I’ve got a couple of Linux machines that are sitting outside of the Sflow ‘zone’ and AS traffic stats go unmeasured. I wanted to get a rough idea on the number of connections per AS number so here’s a little app that parses netstat and sorts AS numbers by number of connection.
NOTE1: This won’t work on Cpanel servers due to tmp restrictions.
NOTE2: Specify an alternative (e.g newer) GeoIPASNum.dat file with the –geo option.
wget http://djlab.com/stuff/asnum
chmod +x asnum
./asnumExample output:
[root@mx1 ~]# ./asnum
(18) | RFC1918 or BOGON
(11) | AS29889 Fast Serv Networks, LLC
(4) | AS3320 Deutsche Telekom AG
(2) | AS7922 Comcast Cable Communications, Inc.Quick and (very) dirty cron script
#!/bin.sh
#/root/doasnum.sh
#*/5 * * * * /root/./doasnum.sh >> /var/log/asnum.log
thedate=`date`
echo "***********************"
echo $thedate
/root/asnum
echo "***********************"Don’t forget to rotate the logs.
#/etc/logrotate.d/asnum
/var/log/asnum.log
{
rotate 7
daily
missingok
}
Comments are closed.