[求教]如何实现iptraf样式的即时显示数据方式
huhuegg
|
1#
huhuegg 发表于 2007-08-20 10:37
[求教]如何实现iptraf样式的即时显示数据方式
想做个本机与内网其它服务器间的数据量统计,如何才能写成像iptraf那样的即时显示的样子呢??
请高手指教下~~
[Copy to clipboard] [ - ]
CODE:
#!/usr/bin/perl
use strict; use Net::PcapUtils; open (FH,"</etc/hosts") || die "can not open /etc/hosts:$!\n"; my %host; foreach my $line (<FH>) { chomp $line; if ($line =~ /^192/) { my ($ip,$host)=split(/ /,$line); $host{$ip}=$host; } } $SIG{INT}=sub {&printscreen;exit;}; if (scalar(@ARGV) != 1) { print "./count.pl <LOCALIP>\n"; exit; } my $checkip=$ARGV[0]; my %from_ip_byte; my %to_ip_byte; sub process_pkt { my($arg, $hdr, $pkt) = @_; my($packages)=unpack('H*', $pkt); ### START PACKAGE INFO ### my(%PACKTYPE)=('0800'=>'IP', '0806'=>'ARP', '8035'=>'RARP'); my($source_mac)=substr($packages,0,12); my($dest_mac)=substr($packages,12,12); my($type)=substr($packages,24,4); $type=$PACKTYPE{$type}; ### START IP HEAD ### #if ($type eq IP) { if ($type eq $PACKTYPE{'0800'}) { ## get ip head info ## my($totlength)=hex(substr($packages,32,4)); my($protocol)=substr($packages,46,2); my($sourceipA)=hex(substr($packages,52,2)); my($sourceipB)=hex(substr($packages,54,2)); my($sourceipC)=hex(substr($packages,56,2)); my($sourceipD)=hex(substr($packages,58,2)); my($sourceip)=$sourceipA . "." . $sourceipB . "." . $sourceipC . "." . $sourceipD; my($destipA)=hex(substr($packages,60,2)); my($destipB)=hex(substr($packages,62,2)); my($destipC)=hex(substr($packages,64,2)); my($destipD)=hex(substr($packages,66,2)); my($destip)=$destipA . "." . $destipB . "." . $destipC . "." . $destipD; my(%TCPORUDP)=('06'=>'TCP', '17'=>'UDP'); $protocol=$TCPORUDP{$protocol}; ### END IP HEAD ### ### START TCP HEAD ### if ($protocol eq $TCPORUDP{'06'}) { #if ($protocol eq TCP) { my($sourceport)=hex(substr($packages,68,4)); my($destport)=hex(substr($packages,72,4)); ### END TCP HEAD ### ### PRINT INFO ### if (($destip eq $checkip) and ($sourceip ne $checkip) and ($sourceip =~ /^192/)) { $from_ip_byte{$sourceip}=$from_ip_byte{$sourceip}+$totlength; } elsif (($sourceip eq $checkip) and ($destip ne $checkip) and ($destip =~ /^192/)) { $to_ip_byte{$destip}=$to_ip_byte{$destip}+$totlength; } } } ### END PACKAGE INFO ### } sub printscreen { my ($total_in,$total_out); foreach my $key (keys %from_ip_byte) { $total_in=$total_in+$from_ip_byte{$key}; } foreach my $key (keys %to_ip_byte) { $total_out=$total_out+$to_ip_byte{$key}; } if (!(defined $total_in)) { $total_in=0; } if (!(defined $total_out)) { $total_out=0; } print "LOCAL_IP:$checkip\t\tIN_BYTE:$total_in\tOUT_BYTE:$total_out\n"; foreach my $key (keys %from_ip_byte) { my ($in_per,$out_per); if (!(defined $from_ip_byte{$key})) { $from_ip_byte{$key}=0; } if (!(defined $to_ip_byte{$key})) { $to_ip_byte{$key}=0; } if ($total_in == 0) { $in_per="-"; } else { $in_per=int($from_ip_byte{$key}*100/$total_in); } if ($total_out == 0) { $out_per="-"; } else { $out_per=int($to_ip_byte{$key}*100/$total_out); } print "$key->$checkip \t$from_ip_byte{$key}($in_per\%) \t$to_ip_byte{$key}($out_per\%)\t#$host{$key}\n"; } } Net::PcapUtils::loop(\&process_pkt); |