Untitled

#!/bin/bash
#
# v0.1
#
# Written by sabri@cluecentral.net
#
# ./findloss.sh <dst ip> <dst prt> <src port base> <packet size>
#
# The source port will be incremented by 1 until 10 failures have been
# detected or until 500 probes have been transmitted. Example:
#
# ./findloss.sh 192.168.2.200 80 50000 1400
#
IP=$1
PORT=$2
BASE=$3
if [ -z "$4" ]
then
    SIZE=512
else
    SIZE=$4
fi
LIST=""
NUM=0
OUT="/tmp/tcpscan.$RANDOM"
mkdir $OUT

if [ -z "$3" ]
then
    echo "$0 IP PORT BASE SIZE(optional default 512)"
    exit
fi

END=`expr $BASE + 500`

echo ""
echo "Starting the test. Our CLI will look like:"
echo "nping -c 10 --rate 20 -g [$BASE-$END]  --tcp --flags A -p $PORT --data-length $SIZE --dest-ip $IP"
echo ""
for i in `seq $BASE $END`
do
    RES=`nping -c 10 --rate 20 -g $i --tcp --flags A -p $PORT --data-length $SIZE --dest-ip $IP | grep Lost | cut -f4 -d: | awk '{ print $1}'`
    if [ "$RES" -gt 2 ]
    then
        LIST="$LIST $i"
        /bin/echo -n "."
    else
        /bin/echo -n "!"
    fi

    NUM=`echo $LIST | wc | awk '{ print $2}'`
    if [ $NUM -gt 9 ]
    then
        echo ""
        echo ""
        echo "Got 10 failures, exiting to the next step"
        break
    fi
done
echo ""
echo "Running tcptraceroute with source ports: $LIST"
echo ""
/bin/echo -n "Working on "
for i in $LIST
do
    /bin/echo -n "$i..."
    traceroute -l $SIZE -n -T -w 1 -q 10 -z 11 --sport=$i -p $PORT $IP 1472 | grep -v trace | sed -e 's/\*//g' | awk '{ print $2}' > $OUT/$i

done
echo "Done!"
echo ""
WINNER=`md5sum $OUT/* | awk '{print $1}' | sort | uniq -c | sort -n | tail -n1 | awk '{ print $2}'`
WINNERCNT=`md5sum $OUT/* | awk '{print $1}' | sort | uniq -c | sort -n | tail -n1 | awk '{ print $1}'`
for i in $LIST
do
    TEST=`md5sum $OUT/$i | awk '{print $1}'`
    if [ "$TEST" == "$WINNER" ]
    then
        echo "The most suspect path with $WINNERCNT hits is:"
        echo ""
        cat $OUT/$i
        break
    fi
done

echo ""
echo "The raw output can be found in $OUT"