1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
#! /bin/sh
##
## $Id: getipacctg,v 1.7 2004/01/11 03:43:50 heas Exp $
##
## Copyright (C) 1997-2004 by Terrapin Communications, Inc.
## All rights reserved.
##
## This software may be freely copied, modified and redistributed
## without fee for non-commerical purposes provided that this license
## remains intact and unmodified with any RANCID distribution.
##
## There is no warranty or other guarantee of fitness of this software.
## It is provided solely "as is". The author(s) disclaim(s) all
## responsibility and liability with respect to this software's usage
## or its effect upon hardware, computer systems, other software, or
## anything else.
##
## Except where noted otherwise, rancid was written by and is maintained by
## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz.
##
#
# getipacctg uses clogin to login to a cisco router, collect the o/p of
# show ip accounting, and sort by the greatest number of bytes. If a
# second argument is supplied, it is a number indicating the top N producers.
# a third (3 to N) argument(s) specify a prefix(es) to match/select src/dst
# IPs, while others will be filtered.
#
# usage: getipacctg <router name> [<number of lines off the top>] \
# [<src/dest prefix filter> [...]]
# example:
# getipacctg router 25 192.168.0.0/24
# will display the top 25 for src or dst ip's within prefix
# 192.168.0.0/24
#
# Contributed to rancid by Steve Neighorn of SCN Reasearch.
TMP="/tmp/ipacct.$$.prefixes"
TMP2="/tmp/ipacct.$$.sorted"
TMP3="/tmp/ipacct.$$.pl"
if [ $# -eq 0 ] ; then
echo "usage: getipacctg router_name [<number of lines off the top>] [<src/dest prefix filter> [...]]" >&2
exit 1;
fi
trap 'rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3;' 1 2 15
clogin -c 'show ip accounting' $1 > /tmp/ipacct.$$
if [ $? -ne 0 ] ; then
echo "clogin failed." >&2
exit 1
fi
# rest of the command-line options
exec 6>$TMP
HEAD="cat"
shift
while [ $# -ne 0 ] ; do
echo $1 | grep '/' > /dev/null
if [ $? -eq 1 ] ; then
HEAD="head -$1"
else
echo $1 1>&6
fi
shift
done
6>&-
egrep '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ +[0-9]+\.[0-9]+\.' /tmp/ipacct.$$ | \
sed -e 's/^ *//' -e 's/ */ /g' -e 's/.$//' | \
awk '{print $4":"$0;}' | sort -nr | \
sed -e 's/^[^:]*://' > $TMP2
if [ -s $TMP ] ; then
cat > $TMP3 <<PERL
my(@prefs);
my(\$nprefs) = 0;
sub ip_to_int {
# Given xxx.xxx.xxx.xxx return corresponding integer.
my(\$int);
my(\$ip) = shift;
\$ip=~s/\s*//g;
\$ip =~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\$/;
my (\$a,\$b,\$c,\$d) = (int(\$1),int(\$2),int(\$3),int(\$4));
return 0 + ((\$a << 24) + (\$b << 16) + (\$c << 8) + \$d) ;
}
open(PREFS, "< \$ARGV[0]") || die "could not open \$ARGV[0]\n";
while (<PREFS>) {
chomp;
s/\s*//g;
/(.*)\/(.*)\$/;
my(\$ip) = \$1; my(\$mask) = \$2;
\$ip = ip_to_int(\$ip);
\$mask = (~0) << (32 - \$mask);
\$ip = \$ip & (\$mask);
\$prefs[\$nprefs++] = \$ip;
\$prefs[\$nprefs++] = \$mask;
}
close(PREFS);
open(DATA, "< \$ARGV[1]") || die "could not open \$ARGV[1]\n";
while (<DATA>) {
chomp;
@A = split(/ /);
\$A[0] = ip_to_int(\$A[0]);
\$A[1] = ip_to_int(\$A[1]);
for (\$f = 0; \$f < \$nprefs; \$f += 2) {
if ((\$A[0] & \$prefs[\$f + 1]) == \$prefs[\$f] ||
(\$A[1] & \$prefs[\$f + 1]) == \$prefs[\$f]) {
print "\$_\n";
break;
}
}
}
PERL
perl $TMP3 $TMP $TMP2 | $HEAD
else
$HEAD $TMP2
fi
rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3
trap ';' 1 2 15
exit 0
|