Router-Action: Unterschied zwischen den Versionen

Aus Weimarnetz Wiki
Zur Navigation springen Zur Suche springen
(→‎Skript: neu)
(→‎Skript: neues skript)
 
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
 
===Warum===
 
===Warum===
  
* Damit man schoen sehen kann, warum grad alles so langsam geht
+
* Damit man schoen sehen kann, warum grad alles so langsam geht.
 +
* Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports...
  
 
===Skript===
 
===Skript===
 
<pre>
 
<pre>
 
#!/bin/sh
 
#!/bin/sh
echo -e "Content-type: text/plain\n"
 
  
 
awk -F'[= ]' '/ESTABLISHED/ {
 
awk -F'[= ]' '/ESTABLISHED/ {
if(match($0,"dport=698")==0){
+
if(match($0,"dport=698 ")==0){
gsub(/=6662 /,"=IRC ")
+
gsub(/=6667 /,"=CHAT/IRC ")
gsub(/=5223 /,"=Jabber_secure ")
+
gsub(/=6666 /,"=CHAT/IRC ")
gsub(/=5222 /,"=Jabber ")
+
gsub(/=6665 /,"=CHAT/IRC ")
gsub(/=5190 /,"=AIM/ICQ ")
+
gsub(/=6664 /,"=CHAT/IRC ")
gsub(/=995 /,"=POP3_secure ")
+
gsub(/=6663 /,"=CHAT/IRC ")
gsub(/=993 /,"=IMAP_secure ")                                                   gsub(/=443 /,"=www_secure ")
+
gsub(/=6662 /,"=CHAT/IRC ")
gsub(/=143 /,"=IMAP ")
+
gsub(/=5223 /,"=CHAT/Jabber_secure ")
gsub(/=110 /,"=POP3 ")
+
gsub(/=5222 /,"=CHAT/Jabber ")
gsub(/=80 /,"=www ")                                                             gsub(/=25 /,"=sendmail ")                                                       gsub(/=22 /,"=SSH ")                                                             printf("%-14s ---> %14s... %s %5s ---> %-5s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
+
gsub(/=5190 /,"=CHAT/AIM/ICQ ")
}}' /proc/net/ip_conntrack|sort|awk 'BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
+
gsub(/=1863 /,"=CHAT/MSN ")
 +
gsub(/=995 /,"=MAIL/POP3_secure ")
 +
gsub(/=993 /,"=MAIL/IMAP_secure ")
 +
gsub(/=443 /,"=www_secure ")
 +
gsub(/=411 /,"=P2P/DC++ ")
 +
gsub(/=143 /,"=MAIL/IMAP ")
 +
gsub(/=110 /,"=MAIL/POP3 ")
 +
gsub(/=80 /,"=www ")
 +
gsub(/=25 /,"=MAIL/SMTP ")
 +
gsub(/=22 /,"=SSH ")
 +
printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
 +
}}' /proc/net/ip_conntrack|sort|awk '
 +
BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'
 
</pre>
 
</pre>
  
Zeile 25: Zeile 37:
 
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
 
Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet
 
<pre>
 
<pre>
10.63.133.1         141.54.1.3 tcp 51367 POP3
+
10.63.16.1     --->      10.63.13... tcp  www ---> 3874
 +
10.63.16.1     --->      10.63.13... tcp 4233 ---> www 
  
10.63.180.1     24.128.132.246 tcp  1303 46983
+
10.63.180.1   --->  216.133.246.... tcp  1078 ---> www 
 +
10.63.180.1    --->  216.133.246.... tcp  1616 ---> www 
  
10.63.50.1       38.119.88.31 tcp 53851 www  
+
10.63.73.1     --->      80.171.19... tcp  3726 ---> 30401
10.63.50.1       38.119.88.31 tcp 53872 www  
+
10.63.73.1     --->    68.53.202.... tcp  3747 ---> 18102
 +
10.63.73.1    --->    194.247.253... tcp  3500 ---> 28490
  
104.63.16.5      213.189.18.6 tcp  1194 www   
+
104.63.186.2  --->      62.104.23... tcp  2672 ---> www   
104.63.16.5      38.102.66.50 tcp  1186 www   
+
104.63.186.2  --->      72.14.221... tcp  2906 ---> www 
 +
104.63.186.2  --->    72.14.221.... tcp  2668 ---> www   
  
104.63.162.2    205.188.10.33 tcp  2095 AIM/ICQ
+
104.63.45.2   --->     64.236.34.... tcp  2128 ---> www 
104.63.162.2    205.188.10.34 tcp  2152 AIM/ICQ
 
  
104.63.206.2    72.14.221.147 tcp  1052 www 
+
104.63.58.2   --->     213.83.60.... tcp  1426 ---> www_secure
  
104.63.7.2      195.226.68.150 tcp  2153 www 
+
104.63.7.2    --->      10.63.11... tcp  2029 ---> 411
104.63.7.2      195.226.68.150 tcp  2164 www 
 
