Friday, July 9, 2010

Simple SH script to monitor basic connection counts on *nix systems

I wrote near a year ago a sh script to see my traffic information which can be used to see basic connection counts like unix connection count, tcp connection count, http inbound and outgoing request counts and ftp connection count, ssh connection count.
Save as then run the command
chmod +x
For short access run
ln /bin/mycons
Sample usage after shortcut
mycons -hl
Here is the code for
#This script is written by Mustafa TURAN (HOME
#BLOG to monitor some basic network actions
#and display some user specific information like hd usage...
#you are feel free to distribute re-use in any of your application
#without deleting HEADER section. Also, it licensed with CC 3.0
#Also see:

# Function to print help
        echo "Usage: $0 -c -h -l -i";
        echo "Where -c clear screen";
        echo "      -h shows hd usage size";
        echo "      -l count of connections";
        echo "      -i show ip list";

# Function to clear the screen

# Function to show hd space
        echo -n "Total Space Used: "
        /usr/bin/du -hs /home/www-data/mustafat #write here your home path
        echo "-------------------------------------------------------------------------"

# Function to connection counts
        unix_connections=`/bin/netstat -an | grep unix | grep CONNECTED | wc -l` #unix connection count
        tcp_connections=`/bin/netstat -an | grep ESTABLISHED | wc -l` #tcp connection count
        ftp_connections=`/bin/netstat -an | grep :21\  | grep ESTABLISHED | wc -l` #fcp connection count
        ssh_connections=`/bin/netstat -an | grep :22\  | grep ESTABLISHED | wc -l` #ssh connection count
        http_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED | wc -l` #http connection count
        h_out_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED |  awk '{print $5}' | grep :80 | wc -l` #http requests count (downloading file from somewhere else)
        h_in_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED |  awk '{print $4}' | grep :80 | wc -l` #http response count (someone display a web page from this server)

        echo "CONNECTIONS"
        echo "-------------------------------------------------------------------------"
        echo -e "UNIX\tTCP\tFTP\tSSH\tHTTP\tH-Input\tH-Output"
        echo -e "$unix_connections\t$tcp_connections\t$ftp_connections\t$ssh_connections\t$http_connections\t$h_in_connections\t$h_out_connections\n"

# Function to ip list http connections
        echo "List of ip addresses:"
        echo "-------------------------------------------------------------------------"
        /bin/netstat -an | grep :80 | grep ESTABLISHED | awk '{print $5}'

# Main procedure start here
# Check for sufficent args

if [ $# -eq 0 ] ; then
    exit 1

# Now parse command line arguments
while getopts chlik: opt
    case "$opt" in
        c) cls;;
        h) print_hdspace;;
        l) print_connection_count;;
        i) print_iplist;;
        \?) print_help; exit 1;;

VNSTAT: Network Traffic Monitor for *nix Systems

Vnstat is a network stats software, an opensource project for *nix systems and can be downloaded from For more than a year I am using Vnstat and it works silently without using too much resources and gives required stats when it is needed.
In details, it is possible to see your network adapters' traffic data based on years, months, weeks, days, hours and even real time data flow rates, running vnstat at the background with a small system resource like 1mb ram.


cd /usr/local/src
tar zxvf vnstat-1.10.tar.gz
cd vnstat-1.10
make all
make install
vnstat -u -i eth0 #eth0 should be replaced by your network adapter
vi /etc/vnstat.conf #change eth0 in conf file with your network adapter
OK configuration fineshed, now it is time to setup startup script which can be downloaded from
/etc/init.d scripts for vnStat daemon
Some Commands
vnstat --help # I think this will be enough :)

Friday, February 26, 2010

Anti-DDOS NGINX Server Configuration includes PHP config

Here is my NGINX configuration for DDOS Attacks to PHP and my lovely NGINX server:
user www-data www-data;
worker_processes 10;

error_log /var/log/nginx/error.log;
pid /var/run/;

events {
worker_connections 1024;

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

access_log /var/log/nginx/access.log;

sendfile on;

#keepalive_timeout 0;
keepalive_timeout 5;
tcp_nodelay on;

gzip on;
limit_req_zone $binary_remote_addr zone=antiddosphp:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=antiddos:10m rate=10r/s;

include /etc/nginx/mustafat/*;

server {
root /home/www-data/;
listen 80;

access_log off;

location / {
index index.php index.html index.htm;
limit_req zone=antiddos burst=10;

location ~ \.php$ {
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 1800;
fastcgi_param SERVER_NAME $http_host;
fastcgi_ignore_client_abort on;
limit_req zone=antiddosphp burst=2;

Monday, February 1, 2010

Findout Linux Distrubution Name of your Linux

lsb_release -a

Change the timezone, date time on linux

ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
In this command important part is giving the path of your timezone(bold one in example).

Monday, January 18, 2010

Change Default Editor on Linux

#set | grep EDITOR
# which vi
# export EDITOR=/usr/bin/vi
# set | grep EDITOR