1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDLE -- A Script to Monitor Connection (In)Activity

Discussion in 'Tomato Firmware' started by Planiwa, Nov 3, 2009.

  1. Planiwa

    Planiwa LI Guru Member

    This is for admins who are comfortable with the command line interface.

    Trouble reports and improvement suggestions are most welcome. :)

    [added some robustness]

    Example:

    Code:
    # idle -h
    idle [-t] [-s SECONDS(5)] [-x TIMES] [find=STRING] [CTFILE] ...
    # idle
    HH:MM:SS  0s  1s  2s  3s  >3s Total  State -180 E1200 S120 R60 F120 T120 C10 CW60 LA30 L120 UU/-30 UA180  Free
    15:59:31   .  11   3   8  208   230  T:139 E:40 S:29 UA:9 CW:8 C:2 UU:1 U:1 F:1 (DNSe):3 (DNSi):6  1372
    # idle -s10 -x20
    HH:MM:SS  0s  1s  2s  3s  >3s Total  State -180 E1200 S120 R60 F120 T120 C10 CW60 LA30 L120 UU/-30 UA180  Free
    15:59:51   .  20  17   5  226   268  T:99 UU:45 U:45 E:35 S:24 UA:10 CW:7 C:3 (DNSe):4 (DNSi):6  1372
    16:00:03   .  21   9  18  317   365  T:110 UU:101 U:94 E:31 S:18 UA:10 C:1 (DNSe):4 (DNSi):6  1372
    16:00:15   .  30   8  11  347   396  UU:125 U:111 T:101 E:34 S:15 UA:8 CW:1 C:1 (DNSi):4 (DNSe):4  1372
    16:00:27   2  15   5   9  305   336  UU:105 T:86 U:83 E:30 S:18 UA:10 CW:2 F:1 C:1 (DNSi):3 (DNSe):3  1372
    16:00:39   .  20   5   5  269   299  T:94 UU:83 U:46 E:32 UA:22 S:20 F:1 C:1 (DNSi):3 (DNSe):4  1372
    16:00:51   1  22  10  10  266   309  UU:95 T:92 U:42 E:31 UA:23 S:19 CW:6 C:1 (DNSi):4 (DNSe):4  1372
    16:01:03   .  21   9   3  320   353  UU:110 T:100 U:75 E:31 UA:23 S:13 C:1 (DNSi):3 (DNSe):3  1372
    16:01:16   1  12  10   8  316   347  UU:94 U:93 T:91 E:30 UA:24 S:14 C:1 (DNSi):3 (DNSe):6  1372
    16:01:27   .   7   2   3  256   268  T:88 U:63 UU:55 E:29 UA:21 S:7 CW:3 C:2 (DNSi):3 (DNSe):5  1372
    16:01:39   1   8   .   1  162   172  T:77 E:33 UA:20 U:20 UU:15 S:7 (DNSi):3 (DNSe):5  1372
    16:01:50   .   7   1   5  118   131  T:66 E:33 UA:19 S:7 U:4 C:2 (DNSi):1 (DNSe):3  1372
    16:02:01   .  18   7   4  103   132  T:54 E:36 UA:21 U:10 S:6 C:3 UU:1 F:1 (DNSi):4 (DNSe):10  1372
    16:02:12   .  11   2   3  126   142  T:61 E:37 UA:21 U:10 S:7 CW:3 UU:2 C:1 (DNSi):4 (DNSe):9  1372
    16:02:24   .  10   3   2  129   144  T:64 E:36 UA:20 U:11 S:8 CW:3 UU:2 (DNSi):4 (DNSe):9  1372
    16:02:35   1   8   .   1  105   115  T:54 E:31 UA:21 S:5 U:3 CW:1 (DNSe):2 (DNSi):3  1372
    16:02:46   1  11   2   4   95   113  T:56 E:26 UA:21 S:7 U:1 CW:1 C:1 (DNSe):1 (DNSi):3  1372
    16:02:57   .  11   1   1   99   112  T:59 E:24 UA:20 S:7 CW:2 (DNSi):3  1372
    16:03:08   2   6   3   .   96   107  T:53 E:26 UA:19 S:6 C:2 CW:1 (DNSi):3  1372
    16:03:19   .  10   3   1   87   101  T:44 E:24 UA:20 S:10 F:1 CW:1 C:1 (DNSi):3  1372
    16:03:31   .   8   .   .   88    96  T:42 E:24 UA:17 S:9 CW:2 C:2 (DNSi):3  1372
    # 
    # vit
    VIT 95 2 1384+4724 .2 7273-3560 6800-3691 5d 9d
    # 
    # con
    All,UDP  113   22
       .112   96    7
       <RTR   15   15
       >RTR    1    0
       .132    1    0
    # mb -t
      2009-10-29.18:38:25  -
      2009-11-04.16:09:42
    111      3202       207
    112      5399      1367
    113       266        24
    122       866        47
    131      3955       147
    132       896        61
    # 



