From 53cb50acb5c2c70f6ba9d26d3d2ffb37c8a19e8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Cornell=C3=A0?= Date: Wed, 11 Oct 2023 20:43:55 +0200 Subject: [PATCH] refactor(systemadmin): use `ss` instead of `netstat` when available (#11957) --- plugins/systemadmin/systemadmin.plugin.zsh | 116 ++++++++++++--------- 1 file changed, 67 insertions(+), 49 deletions(-) diff --git a/plugins/systemadmin/systemadmin.plugin.zsh b/plugins/systemadmin/systemadmin.plugin.zsh index 7ce62bac1..03dd995b6 100644 --- a/plugins/systemadmin/systemadmin.plugin.zsh +++ b/plugins/systemadmin/systemadmin.plugin.zsh @@ -13,11 +13,11 @@ # ------------------------------------------------------------------------------ function retlog() { - if [[ -z $1 ]];then - echo '/var/log/nginx/access.log' - else - echo $1 - fi + if [[ -z $1 ]];then + echo '/var/log/nginx/access.log' + else + echo $1 + fi } alias ping='ping -c 5' @@ -28,142 +28,160 @@ alias mkdir='mkdir -pv' alias psmem='ps -e -orss=,args= | sort -b -k1 -nr' alias psmem10='ps -e -orss=,args= | sort -b -k1 -nr | head -n 10' # get top process eating cpu if not work try execute : export LC_ALL='C' -alias pscpu='ps -e -o pcpu,cpu,nice,state,cputime,args|sort -k1,1n -nr' -alias pscpu10='ps -e -o pcpu,cpu,nice,state,cputime,args|sort -k1,1n -nr | head -n 10' +alias pscpu='ps -e -o pcpu,cpu,nice,state,cputime,args | sort -k1,1n -nr' +alias pscpu10='ps -e -o pcpu,cpu,nice,state,cputime,args | sort -k1,1n -nr | head -n 10' # top10 of the history alias hist10='print -l ${(o)history%% *} | uniq -c | sort -nr | head -n 10' function ip() { - if [ -t 1 ]; then - command ip -color "$@" - else - command ip "$@" - fi + if [ -t 1 ]; then + command ip -color "$@" + else + command ip "$@" + fi } # directory LS function dls() { - print -l *(/) + print -l *(/) } function psgrep() { - ps aux | grep "${1:-.}" | grep -v grep + ps aux | grep "${1:-.}" | grep -v grep } # Kills any process that matches a regexp passed to it function killit() { - ps aux | grep -v "grep" | grep "$@" | awk '{print $2}' | xargs sudo kill + ps aux | grep -v "grep" | grep "$@" | awk '{print $2}' | xargs sudo kill } # list contents of directories in a tree-like format if ! (( $+commands[tree] )); then - function tree() { - find $@ -print | sed -e 's;[^/]*/;|____;g;s;____|; |;g' - } + function tree() { + find $@ -print | sed -e 's;[^/]*/;|____;g;s;____|; |;g' + } fi # Sort connection state function sortcons() { - netstat -nat |awk '{print $6}'|sort|uniq -c|sort -rn + { + LANG= ss -nat | awk 'NR > 1 {print $1}' \ + || LANG= netstat -nat | awk 'NR > 2 {print $6}' + } | sort | uniq -c | sort -rn } # View all 80 Port Connections function con80() { - netstat -nat|grep -i ":80"|wc -l + { + LANG= ss -nat || LANG= netstat -nat + } | grep -E ":80[^0-9]" | wc -l } # On the connected IP sorted by the number of connections function sortconip() { - netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n + { + LANG= ss -ntu | awk 'NR > 1 {print $6}' \ + || LANG= netstat -ntu | awk 'NR > 2 {print $5}' + } | cut -d: -f1 | sort | uniq -c | sort -n } # top20 of Find the number of requests on 80 port function req20() { - netstat -anlp|grep 80|grep tcp|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c|sort -nr|head -n20 + { + LANG= ss -tn | awk '$4 ~ /:80$/ {print $5}' \ + || LANG= netstat -tn | awk '$4 ~ /:80$/ {print $5}' + } | awk -F: '{print $1}' | sort | uniq -c | sort -nr | head -n 20 } # top20 of Using tcpdump port 80 access to view function http20() { - sudo tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr |head -n 20 + sudo tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | head -n 20 } # top20 of Find time_wait connection function timewait20() { - netstat -n|grep TIME_WAIT|awk '{print $5}'|sort|uniq -c|sort -rn|head -n20 + { + LANG= ss -nat | awk 'NR > 1 && /TIME-WAIT/ {print $5}' \ + || LANG= netstat -nat | awk 'NR > 2 && /TIME_WAIT/ {print $5}' + } | sort | uniq -c | sort -rn | head -n 20 } # top20 of Find SYN connection function syn20() { - netstat -an | grep SYN | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | sort -nr|head -n20 + { + LANG= ss -an | awk '/SYN/ {print $5}' \ + || LANG= netstat -an | awk '/SYN/ {print $5}' + } | awk -F: '{print $1}' | sort | uniq -c | sort -nr | head -n20 } # Printing process according to the port number function port_pro() { - netstat -ntlp | grep "${1:-.