"Go" Linux Network related query script

1. View TCP connection Status

Netstat-Nat|Awk' {print $6} '|Sort|Uniq-C|Sort-Rnnetstat-N|Awk'/^tcp/{++s[$NF]}; END {for (a in S) print A, s[a]} ' OrNetstat-N|Awk'/^tcp/{++state[$NF]}; END {for (key in) print key, "\ T", State[key]} 'Netstat-N|Awk'/^tcp/{++arr[$NF]}; END {for (k in arr) print K, "\ T", arr[k]} 'netstat -n | '/^tcp/{print $NF} ' | Sort| Uniq -c|-rnnetstat -ant |< Span class= "PLN" > awk  ' {print $NF} '  | grep Span class= "pun" >-v  [a-z] '  || Uniq -c     

(The effect of each of these lines is basically the same, listing the different ways to make the script easier to understand)

2. Find the number of requests 20 IP (commonly used to find the source of attack)

Netstat-Anlp|Grep80|grep TCP|Awk' {print $} '|Awk-f:  ' {print '} ' | sort|-c|-nr|-n20netstat -ant | awk  '/:80/{split ($5,ip, ":"); ++a[ip[1]]}end{for (i in A) print A[i],i} '  | Sort -rn|-n20           

3. Sniff 80-port access with tcpdump to see who is highest

tcpdump -i eth0 -TNN DST Port 80 - c 1000 | awk -f "."   ' {print $ '. " $ "." $ "." $4} '  | sort | Uniq -c | sort -|-20           

4. Find more time_wait connections

-n|  grep time_wait|' {print $} '|  Sort|  -C|  -rn|  -N20               

5. Check for more SYN connections

-|| ' {print $} '|  -F:' {print $} '|| -| -|                More

6. Depending on the port column process

-| |' {print $7} '|  -D/-F1         

7. See how many php-cgi process activities

-| grep php-|  ^| -l       

8. View the total amount of memory occupied by php-cgi

Total=0;  Forin' ps-c php-cgi-o rss= ';  Do Total=$(($total+$i));  Done;" php-cgi Memory usage: $total KB "             

Mon Mar 14:45:18 CST

"Go" Linux Network related query script