#!/bin/bash # countbytes RM20090221 # revised 2090223 # a script that will run iptraf and log traffic for a given period # and then parse the log and total up all incomming TCP traffic. # This script has to be run as root. The total is written to a file # with a time stamp. Set the variables below to suit/ # Thanks to Mark Campbell and Michael Pope for keeping me honest :^) ################################################################ # Enter a path to the output file iptraf_summary=~/iptraf_summary # Interface to log iface=eth0 # How about a name for the log file? logfile=/var/log/iptraf/iptrafsum # We also need a temporary file after we parse the logfile temp_file=/tmp/countbytes.txt # Do not change this variable. It takes input from the terminal duration=$1 chk_root() # Test to see if root is running the script { if [ "$UID" -ne "0" ]; then echo -e "\nThe script countbytes must be run as root\n" exit fi } chk_runtime() # Test to see if the running time has been given with the command { test -n "$duration" if [ $? -eq 1 ]; then clear echo -e "\nUsage: countbytes [xxxm] or countbytes [xxxh]" echo -e "\nCountbytes uses the same syntax as sleep. Decimals\nare allowed with hours, e.g. 3.5h.\n" exit fi } chk_suffix() # Test to see if the time was entered as with an "m" (for minutes) or "h" for hours. { while [ TRUE ]; do echo $duration | grep m > /dev/null 2>&1 m_test=$? if [ $m_test -eq 0 ]; then runtime=$duration break fi echo $duration | grep h > /dev/null 2>&1 h_test=$? if [ $h_test -eq 0 ]; then runtime=$duration break fi if [ $m_test -o $h_test -eq 1 ]; then echo -e "\nAborted!\nThis would have only run for $duration seconds." echo -e "Use \"m\" for minutes or \"h\" for hours after the number.\n\n" sleep 4 exit fi done } udp_only() # Test to see if there are only UDP exchanges recorded, i.e no TCP in $logfile { grep TCP $logfile > /dev/null 2>&1 chk_tcp=$? if [ $chk_tcp -eq 1 ]; then echo -e "Begin: $start_stamp;\tEnd: $end_stamp;\tThere was no incoming TCP traffic during this period.\n" >> $iptraf_summary # There's no need to proceed any further if there was no incomming TCP traffic exit fi } # Now begin the main part of the function # Run some functions chk_root chk_runtime chk_suffix # If there is an existing /var/log/iptraf/iptrafsum file this will # move it to /var/log/iptraf/iptrafsum-bu. If there is already a # backup, this will overwrite it. if [ -f /var/log/iptraf/iptrafsum ]; then mv -f /var/log/iptraf/iptrafsum /var/log/iptraf/iptrafsum-bu fi # Record starting date/time start_stamp=`date +%A-%B-%R` # This command will run in the background logging traffic. # The new logfile overwrites the previous logfile. iptraf -B -i $iface -L $logfile # Get the PID iptraf_pid=`pidof iptraf` # Use sleep to stop the script for $duration sleep $runtime # Kill iptraf kill $iptraf_pid # Record when logging ends end_stamp=`date +%A-%B-%R` # If there are no TCP packets bail out udp_only # This will strip everything out of the log file except for incoming # TCP byte counts and put them in a file one line at a time with no blank # lines in between. grep -e 'TCP' $logfile | sed '/packets/p' | awk -F ";" '{ print $7 }' \ | awk -F "," '{ print $2 }' | awk -F " " '{ print $1 }' | sed '/^$/d' > $temp_file # Loop ahead! Need to create some variables. lines=`wc -l $temp_file | tr -d $temp_file` sub_total=0 # The loop will read the temp file top line next, get the value add it # in, delete that line, then repeat until there's no lines left. while [ "$lines" -ne "0" ] do next=`sed q $temp_file` sub_total=$(($sub_total+$next)) sed -i -e '1d' $temp_file lines=$(($lines-1)) done # Convert bytes to (1,000 byte) kilobytes by dividing by 1,000 total=$(($sub_total / 1000)) # Use modulus to create a decimal. This can only be done in multiples of 10 # if you want only an integer to be returned. Awk is used to grab first number # in the modulus which isn't accurate rounding bt close enough. mod=`echo "$(($sub_total % 1000))" | awk -F "" '{ print $1 }'` #Send it all to $iptraf_summary echo -e "Begin: $start_stamp;\tEnd: $end_stamp;\tTotal download on $iface is: $total.$mod Kb.\n" >> $iptraf_summary # End of Script # End of Script