}" | awk '{print $7}' | cut -d/ -f1 + LANG= ss -ntlp | awk "NR > 1 && /:${1:-}/ {print \$6}" | sed 's/.*pid=\([^,]*\).*/\1/' \ + || LANG= netstat -ntlp | awk "NR > 2 && /:${1:-}/ {print \$7}" | cut -d/ -f1 } # top10 of gain access to the ip address function accessip10() { - awk '{counts[$(11)]+=1}; END {for(url in counts) print counts[url], url}' "$(retlog)" + awk '{counts[$(11)]+=1}; END {for(url in counts) print counts[url], url}' "$(retlog)" } # top20 of Most Visited file or page function visitpage20() { - awk '{print $11}' "$(retlog)"|sort|uniq -c|sort -nr|head -n 20 + awk '{print $11}' "$(retlog)" | sort | uniq -c | sort -nr | head -n 20 } # top100 of Page lists the most time-consuming (more than 60 seconds) as well as the corresponding page number of occurrences function consume100() { - awk '($NF > 60 && $7~/\.php/){print $7}' "$(retlog)" |sort -n|uniq -c|sort -nr|head -n 100 - # if django website or other website make by no suffix language - # awk '{print $7}' "$(retlog)" |sort -n|uniq -c|sort -nr|head -n 100 + awk '($NF > 60 && $7~/\.php/){print $7}' "$(retlog)" | sort -n | uniq -c | sort -nr | head -n 100 + # if django website or other website make by no suffix language + # awk '{print $7}' "$(retlog)" | sort -n | uniq -c | sort -nr | head -n 100 } # Website traffic statistics (G) function webtraffic() { - awk "{sum+=$10} END {print sum/1024/1024/1024}" "$(retlog)" + awk "{sum+=$10} END {print sum/1024/1024/1024}" "$(retlog)" } # Statistical connections 404 function c404() { - awk '($9 ~/404/)' "$(retlog)" | awk '{print $9,$7}' | sort + awk '($9 ~ /404/)' "$(retlog)" | awk '{print $9,$7}' | sort } # Statistical http status. function httpstatus() { - awk '{counts[$(9)]+=1}; END {for(code in counts) print code, counts[code]}' "$(retlog)" + awk '{counts[$(9)]+=1}; END {for(code in counts) print code, counts[code]}' "$(retlog)" } # Delete 0 byte file function d0() { - find "${1:-.}" -type f -size 0 -exec rm -rf {} \; + find "${1:-.}" -type f -size 0 -exec rm -rf {} \; } # gather external ip address function geteip() { - curl -s -S -4 https://icanhazip.com + curl -s -S -4 https://icanhazip.com - # handle case when there is no IPv6 external IP, which shows error - # curl: (7) Couldn't connect to server - curl -s -S -6 https://icanhazip.com 2>/dev/null - local ret=$? - (( ret == 7 )) && print -P -u2 "%F{red}error: no IPv6 route to host%f" - return $ret + # handle case when there is no IPv6 external IP, which shows error + # curl: (7) Couldn't connect to server + curl -s -S -6 https://icanhazip.com 2>/dev/null + local ret=$? + (( ret == 7 )) && print -P -u2 "%F{red}error: no IPv6 route to host%f" + return $ret } # determine local IP address(es) function getip() { - if (( ${+commands[ip]} )); then - ip addr | awk '/inet /{print $2}' | command grep -v 127.0.0.1 - else - ifconfig | awk '/inet /{print $2}' | command grep -v 127.0.0.1 - fi + if (( ${+commands[ip]} )); then + ip addr | awk '/inet /{print $2}' | command grep -v 127.0.0.1 + else + ifconfig | awk '/inet /{print $2}' | command grep -v 127.0.0.1 + fi } # Clear zombie processes function clrz() { - ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9 + ps -eal | awk '{ if ($2 == "Z") {print $4}}' | kill -9 } # Second concurrent function conssec() { - awk '{if($9~/200|30|404/)COUNT[$4]++}END{for( a in COUNT) print a,COUNT[a]}' "$(retlog)"|sort -k 2 -nr|head -n10 + awk '{if($9~/200|30|404/)COUNT[$4]++}END{for( a in COUNT) print a,COUNT[a]}' "$(retlog)" | sort -k 2 -nr | head -n10 }