pcp opened many TCP ports #18438

imoneoi · 2023-03-02T12:44:04Z

imoneoi
Mar 2, 2023

When installed cockpit-pcp, the pmlogger service listened to many TCP ports on all addresses, starting from 4330. Is this a security issue, and is there an option to turn it off?

tcp   LISTEN 6      5                                 0.0.0.0:4347       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=58))                              
tcp   LISTEN 6      5                                 0.0.0.0:4348       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=61))                              
tcp   LISTEN 6      5                                 0.0.0.0:4349       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=64))                              
tcp   LISTEN 6      5                                 0.0.0.0:4350       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=67))                              
tcp   LISTEN 6      5                                 0.0.0.0:4351       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=70))                              
tcp   LISTEN 5      5                                 0.0.0.0:4352       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=73))                              
tcp   LISTEN 6      5                                 0.0.0.0:4353       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=76))                              
tcp   LISTEN 5      5                                 0.0.0.0:4354       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=79))                              
tcp   LISTEN 6      5                                 0.0.0.0:4355       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=82))                              
tcp   LISTEN 4      5                                 0.0.0.0:4356       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=85))                              
tcp   LISTEN 6      5                                 0.0.0.0:4357       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=88))                              
tcp   LISTEN 2      5                                 0.0.0.0:4358       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=91))                              
tcp   LISTEN 3      5                                 0.0.0.0:4359       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=94))                              
tcp   LISTEN 1      5                                 0.0.0.0:4360       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=97))                              
tcp   LISTEN 1      5                                 0.0.0.0:4361       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=100))                             
tcp   LISTEN 0      5                                 0.0.0.0:4362       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=103))                             
tcp   LISTEN 6      5                                 0.0.0.0:4330       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=7))                               
tcp   LISTEN 0      5                                 0.0.0.0:4363       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=106))                             
tcp   LISTEN 6      5                                 0.0.0.0:4331       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=10))                              
tcp   LISTEN 0      5                                 0.0.0.0:4364       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=109))                             
tcp   LISTEN 6      5                                 0.0.0.0:4332       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=13))                              
tcp   LISTEN 0      5                                 0.0.0.0:4365       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=112))                             
tcp   LISTEN 6      5                                 0.0.0.0:4333       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=16))                              
tcp   LISTEN 0      5                                 0.0.0.0:4366       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=115))                             
tcp   LISTEN 6      5                                 0.0.0.0:4334       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=19))                              
tcp   LISTEN 6      5                                 0.0.0.0:4335       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=22))                              
tcp   LISTEN 6      5                                 0.0.0.0:4336       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=25))                              
tcp   LISTEN 6      5                                 0.0.0.0:4337       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=28))                              
tcp   LISTEN 6      5                                 0.0.0.0:4338       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=31))                              
tcp   LISTEN 6      5                                 0.0.0.0:4339       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=34))                              
tcp   LISTEN 6      5                                 0.0.0.0:4340       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=37))                              
tcp   LISTEN 6      5                                 0.0.0.0:4341       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=40))                              
tcp   LISTEN 6      5                                 0.0.0.0:4342       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=43))                              
tcp   LISTEN 6      5                                 0.0.0.0:4343       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=46))                              
tcp   LISTEN 6      5                                 0.0.0.0:4344       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=49))                              
tcp   LISTEN 6      5                                 0.0.0.0:4345       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=52))                              
tcp   LISTEN 4      5                                 0.0.0.0:4346       0.0.0.0:*    users:(("pmlogger",pid=1936,fd=55))                              
tcp   LISTEN 0      5                                    [::]:4347          [::]:*    users:(("pmlogger",pid=1936,fd=59))                              
tcp   LISTEN 0      5                                    [::]:4348          [::]:*    users:(("pmlogger",pid=1936,fd=62))                              
tcp   LISTEN 0      5                                    [::]:4349          [::]:*    users:(("pmlogger",pid=1936,fd=65))                              
tcp   LISTEN 0      5                                    [::]:4350          [::]:*    users:(("pmlogger",pid=1936,fd=68))                              
tcp   LISTEN 0      5                                    [::]:4351          [::]:*    users:(("pmlogger",pid=1936,fd=71))                              
tcp   LISTEN 0      5                                    [::]:4352          [::]:*    users:(("pmlogger",pid=1936,fd=74))                              
tcp   LISTEN 0      5                                    [::]:4353          [::]:*    users:(("pmlogger",pid=1936,fd=77))                              
tcp   LISTEN 0      5                                    [::]:4354          [::]:*    users:(("pmlogger",pid=1936,fd=80))                              
tcp   LISTEN 0      5                                    [::]:4355          [::]:*    users:(("pmlogger",pid=1936,fd=83))                              
tcp   LISTEN 0      5                                    [::]:4356          [::]:*    users:(("pmlogger",pid=1936,fd=86))                              
tcp   LISTEN 0      5                                    [::]:4357          [::]:*    users:(("pmlogger",pid=1936,fd=89))                              
tcp   LISTEN 0      5                                    [::]:4358          [::]:*    users:(("pmlogger",pid=1936,fd=92))                              
tcp   LISTEN 0      5                                    [::]:4359          [::]:*    users:(("pmlogger",pid=1936,fd=95))                              
tcp   LISTEN 0      5                                    [::]:4360          [::]:*    users:(("pmlogger",pid=1936,fd=98))                              
tcp   LISTEN 0      5                                    [::]:4361          [::]:*    users:(("pmlogger",pid=1936,fd=101))                             
tcp   LISTEN 0      5                                    [::]:4362          [::]:*    users:(("pmlogger",pid=1936,fd=104))                             
tcp   LISTEN 0      5                                    [::]:4330          [::]:*    users:(("pmlogger",pid=1936,fd=8))                               
tcp   LISTEN 0      5                                    [::]:4363          [::]:*    users:(("pmlogger",pid=1936,fd=107))                             
tcp   LISTEN 0      5                                    [::]:4331          [::]:*    users:(("pmlogger",pid=1936,fd=11))                              
tcp   LISTEN 0      5                                    [::]:4364          [::]:*    users:(("pmlogger",pid=1936,fd=110))                             
tcp   LISTEN 0      5                                    [::]:4332          [::]:*    users:(("pmlogger",pid=1936,fd=14))                              
tcp   LISTEN 0      5                                    [::]:4365          [::]:*    users:(("pmlogger",pid=1936,fd=113))                             
tcp   LISTEN 0      5                                    [::]:4333          [::]:*    users:(("pmlogger",pid=1936,fd=17))                              
tcp   LISTEN 0      5                                    [::]:4366          [::]:*    users:(("pmlogger",pid=1936,fd=116))                             
tcp   LISTEN 0      5                                    [::]:4334          [::]:*    users:(("pmlogger",pid=1936,fd=20))                              
tcp   LISTEN 0      5                                    [::]:4335          [::]:*    users:(("pmlogger",pid=1936,fd=23))                              
tcp   LISTEN 0      5                                    [::]:4336          [::]:*    users:(("pmlogger",pid=1936,fd=26))                              
tcp   LISTEN 0      5                                    [::]:4337          [::]:*    users:(("pmlogger",pid=1936,fd=29))                              
tcp   LISTEN 0      5                                    [::]:4338          [::]:*    users:(("pmlogger",pid=1936,fd=32))                              
tcp   LISTEN 0      5                                    [::]:4339          [::]:*    users:(("pmlogger",pid=1936,fd=35))                              
tcp   LISTEN 0      5                                    [::]:4340          [::]:*    users:(("pmlogger",pid=1936,fd=38))                              
tcp   LISTEN 0      5                                    [::]:4341          [::]:*    users:(("pmlogger",pid=1936,fd=41))                              
tcp   LISTEN 0      5                                    [::]:4342          [::]:*    users:(("pmlogger",pid=1936,fd=44))                              
tcp   LISTEN 0      5                                    [::]:4343          [::]:*    users:(("pmlogger",pid=1936,fd=47))                              
tcp   LISTEN 0      5                                    [::]:4344          [::]:*    users:(("pmlogger",pid=1936,fd=50))                              
tcp   LISTEN 0      5                                    [::]:4345          [::]:*    users:(("pmlogger",pid=1936,fd=53))                              
tcp   LISTEN 0      5                                    [::]:4346          [::]:*    users:(("pmlogger",pid=1936,fd=56))

