linux script check remote ip lists
get network connection
> ss -an
list with estab
> ss -an | grep -i estab
remote address only
> ss -an | grep -i estab | awk '{print $5}'
remove ipv6 info
> ss -an | grep -i estab | awk '{print $5}' | sed 's/::ffff://g'
ip only (remove port info)
> ss -an | grep -i estab | awk '{print $5}' | sed 's/::ffff://g' | awk -F: '{print $1}'
count it
> ss -an | grep -i estab | awk '{print $5}' | sed 's/::ffff://g' | awk -F: '{print $1}' | sort | uniq -c
can be modify to display remote port, local port and so on..
## another example that find out who has connection with local 1521 (oracle db)
> ss -an | grep 1521 | sed 's/::ffff://g' | awk '{print $5}' | cut -d : -f 1 | sort | uniq -c | sort -n
log it with file
> ss -an | grep 1521 | sed 's/::ffff://g' | awk '{print $5}' | cut -d : -f 1 | sort | uniq -c | sort -n > /opt/ray/`date +%Y%m%d%H%M%S`.1521.log
留言
張貼留言