Router-Action

Warum

• Damit man schoen sehen kann, warum grad alles so langsam geht

Skript

#!/bin/sh
awk -F'[= ]' '/ESTABLISHED/ {
 if(match($0,"dport=698")==0){
 gsub(/=6662 /,"=IRC ")
 gsub(/=5223 /,"=Jabber_secure ")
 gsub(/=5222 /,"=Jabber ")
 gsub(/=5190 /,"=AIM/ICQ ")
 gsub(/=995 /,"=POP3_secure ")
 gsub(/=993 /,"=IMAP_secure ")   
 gsub(/=443 /,"=www_secure ")
 gsub(/=143 /,"=IMAP ")
 gsub(/=110 /,"=POP3 ")
 gsub(/=80 /,"=www ")                                                          
 gsub(/=25 /,"=sendmail ") 
 gsub(/=22 /,"=SSH ")
 printf("%-14s ---> %14s... %s %5s ---> %-5s\n",$11,substr($13,1,length($13)-3),$1,$15,$17)
 }}' /proc/net/ip_conntrack|sort|awk 'BEGIN{printf "Content-type: text/plain\n"}{if($1!=A&&S!=1&&Z>0){print "";S=1}else{print;S=0;Z=1}A=$1}'

Ausgabe

Testweise mal hier installiert: http://mmlxvi.dyndns.org:8082/cgi-bin-inet

10.63.16.1     --->       10.63.13... tcp   www ---> 3874 
10.63.16.1     --->       10.63.13... tcp  4233 ---> www  

10.63.180.1    --->   216.133.246.... tcp  1078 ---> www  
10.63.180.1    --->   216.133.246.... tcp  1616 ---> www  

10.63.73.1     --->      80.171.19... tcp  3726 ---> 30401
10.63.73.1     --->     68.53.202.... tcp  3747 ---> 18102
10.63.73.1     --->    194.247.253... tcp  3500 ---> 28490

104.63.186.2   --->      62.104.23... tcp  2672 ---> www  
104.63.186.2   --->      72.14.221... tcp  2906 ---> www  
104.63.186.2   --->     72.14.221.... tcp  2668 ---> www  

104.63.45.2    --->     64.236.34.... tcp  2128 ---> www  

104.63.58.2    --->     213.83.60.... tcp  1426 ---> www_secure

104.63.7.2     --->       10.63.11... tcp  2029 ---> 411