标签:awk 实战
1.显示本机IP
# ifconfig | awk ‘/eth/ { inter=$1; getline; sub(/inet addr:/,""); print inter,$1}‘
eth0 192.168.1.143
2.查看TCP连接状态
# netstat -nat | awk ‘{print $6}‘|sort |uniq -c|sort
18 LISTEN
1 established)
1 Foreign
4 TIME_WAIT
93 ESTABLISHED
3.查找请求数排名前5名的IP地址
# netstat -anlp | grep 80 | grep tcp | awk ‘{print $5}‘ |awk -F: ‘{print $1}‘|sort|uniq -c |sort -nr |head -n 5
1 192.168.1.109
1 0.0.0.0
4.用tcpdump嗅探80端口的访问
# tcpdump -i eth0 -tnn dst port 80 -c 100 |awk -F"." ‘{print $1"."$2"."$3"."$4}‘ |sort | uniq -c |sort -rn |head -n 5
100 IP 192.168.1.109
5.锁定time_wait连接较多的源IP
# netstat -n | grep TIME_WAIT | awk ‘{print $5}‘ | awk -F: ‘{print $(NF-1)}‘ | sort | uniq -c | sort -rn |head -n 5
1 192.168.1.109
1 114.113.159.196
6.根据端口列进程
# netstat -ntlp | grep 80 | awk ‘{print $7}‘ | cut -d/ -f 1
14783
13822
14086
13822
14086
8578
13822
标签:awk 实战
原文地址:http://wangqh.blog.51cto.com/5367393/1857330
