Never been to CodeSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

17 total

On This Page:

  1. 1 Using external variables in awk
  2. 2 Basic examples of using associative arrays in awk
  3. 3 Basic seq emulation on Mac OS X
  4. 4 Analyze internet traffic volume with dynamic ipfw rules
  5. 5 Enable internet traffic via specified ports through ipfw
  1. 6 Simple internet traffic summary with tcpdump & awk
  2. 7 Counting lines
  3. 8 Get process ID (PID) via ps or killall
  4. 9 Changing the Finder "Open With" contextual menu from the command line
  5. 10 List manual pages and system commands on Mac OS X

Using external variables in awk

to awk shell osx mac bash unix variable external by jvs on Nov 06, 2008
See: Accessing external variable in AWK and SED
var="BASH"; echo "unix scripting" | awk '{gsub(/unix/,"'"${var}"'"); print}'
var="BASH"; echo "unix scripting" | awk '{gsub(/unix/,"'"$(echo ${var})"'"); print}'
var="BASH"; echo "unix scripting" | awk -v v="$var" '{sub(/unix/,v); print}'

Basic examples of using associative arrays in awk

to awk shell osx mac bash unix array associative by jvs on Nov 06, 2008 
# example 1

text='Jex Mon clerk 12001
Aji Tue sales 13003
Jex Wed clerk 13123
Salna Thu sales 34000
Aji Mon sales 13123'

# count the number of occurrences of each "first field"
echo "$text" | awk '{count[$1]++}END{for(j in count) print j,count[j]}'

# sum up the fourth field
echo "$text" | awk '{arr[$1]+=$4} END {for (i in arr) {print i,arr[i]}}'

# both in one line
echo "$text" | awk '{a[$1]++;b[$1]=b[$1]+$NF}END{for (i in a) print i,a[i],b[i]}' 


# example 2

awk -F "|" 'NR > 1  {
    if (n[$1] == $1) {
        r1[$1] = r1[$1] "+" $2
        r2[$1] = r2[$1] "+" $3

    } else {
        n[$1] = $1
        r1[$1] = $2
        r2[$1] = $3

    }
}

END {
    for (i in n) {
            printf "%s [Round1={%s}, Round2={%s}]\n", n[i], r1[i], r2[i]
    }
}'   < <( 
cat <<-'EOF'
Name|Round1|Round2
JSingh|0|20
Vis|50|0
KKR|20|20
JSingh|10|40
Vis|50|20
KKR|40|10
JSingh|40|60
Vis|30|20
KKR|90|20
JSingh|0|60
Vis|20|20
KKR|50|50
EOF
)


References:

- Associative array in awk (example 1)
- Print individual records using awk array - bash (example 2)
- Arrays in awk
- Working with Arrays in awk

Basic seq emulation on Mac OS X

to awk shell osx mac bash unix seq by jvs on Oct 25, 2008 
# cf. http://bashcurescancer.com/man/cmd/seq

function seq() {
   declare incr n1 n2 num1 num2
   if [[ $# -eq 1 ]]; then
      /usr/bin/jot $1
   elif [[ $# -eq 2 ]]; then
      n1=$((${2} - ${1} + 1))
      n2=$1
      /usr/bin/jot $n1 $n2
   elif [[ $# -eq 3 ]]; then
      num1=${1}
      incr=${2}
      num2=${3}
      # /usr/bin/awk -v n1=${num1} -v n2=${num2} -v add=${incr} 'BEGIN{ for(i=n1; i<=n2; i+=add) print i;}' | /usr/bin/sed 's/.+e.+/0/'
      /usr/bin/awk -v n1=${num1} -v n2=${num2} -v add=${incr} 'BEGIN{ for(i=n1; i<=n2; i+=add) print i;}' | /usr/bin/sed -E '/e/s/^.+e.+$/0/'
   fi
   return 0
}


seq 25

seq 15 25

seq 15 0.5 25


# cf. http://nat.org/blog/?p=825
for x in `seq -1 .05 1`; do y=`echo "s($x*8)*10+10" | bc -l`; for p in `seq 0 0.1 $y`; do echo -n " "; done; echo "*" ;done
#for x in `seq -1 .05 1`; do y=`echo "s($x*8)*10+10" | bc -l`; for p in `seq 0 $y`; do echo -n " "; done; echo "*" ;done

for x in `seq -5 0.5 5`; do y=`echo "$x*$x" | bc`; for p in `seq 0 0.1 $y`; do echo -n " "; done; echo "*" ;done
#for x in `seq -5 0.5 5`; do y=`echo "$x*$x" | bc`; for p in `seq 0 $y`; do echo -n " "; done; echo "*" ;done