    Code:
    # idle [-t] [-s SECONDS($DEFAULTSECONDS)] [-x TIMES] [find=STRING] [CTFILE] ... Planiwa 20091104
    FILE=/proc/net/ip_conntrack
    DEFAULTSECONDS=5
    DEFAULTTIMES=24
    BEL="$(echo -e '\007')"; BEL=${BEL#-e?}; ESC="$(echo -e '\033')"; ESC=${ESC#-e?}; CSI="$ESC["
    RED="${CSI}1;31m"; GRE="${CSI}1;32m"; YEL="${CSI}1;33m"; BLU="${CSI}1;34m";MAG="${CSI}1;35m"; CYA="${CSI}1;36m"
    BRI="${CSI}1m"; INV="${CSI}7m"; RES="${CSI}m"
    
    while [ $# -gt 0 ]
    do
    	case "$1" in
    	-s)   shift; SECONDS="$1";;
    	-s*)  SECONDS="${1#-s}";;
    	-t)   NOTITLE=1;;
    	-x)   shift; TIMES="$1";;
    	-x*)  TIMES="${1#-x}";;
    	find=*)  SEARCH="${1#*=}";;
    	-*elp|-?|-h) echo "idle [-t] [-s SECONDS($DEFAULTSECONDS)] [-x TIMES] [find=STRING] [CTFILE] ..."; exit;;
    	-)    FILE="$*"; break;;
    	-*)   echo "$1 ???"
    	      echo "idle [-t] [-s SECONDS($DEFAULTSECONDS)] [-x TIMES] [find=STRING] [CTFILE] ..."; exit;;
    	*)    FILE="$*"; if [ -f $1 ];then break; else echo "No File: $1"
    	      echo "idle [-t] [-s SECONDS($DEFAULTSECONDS)] [-x TIMES] [find=STRING] [CTFILE] ..."; exit; fi ;;
    	esac
    	shift
    done
    if [ ! "$NOTITLE" ]; then
       echo -n "HH:MM:SS  0s  1s  2s  3s  >3s Total  State "
       set -- $(cd /proc/sys/net/ipv4/; cat ip_conntrack_tcp_timeouts ip_conntrack_udp_timeouts)
       echo "-$1 E$2 S$3 R$4 F$5 T$6 C$7 CW$8 LA$9 L${10} UU/-${11} UA$12  $BRI${BLU}Free$RES"
    fi
    case $TIMES:$SECONDS in
     :)  TIMES=1;SECONDS=0;;
    *:)          SECONDS=$DEFAULTSECONDS;;
     :*) TIMES=$DEFAULTTIMES;;
    esac
    
    while [ $TIMES -gt 0 ]; do
    X=$(cat $FILE | awk '
    BEGIN {
    	"echo $(cd /proc/sys/net/ipv4/; cat ip_conntrack_tcp_timeouts ip_conntrack_udp_timeouts)" |getline
    	TIMEOUT["NONE"]          =$1
    	TIMEOUT["ESTABLISHED"]   =$2
    	TIMEOUT["SYN_SENT"]      =$3
    	TIMEOUT["SYN_RECV"]      =$4
    	TIMEOUT["FIN_WAIT"]      =$5
    	TIMEOUT["TIME_WAIT"]     =$6
    	TIMEOUT["CLOSE"]         =$7
    	TIMEOUT["CLOSE_WAIT"]    =$8
    	TIMEOUT["LAST_ACK"]      =$9
    	TIMEOUT["LISTEN"]        =$10
    	TIMEOUT["UDP_UNREPLIED"] =$11
    	TIMEOUT["UDP_ASSURED"]   =$12
    	TIMEOUT["UDP_NONE"]      =$11 # Yes!  EG: DNS.  May be 90% of all connections.  Tomato fails to count them!
    	T="\t"
    	for (i=0;i<=4;i++) COUNT[i]="."
    }
    