104.63.7.2      195.226.68.150 tcp  2170 www 
 
104.63.7.2      195.226.68.150 tcp  2172 www 
 
104.63.7.2      205.188.10.129 tcp  3909 AIM/ICQ
 
104.63.7.2      213.229.60.SSH tcp  2616 www 
 
104.63.7.2      62.149.130.169 tcp  2038 www 
 
104.63.7.2      62.149.130.169 tcp  2041 www 
 
104.63.7.2    213.131.239.226 tcp  2296 www 
 
 
 
104.63.71.10      86.63.27.238 tcp  2338 50827
 
104.63.71.10    212.10.90.166 tcp  2342 50630
 
104.63.71.10    212.10.90.166 tcp  2354 50630
 
104.63.71.10    212.10.90.166 tcp  2375 50630
 
104.63.71.10    212.10.90.166 tcp  2410 50630
 
104.63.71.10    212.10.90.166 tcp  2420 www 
 
104.63.71.10    217.160.30.61 tcp  2166 www 
 
104.63.71.10    69.197.54.147 tcp  2345 9289
 
104.63.71.10    84.197.56.248 tcp  2452 41038
 
104.63.71.10    87.122.89.165 tcp  2457 www 
 
104.63.71.10    88.203.166.111 tcp  2333 20204
 
104.63.71.10    88.203.166.111 tcp  2388 20204
 
104.63.71.10  129.132.187.200 tcp  2444 13530
 
104.63.71.10   213.213.218.162 tcp  2516 1060
 
 
 
104.63.71.11    207.46.106.87 tcp  2865 1863
 
104.63.71.11    68.146.228.49 tcp  2695 13551
 
104.63.71.11    82.239.148.49 tcp  2531 5698
 
104.63.71.11    84.196.175.92 tcp  2258 13841
 
104.63.71.11    84.197.56.248 tcp  2774 41038
 
104.63.71.11    86.56.161.218 tcp  2863 56372
 
104.63.71.11    72.192.236.193 tcp  2807 55517
 
104.63.71.11    88.100.100.186 tcp  2771 www 
 
104.63.71.11  212.201.100.141 tcp  2869 www 
 
104.63.71.11   212.201.100.141 tcp  2873 www 
 
104.63.71.11  212.201.100.143 tcp  2851 www 
 
 
 
104.63.74.4      32.107.56.11 tcp  1334 www 
 
 
 
217.68.167.64      104.63.42.1 tcp 39439 www  
 
 
</pre>
 
</pre>

Aktuelle Version vom 15. September 2006, 10:23 Uhr

Warum

  • Damit man schoen sehen kann, warum grad alles so langsam geht.
  • Fuer Korintenkacker: Natuerlich wird nur anhand des Ports "geraten", was das so fuer Verkehr ist. Da allerdings im Weimarnetz nichts geblockt ist, nehmen die meisten Programme die Standardports...

Skript

#!/bin/sh

awk -F'[= ]' '/ESTABLISHED/ {
if(match($0,"dport=698 ")==0){
gsub(/=6667 /,"=CHAT/IRC ")
gsub(/=6666 /,"=CHAT/IRC ")
gsub(/=6665 /,"=CHAT/IRC ")
gsub(/=6664 /,"=CHAT/IRC ")
gsub(/=6663 /,"=CHAT/IRC ")
gsub(/=6662 /,"=CHAT/IRC ")
gsub(/=5223 /,"=CHAT/Jabber_secure ")
gsub(/=5222 /,"=CHAT/Jabber ")
gsub(/=5190 /,"=CHAT/AIM/ICQ ")
gsub(/=1863 /,"=CHAT/MSN ")
gsub(/=995 /,"=MAIL/POP3_secure ")
gsub(/=993 /,"=MAIL/IMAP_secure ")
gsub(/=443 /,"=www_secure ")
gsub(/=411 /,"=P2P/DC++ ")
gsub(/=143 /,"=MAIL/IMAP ")
gsub(/=110 /,"=MAIL/POP3 ")
gsub(/=80 /,"=www ")
gsub(/=25 /,"=MAIL/SMTP ")
gsub(/=22 /,"=SSH ")
printf("%-14s ---> %14s... %s %16s ---> %-16s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
}}' /proc/net/ip_conntrack|sort|awk '
BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'

Ausgabe

Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet 

10.63.16.1     --->       10.63.13... tcp   www ---> 3874 
10.63.16.1     --->       10.63.13... tcp  4233 ---> www  

10.63.180.1    --->   216.133.246.... tcp  1078 ---> www  
10.63.180.1    --->   216.133.246.... tcp  1616 ---> www  

10.63.73.1     --->      80.171.19... tcp  3726 ---> 30401
10.63.73.1     --->     68.53.202.... tcp  3747 ---> 18102
10.63.73.1     --->    194.247.253... tcp  3500 ---> 28490

104.63.186.2   --->      62.104.23... tcp  2672 ---> www  
104.63.186.2   --->      72.14.221... tcp  2906 ---> www  
104.63.186.2   --->     72.14.221.... tcp  2668 ---> www  

104.63.45.2    --->     64.236.34.... tcp  2128 ---> www  

104.63.58.2    --->     213.83.60.... tcp  1426 ---> www_secure

104.63.7.2     --->       10.63.11... tcp  2029 ---> 411
Abgerufen von „https://wireless.subsignal.org/index.php?title=Router-Action&oldid=13076