shadowsocks连接监控脚本

由于shadowsocks开放了多个端口分享给小伙伴,每个端口也有不同的client,所以写了一个脚本大概判断了一下当前有哪些连接,以及对应的账户、IP、及IP所属地等信息,效果如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$pp
User: Deniel
Port: 1111
1 180.109.162.110 ["中国","江苏","南京","电信"]
1 49.77.128.51 ["中国","江苏","南京","电信"]
User: Justin
Port: 2222
16 115.28.134.220 ["中国","山东","青岛","阿里云\/电信\/联通\/移动"]
3 203.195.236.130 ["中国","广东","广州","电信\/联通\/移动"]
User: Jason
Port: 3333
1 117.62.132.122 ["中国","江苏","南京","电信"]

其中,每行连接从左往右依次为:

  • 当前端口当前IP的连接数
  • 客户端的IP
  • 该IP的归属地和ISP信息

脚本的原理很简单,利用ss抓出当前的连接,根据端口过滤、处理,再利用ipip.net提供的REST API来获取IP的归属地查询。

脚本内容如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/bash
show_info()
{
echo "
User: $1
Port: $2"
}
show_conn()
{
data=`curl -s http://freeapi.ipip.net/$2 | sed 's#"",##g;s#,""##g'`
printf "\t%-2s %-15s %s\n" $1 $2 $data
}
RV=`ss -n | egrep "3790|51200|51231" | awk '{print $4,$5}' | cut -d: -f1-2 \
| sort | tr ":" " " | uniq -c | sed 's/^\s*//g' | tr " " "-"`
declare -i f1=0
declare -i f2=0
declare -i f3=0
for line in $RV
do
line=`echo $line | tr "-" " "`
port=`echo $line | awk '{print $3}'`
case $port in
"1111" )
conn1[$f1]=`echo $line | awk '{print $1}'` # connections number
client1[$f1]=`echo $line | awk '{print $4}'` # client
f1=f1+1
;;
"2222" )
conn2[$f2]=`echo $line | awk '{print $1}'`
client2[$f2]=`echo $line | awk '{print $4}'`
f2=f2+1
;;
"3333" )
conn3[$f3]=`echo $line | awk '{print $1}'`
client3[$f3]=`echo $line | awk '{print $4}'`
f3=f3+1
;;
esac
done
if [ $f1 -gt 0 ];then
show_info "Deniel" "1111"
for ((k=0;k<$f1;k++))
do
show_conn ${conn1[$k]} ${client1[$k]}
done
fi
if [ $f2 -gt 0 ];then
show_info "Justin" "2222"
for ((k=0;k<$f2;k++))
do
show_conn ${conn2[$k]} ${client2[$k]}
done
fi
if [ $f3 -gt 0 ];then
show_info "Jason" "3333"
for ((k=0;k<$f3;k++))
do
show_conn ${conn3[$k]} ${client3[$k]}
done
fi
如果您觉得这篇文章对您有帮助,不妨支持我一下!