Zeile 1: |
Zeile 1: |
| ===Warum=== | | ===Warum=== |
| | | |
− | * Damit man schoen sehen kann, warum grad alles so langsam geht | + | * Damit man schoen sehen kann, warum grad alles so langsam geht. |
| + | * Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports... |
| | | |
| ===Skript=== | | ===Skript=== |
Zeile 7: |
Zeile 8: |
| #!/bin/sh | | #!/bin/sh |
| | | |
− | echo -e "Content-type: text/plain\n"
| + | awk -F'[= ]' '/ESTABLISHED/ { |
− | | + | if(match($0,"dport=698 ")==0){ |
− | awk -F'[ =]' '/ESTABLISHED/ { | + | gsub(/=6667 /,"=CHAT/IRC ") |
− | if(match($0,"dport=698")==0){
| + | gsub(/=6666 /,"=CHAT/IRC ") |
− | gsub(/6662 /,"IRC ")
| + | gsub(/=6665 /,"=CHAT/IRC ") |
− | gsub(/5223 /,"Jabber ")
| + | gsub(/=6664 /,"=CHAT/IRC ") |
− | gsub(/5222 /,"Jabber ")
| + | gsub(/=6663 /,"=CHAT/IRC ") |
− | gsub(/5190 /,"AIM/ICQ ")
| + | gsub(/=6662 /,"=CHAT/IRC ") |
− | gsub(/443 /,"www crypted! ")
| + | gsub(/=5223 /,"=CHAT/Jabber_secure ") |
− | gsub(/110 /,"POP3 ")
| + | gsub(/=5222 /,"=CHAT/Jabber ") |
− | gsub(/80 /,"www ")
| + | gsub(/=5190 /,"=CHAT/AIM/ICQ ") |
− | gsub(/25 /,"sendmail uncrypted? ")
| + | gsub(/=1863 /,"=CHAT/MSN ") |
− | gsub(/22 /,"SSH ")
| + | gsub(/=995 /,"=MAIL/POP3_secure ") |
− | printf("%-14s %15s %s %5s %-5s\n",$11,$13,$1,$15,$17)
| + | gsub(/=993 /,"=MAIL/IMAP_secure ") |
− | }}' /proc/net/ip_conntrack|sort|awk '{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
| + | gsub(/=443 /,"=www_secure ") |
| + | gsub(/=411 /,"=P2P/DC++ ") |
| + | gsub(/=143 /,"=MAIL/IMAP ") |
| + | gsub(/=110 /,"=MAIL/POP3 ") |
| + | gsub(/=80 /,"=www ") |
| + | gsub(/=25 /,"=MAIL/SMTP ") |
| + | gsub(/=22 /,"=SSH ") |
| + | printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17) |
| + | }}' /proc/net/ip_conntrack|sort|awk ' |
| + | BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}' |
| </pre> | | </pre> |
| | | |
Zeile 27: |
Zeile 37: |
| Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet | | Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet |
| <pre> | | <pre> |
− | 10.63.133.1 141.54.1.3 tcp 51367 POP3 | + | 10.63.16.1 ---> 10.63.13... tcp www ---> 3874 |
− | | + | 10.63.16.1 ---> 10.63.13... tcp 4233 ---> www |
− | 10.63.180.1 24.128.132.246 tcp 1303 46983
| |
− | | |
− | 10.63.50.1 38.119.88.31 tcp 53851 www | |
− | 10.63.50.1 38.119.88.31 tcp 53872 www | |
− | | |
− | 104.63.16.5 213.189.18.6 tcp 1194 www
| |
− | 104.63.16.5 38.102.66.50 tcp 1186 www
| |
− | | |
− | 104.63.162.2 205.188.10.33 tcp 2095 AIM/ICQ
| |
