From 35fde3c5b004788e7bf837c2f4aba531f6076759 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Sun, 25 Aug 2019 03:30:39 +0200
Subject: Add script checking outgoing network connections

---
 .gitignore             |  1 +
 scripts/netstat-out.sh | 10 ++++++++++
 2 files changed, 11 insertions(+)
 create mode 100755 scripts/netstat-out.sh

diff --git a/.gitignore b/.gitignore
index ae5a993..6345a48 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
+security/*
 example.conf
diff --git a/scripts/netstat-out.sh b/scripts/netstat-out.sh
new file mode 100755
index 0000000..57fcc28
--- /dev/null
+++ b/scripts/netstat-out.sh
@@ -0,0 +1,10 @@
+#! /bin/bash
+
+# Finish later... By app first. Than destinations. Separate firefox, chromium, etc.? What else?
+query=""
+for port in `netstat -ntup | tail -n +3 | grep -v "127.0.0.1" | awk -e '{print $4}' | rev | cut -d ':' -f 1 | rev | sort -n | uniq`; do 
+    [ $port -gt 32768 ] && continue;
+    [ -z "$query" ] && query="sport = :$port" || query="$query or sport = :$port"
+done
+
+eval /sbin/ss -nrtu state established "'( $query ) '" | tail -n +2 | grep -v localhost | awk -F'[:\t ]+' -e '$6 != $4 { print $6, $5 }'
-- 
cgit v1.2.3