From 35fde3c5b004788e7bf837c2f4aba531f6076759 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Sun, 25 Aug 2019 03:30:39 +0200 Subject: Add script checking outgoing network connections --- .gitignore | 1 + scripts/netstat-out.sh | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100755 scripts/netstat-out.sh diff --git a/.gitignore b/.gitignore index ae5a993..6345a48 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ +security/* example.conf diff --git a/scripts/netstat-out.sh b/scripts/netstat-out.sh new file mode 100755 index 0000000..57fcc28 --- /dev/null +++ b/scripts/netstat-out.sh @@ -0,0 +1,10 @@ +#! /bin/bash + +# Finish later... By app first. Than destinations. Separate firefox, chromium, etc.? What else? +query="" +for port in `netstat -ntup | tail -n +3 | grep -v "127.0.0.1" | awk -e '{print $4}' | rev | cut -d ':' -f 1 | rev | sort -n | uniq`; do + [ $port -gt 32768 ] && continue; + [ -z "$query" ] && query="sport = :$port" || query="$query or sport = :$port" +done + +eval /sbin/ss -nrtu state established "'( $query ) '" | tail -n +2 | grep -v localhost | awk -F'[:\t ]+' -e '$6 != $4 { print $6, $5 }' -- cgit v1.2.3