端口号参考
网络
在防火墙规则、docker-compose 文件和 tcpdump 输出中真正会遇到的端口的快速查询 — well-known (< 1024)、registered (1024–49151) 以及惯例的 dev / 数据库端口。每条列出协议(TCP / UDP / both)、服务名和一行描述。
—
| 端口 | 协议 | 服务 | 描述 | |
|---|---|---|---|---|
| 20 | tcp | FTP-DATA | File Transfer Protocol — data channel. | |
| 21 | tcp | FTP | File Transfer Protocol — control channel. | |
| 22 | tcp | SSH | Secure Shell. Also used by SFTP and SCP. | |
| 23 | tcp | Telnet | Plaintext remote shell. Avoid on the open internet. | |
| 25 | tcp | SMTP | Simple Mail Transfer Protocol — server-to-server mail. | |
| 53 | both | DNS | Domain Name System lookups. UDP for queries, TCP for zone transfers and large answers. | |
| 67 | udp | DHCP server | Dynamic Host Configuration Protocol — server-side. | |
| 68 | udp | DHCP client | DHCP — client-side. | |
| 69 | udp | TFTP | Trivial File Transfer Protocol — bootstrapping / firmware. | |
| 80 | tcp | HTTP | Plain HTTP. Browsers default to this when the URL has no scheme. | |
| 110 | tcp | POP3 | Post Office Protocol 3 — legacy mail retrieval. | |
| 119 | tcp | NNTP | Network News Transfer Protocol — Usenet. | |
| 123 | udp | NTP | Network Time Protocol. | |
| 143 | tcp | IMAP | Internet Message Access Protocol — mailbox sync. | |
| 161 | udp | SNMP | Simple Network Management Protocol — device monitoring. | |
| 162 | udp | SNMP trap | SNMP asynchronous notifications. | |
| 389 | tcp | LDAP | Lightweight Directory Access Protocol. | |
| 443 | tcp | HTTPS | HTTP over TLS. Default for the modern web. | |
| 445 | tcp | SMB | Server Message Block — Windows file sharing. | |
| 465 | tcp | SMTPS | SMTP over TLS (implicit). Common for mail submission. | |
| 514 | udp | syslog | Unix syslog forwarding. | |
| 587 | tcp | SMTP submission | Mail submission from clients with STARTTLS. | |
| 631 | tcp | IPP / CUPS | Internet Printing Protocol; macOS / Linux print server. | |
| 636 | tcp | LDAPS | LDAP over TLS. | |
| 989 | tcp | FTPS-data | FTPS data channel (implicit TLS). | |
| 990 | tcp | FTPS | FTPS control channel (implicit TLS). | |
| 993 | tcp | IMAPS | IMAP over TLS. | |
| 995 | tcp | POP3S | POP3 over TLS. | |
| 1080 | tcp | SOCKS | SOCKS proxy. | |
| 1194 | udp | OpenVPN | OpenVPN default port. | |
| 1433 | tcp | MSSQL | Microsoft SQL Server. | |
| 1521 | tcp | Oracle | Oracle Database default listener. | |
| 1701 | udp | L2TP | Layer 2 Tunneling Protocol — VPN. | |
| 1723 | tcp | PPTP | Point-to-Point Tunneling Protocol — legacy VPN. | |
| 1883 | tcp | MQTT | Message Queuing Telemetry Transport — IoT messaging. | |
| 2049 | tcp | NFS | Network File System. | |
| 2375 | tcp | Docker (plain) | Docker daemon socket — unencrypted, dev only. | |
