pratik/ufw-log-scan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Optimized fetching port-program logic

Browse Source
This commit is contained in:
Pratik
2019-04-23 18:39:45 +05:30
parent db7a6820af
commit 36bc35ace9
1 changed files with 18 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
ufw.awk
View File

@@ -13,25 +13,30 @@
# Give options to process only a certain number of day's log # Give options to process only a certain number of day's log
declare port_programs=$(ss -lpntu | declare port_programs=$(ss -lpntu |
awk 'BEGIN {FS=":"} NR>1&&$1!~"\\["{print $2, $4} NR>1&&$1~"\\["{print $4, $8}' | awk 'BEGIN {FS=":"}
NR>1 && $1 !~ "\\[" {print $2, $NF} # Row does NOT contains [ -> Fetch 2nd and last columns
NR>1 && $1 ~ "\\[" {print $4, $NF} # Row contains [ -> Fetch 4th and last columns
' |
awk '{ awk '{
print $1, port = $1
substr($3, program = substr($3,
index($3, "\"")+1, index($3, "\"")+1,
index($3, ",")-index($3,"\"")-2) | "sort -u"}' | index($3, ",")-index($3,"\"")-2)
awk '{
if (port_programs[$1]==""){ # Add multiple programs listening on a single port as comma separated list
port_programs[$1]=$2 if (port_programs[port]==""){
}else{ port_programs[port]=program
port_programs[$1]=port_programs[$1]","$2 }else if (index(port_programs[port], program) > 0){ # Remove duplicates
next
}
else{
port_programs[port]=port_programs[port]","program
} }
} }
END { END {
for (port in port_programs) for (port in port_programs)
print port, port_programs[port] print port, port_programs[port]
}' }')
)
LC_ALL=C cat /var/log/ufw.log | mawk ' LC_ALL=C cat /var/log/ufw.log | mawk '
function GetValue(currentColumnValue, stringToSearch) { function GetValue(currentColumnValue, stringToSearch) {