On the Windows platform, what native options to I have to check if a port (3306, for example) on my local machine (as in localhost), is being blocked?
SnapOverflow
Since you are on a Windows machine, these things can be done:
Execute the following command and look for a ":3306" listener (you did not mention UDP/TCP). This will confirm there is something running on the port.
netstat -a -n
After this, if you are expecting incoming connections on this port and feel that the firewall may be blocking them, you could use start windows firewall logging and check the logs for dropped connections
There is one more command to check the firewall state
(Updated for Windows 7 users -- as referred by
Nickbelow -- use netsh advfirewall firewall)netsh firewall show state
This command will dump the Windows firewall configuration detail
netsh firewall show config
If you have an active block (incoming connections are being dropped by firewall) after you start logging, you should see that in the log.
If you are running an application/service that is listening on 3306, the firewall config should show it to be Enabled. If this is not seen, you have probably missed adding an exception with the firewall to allow this app/service.
Finally, port 3306 is typically used for MySQL. So, I presume you are running MySQL server on this windows machine. You should therefore see a listener for 3306 accepting incoming connections. If you do not see that, you need to work with your application (MySQL) to get that started first.
Since PowerShell 4.0 you can use the command
Test-NetConnectionIf you want to test Port 3306 as in your example the command is
TechNet Test-NetConnection documentation
NETSTATwill tell you if the port is listening but it will not tell you if the port is open to the outside world. What I mean by this is thatNETSTATmay show that the 0.0.0.0 is LISTENING on port 3306 but a firewall may still be blocking that port which is preventing outside connections; so it isn't sufficient to rely onNETSTATalone.The best way to check if a port is blocked is to do a port scan from the client machine.
There are many ways to do a port scan but since you mentioned being on Windows then I will suggest the Microsoft command line utility
PortQryand the Graphical version PortQryUITo test all open ports:
To test a specific port:
For example to test the Web interface of a router at 192.168.1.1:
Which returns:
Where as testing on a local machine with no HTTPD running returns:
Using a PortScan utility you will get one of 3 results.
Listeningmeans the server is listening on the specified portFilteredmeans it received a TCP acknowledgement packet with the Reset flag set which likely indicates a firewall or software issueNot Listeningmeans it didn't receive a response at alltelnetis another command line option that is usually installed on the OS by default. This command line utility can be used a quick way to see if a port responds to a network request.To use
telnetyou would simply issue the following command from a command prompt:The command above should give you a quick indication if the port
3306on thelocalhostis responding.If you can telnet to the port from the local machine (using the external IP address), but not from another machine - then it is being blocked somewhere between.
Note that a firewall on your local machine could prevent even the first action.