theratman · October 5, 2020 12:31
diff --git a/Established_IP_on_port_80_and_443.sh b/Established_IP_on_port_80_and_443.sh
 #!/bin/bash
 while true; do
  clear
 if [ $# -gt 0 ]; then
  echo "All State: CLOSE_WAIT CLOSING ESTABLISHED FIN_WAIT1 FIN_WAIT2 LAST_ACK LISTEN SYN_RECV TIME_WAIT etc"
  netstat -ant | awk '! /LISTEN     $/ {split($4, a, ":", seps); if (a[2] == "80" || a[2] == "443") {m=split($5, b, ":", seps); print b[m-1]} }' | sort | uniq -c | sort -n | tail -20 | awk '{printf("%s -> ", $0); system("geoiplookup " $0 " | cut -d\\  -f4-")}'
 else
  echo "Only State: ESTABLISHED"
  netstat -ant | awk '/ESTABLISHED$/ {split($4, a, ":", seps); if (a[2] == "80" || a[2] == "443") {m=split($5, b, ":", seps); print b[m-1]} }' | sort | uniq -c | sort -n | tail -20 | awk '{printf("%s -> ", $0); system("geoiplookup " $0 " | cut -d\\  -f4-")}'
 fi
  sleep 3
 done
	#!/bin/bash
	while true; do
	clear
	if [ $# -gt 0 ]; then
	echo "All State: CLOSE_WAIT CLOSING ESTABLISHED FIN_WAIT1 FIN_WAIT2 LAST_ACK LISTEN SYN_RECV TIME_WAIT etc"
	netstat -ant \| awk '! /LISTEN $/ {split($4, a, ":", seps); if (a[2] == "80" \|\| a[2] == "443") {m=split($5, b, ":", seps); print b[m-1]} }' \| sort \| uniq -c \| sort -n \| tail -20 \| awk '{printf("%s -> ", $0); system("geoiplookup " $0 " \| cut -d\\ -f4-")}'
	else
	echo "Only State: ESTABLISHED"
	netstat -ant \| awk '/ESTABLISHED$/ {split($4, a, ":", seps); if (a[2] == "80" \|\| a[2] == "443") {m=split($5, b, ":", seps); print b[m-1]} }' \| sort \| uniq -c \| sort -n \| tail -20 \| awk '{printf("%s -> ", $0); system("geoiplookup " $0 " \| cut -d\\ -f4-")}'
	fi
	sleep 3
	done