Current location

narf Source control manager Git

summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOlivier Mehani <shtrom@ssji.net>2017-06-13 21:15:42 +1000
committerOlivier Mehani <shtrom@ssji.net>2017-06-13 21:15:42 +1000
commitef3de94fcffbbc87d9290f9c5f8d2f80f79b4ac1 (patch)
tree25d7a2ab1853bbb26dbd98e9c04e51ddb8b0874e /openbsd/loadmon.sh
parenteaba4e57f3b0ab4ab6ac6b3de46ef197b2ab0b90 (diff)
Might as well version that, too
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
Diffstat (limited to 'openbsd/loadmon.sh')
-rwxr-xr-xopenbsd/loadmon.sh65
1 files changed, 65 insertions, 0 deletions
diff --git a/openbsd/loadmon.sh b/openbsd/loadmon.sh
new file mode 100755
index 0000000..a212c18
--- /dev/null
+++ b/openbsd/loadmon.sh
@@ -0,0 +1,65 @@
+#!/bin/sh
+MINLOAD=6
+NPKTS=1000
+IF=sis0
+ADDR=91.121.146.101
+
+TCPDUMP=/usr/sbin/tcpdump
+FSTAT=/usr/bin/fstat
+
+LOAD=$(uptime | sed -n 's/.*ages: \([^\.]*\)\..*/\1/p')
+
+if [ ${LOAD} -lt ${MINLOAD} -a "${1}" != '-f' ]; then
+ #echo "Load not high enough..." >&2
+ exit 0
+fi
+
+PIDFILE="/var/run/$(basename $0).pid"
+if [ -e "${PIDFILE}" ]; then
+ if kill -0 $(cat "${PIDFILE}"); then
+ echo "${0} already running $(cat "${PIDFILE}")" >&2
+ exit 0
+ fi
+fi
+echo $$ > ${PIDFILE}
+
+PROCESSES=$(ps axww -O pcpu,pmem,nice,time,uid,user,gid,group | sed 1d | sort -k 2,3 -r)
+
+TIMESTAMP=$(date +%Y-%m-%d_%H:%M:%S)
+DUMPFILE=/tmp/dump-${TIMESTAMP}.pcap
+
+echo "Capturing to ${DUMPFILE}..." >&2
+tcpdump -i ${IF} -c ${NPKTS} -w ${DUMPFILE} ip and tcp >&2
+
+# 01:34:19.329994 white-dwarf.narf.ssji.net.23195 > cluster014.ovh.net.www: F 0:0(0) ack 4294967083 win 2048 <nop,nop,timestamp 3594572061 19> (DF)
+FLOWS="$(${TCPDUMP} -r ${DUMPFILE} src ${ADDR} | cut -f 2,4 -d' ' | sort | uniq -c | sort -n -r)"
+
+SRCPORTS="$(echo "${FLOWS}" | sed -n 's/^.*[0-9][0-9]*.*\.\([^ ]*\) .*/\1/p' | uniq)" # don't want to sort here
+
+echo "Identifying sources..." >&2
+FSTAT_OUT=""
+for PORT in $SRCPORTS; do
+ LOCALFSTAT_OUT="$(${FSTAT} | grep "internet.*:$PORT")"
+ PIDS="$(echo "${LOCALFSTAT_OUT}" | awk '{ print $3 }' | sort -nu)"
+ for PID in $PIDS; do
+ LOCALFSTAT_OUT="${LOCALFSTAT_OUT}
+
+### lsof for PID $PID
+$(${FSTAT} -p "${PID}")"
+ done
+
+ FSTAT_OUT="${FSTAT_OUT}
+
+## lsof for port ${PORT}
+${LOCALFSTAT_OUT}"
+done
+
+echo "# Processes"
+echo "${PROCESSES}"
+echo "# Packets"
+echo "${FLOWS}"
+echo "# Source ports"
+echo "${SRCPORTS}"
+echo "${FSTAT_OUT}"
+
+rm ${PIDFILE}