| 2376 | tcp | Docker (TLS) | Docker daemon socket — TLS. | |
| 3000 | tcp | dev server | Conventional Node.js dev port — Next.js, Express, … | |
| 3306 | tcp | MySQL | MySQL / MariaDB. | |
| 3389 | tcp | RDP | Microsoft Remote Desktop Protocol. | |
| 3478 | both | STUN / TURN | WebRTC NAT-traversal — STUN / TURN servers. | |
| 4444 | tcp | Selenium | Selenium WebDriver default hub. | |
| 5000 | tcp | Flask / UPnP | Python Flask dev default; UPnP on macOS. | |
| 5060 | both | SIP | Session Initiation Protocol — VoIP signalling (plain). | |
| 5061 | tcp | SIP-TLS | SIP over TLS. | |
| 5432 | tcp | PostgreSQL | PostgreSQL default listener. | |
| 5900 | tcp | VNC | Virtual Network Computing. | |
| 6379 | tcp | Redis | Redis default port. | |
| 6443 | tcp | Kubernetes API | Kubernetes API server (HTTPS). | |
| 6667 | tcp | IRC | Internet Relay Chat. | |
| 8000 | tcp | dev server | Common alt HTTP — Python `http.server`, Django. | |
| 8080 | tcp | HTTP-alt | Alternative HTTP — Tomcat, Jenkins, proxies. | |
| 8443 | tcp | HTTPS-alt | Alternative HTTPS — admin panels, alt webservers. | |
| 8888 | tcp | HTTP-alt / Jupyter | Alternative HTTP; Jupyter Notebook default. | |
| 9000 | tcp | PHP-FPM | PHP FastCGI Process Manager. | |
| 9090 | tcp | Prometheus | Prometheus metrics scraper. | |
| 9092 | tcp | Kafka | Apache Kafka broker. | |
| 9200 | tcp | Elasticsearch | Elasticsearch REST API. | |
| 11211 | tcp | memcached | memcached default port. | |
| 27017 | tcp | MongoDB | MongoDB default port. |
使用方法
- 输入端口号 (`443`)、服务名 (`postgres`) 或关键字 (`mail`)。
- 按 well-known / registered / ephemeral 范围筛选缩小。
- 点击复制获取端口号用于 docker-compose 映射或防火墙规则。
常见问题
- well-known、registered 和 ephemeral 是什么意思?
- IANA 把 16 位端口空间分为三段:well-known (0–1023,标准化服务的系统端口)、registered (1024–49151,应用和厂商分配)、ephemeral (49152–65535,用于出站连接的动态/私有端口)。在 Unix 上绑定 1024 以下需要 root 权限。
- 为什么有些端口标 `both`?
- 例如 DNS、SIP、STUN 在 TCP 和 UDP 都有定义。`both` 标记表示该端口在两个协议都被注册,而非同一服务必须同时使用两者。
- 这些是实际保留的端口吗?
- 是 — 要么是 IANA 分配 (22、80、443、53、…),要么是上游项目的事实默认值 (3306 MySQL、6379 Redis、27017 MongoDB)。当然实现可以监听其它端口。
相关工具
MAC 转 EUI-64 / 链路本地
把任意 MAC 地址转为 modified EUI-64 接口 ID 和对应的 IPv6 链路本地地址 — 与 Windows/Linux 自动计算结果相同的形式。
网络00
URL Query 构建器
用基础地址与可编辑的 key-value 查询参数组合 URL — 每对可开关、自动 percent 编码。
网络00
IP 地址检查器
输入 IPv4 或 IPv6 地址,查看其类、scope(私有 / 公共 / 回环 / 链路本地)、十进制值、二进制、反向 DNS 表示以及 /32 CIDR。
网络00
DNS 记录参考
可搜索的 DNS 记录类型速查表 — A、AAAA、CNAME、MX、TXT、NS、SOA、PTR、SRV、CAA、DNSSEC、SVCB / HTTPS — 含示例。
网络00
子网计算器(IPv4 / CIDR)
解析 IPv4 CIDR:网络地址、广播、子网掩码、通配符、主机范围、地址类。附二进制细节与公网/私网判定。
网络00
User Agent 解析器
把 User-Agent 字符串解析为浏览器、引擎、操作系统、设备、CPU。识别 20+ 种爬虫,含 GPTBot、ClaudeBot、PerplexityBot。
网络00