#!/bin/sh
#$Id: getports,v 1.4.2.1 2004/05/13 18:28:16 timo Exp $

_STATFILE=./data/iptables_ports
_TOTAL=`cat /var/log/syslog /var/log/messages | grep -c "IN.*SRC.*DPT.*"`
#_TOTAL=`cat /var/log/syslog /var/log/syslog.0 | grep -c "IN.*SRC.*DPT.*"`
_TMPFILE=./data/gethosts_$$.tmp
_INIT=no

[ $# -eq 1 ] && [ "X$1" == "Xinit" ] && _INIT=yes 

if [ $_INIT == "yes" ]
then
    [ -f $_STATFILE ] && rm -f $_STATFILE

    grep "IN.*SRC.*DPT.*" /var/log/syslog /var/log/syslog.0 |\
    awk '{printf "%s%s\n", substr($0,index($0,"DPT=")+4),substr($0,index($0,"PROTO=")+6,3);}' |\
    awk '{printf "%s/%s\n",$1,$NF;}' | sort | uniq -c | sort -nr | head -20  |\
    while read c p ; do echo $c $p `grep -i "[[:space:]]$p" /etc/services | head -1 | awk '{print $1;}'`; done |\
    awk -v tot=$_TOTAL '{printf "%6d (%2.1d%%) %16s  %s\n",$1,$1*100/tot,$2,$3}' > $_TMPFILE 
    mv $_TMPFILE $_STATFILE
else
    sleep 1
    while [ ! -s $_STATFILE ]
    do
        sleep 1
    done
fi
cat $_STATFILE