This is a bash-script that runs in the background (via launchd) and gathers information about what currently open network connections your machine have, both outgoing and incoming (listening) ports. It does so every two minutes. When the script is run by root, it gathers the data; when run as any other user it displays the data.
You can use this in conjunction with GeekTool to always see the data on your screen. Here is the script:
#!/bin/bash
# Script to install open_ports.sh
# 2011-05-05 / Peter Mˆller, Datavetenskap, LTH
# Location:
# http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/open_ports_install.sh
# Make sure the user is "root"
if [ ! "$USER" = "root" ] ; then
echo "Must be run by root!"
echo "Exiting..."
exit 1
fi
# BINDIR points to the "binary"
BINDIR="/usr/bin"
# PREFIX points to where all the datafiles are stored
PREFIX="/Library/cs.lth.se/OpenPorts"
# IP_CACHE is a growing list of IP-addresses and their geo location.
# Since this is being used by other scripts, it's not in the OpenPorts directory
IP_CACHE="/Library/cs.lth.se/ip_cache.txt"
# EXTERN stores the computers "external" address. Checked hourly
EXTERN="$PREFIX/ExternIP.txt"
# FILE4 stores current IPv4-ESTABLISHED connections. Generated every two minutes!
FILE4="$PREFIX/ip4.txt"
# FILE6 stores current IPv6-ESTABLISHED connections. Generated every two minutes!
FILE6="$PREFIX/ip6.txt"
# FILE_LISTEN stores current LISTEN connections. Generated every two minutes!
FILE_LISTEN="$PREFIX/listen.txt"
# CHECKSUM stores a sha1-checksum for the lsof-binary. Cheched every two houres
CHECKSUM="$PREFIX/Checksum.txt"
# IP_LOCATE_CACHE is a temporary file that stores the geo location of the computers external address
IP_LOCATE_CACHE="$PREFIX"/ip_locate_cache.txt
# Fetch and launch the launchd-component
echo "Fetching launchd-component"
curl -o /Library/LaunchDaemons/se.lth.cs.open_ports.plist http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/se.lth.cs.open_ports.plist
chmod 644 /Library/LaunchDaemons/se.lth.cs.open_ports.plist
launchctl load /Library/LaunchDaemons/se.lth.cs.open_ports.plist
launchctl start se.lth.cs.open_ports
echo
echo
# fetch the script
echo "Fetching main script"
ScriptName="open_ports.sh"
curl -o /tmp/${ScriptName} http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/${ScriptName}
curl -o /tmp/${ScriptName}.sha1 http://fileadmin.cs.lth.se/cs/Personal/Peter_Moller/scripts/${ScriptName}.sha1
if [ "$(openssl sha1 /tmp/${ScriptName} | awk '{ print $2 }')" = "$(less /tmp/${ScriptName}.sha1)" ]; then
mv /tmp/${ScriptName} ${BINDIR}/${ScriptName}
chmod 755 ${BINDIR}/${ScriptName}
else
echo "Checksum does NOT match!! Installation aborted!"
exit 1
fi
echo
echo
# Create the directory for the files and set the access rights
mkdir -p "$PREFIX"
chmod 755 "$PREFIX"
touch "$FILE4" "$FILE6" "$IP_CACHE" "$IP_LOCATE_CACHE"
chmod 666 "$FILE4" "$FILE6" "$IP_CACHE" "$IP_LOCATE_CACHE"
echo "Done installing base parts of \"open_ports.sh\". Now proceeding to install GeekTool"
echo
echo "Fetching GeekTool"
# Get GeekTook
curl -o /tmp/GeekTool.dmg http://update.tynsoe.org/geektool3/Public/GeekTool%203.0.dmg
hdiutil mount /tmp/GeekTool.dmg
open /Volumes/GeekTool\ 3/
say "Done installing base parts of open ports. Now you will have to install GeekTool yourself"
exit 0
- Save the install script.
- Start Terminal.
- Become root: if you are a normal user, type sudo adminusernamne and then sudo -i; if you are an admin user, type sudo -i.
- Set access rights for the install script: chmod 755 open_ports_install.sh (you must locate it).
- Run the script: ./open_ports_install.sh.
- The installation is normally quick. It ends with GeekTool being opened. To install it, double-click its .PrefPane
- In GeekTool: click the icon named "Shell" and drag it to an empty part of the desktop (must be free of windows). Size it as well.
- A "Properties" window opens. What you need to enter is:
- Command: open_ports.sh
- Refresh every: 120 s
- Change font to a monospace one (I'm using Menlo and white font color)
- Now you may close GeekTool
Also note that the script will start automatically after a reboot.
Update the script
The script auto-updates once per week. You can also update the script manually by running, as root, the following command in a terminal window:
open_ports.sh -u
It will fetch the latest version of the script and install it (if it is different that what you have). If you already have the latest version it will tell you!
You'll find the script and further information here.
Oh, and it runs on Linux as well (the exact same script -- different installer though). It also updates itself every two weeks if there's a new version available.
[crarko adds: I haven't tested this one.]

