ITPub博客

首页 > Linux操作系统 > Linux操作系统 > 端口监控脚本

端口监控脚本

原创 Linux操作系统 作者:regonly1 时间:2009-03-25 13:58:09 0 删除 编辑

对指定的端口列表分别进行监控
说明:
LSNPORTS参数指定要监听的端口列表,以空格作为分割;
INTERVAL参数指定监控的时间间隔;
LOGPATH参数指定监控日志存放路径,如果该路径不存在,则脚本会自动添加。

日志生成方式:按照端口,每个端口生成一个日志文件,各自存放。
每次状态列表生成后都有一个简单汇总,汇报此次监控所有的端口连接数。
日志文件格式:netstat[port]-yyyy-mm-dd.log
日志文件内容格式:
DATE:2008-06-23 12:29:01 >> *.8080 *.* 0 0 24576 0 LISTEN
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.30467 1 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.19.30.1272 17680 0 25840 0 FIN_WAIT_1
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.31.36.1338 256288 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.35565 65535 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.31873 65535 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 125.210.228.71.34502 11040 0 24840 0 TIME_WAIT
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.34210 16560 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.37854 16467 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.16.42.37997 65535 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.90.25.2298 65110 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> 218.108.243.67.8080 10.0.31.36.1339 256680 0 24840 0 ESTABLISHED
DATE:2008-06-23 12:29:01 >> Total connections[8080]:  12

脚本内容如下:
#!/bin/sh

LSNPORTS="8080 23234 23345 1521";
INTERVAL=30;
iter=0;
LOGPATH=$HOME/lyon/toplog/logs;

if [ -n $LOGPATH ]; then
 mkdir -p $LOGPATH;
fi;

while [ 1 ]; do
 for port in $LSNPORTS
 do
  CCTLST=`netstat -an | grep ".$port" | awk 'BEGIN{OFS="|";}{print $1,$2,$3,$4,$5,$6,$7;}'`;
  LOGDATE=`date +%Y-%m-%d`;
  LOGFILE="${LOGPATH}/netstat[${port}]-${LOGDATE}.log";
  LOGTIME=`date '+DATE:%Y-%m-%d %H:%M:%S'`;

  for ns in $CCTLST
  do
   NETLST=`echo $ns | awk -F"|" 'BEGIN{OFS=" ";}{print $1,$2,$3,$4,$5,$6,$7;}'`;

   iter=`expr $iter + 1`;
   loginfo=`echo "$LOGTIME" ">>" "$NETLST"`;
   echo "$loginfo" >> $LOGFILE;
#echo "$loginfo";
  done;
  echo "$LOGTIME >> Total connections[$port]: " $iter >> $LOGFILE;
#echo "Total connections[$port]: " $iter;
  iter=0;
  sleep $INTERVAL;
    done;
done;

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/12932950/viewspace-578360/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2008-05-10

  • 博文量
    257
  • 访问量
    1045639