Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- export pktname
- interface=eth0
- dumpdir=/root/dumps
- while /bin/true; do
- pkt_old=`grep $interface: /proc/net/dev | cut -d : -f2 | awk '{ print $2 }'`
- sleep 1
- pkt_new=`grep $interface: /proc/net/dev | cut -d : -f2 | awk '{ print $2 }'`
- pkt=$(( $pkt_new - $pkt_old ))
- echo -ne "\r$pkt packets/s\033[0K"
- if [ $pkt -gt 1000 ]; then
- echo -e "\n`date` Under Attack. Capturing..."
- pktname="dump_`date +%d-%m-%y_%H:%M:%S`.pcap"
- tcpdump -i $interface -t -w $dumpdir/dump_`date +%d-%m-%y_%H:%M:%S`.pcap -c 10000
- echo "`date` Packets Captured. Sleeping..."
- sleep 1800
- fi
- done
Add Comment
Please, Sign In to add comment
