On 06/23/2011 12:54 AM, Mark LaPierre wrote:
> On 06/22/2011 06:45 AM, Bryn M. Reeves wrote:
>> You could also do the whole thing in awk (and probably sed too) but that would
>> require stopping to think about the problem - this took a minutes or two of "do
>> this then that.. then, there that looks right.." which is why I still have a
>> fondness for these tools and the shell's ability to combine them.
>
> This might be a bit easier to understand and it's not limited to only
> udp and tcp connections.
>
> Adjust the first awk field numbers to suit your /proc/net/nf_conntrack
> format. This one works with mine:
>
> ipv4 2 tcp 6 431993 ESTABLISHED src=192.168.15.5
> dst=192.168.15.2 ...
>
> cat /proc/net/nf_conntrack | awk '{print $3" "$7}' | sort | uniq -c |
> awk '{print $2" "$3" "$1}'
>
The data in the original post looks like an old version of nf_conntrack so this
won't work (at least for the format the OP posted) because the src field is in a
different place for udp and tcp lines:
$ awk '{print $3" "$7}' /tmp/data | sort | uniq -c | awk '{print $2" "$3" "$1}'
0 dport=39802 1
118 sport=2518 1
119 sport=2514 1
146 dport=43645 1
147 dport=43647 1
163 dport=68 1
1 sport=55479 1
[ASSURED] 1
The first cat is also unnecessary since awk can take the /proc/net/nf_conntrack
path as an argument.
Regards,
Bryn.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