    !/'$SEARCH'/ {SKIP++;next}
    $1=="udp" && $7=="dport=53" && $4~/^src=192/  {DNSI++}
    $1=="udp" && $7=="dport=53" && $4!~/^src=192/ {DNSE++}
    $1=="udp" && /UNR/ {CON["UU"]++; IDLE=TIMEOUT["UDP_UNREPLIED"]-$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    $1=="udp" && /ASS/ {CON["UA"]++; IDLE=TIMEOUT["UDP_ASSURED"]  -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    $1=="udp"          {CON["U-"]++; IDLE=TIMEOUT["UDP_UNREPLIED"]-$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /EST/ {CON["E"]++;  IDLE=TIMEOUT["ESTABLISHED"] -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /SEN/ {CON["S"]++;  IDLE=TIMEOUT["SYN_SENT"]    -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /TIM/ {CON["T"]++;  IDLE=TIMEOUT["TIME_WAIT"]   -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /REC/ {CON["R"]++;  IDLE=TIMEOUT["SYN_RECV"]    -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /NON/ {CON["-"]++;  IDLE=TIMEOUT["NONE"]        -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /FIN/ {CON["F"]++;  IDLE=TIMEOUT["FIN_WAIT"]    -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /E_W/ {CON["CW"]++; IDLE=TIMEOUT["CLOSE_WAIT"]  -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /CLO/ {CON["C"]++;  IDLE=TIMEOUT["CLOSE"]       -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /ACK/ {CON["LA"]++; IDLE=TIMEOUT["LAST_ACK"]    -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /LIS/ {CON["Li"]++; IDLE=TIMEOUT["LISTEN"]      -$3; if (IDLE>4) IDLE=4; COUNT[IDLE]++; next}
    /tcp/ {  CON[$4]++; next}
    
    END {
    	if (DNSI>0) CON["(DNSi)"]=-DNSI
    	if (DNSE>0) CON["(DNSe)"]=-DNSE
    	if (SKIP>0) CON["(SKIP)"]=-SKIP
    	for (i in COUNT) if (COUNT[i]==0)COUNT[i]=" "
    	printf "%4s%4s%4s%4s%5d%6d\n", COUNT[0], COUNT[1], COUNT[2], COUNT[3], COUNT[4], COUNT[0]+ COUNT[1]+ COUNT[2]+ COUNT[3]+ COUNT[4]
    	for (i in CON) printf " %s:%d\n", i, CON[i]
    	print ""
    	} ' |  sort -t: -nr -k2 )
    
    echo -n "$(date +%H:%M:%S)"
    echo -n "$(echo "$X"| grep -v :) " $(echo "$X"| grep : | tr -d '-')
    
    #set -- $(free); F=$9
    set -- $(cat /proc/meminfo); set -- ${22} ${31}; F=$1; C=$2; FC=$((F+C))
    BELBEL=""
    case $F in
    ????) echo "  $F+$C" ;;
    [7-9]??) echo " $BRI$BLU! $F+$C$RES" ;;
    *) echo " $BEL$BRI$RED! $F+$C$RES"; BELBEL="$BEL" ;;
    esac
    
    TIMES=$((TIMES-1))
    if [ $TIMES -gt 0 ]; then sleep $SECONDS; fi
    echo -n "$BELBEL"
    done
    
    
     
  2. rhester72

    rhester72 Network Guru Member

    Consistently impressed with these scripts!

    vit? con? mb? More, more! =)

    Rodney
     
  3. Planiwa

    Planiwa LI Guru Member

    How's this?
     

    Attached Files:

  4. rhester72

    rhester72 Network Guru Member

    Very cool!

    Rodney
     

Share This Page