#------------------------------------------------


function seqpad() {
   declare pad num1 num2
   pad=${#2}
   num1=${1}
   num2=${2}
   for ((i=${num1}; i<=${num2}; i++)) { printf "%0${pad}d\n" ${i}; }
   return 0
}

seqpad 1 100


#------------------------------------------------


# alternative with integer test & more built-in commands (instead of jot)

# integer test
function is_int() { return $(test "$@" -eq "$@" >/dev/null 2>&1); }


function seq() {
   declare incr n1 n2 num1 num2
   if [[ $# -eq 1 ]]; then
      if ! $(is_int "$1"); then echo 'No integer!'; return 1; fi
      for ((i=1; i<=${1}; i++)) { printf "%d\n" ${i}; }
   elif [[ $# -eq 2 ]]; then
      if ! $(is_int "$1") || ! $(is_int "$2"); then echo 'Not all arguments are integers!'; return 1; fi

      if [[ $1 -eq $2 ]]; then
         echo $1
      elif [[ $2 -gt $1 ]]; then
         for ((i=${1}; i<=${2}; i++)) { printf "%d\n" ${i}; }
      elif [[ $1 -gt $2 ]]; then
         for ((i=${1}; i>=${2}; i--)) { printf "%d\n" ${i}; }
      fi

   elif [[ $# -eq 3 ]]; then
      num1=${1}
      incr=${2}
      num2=${3}
      #/usr/bin/awk -v n1=${num1} -v n2=${num2} -v add=${incr} 'BEGIN{ for(i=n1; i<=n2; i+=add) print i;}' | /usr/bin/sed 's/.+e.+/0/'
      /usr/bin/awk -v n1=${num1} -v n2=${num2} -v add=${incr} 'BEGIN{ for(i=n1; i<=n2; i+=add) print i;}' | /usr/bin/sed -E '/e/s/^.+e.+$/0/'
   fi
   return 0
}


seq 25
seq 25 25

seq -5 5
seq -10 -5

seq 15 25
seq 15.0 25

seq 25 15
seq 15 0.5 25

seq 25 -0.5 15
seq 15 0.5 25 | tr '\n' ' ' | awk '{for (i=NF;i>=1;i--) printf $i"\n"} END{print ""}'

Analyze internet traffic volume with dynamic ipfw rules

to awk shell osx mac bash unix dynamic web ipfw internet traffic volume rule by jvs on Oct 11, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267
# cf. also http://codesnippets.joyent.com/posts/show/1729

man ipfw 2>/dev/null | less -p "If the ruleset"
man ipfw 2>/dev/null | less -p "These dynamic rules"
man ipfw 2>/dev/null | less -p "All rules"

man ipfw 2>/dev/null | less -p "STATEFUL FIREWALL"     # press [n]
man ipfw 2>/dev/null | less -p "SYSCTL VARIABLES"
man ipfw 2>/dev/null | less -p "EXAMPLES"
man ipfw 2>/dev/null | less -p "DYNAMIC RULES"

/usr/bin/sudo /sbin/ipfw -d -e -t list
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/sed -E -n -e '1,/^## Dynamic rules/p'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/sed -E -n -e '/^## Dynamic rules/,$p'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/^## Dynamic rules/,/^$/ {print $0}'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $0}'
/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '{ if ( $0 ~ /<->/ ) {print $0}}'

/usr/bin/sudo /sbin/ipfw -d -e -t list | grep RULENUM
/usr/bin/sudo /sbin/ipfw -d -e -t list | grep IPADDR

/usr/sbin/sysctl -a | egrep 'tcp'
/usr/sbin/sysctl -a | egrep 'net.inet'
/usr/sbin/sysctl -a | egrep '\.fw'
/usr/sbin/sysctl -a | egrep 'ip.fw'
/usr/sbin/sysctl -a | egrep 'li[fv]e'
/usr/sbin/sysctl -a | egrep 'ip.fw.+life'

/usr/sbin/sysctl -n net.inet.tcp.always_keepalive
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_keepalive
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_buckets
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_count
/usr/sbin/sysctl -n net.inet.ip.fw.dyn_max


# list all dynamic ipfw rules

function ipfwtraffic() {

   declare args argsregex bytes megabytes

   if [[ $# -eq 0 ]]; then

      /usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk '/<->/ {printf "%-10s %-10s %-20s %-10s %-20s %-10s %-10s\n", $3, $6, $7, $8, $10, $11, $1}' | \
         /usr/bin/sort -bu | while IFS=" " read  bytes proto ipnum1 port1 ipnum2 port2 rulenum; do

      # byte
      #bytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = total + $1 } END { print total }')
      #printf "\e[1mbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           #"${bytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      # mega byte
      megabytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')
      printf "\e[1mmbytes\e[m: %-20.6f %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           "${megabytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      done | /usr/bin/sort -rn -k 2,2

   else

      args="${@}"
      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      /usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ {printf "%-10s %-10s %-20s %-10s %-20s %-10s %-10s\n", $3, $6, $7, $8, $10, $11, $1}' | \
         /usr/bin/sort -bu | while IFS=" " read  bytes proto ipnum1 port1 ipnum2 port2 rulenum; do

