在过去的3个月左右,我遇到了随机错误,我无法绑定我的本地开发工作站上运行Identity Server的特定端口.起初我以为这是我的破机,所以我重置了一切,这有点解决了2个月的问题,现在又回来了.
与此同时,其他开发者也看到了同样的问题.遇到此问题的所有人都在运行Windows 10,但并非所有使用Windows 10的人都有此问题.
使用shutdown / s / f / t 0关闭后重新启动Windows是再次打开端口的唯一可靠解决方案.我正常重启后(由于Windows更新或类似),问题再次出现,我需要用该命令关闭窗口.
我写了一个小的f#脚本来测试哪些端口受到影响.我得到的确切错误消息是
An attempt was made to access a socket in a way forbidden by its access permissions
当我找到它时,建议的解决方案在哪里重新启动机器,但这似乎更像是一个解决方案,而不是一个真正的解决方案.我也发现了https://stackoverflow.com/a/10461978/621366 – 但netstat -o没有列出端口,TCPView工具也没有.我们所有人都非常确定该端口没有任何东西占用.我还尝试在管理员控制台中运行netstat,在Windows上的bash中运行类似的命令,但找不到任何东西.我甚至无法通过telnet连接到端口,它说什么都没有在端口上监听.
这些端口例如是:
> 49670 – 49689
> 49710 – 49749
> 49760 – 49779
> 49811 – 49830
> 49843 – 49882
> 50197 – 50216
我们没有人修改Windows防火墙上的任何东西或安装任何其他防病毒工具,除了Windows 10默认工具.所以一切都应该是默认值.并且它在第一次打破之前和之后的2个月之后也正常工作了大约10个月.在这两种情况下,安装后的一些Windows更新.最后一次是bios更新(可能是因为崩溃/幽灵问题?).
还试图在防火墙上明确打开端口没有帮助.
根据这个答案https://stackoverflow.com/a/23982901/621366 TCPView和netstat不应该错过任何被占用的端口,但即使我在TCPView中启用显示未连接的端点,我也没有看到任何在尝试绑定它时获得权限被拒绝的端口.这里是一个来自占用端口的屏幕(我标记了在允许拒绝端口组之前或之后的边界占用端口)
更新:
我注意到它似乎总是160或180(确切数字)的端口,在40,000范围内有权限被拒绝这对我来说似乎很奇怪,所以很明显有些东西是故意占用端口,但是什么?我似乎无法在Windows事件日志中找到任何内容(虽然我不知道要查找什么)并且这些端口都没有显示任何我的防火墙规则.同时关闭docker for windows并没有任何区别,当一位同事提到对他们来说,足以重启docker for windows(在UI中重启 – 重新启动),现在对我来说,甚至重启与关机命令不再起作用.
更新2:
netstat -ano的输出从管理员PowerShell运行:
Proto Local Address Foreign Address State PID TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1152 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:2179 0.0.0.0:0 LISTENING 4696 TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 6616 TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:5432 0.0.0.0:0 LISTENING 11100 TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING 7056 TCP 0.0.0.0:17500 0.0.0.0:0 LISTENING 9668 TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 784 TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1628 TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 2028 TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 3560 TCP 0.0.0.0:49800 0.0.0.0:0 LISTENING 856 TCP 0.0.0.0:49821 0.0.0.0:0 LISTENING 892 TCP 0.0.0.0:50000 0.0.0.0:0 LISTENING 11100 TCP 0.0.0.0:50001 0.0.0.0:0 LISTENING 11100 TCP 0.0.0.0:51000 0.0.0.0:0 LISTENING 11100 TCP 10.0.75.1:139 0.0.0.0:0 LISTENING 4 TCP 10.0.75.1:445 10.0.75.2:44848 ESTABLISHED 4 TCP 127.0.0.1:843 0.0.0.0:0 LISTENING 9668 TCP 127.0.0.1:944 0.0.0.0:0 LISTENING 688 TCP 127.0.0.1:944 127.0.0.1:50968 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50970 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50973 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50977 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50981 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50990 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50992 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:50996 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:51005 