Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 25 Jul 2016, 04:21
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Utilities
lsof 4.89C out, April 6, 2015
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [8 Posts]  
Author Message
musher0


Joined: 04 Jan 2009
Posts: 8107
Location: Gatineau (Qc), Canada

PostPosted: Sun 10 May 2015, 20:39    Post subject:  lsof 4.89C out, April 6, 2015  

Hello.

Here is a pet archive of lsof 4.89C, published last April.

lsof is defined as a "an active file lister". File being understood here in the
linux sense, i.e.: everything is a file in linux... Wink

So lsof will list open internet connections as well as active lib's in RAM. Its
listing is more complete than a listing made with ps. Anyway, for add'l
info, the lsof web site is here.

Enjoy!

musher0

_________________
musher0
~~~~~~~~~~
"The greatest of minds are the ones that never close." | "Les plus grands esprits sont ceux qui ne se ferment jamais."
(starhawk, Resident Philosopher | philosophe en résidence) Wink
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 8107
Location: Gatineau (Qc), Canada

PostPosted: Sun 10 May 2015, 21:09    Post subject:  

Hello, all.

Here is an example of lsof listing active lib's with command line
Code:
lsof | grep so | more



The names of the fields are as follows:
COMMAND --- PID --- TID --- USER --- FD --- TYPE --- DEVICE --- SIZE/OFF --- NODE --- NAME
The name of the related executable appears in the first column to the left.

BFN.

musher0

_________________
musher0
~~~~~~~~~~
"The greatest of minds are the ones that never close." | "Les plus grands esprits sont ceux qui ne se ferment jamais."
(starhawk, Resident Philosopher | philosophe en résidence) Wink

Last edited by musher0 on Mon 11 May 2015, 02:31; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 8107
Location: Gatineau (Qc), Canada

PostPosted: Sun 10 May 2015, 22:13    Post subject:  

Almost forgot to mention...

I compiled my lsof pet above in PuppyPrecise 5.4.3. So it's a 32-bit exec,
plus it'll work on Puppies with glibc 2.15 or higher.

Also, before you ask: no particular configuration at compile time. Just
the required "./Configure" (lsof for linux is derived from unix, so the
compilation procedure is a little different), and "make".

I stripped the resulting executable with > strip --strip-unneeded lsof <.

Then I built the pet archive, copying the file hierarchy from a lsof-4.87
pet that I had produced earlier.

BFN.

musher0

_________________
musher0
~~~~~~~~~~
"The greatest of minds are the ones that never close." | "Les plus grands esprits sont ceux qui ne se ferment jamais."
(starhawk, Resident Philosopher | philosophe en résidence) Wink
Back to top
View user's profile Send private message Visit poster's website 
goingnuts

Joined: 07 Dec 2008
Posts: 843

PostPosted: Sun 29 Nov 2015, 08:16    Post subject:  

Needed lsof for P412 so build static linked version of lsof-4.89.
Build with uclibc (./Configure linux) - and should work in most Puppy versions including 64-bit.
lsof-4.89.pet
Description 
pet

 Download 
Filename  lsof-4.89.pet 
Filesize  142.18 KB 
Downloaded  57 Time(s) 
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 8107
Location: Gatineau (Qc), Canada

PostPosted: Sun 29 Nov 2015, 09:05    Post subject:  

Thanks, goingnuts.

lsof is a great tool. The more versions we have, the better.

What did you need it for, if I may?

BFN.

musher0

_________________
musher0
~~~~~~~~~~
"The greatest of minds are the ones that never close." | "Les plus grands esprits sont ceux qui ne se ferment jamais."
(starhawk, Resident Philosopher | philosophe en résidence) Wink
Back to top
View user's profile Send private message Visit poster's website 
goingnuts

Joined: 07 Dec 2008
Posts: 843

PostPosted: Sun 29 Nov 2015, 09:48    Post subject:  

Originally tried to create an application firewall and lsof was mentioned somewhere as a possible building block. Now using it to view which apps are connected to the internet and to where (lsof -i).
example alert-model script:
Code:
#!/bin/sh
#alert - simple application internet access watchdog
#looks for apps not in /etc/allow, if found give warning
#2015 goingnuts
echo tor > /etc/allow   #for test - remove and create your own
while true; do
   ACTUAL=$(lsof -itcp | grep ESTABLISHED | grep -v localhost | cut -d " " -f1 | sort -u)
   for X in ${ACTUAL}; do
      if [ "$(grep ${X} /etc/allow)" = "" ]; then
         echo "${X} is accessing the internet - it is not allowed!"
      fi
   sleep 1
   done
done
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 8107
Location: Gatineau (Qc), Canada

PostPosted: Sun 29 Nov 2015, 12:55    Post subject:  

Can be quite useful. Thanks.

If the script finds an intruder, would you be considering a "fight-back" action?

_________________
musher0
~~~~~~~~~~
"The greatest of minds are the ones that never close." | "Les plus grands esprits sont ceux qui ne se ferment jamais."
(starhawk, Resident Philosopher | philosophe en résidence) Wink
Back to top
View user's profile Send private message Visit poster's website 
goingnuts

Joined: 07 Dec 2008
Posts: 843

PostPosted: Sun 29 Nov 2015, 14:05    Post subject:  

The original goal was to stop applications not in allow list from connecting to the internet. lsof only helps to inform when the connection has been made. You could create a startup script in /etc/init.d that just kill everything discovered not in allow-list. But drawback is you then need another script to do the configure...
The script also seem too slow to discover fx. a single ping or a quick wget running.
Below is my current compromise running after X has started (put it in /root/Startup) - sort of information and action script.
Code:
#!/bin/sh
#alert - simple application internet access watchdog
#looks for apps not in /etc/allow, if found give warning/choice
#2015 goingnuts
if [ ! $(which lsof) ]; then
   Xdialog --title "Message from alert" --msgbox "Missing lsof.
Program will not run without it.
Press OK to quit." 0 0
exit
fi
[ ! -f /etc/allow ] && echo -n > /etc/allow
while true; do
   ACTUAL=$(lsof -itcp | grep ESTABLISHED | grep -v localhost | cut -d " " -f1 | sort -u)
   for X in ${ACTUAL}; do
      if [ "$(grep ${X} /etc/allow)" = "" ]; then
           Xdialog --stdout  --title "Message from alert" --no-cancel --yesno "${X} is accessing the internet - should it be allowed?" 0 0
            if [ $? -eq 0 ]; then
              echo ${X} >> /etc/allow
           else
              kill $(pgrep ${X})
           fi
      fi
   sleep 1
   done
done
exit
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [8 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Utilities
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0593s ][ Queries: 12 (0.0118s) ][ GZIP on ]