Friday, July 9, 2010

Simple SH script to monitor basic connection counts on *nix systems

I wrote near a year ago a sh script to see my traffic information which can be used to see basic connection counts like unix connection count, tcp connection count, http inbound and outgoing request counts and ftp connection count, ssh connection count.
Save as mycons.sh then run the command
chmod +x mycons.sh
For short access run
ln mycons.sh /bin/mycons
Sample usage after shortcut
mycons -hl
Here is the code for mycons.sh: http://pastebin.com/dBpPMGeY
#HEADER SECTION STARTS
#------------------------------------------------------------------------
#This script is written by Mustafa TURAN (HOME http://mustafaturan.net/
#BLOG http://vpslife.blogspot.com/) to monitor some basic network actions
#and display some user specific information like hd usage...
#you are feel free to distribute re-use in any of your application
#without deleting HEADER section. Also, it licensed with CC 3.0
#Also see: http://creativecommons.org/licenses/by/3.0/
#-------------------------------------------------------------------------
#HEADER SECTION ENDS


#
# Function to print help
#
print_help()
{
        echo "Usage: $0 -c -h -l -i";
        echo "Where -c clear screen";
        echo "      -h shows hd usage size";
        echo "      -l count of connections";
        echo "      -i show ip list";
        return
}

#
# Function to clear the screen
#
cls()
{
        clear
        return
}

#
# Function to show hd space
#
print_hdspace()
{
        echo -n "Total Space Used: "
        /usr/bin/du -hs /home/www-data/mustafat #write here your home path
        echo "-------------------------------------------------------------------------"
        return
}

#
# Function to connection counts
#
print_connection_count()
{
        unix_connections=`/bin/netstat -an | grep unix | grep CONNECTED | wc -l` #unix connection count
        tcp_connections=`/bin/netstat -an | grep ESTABLISHED | wc -l` #tcp connection count
        ftp_connections=`/bin/netstat -an | grep :21\  | grep ESTABLISHED | wc -l` #fcp connection count
        ssh_connections=`/bin/netstat -an | grep :22\  | grep ESTABLISHED | wc -l` #ssh connection count
        http_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED | wc -l` #http connection count
        h_out_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED |  awk '{print $5}' | grep :80 | wc -l` #http requests count (downloading file from somewhere else)
        h_in_connections=`/bin/netstat -an | grep :80\  | grep ESTABLISHED |  awk '{print $4}' | grep :80 | wc -l` #http response count (someone display a web page from this server)

        echo "CONNECTIONS"
        echo "-------------------------------------------------------------------------"
        echo -e "UNIX\tTCP\tFTP\tSSH\tHTTP\tH-Input\tH-Output"
        echo -e "$unix_connections\t$tcp_connections\t$ftp_connections\t$ssh_connections\t$http_connections\t$h_in_connections\t$h_out_connections\n"
        return
}

#
# Function to ip list http connections
#
print_iplist()
{
        echo "List of ip addresses:"
        echo "-------------------------------------------------------------------------"
        /bin/netstat -an | grep :80 | grep ESTABLISHED | awk '{print $5}'
        return
}

#
# Main procedure start here
#
# Check for sufficent args
#

if [ $# -eq 0 ] ; then
    print_help
    exit 1
fi

# Now parse command line arguments
#
while getopts chlik: opt
do
    case "$opt" in
        c) cls;;
        h) print_hdspace;;
        l) print_connection_count;;
        i) print_iplist;;
        \?) print_help; exit 1;;
    esac
done

VNSTAT: Network Traffic Monitor for *nix Systems

Vnstat is a network stats software, an opensource project for *nix systems and can be downloaded from http://humdi.net/vnstat/. For more than a year I am using Vnstat and it works silently without using too much resources and gives required stats when it is needed.
In details, it is possible to see your network adapters' traffic data based on years, months, weeks, days, hours and even real time data flow rates, running vnstat at the background with a small system resource like 1mb ram.

Setup

cd /usr/local/src
wget http://humdi.net/vnstat/vnstat-1.10.tar.gz
tar zxvf vnstat-1.10.tar.gz
cd vnstat-1.10
make
make all
make install
vnstat -u -i eth0 #eth0 should be replaced by your network adapter
vi /etc/vnstat.conf #change eth0 in conf file with your network adapter
OK configuration fineshed, now it is time to setup startup script which can be downloaded from
/etc/init.d scripts for vnStat daemon
Some Commands
vnstat --help # I think this will be enough :)

Friday, February 26, 2010

Anti-DDOS NGINX Server Configuration includes PHP config

Here is my NGINX configuration for DDOS Attacks to PHP and my lovely NGINX server:
nginx.conf
user www-data www-data;
worker_processes 10;

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

access_log /var/log/nginx/access.log;

sendfile on;

#keepalive_timeout 0;
keepalive_timeout 5;
tcp_nodelay on;

gzip on;
limit_req_zone $binary_remote_addr zone=antiddosphp:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=antiddos:10m rate=10r/s;

include /etc/nginx/mustafat/*;

}
virtualhost.conf
server {
root /home/www-data/vpswatch.com;
listen 80;
server_name vpswatch.com;

access_log off;

location / {
index index.php index.html index.htm;
limit_req zone=antiddos burst=10;

}
location ~ \.php$ {
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 1800;
fastcgi_param SERVER_NAME $http_host;
fastcgi_ignore_client_abort on;
limit_req zone=antiddosphp burst=2;
}
}

Monday, February 1, 2010

Findout Linux Distrubution Name of your Linux

lsb_release -a

Change the timezone, date time on linux

ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
In this command important part is giving the path of your timezone(bold one in example).

Monday, January 18, 2010

Change Default Editor on Linux

#set | grep EDITOR
EDITOR=/bin/pico
# which vi
/usr/bin/vi
# export EDITOR=/usr/bin/vi
# set | grep EDITOR
EDITOR=/usr/bin/vi
_=EDITOR