Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
08-07-2004, 06:03 PM
|
#1
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Rep:
|
Port Monitoring bash script
Hi guys,
I'm trying to learn better at bash scripting. I'm trying to write a script that monitors ports (ie. 80, 25, 53, 443, 143, 110, etc..) in bash. So I have server A that checks the ports on server B. Essentially, if server B's DNS went down it would spot that port 53 is no longer listening and would fire an e-mail to the admin. How does one do this?
The only way I can think of is to run nmap from server A to server B and if it doesn't see port 53, then the e-mail would be sent to the admin (myself). Is this efficient or am I missing something that is more sensible/clear? I know nagios can monitor but I'm trying to write stuff like this myself so I have a better understanding of bash and its style. Any help is greatly appreciated. Thanks!
-twantrd
|
|
|
08-07-2004, 09:04 PM
|
#2
|
Senior Member
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536
Rep:
|
I think nmap is the obvious choice. "netcat" (nc) could do it probably also, but more difficult for UPD (e.g. DNS servers, though many also do tcp IIRC).
To test for UPD/25 (for nmap's to do UDP you need to be root, and specify -sU):
Code:
#!/bin/bash
if nmap -sU -p77 -oG - localhost | grep 'Ports:.*/open/' >/dev/null ; then
echo "DNS (UDP) is up"
else
echo "DNS (UDP) is down!!!"
fi
|
|
|
08-08-2004, 01:40 PM
|
#3
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Original Poster
Rep:
|
Hi, thanks for the help! However, don't some ISP's get really mad (and possibly could ban you) if they detect that you are port scanning at a regular basis?
-twantrd
|
|
|
08-08-2004, 03:44 PM
|
#4
|
Senior Member
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140
|
You can also use the dig command to test a dns server :
dig @dns.serverb.net google.com A
|
|
|
08-08-2004, 05:15 PM
|
#5
|
Senior Member
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536
Rep:
|
True.
If it's only for DNS, forget nmap.
|
|
|
08-08-2004, 05:17 PM
|
#6
|
Senior Member
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536
Rep:
|
Well, that could be the case. However, you're only probing one port, and if you don't run it too often, it should be no problem IMHO.
Probing only one port isn't really scanning. Think about it: a normal DNS-lookup request is very normal to happen. On the other hand, nmap uses unusual packets (empty). Use -sT option for most normal TCP packets.
|
|
|
08-08-2004, 08:59 PM
|
#7
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Original Poster
Rep:
|
However, I'm trying to monitor multiple ports using bash script. I could do a dig @<server B> <some domain name> but how could I monitor port 25 (smtp) and pop3 (110)?
-twantrd
|
|
|
08-08-2004, 09:35 PM
|
#8
|
Senior Member
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140
|
telnet yourhost.com 25 and telnet yourhost.com 110 ?
|
|
|
08-09-2004, 03:55 AM
|
#9
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Original Poster
Rep:
|
Yea, I was thinking of that too . But then, how would you get out of say 'telnet myhost.com 25' because it would be stuck there until you hit a ctrl-] to display a telnet prompt. Is there a way to execute ctrl-] in bash?
-twantrd
|
|
|
08-09-2004, 03:06 PM
|
#10
|
Member
Registered: Jul 2004
Location: Munich, Germany
Distribution: Sun Solaris 8, SuSE 9.0
Posts: 43
Rep:
|
hi twantrd,
then try "netcat -z", that does nothing but connecting-sending nothing-disconnecting e.g. like this
Code:
host=your.favouritehost.com
for port in 80 25 53 443 143 110
do
if netcat -z $host $port
then
echo port $port is up
else
echo port $port is down
fi
done
so long...
bruce
|
|
|
08-10-2004, 02:40 AM
|
#11
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Original Poster
Rep:
|
Thank you BRUCE! Works like a champ. Now I gotta figure out how to mail me the list of connections that were down? What I can think of is redirecting the list of 'down' connections to a file and mailing me that file. Any suggestions on how to do this to make it simplier? If you can't, that's fine...that netcat command is awesome. THANKS again!!
-twantrd
|
|
|
08-10-2004, 05:20 PM
|
#12
|
Member
Registered: Jul 2004
Location: Munich, Germany
Distribution: Sun Solaris 8, SuSE 9.0
Posts: 43
Rep:
|
hi twantrd,
if you need compressed output you could add up the ports that were detected down in one variable or in a bash array if you need it for later processing in the same script and then mail the contents of that variable or that array to you e.g. like this
Code:
host=your.favouritehost.com
for port in 80 25 53 443 143 110
do
if ! netcat -z $host $port
then
ports=${ports}" "$port
fi
done
echo Ports $ports are down | mail -s "port result" you@yourhost.com
If you don't need compressed output,simply add " | mail -s "port result" you@yourhost.com" to the line with the last "done" in my first example.
So long...
bruce
|
|
|
01-21-2009, 06:55 AM
|
#13
|
Member
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209
Rep:
|
apologies.
howto pull out listof hosts/ip addresses from a file and check it using the above script?
|
|
|
01-21-2009, 07:07 AM
|
#14
|
Member
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209
Rep:
|
apologies.
howto pull out listof hosts/ip addresses from a file and check it using the above (bruce_ford)script?
|
|
|
01-21-2009, 03:08 PM
|
#15
|
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440
Original Poster
Rep:
|
Wow, this thread is 5 years old ! I'm glad you searched for answers to your problem instead of posting a new thread.
If the file containing the list of ports is "port.txt", then
Code:
for $port in `cat port.txt`
do
...rest of the code here...
-twantrd
|
|
|
All times are GMT -5. The time now is 06:12 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|