If you need check ftp connections remplace this line:
if (/telnet\/tcp: Connection from\s+(\S+)\s+\((\S+)\) at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)
by this:
if (/ftp\/tcp: Connection from\s+(\S+)\s+\((\S+)\) at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)
greetings.
mexlord wrote:
Example to monitoring incoming connections in your system. Tested in HP-UX v11.00.
# Listing IP's for Telnet connections in HP-UX
# Ricardo Pelcastre
#!/opt/perl/bin/perl
%dias = (Sun => "Dom",
Mon => "Lun",
Tue => "Mar",
Wed => "Mie",
Thu => "Jue",
Fri => "Vie",
Sat => "Sab"
);
%meses = (Jan => "Ene",
Feb => "Feb",
Mar => "Mar",
Apr => "Abr",
May => "May",
Jun => "Jun",
Jul => "Jul",
Aug => "Ago",
Sep => "Sep",
Oct => "Oct",
Nov => "Nov",
Dec => "Dic"
);
$ip=$ARGV[0];
$cmd="/usr/bin/grep \"$ip\" /var/adm/syslog/syslog.log\n";
@lineas=qx($cmd);
foreach (@lineas)
{
if (/telnet\/tcp: Connection from\s+(\S+)\s+\((\S+)\) at (\S+) (\S+)\s+(\S+) (\S+) (\S+)$/)
{
$salida=sprintf("[%s %2s %s %s] - %s => %s\n",$dias{$3},$5,$meses{$4},$6,$1,$2);
print $salida;
}
}
