Prerequisite: First you must know that the port is not independent, it is dependent on the process. When a process is turned on, its corresponding port is turned on and the process is closed, and the port is closed. The next time a process opens again, the corresponding port is opened again. Instead of simply understanding that you are shutting down a port, you can disable a port.
1. You can see which ports are open by "~$ NETSTAT-ANP".
(Note: The parameter '-n ' will turn the application to the port display, that is, the number format of the address, such as: nfs->2049, ftp->21, so you can open two terminals, each corresponding to the program corresponding to the port number)
2. The program that applies the port can then be viewed through the "~$ Lsof-i: $PORT" ($PORT refers to the corresponding port number). Or you can view the file/etc/services, from which you can find the service corresponding to the port.
(Note: Some ports can not be found through the Netstat, more reliable method is "~$ sudo nmap-st-o localhost")
3. To close a port, you can:
1 through the Iptables tool to prohibit the port, such as:
"~$ sudo iptables-a input-p tcp--dport $PORT-j DROP"
"~$ sudo iptables-a output-p tcp--dport $PORT-j DROP"
2) or turn off the corresponding application, the port will naturally shut down, such as:
"~$ kill-9 pid" (PID: Process number)
such as: Through "~$ NETSTAT-ANP | grep ssh "
Show: TCP 0 127.0.0.1:2121 0.0.0.0:* LISTEN 7546/ssh
Then: "~$ kill-9 7546"
(You can view the open state of the system service through "~$ Chkconfig")