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:51007 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:51009 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:51015 TIME_WAIT 0 TCP 127.0.0.1:944 127.0.0.1:51017 ESTABLISHED 688 TCP 127.0.0.1:4380 0.0.0.0:0 LISTENING 11024 TCP 127.0.0.1:6942 0.0.0.0:0 LISTENING 9296 TCP 127.0.0.1:17600 0.0.0.0:0 LISTENING 9668 TCP 127.0.0.1:49668 127.0.0.1:49669 ESTABLISHED 688 TCP 127.0.0.1:49669 127.0.0.1:49668 ESTABLISHED 688 TCP 127.0.0.1:50076 127.0.0.1:50077 ESTABLISHED 8828 TCP 127.0.0.1:50077 127.0.0.1:50076 ESTABLISHED 8828 TCP 127.0.0.1:50173 127.0.0.1:50174 ESTABLISHED 9668 TCP 127.0.0.1:50174 127.0.0.1:50173 ESTABLISHED 9668 TCP 127.0.0.1:50175 127.0.0.1:50176 ESTABLISHED 9668 TCP 127.0.0.1:50176 127.0.0.1:50175 ESTABLISHED 9668 TCP 127.0.0.1:50197 127.0.0.1:50198 ESTABLISHED 9668 TCP 127.0.0.1:50198 127.0.0.1:50197 ESTABLISHED 9668 TCP 127.0.0.1:50335 127.0.0.1:50336 ESTABLISHED 6424 TCP 127.0.0.1:50336 127.0.0.1:50335 ESTABLISHED 6424 TCP 127.0.0.1:50346 127.0.0.1:50347 ESTABLISHED 11100 TCP 127.0.0.1:50347 127.0.0.1:50346 ESTABLISHED 11100 TCP 127.0.0.1:51011 127.0.0.1:51012 ESTABLISHED 9296 TCP 127.0.0.1:51012 127.0.0.1:51011 ESTABLISHED 9296 TCP 127.0.0.1:51013 127.0.0.1:51014 ESTABLISHED 9296 TCP 127.0.0.1:51014 127.0.0.1:51013 ESTABLISHED 9296 TCP 127.0.0.1:51016 0.0.0.0:0 LISTENING 9296 TCP 127.0.0.1:51017 127.0.0.1:944 ESTABLISHED 8828 TCP 127.0.0.1:63342 0.0.0.0:0 LISTENING 9296 TCP 127.94.0.1:946 0.0.0.0:0 LISTENING 688 TCP 127.94.0.2:946 0.0.0.0:0 LISTENING 688 TCP 127.94.0.3:946 0.0.0.0:0 LISTENING 688 TCP 127.94.0.4:946 0.0.0.0:0 LISTENING 688 TCP 169.254.105.83:139 0.0.0.0:0 LISTENING 4 TCP 192.168.0.107:139 0.0.0.0:0 LISTENING 4 TCP 192.168.0.107:49415 111.221.29.134:443 ESTABLISHED 4316 TCP 192.168.0.107:49417 111.221.29.127:443 ESTABLISHED 4316 TCP 192.168.0.107:50185 162.125.66.3:443 CLOSE_WAIT 9668 TCP 192.168.0.107:50246 52.70.31.26:443 CLOSE_WAIT 9668 TCP 192.168.0.107:50253 35.177.204.73:443 ESTABLISHED 2804 TCP 192.168.0.107:50254 35.177.204.73:443 ESTABLISHED 2804 TCP 192.168.0.107:50256 35.177.204.73:443 ESTABLISHED 2804 TCP 192.168.0.107:50257 158.85.224.175:443 ESTABLISHED 10836 TCP 192.168.0.107:50258 13.69.14.160:443 ESTABLISHED 8620 TCP 192.168.0.107:50310 66.102.1.188:443 ESTABLISHED 11184 TCP 192.168.0.107:50329 157.240.20.15:443 ESTABLISHED 10836 TCP 192.168.0.107:50331 111.221.29.74:443 ESTABLISHED 10072 TCP 192.168.0.107:50332 162.125.18.133:443 ESTABLISHED 9668 TCP 192.168.0.107:50351 40.77.226.194:443 ESTABLISHED 8620 TCP 192.168.0.107:50460 66.102.1.189:443 ESTABLISHED 10836 TCP 192.168.0.107:50470 66.102.1.189:443 ESTABLISHED 10836 TCP 192.168.0.107:50501 192.30.253.125:443 ESTABLISHED 11184 TCP 192.168.0.107:50513 40.77.226.194:443 ESTABLISHED 8620 TCP 192.168.0.107:50529 87.98.218.198:443 ESTABLISHED 12540 TCP 192.168.0.107:50530 172.217.21.46:443 ESTABLISHED 