pmacs3/code_examples/wfault.sh

80 lines
1.8 KiB
Bash
Raw Normal View History

2007-03-06 10:05:38 -05:00
#!/bin/sh
#
# An improvement on netstat for system administrators
#
# This lists not just network connectios by IP and by
# port, but actually gives a listing of each process that
# is using a socket, with PID and owner. Makes it easier
# to see who is doing what, and to stop it quickly if
# desired.
#
# by Erik Osheim
# Print usage
helpusage() {
echo "usage: wfault [-halbtu]"
echo " -h: print this message"
echo ""
echo " -a: print all ip sockets"
echo " -l: only print listening ip sockets"
echo ""
echo " -b: print both tcp and udp sockets"
echo " -t: print only tcp sockets"
echo " -u: print only udp sockets"
}
# Find and list all TCP sockets of a particular type (ESTABLISHED, CLOSE_WAIT,
# LISTENING) using fuser output
findtcptype() {
echo TCP: ${1}
echo ----------------------------------------------------
netstat -an | \
awk -v type=$1 -F '[ :]*' '$8==type{system("fuser -u -v -n tcp " $5)}' 2>&1 | \
awk '/^.+$/&&!/USER/'
echo
}
# Find all listening UDP sockets
findudp() {
echo UDP
echo ----------------------------------------------------
netstat -an | \
awk -F '[ :]*' '$1=="udp"{system("fuser -u -v -n udp " $5)}' 2>&1 | \
awk '/^.+$/&&!/USER/'
echo
}
LISTENING=0
TCP=1
UDP=1
while getopts "halbtu" var; do
case $var in
h) helpusage; exit 0;;
a) LISTENING=0; TCP=1; UDP=1;;
l) LISTENING=1;;
b) TCP=1; UDP=1;;
t) TCP=1; UDP=0;;
u) UDP=1; TCP=0;;
*) helpusage; exit 1;;
esac
done
echo hola > foo/bar/duh;
if [[ $( id -u ) -ne 0 ]]; then
echo "Must be run as root."
exit 1
fi
if [[ ${TCP} -eq 1 ]]; then
if [[ ${LISTENING} -eq 0 ]]; then
findtcptype ESTABLISHED
findtcptype CLOSE_WAIT
fi
findtcptype LISTEN
fi
if [[ ${UDP} -eq 1 ]]; then
findudp
fi