Answered by jelly

Mar 2, 2023

cockpit-pcp consumes pcp (performance co-pilot) metrics for the metrics page, so installing the package installs pcp on your distribution and auto starts it pmlogger (part of pcp, not Cockpit).

The large amount of ports being opened seems to be a known issue in PCP performancecopilot/pcp#1448

Is this a security issue? Not really, if you have your firewall properly configured no one should be able to snoop on your metrics.

View full answer

jelly · 2023-03-02T15:56:31Z

jelly
Mar 2, 2023
Maintainer

cockpit-pcp consumes pcp (performance co-pilot) metrics for the metrics page, so installing the package installs pcp on your distribution and auto starts it pmlogger (part of pcp, not Cockpit).

The large amount of ports being opened seems to be a known issue in PCP performancecopilot/pcp#1448

Is this a security issue? Not really, if you have your firewall properly configured no one should be able to snoop on your metrics.

0 replies

the8woodcutter · 2025-08-08T05:26:19Z

the8woodcutter
Aug 8, 2025

can I ask how ecsactly to block those ports? pcp has totally voided my whitelist iptables rules, and I've managed to set a different segment to localhost, but pmlogger I haven't found the method yet. Please tell me where to make it localhost please. I've never seen such a thing before, I wonder if it's superceding my iptables with nftables? I have no idea really, and though this is just a hobby and maybe eventually a career, I have been hosting for a decade and I've never seen anything supercede my firewall like pcp does :/ .. and I want to continue using it.

2 replies

Venefilyn Aug 8, 2025
Collaborator

Heya, you might have better results asking pcp directly given it relates to how pcp operates and not Cockpit

the8woodcutter Aug 14, 2025

okay thanks :)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

pcp opened many TCP ports #18438

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments 2 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

pcp opened many TCP ports #18438

Uh oh!

imoneoi Mar 2, 2023

Replies: 2 comments · 2 replies

Uh oh!

jelly Mar 2, 2023 Maintainer

Uh oh!

Uh oh!

the8woodcutter Aug 8, 2025

Uh oh!

Venefilyn Aug 8, 2025 Collaborator

Uh oh!

the8woodcutter Aug 14, 2025

imoneoi
Mar 2, 2023

Replies: 2 comments 2 replies

jelly
Mar 2, 2023
Maintainer

the8woodcutter
Aug 8, 2025

Venefilyn Aug 8, 2025
Collaborator