From 11c246b02ccb47a7a7bff61b0446c31b98930412 Mon Sep 17 00:00:00 2001
From: Manuel Friedli <manuel@fritteli.ch>
Date: Tue, 4 Aug 2020 18:00:22 +0200
Subject: [PATCH] Use ss instead of netstat.

---
 ddos-mitigator.sh | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/ddos-mitigator.sh b/ddos-mitigator.sh
index b26af8f..30599a4 100755
--- a/ddos-mitigator.sh
+++ b/ddos-mitigator.sh
@@ -468,20 +468,15 @@ banned="$(exec_as_root fail2ban-client get "${jail}" banip)"
 
 # Determine the current connections to the desired port; store the raw data in
 # $fileraw.
-magic=$(ss -HOn state established "( sport = :${port} )"|tr -s '[:blank:]'|cut -d' ' -f5)
+connections=$(ss -HOn state established "( sport = :${port} )" | tr -s '[:blank:]' | cut -d' ' -f5)
 
-ipv6mappedipv4="$(grep '^\[::ffff:' - < "${magic}")"
-pureipv4="$(grep '^[^[]' - < "${magic}")"
-
-echo "MAPPED: ${ipv6mappedipv4}"
-echo "PURE: ${pureipv4}"
-
-exit
-netstat -nt | grep "${MY_IP}:${port}" | tr -s '[:blank:]' | cut -d' ' -f5 \
-  | cut -d: -f1 | sort > "${fileraw}"
+# IPv6-mapped-IPv4: [::ffff:192.168.0.1]:443
+echo "${connections}" | grep '^\[::ffff:' - | cut -d: -f4 | cut -d] -f1 > "${fileraw}"
+# Pure IPv4: 192.168.0.1:443
+echo "${connections}" | grep -v '^\[' - | cut -d: -f1 >> "${fileraw}"
 
 # Group and sort the data into the subnet-specific files.
-cp "${fileraw}" "${file32}"
+sort "${fileraw}" > "${file32}"
 cut -d. -f1-3 "${fileraw}" | sort > "${file24}"
 cut -d. -f1-2 "${fileraw}" | sort > "${file16}"
 cut -d. -f1 "${fileraw}" | sort > "${file8}"