Router-Action: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(ausgabe) |
(→Skript: neues skript) |
||
(6 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
===Warum=== | ===Warum=== | ||
− | * Damit man schoen sehen kann, warum grad alles so langsam geht | + | * Damit man schoen sehen kann, warum grad alles so langsam geht. |
+ | * Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports... | ||
===Skript=== | ===Skript=== | ||
Zeile 7: | Zeile 8: | ||
#!/bin/sh | #!/bin/sh | ||
− | + | awk -F'[= ]' '/ESTABLISHED/ { | |
− | + | if(match($0,"dport=698 ")==0){ | |
− | awk -F'[ =]' '/ESTABLISHED/ { | + | gsub(/=6667 /,"=CHAT/IRC ") |
− | + | gsub(/=6666 /,"=CHAT/IRC ") | |
− | + | gsub(/=6665 /,"=CHAT/IRC ") | |
− | + | gsub(/=6664 /,"=CHAT/IRC ") | |
− | + | gsub(/=6663 /,"=CHAT/IRC ") | |
− | + | gsub(/=6662 /,"=CHAT/IRC ") | |
− | + | gsub(/=5223 /,"=CHAT/Jabber_secure ") | |
− | + | gsub(/=5222 /,"=CHAT/Jabber ") | |
− | + | gsub(/=5190 /,"=CHAT/AIM/ICQ ") | |
− | + | gsub(/=1863 /,"=CHAT/MSN ") | |
− | + | gsub(/=995 /,"=MAIL/POP3_secure ") | |
− | + | gsub(/=993 /,"=MAIL/IMAP_secure ") | |
+ | gsub(/=443 /,"=www_secure ") | ||
+ | gsub(/=411 /,"=P2P/DC++ ") | ||
+ | gsub(/=143 /,"=MAIL/IMAP ") | ||
+ | gsub(/=110 /,"=MAIL/POP3 ") | ||
+ | gsub(/=80 /,"=www ") | ||
+ | gsub(/=25 /,"=MAIL/SMTP ") | ||
+ | gsub(/=22 /,"=SSH ") | ||
+ | printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17) | ||
+ | }}' /proc/net/ip_conntrack|sort|awk ' | ||
+ | BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}' | ||
</pre> | </pre> | ||
Zeile 26: | Zeile 37: | ||
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet | Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet | ||
<pre> | <pre> | ||
− | 10.63. | + | 10.63.16.1 ---> 10.63.13... tcp www ---> 3874 |
− | + | 10.63.16.1 ---> 10.63.13... tcp 4233 ---> www | |
− | |||
− | |||
− | 10.63. | ||
− | 10.63. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | 10.63.180.1 ---> 216.133.246.... tcp 1078 ---> www | |
+ | 10.63.180.1 ---> 216.133.246.... tcp 1616 ---> www | ||
− | + | 10.63.73.1 ---> 80.171.19... tcp 3726 ---> 30401 | |
− | + | 10.63.73.1 ---> 68.53.202.... tcp 3747 ---> 18102 | |
− | + | 10.63.73.1 ---> 194.247.253... tcp 3500 ---> 28490 | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | 104.63. | + | 104.63.186.2 ---> 62.104.23... tcp 2672 ---> www |
− | 104. | + | 104.63.186.2 ---> 72.14.221... tcp 2906 ---> www |
− | + | 104.63.186.2 ---> 72.14.221.... tcp 2668 ---> www | |
− | 104.63. | ||
− | |||
− | |||
− | 104.63. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | 104.63. | + | 104.63.45.2 ---> 64.236.34.... tcp 2128 ---> www |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | 104.63. | + | 104.63.58.2 ---> 213.83.60.... tcp 1426 ---> www_secure |
− | + | 104.63.7.2 ---> 10.63.11... tcp 2029 ---> 411 | |
</pre> | </pre> |
Aktuelle Version vom 15. September 2006, 10:23 Uhr
Warum
- Damit man schoen sehen kann, warum grad alles so langsam geht.
- Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports...
Skript
#!/bin/sh awk -F'[= ]' '/ESTABLISHED/ { if(match($0,"dport=698 ")==0){ gsub(/=6667 /,"=CHAT/IRC ") gsub(/=6666 /,"=CHAT/IRC ") gsub(/=6665 /,"=CHAT/IRC ") gsub(/=6664 /,"=CHAT/IRC ") gsub(/=6663 /,"=CHAT/IRC ") gsub(/=6662 /,"=CHAT/IRC ") gsub(/=5223 /,"=CHAT/Jabber_secure ") gsub(/=5222 /,"=CHAT/Jabber ") gsub(/=5190 /,"=CHAT/AIM/ICQ ") gsub(/=1863 /,"=CHAT/MSN ") gsub(/=995 /,"=MAIL/POP3_secure ") gsub(/=993 /,"=MAIL/IMAP_secure ") gsub(/=443 /,"=www_secure ") gsub(/=411 /,"=P2P/DC++ ") gsub(/=143 /,"=MAIL/IMAP ") gsub(/=110 /,"=MAIL/POP3 ") gsub(/=80 /,"=www ") gsub(/=25 /,"=MAIL/SMTP ") gsub(/=22 /,"=SSH ") printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17) }}' /proc/net/ip_conntrack|sort|awk ' BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
Ausgabe
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
10.63.16.1 ---> 10.63.13... tcp www ---> 3874 10.63.16.1 ---> 10.63.13... tcp 4233 ---> www 10.63.180.1 ---> 216.133.246.... tcp 1078 ---> www 10.63.180.1 ---> 216.133.246.... tcp 1616 ---> www 10.63.73.1 ---> 80.171.19... tcp 3726 ---> 30401 10.63.73.1 ---> 68.53.202.... tcp 3747 ---> 18102 10.63.73.1 ---> 194.247.253... tcp 3500 ---> 28490 104.63.186.2 ---> 62.104.23... tcp 2672 ---> www 104.63.186.2 ---> 72.14.221... tcp 2906 ---> www 104.63.186.2 ---> 72.14.221.... tcp 2668 ---> www 104.63.45.2 ---> 64.236.34.... tcp 2128 ---> www 104.63.58.2 ---> 213.83.60.... tcp 1426 ---> www_secure 104.63.7.2 ---> 10.63.11... tcp 2029 ---> 411