to the port first. After the port is bound, then you are free to start Foxit Reader.
answered Apr 13 at 16:01
user535733
5,77222436
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
add a comment |Â
up vote
1
down vote
Here are four ways. Pick one you like best.
IPTables (the Linux Firewall) can intercept inbound packets, so the listener never receives them. IPTables is part of the Linux kernel, included with every install of Ubuntu. Several simpler frontends to IPTables (ufw, gufw) are in the Ubuntu repositories. This is the easiest method for most users...however your case is unusual (port conflict), so it may not work for you.
An AppArmor rule could prevent port use by an individual program...if/when this functionality is finally implemented (See LP:796588). However, the act of prevention might crash the program.
The application itself may offer a setting. You may need to approach the upstream developers and ask nicely for this. They might say yes, or not - they might have the listener there for a very good, innocent reason.
When using open source software, you can edit the source and recompile. Of course, this requires many requisite skills, and is recommended for fairly advanced users only.
Since your case is a port conflict (two applications trying to use the same port), one possible solution is to start the application you want bound to the port first. After the port is bound, then you are free to start Foxit Reader.
answered Apr 13 at 16:01
user535733
5,77222436
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
add a comment |Â
up vote
1
down vote
up vote
1
down vote
Here are four ways. Pick one you like best.
IPTables (the Linux Firewall) can intercept inbound packets, so the listener never receives them. IPTables is part of the Linux kernel, included with every install of Ubuntu. Several simpler frontends to IPTables (ufw, gufw) are in the Ubuntu repositories. This is the easiest method for most users...however your case is unusual (port conflict), so it may not work for you.
An AppArmor rule could prevent port use by an individual program...if/when this functionality is finally implemented (See LP:796588). However, the act of prevention might crash the program.
The application itself may offer a setting. You may need to approach the upstream developers and ask nicely for this. They might say yes, or not - they might have the listener there for a very good, innocent reason.
When using open source software, you can edit the source and recompile. Of course, this requires many requisite skills, and is recommended for fairly advanced users only.
Since your case is a port conflict (two applications trying to use the same port), one possible solution is to start the application you want bound to the port first. After the port is bound, then you are free to start Foxit Reader.
answered Apr 13 at 16:01
user535733
5,77222436
Here are four ways. Pick one you like best.
IPTables (the Linux Firewall) can intercept inbound packets, so the listener never receives them. IPTables is part of the Linux kernel, included with every install of Ubuntu. Several simpler frontends to IPTables (ufw, gufw) are in the Ubuntu repositories. This is the easiest method for most users...however your case is unusual (port conflict), so it may not work for you.
An AppArmor rule could prevent port use by an individual program...if/when this functionality is finally implemented (See LP:796588). However, the act of prevention might crash the program.
The application itself may offer a setting. You may need to approach the upstream developers and ask nicely for this. They might say yes, or not - they might have the listener there for a very good, innocent reason.
When using open source software, you can edit the source and recompile. Of course, this requires many requisite skills, and is recommended for fairly advanced users only.
Since your case is a port conflict (two applications trying to use the same port), one possible solution is to start the application you want bound to the port first. After the port is bound, then you are free to start Foxit Reader.
answered Apr 13 at 16:01
user535733
5,77222436
edited Apr 13 at 16:17
answered Apr 13 at 16:01
user535733
5,77222436
answered Apr 13 at 16:01
user535733
5,77222436
answered Apr 13 at 16:01
user535733
5,77222436
5,77222436
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
add a comment |Â
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
As far as I know AppArmor can confine network traffic only at socket level, not port level. So you could block it from using TCP, but not a specific port.
– Sebastian Stark
Apr 13 at 16:08
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
If you block the port with IPTables, it will also not be possible to use it with another program, as OP wants.
– Sebastian Stark
Apr 13 at 16:09
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
@SebastianStark edited the answer to address your great input.
– user535733
Apr 13 at 16:17
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
Yes I believe that @Sebastian Stark is correct on using apparmor for port blocking. However, one could write a rule to block network access from foxit altogether.
– Martin W
Apr 13 at 16:45
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1024399%2fblock-process-from-using-port%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Maybe one day github.com/evilsocket/opensnitch would work, but there does not seem to be any release yet
– Sebastian Stark
Apr 12 at 16:04
@SebastianStark Cool! It's not packaged, but it provides instructions for building it from source. The main site links to that GitHub page for downloading. Do you recommend against using it? If not, do you want to post an answer about it?
– Eliah Kagan
Apr 12 at 17:10
I have never tried it, so it does not feel right to recommend it. I do not even know it can prevent a process from listening on a port.
– Sebastian Stark
Apr 12 at 17:35
@user535733 Unfortunately, FoxitReader has the nicest interface for PDF annotation on Linux. Okular is also good, but it requires a lot of KDE libraries that I do not wish to install.
– becko
Apr 13 at 14:35
How are you determining it's using the port? Just tried it an in my case it doesn't listen on the network, just some unix sockets that are probably for internal use of QT and should not interfer with something else.
– Sebastian Stark
Apr 13 at 16:23