For example
Code: Select all
lsof -i :0-65535
Code: Select all
lsof -i :0-65535 -r2
Then we can clean it up a little.
Code: Select all
#!/bin/bash
echo "{NUMBER OF CONNECTIONS} , NAME , PID:"
while true ; do
ALL_CON=$(lsof -i :0-65535 | sed '1d')
# We want only NAME + PID of app to compare
ONLY_NEW_CONN=$(awk '{print $1, $2}' <<< "$ALL_CON" | sort | uniq -c | sort)
# We want compare old output with new output of lsof command
OLD_1="$NEW_1"
NEW_1="$ONLY_NEW_CONN"
COMPARE=$(comm -13 <(echo "$OLD_1") <(echo "$NEW_1"))
if [ ! -z "$COMPARE" ] ; then
echo "$COMPARE"
fi
# The lsof command refreshes every 2 seconds
sleep 2
done
The script only shows a newline if these conditions are met# bash netstat1
{NUMBER OF CONNECTIONS} , NAME , PID:
1 NetworkMa 1111
3 netdata 1386
8 firefox 2220
7 firefox 2220
- if the number of connections changes
- if the application name changes
The script is not perfect as the system may cheat me.
the application can close one connection and open a new one at the same time.
So the script may not notice the difference.
So I should add more variables to compare. For example, a connection name.
For now, it does not matter.
I am wondering about something other.
- Using a command in a loop generates a load for the computer.
- Command lsof use files from /proc/
" The inotify API provides a mechanism for monitoring file system events. inotify can be used to monitor individual files, or to monitor directories.
When a directory is monitored, inotify will return events for the directory itself, and for files inside the directory.
... Inotify does report some but not all events in sysfs and procfs. "
It just doesn't watch the file, but reports when you try to do something,
so it doesn't overload the computer too much.
I'd like to try build a similar script, but without "lsof" command.
And compare the performance which is better.
/proc/ , /proc/*/net this is not my strong side. It will take me some time to research /proc folder.
What do you think? Is it possible?
Because I have doubts.
If the file does not exist, is it possible use inotify?