3.747
Bearbeitungen
Änderungen
Zur Navigation springen
Zur Suche springen
Zeile 1:
Zeile 1: − + + Zeile 7:
Zeile 8: − echo -e "Content-type: text/plain\n"+ − + − + − if(match($0,"dport=698")==0){+ − gsub(/6662 /,"IRC ")+ − gsub(/5223 /,"Jabber ")+ − gsub(/5222 /,"Jabber ")+ − gsub(/5190 /,"AIM/ICQ ") + − gsub(/443 /,"www crypted! ")+ − gsub(/110 /,"POP3 ")+ − gsub(/80 /,"www ") + − gsub(/25 /,"sendmail uncrypted? ") + − gsub(/22 /,"SSH ") + − printf("%-14s %15s %s %5s %-5s\n",$11,$13,$1,$15,$17)+ − }}' /proc/net/ip_conntrack|sort|awk '{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'+ + + + + + + + + + Zeile 27:
Zeile 37: − + − + − 10.63.180.1 24.128.132.246 tcp 1303 46983 − − − − − 104.63.16.5 213.189.18.6 tcp 1194 www − 104.63.16.5 38.102.66.50 tcp 1186 www − − 104.63.162.2 205.188.10.33 tcp 2095 AIM/ICQ − 104.63.162.2 205.188.10.34 tcp 2152 AIM/ICQ − 104.63.206.2 72.14.221.147 tcp 1052 www + + − 104.63.7.2 195.226.68.150 tcp 2153 www + − 104.63.7.2 195.226.68.150 tcp 2164 www + − 104.63.7.2 195.226.68.150 tcp 2170 www + − 104.63.7.2 195.226.68.150 tcp 2172 www − 104.63.7.2 205.188.10.129 tcp 3909 AIM/ICQ − 104.63.7.2 213.229.60.SSH tcp 2616 www − 104.63.7.2 62.149.130.169 tcp 2038 www − 104.63.7.2 62.149.130.169 tcp 2041 www − 104.63.7.2 213.131.239.226 tcp 2296 www − + − + − 104.63.71.10 212.10.90.166 tcp 2354 50630+ − − 104.63.71.10 212.10.90.166 tcp 2410 50630 − 104.63.71.10 212.10.90.166 tcp 2420 www − − 104.63.71.10 69.197.54.147 tcp 2345 9289 − 104.63.71.10 84.197.56.248 tcp 2452 41038 − 104.63.71.10 87.122.89.165 tcp 2457 www − 104.63.71.10 88.203.166.111 tcp 2333 20204 − 104.63.71.10 88.203.166.111 tcp 2388 20204 − 104.63.71.10 129.132.187.200 tcp 2444 13530 − 104.63.71.10 213.213.218.162 tcp 2516 1060 − + − 104.63.71.11 68.146.228.49 tcp 2695 13551 − 104.63.71.11 82.239.148.49 tcp 2531 5698 − 104.63.71.11 84.196.175.92 tcp 2258 13841 − 104.63.71.11 84.197.56.248 tcp 2774 41038 − 104.63.71.11 86.56.161.218 tcp 2863 56372 − 104.63.71.11 72.192.236.193 tcp 2807 55517 − 104.63.71.11 88.100.100.186 tcp 2771 www − 104.63.71.11 212.201.100.141 tcp 2869 www − 104.63.71.11 212.201.100.141 tcp 2873 www − 104.63.71.11 212.201.100.143 tcp 2851 www − + − 217.68.167.64 104.63.42.1 tcp 39439 www +
→Skript: neues skript
===Warum===
===Warum===
* Damit man schoen sehen kann, warum grad alles so langsam geht
* Damit man schoen sehen kann, warum grad alles so langsam geht.
* Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports...
===Skript===
===Skript===
#!/bin/sh
#!/bin/sh
awk -F'[= ]' '/ESTABLISHED/ {
if(match($0,"dport=698 ")==0){
awk -F'[ =]' '/ESTABLISHED/ {
gsub(/=6667 /,"=CHAT/IRC ")
gsub(/=6666 /,"=CHAT/IRC ")
gsub(/=6665 /,"=CHAT/IRC ")
gsub(/=6664 /,"=CHAT/IRC ")
gsub(/=6663 /,"=CHAT/IRC ")
gsub(/=6662 /,"=CHAT/IRC ")
gsub(/=5223 /,"=CHAT/Jabber_secure ")
gsub(/=5222 /,"=CHAT/Jabber ")
gsub(/=5190 /,"=CHAT/AIM/ICQ ")
gsub(/=1863 /,"=CHAT/MSN ")
gsub(/=995 /,"=MAIL/POP3_secure ")
gsub(/=993 /,"=MAIL/IMAP_secure ")
gsub(/=443 /,"=www_secure ")
gsub(/=411 /,"=P2P/DC++ ")
gsub(/=143 /,"=MAIL/IMAP ")
gsub(/=110 /,"=MAIL/POP3 ")
gsub(/=80 /,"=www ")
gsub(/=25 /,"=MAIL/SMTP ")
gsub(/=22 /,"=SSH ")
printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
}}' /proc/net/ip_conntrack|sort|awk '
BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
</pre>
</pre>
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
<pre>
<pre>
10.63.133.1 141.54.1.3 tcp 51367 POP3
10.63.16.1 ---> 10.63.13... tcp www ---> 3874
10.63.16.1 ---> 10.63.13... tcp 4233 ---> www
10.63.50.1 38.119.88.31 tcp 53851 www
10.63.50.1 38.119.88.31 tcp 53872 www
10.63.180.1 ---> 216.133.246.... tcp 1078 ---> www
10.63.180.1 ---> 216.133.246.... tcp 1616 ---> www
10.63.73.1 ---> 80.171.19... tcp 3726 ---> 30401
10.63.73.1 ---> 68.53.202.... tcp 3747 ---> 18102
10.63.73.1 ---> 194.247.253... tcp 3500 ---> 28490
104.63.71.10 86.63.27.238 tcp 2338 50827
104.63.186.2 ---> 62.104.23... tcp 2672 ---> www
104.63.71.10 212.10.90.166 tcp 2342 50630
104.63.186.2 ---> 72.14.221... tcp 2906 ---> www
104.63.186.2 ---> 72.14.221.... tcp 2668 ---> www
104.63.71.10 212.10.90.166 tcp 2375 50630
104.63.71.10 217.160.30.61 tcp 2166 www
104.63.71.11 207.46.106.87 tcp 2865 1863
104.63.45.2 ---> 64.236.34.... tcp 2128 ---> www
104.63.74.4 32.107.56.11 tcp 1334 www
104.63.58.2 ---> 213.83.60.... tcp 1426 ---> www_secure
104.63.7.2 ---> 10.63.11... tcp 2029 ---> 411
</pre>
</pre>