10836 TCP 192.168.0.107:50616 172.217.21.46:443 ESTABLISHED 10836 TCP 192.168.0.107:50630 162.125.18.133:443 ESTABLISHED 9668 TCP 192.168.0.107:50641 172.217.21.37:443 ESTABLISHED 10836 TCP 192.168.0.107:50645 162.125.66.4:443 CLOSE_WAIT 9668 TCP 192.168.0.107:50668 87.98.218.198:443 ESTABLISHED 12540 TCP 192.168.0.107:50703 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50709 192.30.253.125:443 ESTABLISHED 11184 TCP 192.168.0.107:50744 87.98.218.198:443 ESTABLISHED 12540 TCP 192.168.0.107:50828 162.125.66.3:443 CLOSE_WAIT 9668 TCP 192.168.0.107:50830 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50831 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50832 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50834 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50835 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50836 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50837 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50839 192.30.253.125:443 ESTABLISHED 11184 TCP 192.168.0.107:50844 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50847 192.30.253.124:443 ESTABLISHED 11184 TCP 192.168.0.107:50857 192.30.253.124:443 ESTABLISHED 11184 TCP 192.168.0.107:50863 162.125.34.137:443 CLOSE_WAIT 9668 TCP 192.168.0.107:50865 172.217.21.46:443 TIME_WAIT 0 TCP 192.168.0.107:50866 172.217.21.46:443 ESTABLISHED 10836 TCP 192.168.0.107:50910 35.186.213.138:443 TIME_WAIT 0 TCP 192.168.0.107:50923 172.217.21.46:443 ESTABLISHED 10836 TCP 192.168.0.107:50925 40.117.190.72:443 ESTABLISHED 4040 TCP 192.168.0.107:50927 172.217.21.42:443 ESTABLISHED 11184 TCP 192.168.0.107:50949 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50950 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50951 151.101.0.133:443 ESTABLISHED 11184 TCP 192.168.0.107:50954 192.30.253.124:443 ESTABLISHED 11184 TCP 192.168.0.107:50959 40.117.190.72:443 TIME_WAIT 0 TCP 192.168.0.107:50969 192.30.253.113:22 TIME_WAIT 0 TCP 192.168.0.107:50978 87.98.218.198:443 ESTABLISHED 12540 TCP 192.168.0.107:50984 151.101.1.69:443 ESTABLISHED 11184 TCP 192.168.0.107:50985 192.0.73.2:443 ESTABLISHED 11184 TCP 192.168.0.107:50986 104.16.112.18:443 ESTABLISHED 11184 TCP 192.168.0.107:50991 198.252.206.25:443 ESTABLISHED 11184 TCP 192.168.0.107:50993 192.168.0.10:3910 TIME_WAIT 0 TCP 192.168.0.107:50994 192.168.0.10:3910 TIME_WAIT 0 TCP 192.168.0.107:50997 23.210.254.37:443 ESTABLISHED 912 TCP 192.168.0.107:50998 23.210.254.37:443 ESTABLISHED 912 TCP 192.168.0.107:50999 23.210.254.37:443 ESTABLISHED 912 TCP 192.168.0.107:51001 23.210.254.37:443 ESTABLISHED 912 TCP 192.168.0.107:51006 40.117.190.72:443 ESTABLISHED 11992 TCP 192.168.0.107:51008 40.69.218.62:443 ESTABLISHED 7056 TCP 192.168.0.107:51010 172.217.21.46:443 ESTABLISHED 11184 TCP [::]:135 [::]:0 LISTENING 1152 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:2179 [::]:0 LISTENING 4696 TCP [::]:5357 [::]:0 LISTENING 4 TCP [::]:7680 [::]:0 LISTENING 7056 TCP [::]:17500 [::]:0 LISTENING 9668 TCP [::]:49664 [::]:0 LISTENING 784 TCP [::]:49665 [::]:0 LISTENING 1628 TCP [::]:49666 [::]:0 LISTENING 2028 TCP [::]:49667 [::]:0 LISTENING 3560 TCP [::]:49800 [::]:0 LISTENING 856 TCP [::]:49821 [::]:0 LISTENING 892 TCP [::1]:5432 [::]:0 LISTENING 11100 TCP [::1]:50000 [::]:0 LISTENING 11100 TCP [::1]:50001 [::]:0 LISTENING 11100 TCP [::1]:51000 [::]:0 LISTENING 11100 UDP 0.0.0.0:53 *:* 5620 UDP 0.0.0.0:3702 *:* 2084 UDP 0.0.0.0:3702 *:* 2084 UDP 0.0.0.0:5050 *:* 6616 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 3080 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5353 *:* 11184 UDP 0.0.0.0:5355 *:* 3080 UDP 0.0.0.0:17500 *:* 9668 UDP 0.0.0.0:49670 *:* 2084 UDP 0.0.0.0:57329 *:* 5620 UDP 0.0.0.0:57330 *:* 5620 UDP 0.0.0.0:59529 *:* 8620 UDP 0.0.0.0:60605 *:* 11184 UDP 10.0.75.1:137 *:* 4 UDP 10.0.75.1:138 *:* 4 UDP 10.0.75.1:1900 *:* 2620 UDP 10.0.75.1:61326 *:* 2620 UDP 127.0.0.1:1900 *:* 2620 UDP 127.0.0.1:60816 *:* 4616 UDP 127.0.0.1:61328 *:* 2620 UDP 169.254.105.83:137 *:* 4 UDP 169.254.105.83:138 *:* 4 UDP 169.254.105.83:1900 *:* 2620 UDP 169.254.105.83:61330 *:* 2620 UDP 172.30.146.241:67 *:* 5620 UDP 172.30.146.241:68 *:* 5620 UDP 172.30.146.241:1900 *:* 2620 UDP 172.30.146.241:61329 *:* 2620 UDP 192.168.0.107:137 *:* 4 UDP 192.168.0.107:138 *:* 4 UDP 192.168.0.107:1900 *:* 2620 UDP 192.168.0.107:61327 *:* 2620 UDP [::]:3702 *:* 2084 UDP [::]:3702 *:* 2084 UDP [::]:5353 *:* 11184 UDP [::]:5353 *:* 11184 UDP [::]:5353 *:* 3080 UDP [::]:5353 *:* 11184 UDP [::]:5355 *:* 3080 UDP [::]:49671 *:* 2084 UDP [::]:57331 *:* 5620 UDP [::]:59529 *:* 8620 UDP [::1]:1900 *:* 2620 UDP [::1]:61323 *:* 2620 UDP [fe80::30eb:ad8f:f94a:b774%26]:1900 *:* 2620 UDP [fe80::30eb:ad8f:f94a:b774%26]:61324 *:* 2620 UDP [fe80::718c:22bb:fd97:c06c%23]:1900 *:* 2620 UDP [fe80::718c:22bb:fd97:c06c%23]:61322 *:* 2620 UDP [fe80::85d0:3b5c:7746:6953%5]:1900 *:* 2620 UDP [fe80::85d0:3b5c:7746:6953%5]:61325 *:* 2620
我用来测试开放端口的f#代码:
open System.Net
open System.Net.Sockets
let ipAddress = IPAddress([| (byte)0; (byte)0; (byte)0; (byte)0 |])
let ipEndpoint portNumber = (IPEndPoint(ipAddress,portNumber),portNumber)
let getPorts = seq { for i in 1 .. 65535 -> i }
let checkIfPortAvailable (endpoint,portNumber) =
use listener = new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp)
try
listener.Bind(endpoint)
(portNumber,true,null)
with
| ex -> (portNumber,false,ex)
[<EntryPoint>]
let main argv =
getPorts
|> Seq.map ipEndpoint
|> Seq.map checkIfPortAvailable
|> Seq.where (fun (_,works,_) -> not works)
|> Seq.where (fun (_,_,ex) -> ex.Message.Contains("An attempt was made to access a socket in a way forbidden by its access permissions"))
|> Seq.iteri (fun index (port,_) -> printfn "%5d: %d" index port)
0
和执行应用程序时的输出(它是在netstat命令之后执行的):