− | 104.63.162.2 205.188.10.34 tcp 2152 AIM/ICQ
| |
| | | |
− | 104.63.206.2 72.14.221.147 tcp 1052 www
| + | 10.63.180.1 ---> 216.133.246.... tcp 1078 ---> www |
| + | 10.63.180.1 ---> 216.133.246.... tcp 1616 ---> www |
| | | |
− | 104.63.7.2 195.226.68.150 tcp 2153 www
| + | 10.63.73.1 ---> 80.171.19... tcp 3726 ---> 30401 |
− | 104.63.7.2 195.226.68.150 tcp 2164 www
| + | 10.63.73.1 ---> 68.53.202.... tcp 3747 ---> 18102 |
− | 104.63.7.2 195.226.68.150 tcp 2170 www
| + | 10.63.73.1 ---> 194.247.253... tcp 3500 ---> 28490 |
− | 104.63.7.2 195.226.68.150 tcp 2172 www
| |
− | 104.63.7.2 205.188.10.129 tcp 3909 AIM/ICQ
| |
− | 104.63.7.2 213.229.60.SSH tcp 2616 www
| |
− | 104.63.7.2 62.149.130.169 tcp 2038 www
| |
− | 104.63.7.2 62.149.130.169 tcp 2041 www
| |
− | 104.63.7.2 213.131.239.226 tcp 2296 www
| |
| | | |
− | 104.63.71.10 86.63.27.238 tcp 2338 50827 | + | 104.63.186.2 ---> 62.104.23... tcp 2672 ---> www |
− | 104.63.71.10 212.10.90.166 tcp 2342 50630 | + | 104.63.186.2 ---> 72.14.221... tcp 2906 ---> www |
− | 104.63.71.10 212.10.90.166 tcp 2354 50630
| + | 104.63.186.2 ---> 72.14.221.... tcp 2668 ---> www |
− | 104.63.71.10 212.10.90.166 tcp 2375 50630 | |
− | 104.63.71.10 212.10.90.166 tcp 2410 50630
| |
− | 104.63.71.10 212.10.90.166 tcp 2420 www
| |
− | 104.63.71.10 217.160.30.61 tcp 2166 www | |
− | 104.63.71.10 69.197.54.147 tcp 2345 9289
| |
− | 104.63.71.10 84.197.56.248 tcp 2452 41038
| |
− | 104.63.71.10 87.122.89.165 tcp 2457 www
| |
− | 104.63.71.10 88.203.166.111 tcp 2333 20204
| |
− | 104.63.71.10 88.203.166.111 tcp 2388 20204
| |
− | 104.63.71.10 129.132.187.200 tcp 2444 13530
| |
− | 104.63.71.10 213.213.218.162 tcp 2516 1060
| |
| | | |
− | 104.63.71.11 207.46.106.87 tcp 2865 1863 | + | 104.63.45.2 ---> 64.236.34.... tcp 2128 ---> www |
− | 104.63.71.11 68.146.228.49 tcp 2695 13551
| |
− | 104.63.71.11 82.239.148.49 tcp 2531 5698
| |
− | 104.63.71.11 84.196.175.92 tcp 2258 13841
| |
− | 104.63.71.11 84.197.56.248 tcp 2774 41038
| |
− | 104.63.71.11 86.56.161.218 tcp 2863 56372
| |
− | 104.63.71.11 72.192.236.193 tcp 2807 55517
| |
− | 104.63.71.11 88.100.100.186 tcp 2771 www
| |
− | 104.63.71.11 212.201.100.141 tcp 2869 www
| |
− | 104.63.71.11 212.201.100.141 tcp 2873 www
| |
− | 104.63.71.11 212.201.100.143 tcp 2851 www
| |
| | | |
− | 104.63.74.4 32.107.56.11 tcp 1334 www | + | 104.63.58.2 ---> 213.83.60.... tcp 1426 ---> www_secure |
| | | |
− | 217.68.167.64 104.63.42.1 tcp 39439 www
| + | 104.63.7.2 ---> 10.63.11... tcp 2029 ---> 411 |
| </pre> | | </pre> |