      # byte
      #bytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = total + $1 } END { print total }')
      #printf "\e[1mbytes\e[m: %-17s %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           #"${bytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      # mega byte
      megabytes=$(printf "%s\n" "${bytes}" | /usr/bin/awk '{ total = (total + $1) / (1024*1024.0) } END { print total }')
      printf "\e[1mmbytes\e[m: %-20.6f %-10s %-40s \e[1mrule\e[m: %-15s \e[1mports\e[m: %-15s\n" \
           "${megabytes}" "${proto}" "${ipnum1}  ::  ${ipnum2}" "${rulenum}" "${port1}  ${port2}"

      done | /usr/bin/sort -rn -k 2,2

   fi

   return 0
}



# usage:
# ipfwtraffic
# ipfwtraffic [rulenum1] [rulenum2] [rulenum3] ...
# ipfwtraffic [ipaddr1] [ipaddr2] [ipaddr3] ...


ipfwtraffic
ipfwtraffic  9600 10600 11000
ipfwtraffic xx.xxx.xx.xxx xx.xxx.xx.xx

ipfwtraffic | grep 'xx.xxx.xx.xx'



#------------------------------------------------------------------------------



# summarize pairs of IP addresses

function ipfwdynstats() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))

   else

      args="${@}"

      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
           /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
           /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))


   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        /usr/bin/awk 'BEGIN { total=0 }; { total = (total + $1) / (1024*1024.0) } END { print total }')


   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $5 }' | \
        /usr/bin/sort -bu)


   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $NF }' | \
        /usr/bin/sort -bu)


   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $2,$4 }' | \
        /usr/bin/sort -bu)


   # byte
   #printf "\e[1mbytes\e[m: %-20s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        #"${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"


   # mega byte
   printf "\e[1mmbytes\e[m: %-20.6f %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

done | /usr/bin/sort -rn -k 2,2

   export IFS=${OIFS}
   return 0

}


# usage:
# ipfwdynstats
# ipfwdynstats [rulenum1] [rulenum2] [rulenum3] ...
# ipfwdynstats [ipaddr1] [ipaddr2] [ipaddr3] ...


ipfwdynstats
ipfwdynstats  5200 12700
ipfwdynstats xx.xxx.xx.xxx xxx.xxx.xx.xxx



#------------------------------------------------------------------------------



# list port-specific internet traffic

function porttraffic() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then
   
      printf "%s\n" 'No port number given!'
      return 1
   
   elif [[ $# -eq 1 ]]; then

      if [[ "${1//[[:digit:]]/}" != '' ]]; then 
         printf "%s\n" 'Invalid port number!'
         return 1
      fi

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk '/<->/ && ( $8 == "'"${1}"'" || $11 == "'"${1}"'" ) {print $7, $10 }' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | \
         /usr/bin/awk '/<->/ && ( $8 == "'"${1}"'" || $11 == "'"${1}"'" ) {print $7, $8, $10, $11, $6, $2, $3, $1 }' | \
         /usr/bin/sort -bu))

   else

      args="${@:2}"   # all arguments starting with the second

      if [[ "${args}" != "${args//[^. [:digit:]]/}" ]]; then 
         printf "%s\n" 'Found at least one invalid rule number or IP address!'
         return 1
      fi

      if [[ "${args//[ [:digit:]]/}" == '' ]]; then 
         argsregex="^0*(${args// /|})"    #  ipfw rule numbers 
      else
         argsregex="(${args// /|})"    #  IP addresses
      fi
    
      #echo $argsregex

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ && ( $8 == "'"${1}"'" || $11 == "'"${1}"'" )  {print $7, $10 }' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ && ( $8 == "'"${1}"'" || $11 == "'"${1}"'" )  {print $7, $8, $10, $11, $6, $2, $3, $1 }' | \
         /usr/bin/sort -bu))

   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        /usr/bin/awk 'BEGIN { total=0 }; { total = (total + $1) / (1024*1024.0) } END { print total }')


   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $5 }' | \
        /usr/bin/sort -bu)


   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $NF }' | \
        /usr/bin/sort -bu)


   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $2,$4 }' | \
        /usr/bin/sort -bu)


   # byte
   #printf "\e[1mbytes\e[m: %-20s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        #"${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"


   # mega byte
   printf "\e[1mmbytes\e[m: %-20.6f %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

done | /usr/bin/sort -rn -k 2,2

   export IFS=${OIFS}
   return 0

}


# usage:
# porttraffic [portnum]
# porttraffic [portnum] [rulenum1] [rulenum2] [rulenum3] ...
# porttraffic [portnum] [ipaddr1] [ipaddr2] [ipaddr3] ...


