论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2014-01-22 11:56 |只看该作者 |倒序浏览

麻烦大侠们指点下！
需求：
利用linux下的工具例如：iftop iptraf 统计出流量最大的目标IP（前三即可），然后收集到一个log文件中就OK。

本人尝试了用iftop 但是iftop又不带有日志功能，又尝试了iptraf 虽然它能输入日志，可是它输出的日志是（如下）这种的我该怎么把流量最大的IP提出出来求大神帮忙！

iptraf 日志

Wed Jan 22 10:27:48 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1130 to 61.135.185.140:80; FIN acknowleged
Wed Jan 22 10:27:49 2014; UDP; eth1; 229 bytes; from 10.10.10.10:138 to 10.10.10.255:138
Wed Jan 22 10:27:52 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1131 to 61.135.185.140:80; Connection reset; 6 packets, 1214 bytes, avg flow rate 0.64 kbits/s; opposite direction 5 packets, 488 bytes; avg flow rate 0.64 kbits/s
Wed Jan 22 10:27:52 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1130 to 61.135.185.140:80; Connection reset; 8 packets, 2113 bytes, avg flow rate 1.14 kbits/s; opposite direction 8 packets, 888 bytes; avg flow rate 1.14 kbits/s
Wed Jan 22 10:28:36 2014; UDP; eth1; 244 bytes; from 10.10.10.10:138 to 10.10.10.255:138
Wed Jan 22 10:29:47 2014; TCP; eth1; 424 bytes; from 61.167.56.46:80 to 10.10.10.10:1132; FIN sent; 38761 packets, 56574584 bytes, avg flow rate 3508.50 kbits/s
Wed Jan 22 10:29:47 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1132 to 61.167.56.46:80; FIN acknowleged
Wed Jan 22 10:29:47 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1132 to 61.167.56.46:80; FIN sent; 19559 packets, 909069 bytes, avg flow rate 56.37 kbits/s
Wed Jan 22 10:29:47 2014; TCP; eth1; 40 bytes; from 61.167.56.46:80 to 10.10.10.10:1132; FIN acknowleged
Wed Jan 22 10:30:17 2014; UDP; eth1; 71 bytes; from 10.10.10.10:1025 to 202.97.224.68:53
Wed Jan 22 10:30:17 2014; UDP; eth1; 350 bytes; from 202.97.224.68:53 to 10.10.10.10:1025
Wed Jan 22 10:30:17 2014; TCP; eth1; 48 bytes; from 10.10.10.10:1133 to 23.207.114.70:443; first packet (SYN)
Wed Jan 22 10:30:17 2014; TCP; eth1; 48 bytes; from 23.207.114.70:443 to 10.10.10.10:1133; first packet (SYN)
Wed Jan 22 10:30:18 2014; TCP; eth1; 46 bytes; from 10.10.10.10:1133 to a23-207-114-70.deploy.static.akamaitechnolog:443; Connection reset; 9 packets, 973 bytes, avg flow rate 7.00 kbits/s; opposite direction 8 packets, 4205 bytes; avg flow rate 7.00 kbits/s
Wed Jan 22 10:31:41 2014; ******** IP traffic monitor stopped ********