who goes .pl

[Angelos Karageorgiou]

Λοιπον μαγκες επειδη γρινιαξατε πολυ σας εισακουσα.

Για να βλεπετε τα live web requests που κανουν οι luser σας στο δικτυο 
ακομη και αυτοι που ειναι πισω απο proxy , τρεξτε το παρακατω


Για οσους δεν ξερουν απο cut and paste deite to http://www.unix.gr

P.S. O Stein einai megalos, poooooly megalos



#!/usr/bin/perl --

#
# Original script by Lincoln D. Stein, http://stein.cshl.org/~lstein/ , thanks
man
# Modifications for proxy displaying and resolver by angelos Karageorgiou
angelos at unix.gr
#

use Socket;
$HOSTS={};               # DNS table
$timeoutalarm=3;        # in 3 second the DNS resolver should timeout
$ENABLERES=0;           # enable the resolver

$|=1;
open (STDIN,"/usr/sbin/tcpdump -lnx -s 1024 dst port 80 |");
while (<>) {
    if (/^\S/) {
        while ($packet=~/(GET|POST|WWW-Authenticate|Authorization).+/g)  {
                $val=$&;

                $val =~ tr/+/ /;
                $val =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
                $origin="xxxxxxxxx";   # no Proxy used
                @LINES=split(/\r\n/,$packet);
                foreach $line (@LINES) {
                        chomp($line);
                        if ( $line =~ /^X-Forwarded-For:/) {
                                ($dummy,$origin)=split(': ',$line);
                        }
                        if ( $line =~ /^Host:/) { # HTTP 1.1 virtual host
value
                                ($dummy,$target)=split(': ',$line);
                        }
                }

                $val =~ s/ \// http:\/\/$target\// if ( $target );
            print resolv($origin) . " : " . resolv($client) . " -> "  .
resolv($host) . "\t$val\n";
            #print "$packet\n" ; # for debugging purposes
        }
        undef $client; undef $host; undef $packet; undef @LINES; undef $line;
undef $origin; undef $target;
        ($client,$host) = /(\d+\.\d+\.\d+\.\d+).+ > (\d+\.\d+\.\d+\.\d+)/ if
/P \d+:\d+\((\d+)\)/ && $1 > 0;
    }
    next unless $client && $host;
    s/\s+//;
    s/([0-9a-f]{2})\s?/chr(hex($1))/eg;
    tr/\x1F-\x7E\r\n//cd;
    $packet .= $_;
}

######################################################################
# resolver hack by angelos karageorgiou
######################################################################

sub resolv #resolv and cache a host name
{
local $mname,$miaddr,$mhost;
$mhost=shift;

if ( ! $ENABLERES ) {
        return $mhost;
}

        $miaddr = inet_aton($mhost); # or whatever address
        if (! $HOSTS{$mhost} ) {
                $mname='';
         eval {
        local $SIG{ALRM} = sub { die "alarm\n" };       # NB \n required
        alarm $timeout;

                $mname  = gethostbyaddr($miaddr, AF_INET);
        };
        die if $@ && $@ ne "alarm\n";       # propagate errors


                if  ( $mname =~ /^$/ )  {
                        $mname=$mhost;
                }
                $HOSTS{$mhost}=$mname;
        }
return $HOSTS{$mhost}
}