porttraffic 80
porttraffic 80 5200 12700 7100
porttraffic 80 xx.xxx.xx.xxx xxx.xxx.xx.xxx



#------------------------------------------------------------------------------



# list rule-specific internet traffic

function ruletraffic() {

   declare args argsregex dynrules ipaddr_pairs

   OIFS=${IFS}
   IFS=$'\n'

   if [[ $# -eq 0 ]]; then
   
      printf "%s\n" 'No rule number given!'
      return 1
   
   elif [[ $# -eq 1 ]]; then

      if [[ "${1//[[:digit:]]/}" != '' ]]; then 
         printf "%s\n" 'Invalid rule number!'
         return 1
      fi

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "^0*${1}" | \
         /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "^0*${1}" | \
         /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))

      #echo "rulenum: ${1}"
      #echo "ipaddr_pairs: ${ipaddr_pairs[@]/%/$'\n'}"
      #echo "dynrules: ${dynrules[@]/%/$'\n'}"

   else

      args="${@}"

      if [[ "${args//[ [:digit:]]/}" != '' ]]; then 
         printf "%s\n" 'Found at least one invalid rule number!'
         return 1
      fi

      argsregex="^0*(${args// /|})"    #  ipfw rule numbers 

      ipaddr_pairs=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ {print $7, $10}' | /usr/bin/sort -bu))

      dynrules=($(/usr/bin/sudo /sbin/ipfw -d -e -t list | /usr/bin/egrep "${argsregex}" | \
         /usr/bin/awk '/<->/ {print $7, $8, $10, $11, $6, $2, $3, $1}' | /usr/bin/sort -bu))

      #echo "rulenums: ${@/%/$'\n'}"
      #echo "argsregex: ${argsregex}"
      #echo "ipaddr_pairs: ${ipaddr_pairs[@]/%/$'\n'}"
      #echo "dynrules: ${dynrules[@]/%/$'\n'}"

   fi


for ((i=0; i < "${#ipaddr_pairs[@]}"; i++)); do 

   # byte
   #bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        #/usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        #/usr/bin/awk '{ total = total + $1 } END { print total }')

   # mega byte
   bytesum=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $7 }' | \
        /usr/bin/awk 'BEGIN { total=0 }; { total = (total + $1) / (1024*1024.0) } END { print total }')


   proto=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $5 }' | \
        /usr/bin/sort -bu)


   rule=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $NF }' | \
        /usr/bin/sort -bu)


   ports=$(printf "%s\n" "${dynrules[@]}" | \
        /usr/bin/awk '$1 == "'"${ipaddr_pairs[${i}]% *}"'" && $3 == "'"${ipaddr_pairs[${i}]#* }"'" { print $2,$4 }' | \
        /usr/bin/sort -bu)


   #echo "field 1: ${ipaddr_pairs[${i}]% *}"
   #echo "field 2: ${ipaddr_pairs[${i}]#* }"
   #echo "bytesum: ${bytesum}"
   #echo "proto: ${proto//[[:cntrl:]]/, }"
   #echo "rule: ${rule//[[:cntrl:]]/, }"
   #echo "ports: ${ports//[[:cntrl:]]/, }"


   # byte
   #printf "\e[1mbytes\e[m: %-20s %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        #"${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        #"${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"


   # mega byte
   printf "\e[1mmbytes\e[m: %-20.6f %-10s %-40s \e[1mrules\e[m: %-25s \e[1mports\e[m: %-30s\n" \
        "${bytesum}" "${proto//[[:cntrl:]]/, }" "${ipaddr_pairs[${i}]% *}  ::  ${ipaddr_pairs[${i}]#* }" \
        "${rule//[[:cntrl:]]/, }" "${ports//[[:cntrl:]]/, }"

done | /usr/bin/sort -rn -k 2,2

   export IFS=${OIFS}
   return 0
}


# usage:
# ruletraffic [rulenum]
# ruletraffic [rulenum1] [rulenum2] [rulenum3] ...

ruletraffic 5200
ruletraffic 5200 12700 7100

deny_rules="$(/usr/bin/sudo /sbin/ipfw show | /usr/bin/awk '/deny/ {printf $1" "}')"
echo $deny_rules

ruletraffic $deny_rules


#-------------------------------


/usr/sbin/netstat -n -ibd
/usr/bin/sudo /usr/sbin/tcpdump -vvv -ni en0 not ip


Further information:

- IPFWstats
- ipfwsnmp
- ipfwsnmp (patched)
- ipfw counters (field 3)
- Multi Router Traffic Grapher
- cricket

Enable internet traffic via specified ports through ipfw

to awk shell osx mac bash unix web port ipfw firewall internet access traffic by jvs on Oct 08, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function openport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -