项目需求:
编写Linux脚本,运行后可以统计所有网口的流量汇总数据,对出口流量区分内网流量和公网流量,并自动保存到日志文件。
运行效果:
完整代码:
bash
#!/bin/bash
# 日志文件路径
LOG_FILE="/var/log/network_traffic.log"
# 定义内网网段
PRIVATE_NETS=("10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16")
# 获取当前时间
TIMESTAMP=$(date "+%Y-%m-%d %H:%M:%S")
# 初始化流量统计变量
TOTAL_RX=0
TOTAL_TX=0
INTERNAL_TX=0
EXTERNAL_TX=0
# 判断一个 IP 是否属于内网
function is_private_ip {
local IP=$1
IFS='.' read -r -a OCTETS <<< "$IP"
# 10.0.0.0/8
if [[ ${OCTETS[0]} -eq 10 ]]; then
return 0
fi
# 172.16.0.0/12
if [[ ${OCTETS[0]} -eq 172 && ${OCTETS[1]} -ge 16 && ${OCTETS[1]} -le 31 ]]; then
return 0
fi
# 192.168.0.0/16
if [[ ${OCTETS[0]} -eq 192 && ${OCTETS[1]} -eq 168 ]]; then
return 0
fi
# 其他情况为公网 IP
return 1
}
# 获取所有网络接口的名称
INTERFACES=$(ip -o link show | awk -F': ' '{print $2}')
# 日志文件头部信息
echo "===== Network Traffic Report at $TIMESTAMP =====" >> $LOG_FILE
# 遍历每个网络接口,获取流量数据
for IFACE in $INTERFACES; do
# 获取接收和发送的字节数
RX_BYTES=$(cat /sys/class/net/$IFACE/statistics/rx_bytes 2>/dev/null)
TX_BYTES=$(cat /sys/class/net/$IFACE/statistics/tx_bytes 2>/dev/null)
# 如果接口没有流量数据,跳过
if [[ -z "$RX_BYTES" || -z "$TX_BYTES" ]]; then
continue
fi
# 累加总流量
TOTAL_RX=$((TOTAL_RX + RX_BYTES))
TOTAL_TX=$((TOTAL_TX + TX_BYTES))
# 使用 nstat 获取当前接口的流量数据
NSTAT_OUTPUT=$(nstat -a)
# 提取发送到内网和外网的流量
INTERNAL_TX_IFACE=0
EXTERNAL_TX_IFACE=0
# 遍历路由表,判断流量是发送到内网还是外网
while read -r ROUTE; do
DEST_IP=$(echo "$ROUTE" | awk '{print $1}')
if is_private_ip "$DEST_IP"; then
INTERNAL_TX_IFACE=$((INTERNAL_TX_IFACE + TX_BYTES))
else
EXTERNAL_TX_IFACE=$((EXTERNAL_TX_IFACE + TX_BYTES))
fi
done <<< "$(ip route show)"
# 累加内网和外网流量
INTERNAL_TX=$((INTERNAL_TX + INTERNAL_TX_IFACE))
EXTERNAL_TX=$((EXTERNAL_TX + EXTERNAL_TX_IFACE))
# 将流量转换为更易读的单位(KB, MB, GB)
function convert_bytes {
local BYTES=$1
if (( BYTES >= 1024**3 )); then
echo "$(echo "scale=2; $BYTES / (1024^3)" | bc) GB"
elif (( BYTES >= 1024**2 )); then
echo "$(echo "scale=2; $BYTES / (1024^2)" | bc) MB"
elif (( BYTES >= 1024 )); then
echo "$(echo "scale=2; $BYTES / 1024" | bc) KB"
else
echo "$BYTES Bytes"
fi
}
# 转换当前接口的流量
RX_READABLE=$(convert_bytes $RX_BYTES)
TX_READABLE=$(convert_bytes $TX_BYTES)
# 记录当前接口的流量到日志文件
echo "Interface: $IFACE, RX: $RX_READABLE, TX: $TX_READABLE" >> $LOG_FILE
done
# 转换总流量
TOTAL_RX_READABLE=$(convert_bytes $TOTAL_RX)
TOTAL_TX_READABLE=$(convert_bytes $TOTAL_TX)
INTERNAL_TX_READABLE=$(convert_bytes $INTERNAL_TX)
EXTERNAL_TX_READABLE=$(convert_bytes $EXTERNAL_TX)
# 记录总流量到日志文件
echo "---------------------------------------------" >> $LOG_FILE
echo "Total Traffic: RX: $TOTAL_RX_READABLE, TX: $TOTAL_TX_READABLE" >> $LOG_FILE
echo "Internal Traffic (TX): $INTERNAL_TX_READABLE" >> $LOG_FILE
echo "External Traffic (TX): $EXTERNAL_TX_READABLE" >> $LOG_FILE
echo "" >> $LOG_FILE
# 输出结果到控制台
echo "Traffic data saved to $LOG_FILE"
echo "===== Network Traffic Report at $TIMESTAMP ====="
for IFACE in $INTERFACES; do
RX_BYTES=$(cat /sys/class/net/$IFACE/statistics/rx_bytes 2>/dev/null)
TX_BYTES=$(cat /sys/class/net/$IFACE/statistics/tx_bytes 2>/dev/null)
if [[ -n "$RX_BYTES" && -n "$TX_BYTES" ]]; then
RX_READABLE=$(convert_bytes $RX_BYTES)
TX_READABLE=$(convert_bytes $TX_BYTES)
echo "Interface: $IFACE, RX: $RX_READABLE, TX: $TX_READABLE"
fi
done
echo "---------------------------------------------"
echo "Total Traffic: RX: $TOTAL_RX_READABLE, TX: $TOTAL_TX_READABLE"
echo "Internal Traffic (TX): $INTERNAL_TX_READABLE"
echo "External Traffic (TX): $EXTERNAL_TX_READABLE"