batch-file,command-line,windows-xp,netstat
Here is a small batch that produces a graph of sorts you can add more if statements to change the graph max. hope this helps. @echo off color 0b MODE CON:COLS=16 LINES=3 title TCP Graph 30kb Max :begin for /F "tokens=10 delims=ms=," %%a in ('ping -n 1 -w 10000 -l...
I you have /proc mounted and bash and readlink both installed, You can write a small bash script that parses /proc/net/tcp, and scan /proc/*/fd/ to find the corresponding socket. I'm not so familiar with embedded linux, but if you cannot find readlink, it may be included in busybox. /proc/net/tcp is...
Fail2ban would react only to clients that generate some kind of error. This might by a Slowloris attack. It works by opening a connection and trying to keep it open as long as possible by constantly adding something to the request. Then additional such connections are being opened and kept...
netstat -tlp does what you ask for. nmap would work (e.g. nmap -n localhost), but why scanning ports if you just can ask the system?
netstat gathers info from /proc/net/tcp|udp|raw files,you could capture these files quickly and parse/re-format later strace clearly shows the same $ strace -e open -f netstat -an 2>&1 |grep -v ENOENT |grep '^open("/proc' open("/proc/net/tcp", O_RDONLY) = 3 open("/proc/net/tcp6", O_RDONLY) = 3 open("/proc/net/udp", O_RDONLY) = 3 open("/proc/net/raw", O_RDONLY) = 3 open("/proc/net/raw6", O_RDONLY)...
Like this : @echo off&cls setlocal EnableDelayedExpansion set "DONTKILL=127.0.0.1" for /f "tokens=1-5 delims= " %%a in ('netstat -nao ^| find /i "ESTABLISHED"' ) do ( echo [%%a] [%%b] [%%c] [%%d] [%%e] call:GetIP %%c if !$IP!==%DONTKILL% ( echo IP !$IP! IS EQUAL TO DONTKILL [%DONTKILL%] echo. ) else ( echo IP...
From man netstat : -p, --program Show the PID and name of the program to which each socket belongs. By adding the -p option, you'll get the PIDs of the programs listening. That's fairly enough to use ps afterwards : ps -ef | grep [your-pid] Not sure if your question...
Your netstat command is showing the all connection of your server NOT only Apache connection, If you want to check only Apache connection. You will have to user following command. netstat -anp |grep 80 |wc -l But with the above command you will get total numbers of Apache connection. Your...
Looks like it is not open in IPtables. Please follow the below link for same. http://serverfault.com/questions/301903/cannot-access-port-80-from-remote-location-but-works-on-local guess it deals with same question....
java,multithreading,sockets,netstat
CLOSE_WAIT and LAST_ACK are intermediary states of a TCP connection reached just before closing. The tcp connection should eventually reache the CLOSED state: CLOSE_WAIT->LAST_ACK->CLOSED. So there is normal what are you seeing in netstat. See this diagram of a tcp connection transition state: http://www.cs.northwestern.edu/~agupta/cs340/project2/TCPIP_State_Transition_Diagram.pdf The only issue in your code...
My cygwin returns uppercase TCP. Have you tried the egrep -i tcp command? To answer your question, it sounds like the Mac and cygwin have different versions of egrep. In any event, you don't need the wildcards or Kleene star for what you are doing....
linux,unix,networking,tcp,netstat
You're mixing ports and hosts I believe. The symbolic host is determined by DNS lookup, whereas the port usage is what you'll find in /etc/services (why you have teradata for port 8080 I don't know - it's usually http-alt - but go have a look) So, for example with -n...
batch-file,command-line,windows-xp,netstat
Both for commands works from command line. To use it inside a batch file, double the percent signs for /F "tokens=2,3" %%a in ('netstat -e ^| find "Bytes"') do set "received=%%a" & set "sent=%%b" ...
Try netstat -tlp | sed 's,[0-9]\+/,,' ...