LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 08-07-2004, 06:03 PM   #1
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
Port Monitoring bash script


Hi guys,

I'm trying to learn better at bash scripting. I'm trying to write a script that monitors ports (ie. 80, 25, 53, 443, 143, 110, etc..) in bash. So I have server A that checks the ports on server B. Essentially, if server B's DNS went down it would spot that port 53 is no longer listening and would fire an e-mail to the admin. How does one do this?

The only way I can think of is to run nmap from server A to server B and if it doesn't see port 53, then the e-mail would be sent to the admin (myself). Is this efficient or am I missing something that is more sensible/clear? I know nagios can monitor but I'm trying to write stuff like this myself so I have a better understanding of bash and its style. Any help is greatly appreciated. Thanks!

-twantrd
 
Old 08-07-2004, 09:04 PM   #2
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 111Reputation: 111
I think nmap is the obvious choice. "netcat" (nc) could do it probably also, but more difficult for UPD (e.g. DNS servers, though many also do tcp IIRC).

To test for UPD/25 (for nmap's to do UDP you need to be root, and specify -sU):
Code:
#!/bin/bash

if nmap -sU -p77 -oG - localhost | grep 'Ports:.*/open/' >/dev/null ; then
    echo "DNS (UDP) is up"
else
    echo "DNS (UDP) is down!!!"
fi
 
Old 08-08-2004, 01:40 PM   #3
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
Hi, thanks for the help! However, don't some ISP's get really mad (and possibly could ban you) if they detect that you are port scanning at a regular basis?

-twantrd
 
Old 08-08-2004, 03:44 PM   #4
Cedrik
Senior Member
 
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140

Rep: Reputation: 244Reputation: 244Reputation: 244
You can also use the dig command to test a dns server :

dig @dns.serverb.net google.com A
 
Old 08-08-2004, 05:15 PM   #5
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 111Reputation: 111
True.
If it's only for DNS, forget nmap.
 
Old 08-08-2004, 05:17 PM   #6
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 111Reputation: 111
Well, that could be the case. However, you're only probing one port, and if you don't run it too often, it should be no problem IMHO.

Probing only one port isn't really scanning. Think about it: a normal DNS-lookup request is very normal to happen. On the other hand, nmap uses unusual packets (empty). Use -sT option for most normal TCP packets.
 
Old 08-08-2004, 08:59 PM   #7
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
However, I'm trying to monitor multiple ports using bash script. I could do a dig @<server B> <some domain name> but how could I monitor port 25 (smtp) and pop3 (110)?

-twantrd
 
Old 08-08-2004, 09:35 PM   #8
Cedrik
Senior Member
 
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140

Rep: Reputation: 244Reputation: 244Reputation: 244
telnet yourhost.com 25 and telnet yourhost.com 110 ?
 
Old 08-09-2004, 03:55 AM   #9
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
Yea, I was thinking of that too . But then, how would you get out of say 'telnet myhost.com 25' because it would be stuck there until you hit a ctrl-] to display a telnet prompt. Is there a way to execute ctrl-] in bash?


-twantrd
 
Old 08-09-2004, 03:06 PM   #10
bruce ford
Member
 
Registered: Jul 2004
Location: Munich, Germany
Distribution: Sun Solaris 8, SuSE 9.0
Posts: 43

Rep: Reputation: 15
hi twantrd,

then try "netcat -z", that does nothing but connecting-sending nothing-disconnecting e.g. like this

Code:
host=your.favouritehost.com
for port in  80 25 53 443 143 110
do
  if netcat -z $host $port
  then
    echo port $port is up
  else
    echo port $port is down
  fi
done
so long...
bruce
 
Old 08-10-2004, 02:40 AM   #11
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
Thank you BRUCE! Works like a champ. Now I gotta figure out how to mail me the list of connections that were down? What I can think of is redirecting the list of 'down' connections to a file and mailing me that file. Any suggestions on how to do this to make it simplier? If you can't, that's fine...that netcat command is awesome. THANKS again!!

-twantrd
 
Old 08-10-2004, 05:20 PM   #12
bruce ford
Member
 
Registered: Jul 2004
Location: Munich, Germany
Distribution: Sun Solaris 8, SuSE 9.0
Posts: 43

Rep: Reputation: 15
hi twantrd,

if you need compressed output you could add up the ports that were detected down in one variable or in a bash array if you need it for later processing in the same script and then mail the contents of that variable or that array to you e.g. like this

Code:
host=your.favouritehost.com
for port in  80 25 53 443 143 110
do
  if ! netcat -z $host $port
  then
    ports=${ports}" "$port
  fi
done
echo Ports $ports are down | mail -s "port result" you@yourhost.com
If you don't need compressed output,simply add " | mail -s "port result" you@yourhost.com" to the line with the last "done" in my first example.

So long...
bruce
 
Old 01-21-2009, 06:55 AM   #13
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Rep: Reputation: 30
apologies.

howto pull out listof hosts/ip addresses from a file and check it using the above script?
 
Old 01-21-2009, 07:07 AM   #14
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Rep: Reputation: 30
apologies.

howto pull out listof hosts/ip addresses from a file and check it using the above (bruce_ford)script?
 
Old 01-21-2009, 03:08 PM   #15
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
Wow, this thread is 5 years old ! I'm glad you searched for answers to your problem instead of posting a new thread.

If the file containing the list of ports is "port.txt", then
Code:
for $port in `cat port.txt`
do
...rest of the code here...
-twantrd
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
USB Port Monitoring program?? funkymunky Linux - General 0 02-05-2005 11:12 AM
bash script, monitoring running PID? thebover Programming 4 08-26-2004 03:42 PM
Urgent !!! monitoring directory size using bash juby Programming 4 07-22-2004 06:47 AM
Why can't I read in data from the serial port using a bash script? tjt Linux - Newbie 1 06-17-2004 01:21 AM
monitoring a port linuxboy69 Linux - General 4 11-18-2003 02:37 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 06:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration