Router-Action: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Skript: neu) |
(→Skript: neu) |
||
| Zeile 6: | Zeile 6: | ||
<pre> | <pre> | ||
#!/bin/sh | #!/bin/sh | ||
| − | |||
| − | |||
awk -F'[= ]' '/ESTABLISHED/ { | awk -F'[= ]' '/ESTABLISHED/ { | ||
if(match($0,"dport=698")==0){ | if(match($0,"dport=698")==0){ | ||
| Zeile 15: | Zeile 13: | ||
gsub(/=5190 /,"=AIM/ICQ ") | gsub(/=5190 /,"=AIM/ICQ ") | ||
gsub(/=995 /,"=POP3_secure ") | gsub(/=995 /,"=POP3_secure ") | ||
| − | gsub(/=993 /,"=IMAP_secure ") | + | gsub(/=993 /,"=IMAP_secure ") |
| + | gsub(/=443 /,"=www_secure ") | ||
gsub(/=143 /,"=IMAP ") | gsub(/=143 /,"=IMAP ") | ||
gsub(/=110 /,"=POP3 ") | gsub(/=110 /,"=POP3 ") | ||
| − | gsub(/=80 /,"=www ") | + | gsub(/=80 /,"=www ") |
| + | gsub(/=25 /,"=sendmail ") | ||
| + | gsub(/=22 /,"=SSH ") | ||
| + | printf("%-14s ---> %14s... %s %5s ---> %-5s\n",$11,substr($13,1,length($13)-3),$1,$15,$17) | ||
}}' /proc/net/ip_conntrack|sort|awk 'BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}' | }}' /proc/net/ip_conntrack|sort|awk 'BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}' | ||
</pre> | </pre> | ||
Version vom 14. September 2006, 15:56 Uhr
Warum
- Damit man schoen sehen kann, warum grad alles so langsam geht
Skript
#!/bin/sh
awk -F'[= ]' '/ESTABLISHED/ {
if(match($0,"dport=698")==0){
gsub(/=6662 /,"=IRC ")
gsub(/=5223 /,"=Jabber_secure ")
gsub(/=5222 /,"=Jabber ")
gsub(/=5190 /,"=AIM/ICQ ")
gsub(/=995 /,"=POP3_secure ")
gsub(/=993 /,"=IMAP_secure ")
gsub(/=443 /,"=www_secure ")
gsub(/=143 /,"=IMAP ")
gsub(/=110 /,"=POP3 ")
gsub(/=80 /,"=www ")
gsub(/=25 /,"=sendmail ")
gsub(/=22 /,"=SSH ")
printf("%-14s ---> %14s... %s %5s ---> %-5s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
}}' /proc/net/ip_conntrack|sort|awk 'BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
Ausgabe
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
10.63.133.1 141.54.1.3 tcp 51367 POP3 10.63.180.1 24.128.132.246 tcp 1303 46983 10.63.50.1 38.119.88.31 tcp 53851 www 10.63.50.1 38.119.88.31 tcp 53872 www 104.63.16.5 213.189.18.6 tcp 1194 www 104.63.16.5 38.102.66.50 tcp 1186 www 104.63.162.2 205.188.10.33 tcp 2095 AIM/ICQ 104.63.162.2 205.188.10.34 tcp 2152 AIM/ICQ 104.63.206.2 72.14.221.147 tcp 1052 www 104.63.7.2 195.226.68.150 tcp 2153 www 104.63.7.2 195.226.68.150 tcp 2164 www 104.63.7.2 195.226.68.150 tcp 2170 www 104.63.7.2 195.226.68.150 tcp 2172 www 104.63.7.2 205.188.10.129 tcp 3909 AIM/ICQ 104.63.7.2 213.229.60.SSH tcp 2616 www 104.63.7.2 62.149.130.169 tcp 2038 www 104.63.7.2 62.149.130.169 tcp 2041 www 104.63.7.2 213.131.239.226 tcp 2296 www 104.63.71.10 86.63.27.238 tcp 2338 50827 104.63.71.10 212.10.90.166 tcp 2342 50630 104.63.71.10 212.10.90.166 tcp 2354 50630 104.63.71.10 212.10.90.166 tcp 2375 50630 104.63.71.10 212.10.90.166 tcp 2410 50630 104.63.71.10 212.10.90.166 tcp 2420 www 104.63.71.10 217.160.30.61 tcp 2166 www 104.63.71.10 69.197.54.147 tcp 2345 9289 104.63.71.10 84.197.56.248 tcp 2452 41038 104.63.71.10 87.122.89.165 tcp 2457 www 104.63.71.10 88.203.166.111 tcp 2333 20204 104.63.71.10 88.203.166.111 tcp 2388 20204 104.63.71.10 129.132.187.200 tcp 2444 13530 104.63.71.10 213.213.218.162 tcp 2516 1060 104.63.71.11 207.46.106.87 tcp 2865 1863 104.63.71.11 68.146.228.49 tcp 2695 13551 104.63.71.11 82.239.148.49 tcp 2531 5698 104.63.71.11 84.196.175.92 tcp 2258 13841 104.63.71.11 84.197.56.248 tcp 2774 41038 104.63.71.11 86.56.161.218 tcp 2863 56372 104.63.71.11 72.192.236.193 tcp 2807 55517 104.63.71.11 88.100.100.186 tcp 2771 www 104.63.71.11 212.201.100.141 tcp 2869 www 104.63.71.11 212.201.100.141 tcp 2873 www 104.63.71.11 212.201.100.143 tcp 2851 www 104.63.74.4 32.107.56.11 tcp 1334 www 217.68.167.64 104.63.42.1 tcp 39439 www