0: 445 1: 5357 2: 7680 3: 49670 4: 49671 5: 49672 6: 49673 7: 49674 8: 49675 9: 49676 10: 49677 11: 49678 12: 49679 13: 49680 14: 49681 15: 49682 16: 49683 17: 49684 18: 49685 19: 49686 20: 49687 21: 49688 22: 49689 23: 49710 24: 49711 25: 49712 26: 49713 27: 49714 28: 49715 29: 49716 30: 49717 31: 49718 32: 49719 33: 49720 34: 49721 35: 49722 36: 49723 37: 49724 38: 49725 39: 49726 40: 49727 41: 49728 42: 49729 43: 49730 44: 49731 45: 49732 46: 49733 47: 49734 48: 49735 49: 49736 50: 49737 51: 49738 52: 49739 53: 49740 54: 49741 55: 49742 56: 49743 57: 49744 58: 49745 59: 49746 60: 49747 61: 49748 62: 49749 63: 49750 64: 49751 65: 49752 66: 49753 67: 49754 68: 49755 69: 49756 70: 49757 71: 49758 72: 49759 73: 49770 74: 49771 75: 49772 76: 49773 77: 49774 78: 49775 79: 49776 80: 49777 81: 49778 82: 49779 83: 49780 84: 49781 85: 49782 86: 49783 87: 49784 88: 49785 89: 49786 90: 49787 91: 49788 92: 49789 93: 49790 94: 49791 95: 49792 96: 49793 97: 49794 98: 49795 99: 49796 100: 49797 101: 49798 102: 49799 103: 49825 104: 49826 105: 49827 106: 49828 107: 49829 108: 49830 109: 49831 110: 49832 111: 49833 112: 49834 113: 49835 114: 49836 115: 49837 116: 49838 117: 49839 118: 49840 119: 49841 120: 49842 121: 49843 122: 49844 123: 49845 124: 49846 125: 49847 126: 49848 127: 49849 128: 49850 129: 49851 130: 49852 131: 49853 132: 49854 133: 49855 134: 49856 135: 49857 136: 49858 137: 49859 138: 49860 139: 49861 140: 49862 141: 49863 142: 49864 143: 49866 144: 49867 145: 49868 146: 49869 147: 49870 148: 49871 149: 49872 150: 49873 151: 49874 152: 49875 153: 49876 154: 49877 155: 49878 156: 49879 157: 49880 158: 49881 159: 49882 160: 49883 161: 49884 162: 49885 163: 50274 164: 50275 165: 50276 166: 50277 167: 50278 168: 50279 169: 50280 170: 50281 171: 50282 172: 50283 173: 50284 174: 50285 175: 50286 176: 50287 177: 50288 178: 50289 179: 50290 180: 50291 181: 50292 182: 50293
我实际想要打开的端口是49786,但是我的小测试算法拒绝了报告的端口数量,但是在检查netstat时没有分配的端口令我感到困惑
更新3:
现在只是运行shutdown / s / f / t 0不再起作用了,我发现另一种解决方法似乎在https://social.technet.microsoft.com/Forums/windows/en-US/e0cc1b3e-2c63-451a-abc8-8e1e66a23287/an-attempt-was-made-to-access-a-socket-in-a-way-forbidden-by-its-access-permissions?forum=w7itpronetworking中相当可靠 – netsh int ip reset并重新启动计算机(正常的Windows 10重启就足够了)到目前为止,该端口始终可用于下一次启动(但只有3次尝试)
更新4:
意见总结:
>在小f#脚本中设置SO_REUSEADDR会使事情变得更糟
>试图关闭Skype,VPN应用程序,DropBox和类似没有任何影响(是的,我实际上确保进程终止)
当我找到它时,解释是
原文链接:/windows/365033.htmlAn attempt was made to access a socket in a way forbidden by its access permissions. An example is using a broadcast address for sendto without broadcast permission being set using setsockopt(SO_BROADCAST).
Another possible reason for the WSAEACCES error is that when the bind function is called (on Windows NT 4.0 with SP4 and later),another application,service,or kernel mode driver is bound to the same address with exclusive access. Such exclusive access is a new feature of Windows NT 4.0 with SP4 and later,and is implemented by using the SO_EXCLUSIVEADDRUSE option.
