Identifying main traffic sources with netstat and awk (one-liner explained)
This is line command to get rid of All the hosts using web server. For this we can make the use of handy netstat command. Sample of eventual output: #netstat -natp | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n | tail 25 195.150.23.130 25 67.222.164.140 28 95.34.20.117 31 72.45.232.204 34 209.56.4.6 36 64.27.200.208 106 50.17.245.114 112 209.234.226.230 247 216.242.75.236 283 184.106.21.219 You can use this command on any other port that you want to search. Let me break this long command and explain the things to make them more understandabe. First of all – how many connections are there to the web server: #netstat -natp | grep :80 | wc -l 459 netstat is a very versatile tool. In this case, the flags being used state the following: “ -n ” Numerical representation of th...