SHOW:
|
|
- or go back to the newest paste.
| 1 | interface=eth0 | |
| 2 | dumpdir=/tmp/ | |
| 3 | ||
| 4 | while /bin/true; do | |
| 5 | pkt_old=`grep $interface: /proc/net/dev | cut -d : -f2 | awk '{ print $2 }'`
| |
| 6 | sleep 1 | |
| 7 | pkt_new=`grep $interface: /proc/net/dev | cut -d : -f2 | awk '{ print $2 }'`
| |
| 8 | ||
| 9 | pkt=$(( $pkt_new - $pkt_old )) | |
| 10 | echo -ne "\r$pkt packets/s\033[0K" | |
| 11 | ||
| 12 | if [ $pkt -gt 5000 ]; then | |
| 13 | echo "\nOMFG, DoS detected!!!!!@#$%^&* no1curr." | |
| 14 | tcpdump -n -s0 -c 5000 -w $dumpdir/dump.`date +"%Y%m%d-%H%M%S"`.cap | |
| 15 | echo "Going to sleep for 5 minutes." | |
| 16 | sleep 300 | |
| 17 | fi | |
| 18 | done |
