主要步骤是:1 抓包 2 获取包信息 3 写数据库
目前只针对A记录进行统计
#!/bin/sh
while true
do
`tcpdump dst port 53 -i eth0 > cap` &
sleep 5
killall -9 tcpdump
cut -d' ' -f 9-10 cap | uniq -c > captemp
while read LINE
do
count=`echo $LINE|awk -F ' ' '{print $1}'`
type=`echo $LINE|awk -F ' ' '{print $2}'`
url=`echo $LINE|awk -F ' ' '{print $3}'`
var=`mysql -e "select url from CountURL.urlInfo where url='$url'
"`
if [[ $type == "A?" ]]
then
if [[ "$var" == "" ]]
then
mysql -e "insert into CountURL.urlInfo(count,url
) values($count,'$url')"
else
mysql -e "update CountURL.urlInfo set count=count+$count where url='$url'"
fi
fi
done < captemp
rm -f cap
rm -f captemp
done
|
阅读(1689) | 评论(0) | 转发(0) |