killppp attempt.

killppp attempt.

Post by nabi » Mon, 24 May 2004 09:00:05



Hi all!
Need some help with a few snippets of code.
Attempting to quickly terminate a ppp connection (OpenBSD 3.4):

#!/bin/sh
PPP_PID=`ps ax|grep -v ps|grep "isp"|awk '{ print $1 }'|sed -e "s/ //"`
if [ -n "$PPP_PID" ]; then
       /bin/kill $PPP_PID
       echo "PPP Killed"
else
       echo "PPP Not Running"
fi

As simple as it seems, I am getting an error:

kill: 12842: No such process  (I've no idea which process is that)
PPP Killed                    (since ppp gets terminated, as intended)

Maybe there is a way to improve this script (as you can see I am
rather an amator :). Any input is welcome.

-nabis

 
 
 

killppp attempt.

Post by nabi » Mon, 24 May 2004 09:31:24


Fixed it a little (removed that unnecesary "grep -v"). Not sure
why I was getting that error, it seems to be gone now...

#!/bin/sh
PPP_PID=`ps ax | grep "isp" | awk '{ print $1 }' | sed -e "s/ //"`
if [ -n "$PPP_PID" ]; then
    kill $PPP_PID
    echo "PPP Killed"
else
    echo "PPP Not Running"
fi

 
 
 

killppp attempt.

Post by Ed Morto » Tue, 25 May 2004 01:11:25



> Fixed it a little (removed that unnecesary "grep -v"). Not sure
> why I was getting that error, it seems to be gone now...

> #!/bin/sh
> PPP_PID=`ps ax | grep "isp" | awk '{ print $1 }' | sed -e "s/ //"`

The above can be simplified to just:

PPP_PID=`ps ax | awk '/isp/{ print $1 }'`

since awk can search for a pattern and there's no need for the sed at
all since by default there's no white space in $1.

This will, like the original, match on any pattern that contains the
text "isp" so you may want to modify the pattern a bit to make it more
precise. For example, IF "isp" is part of the command name that you
expect to appear in the final comlumn of the "ps" output, thn you'd do this:

PPP_PID=`ps ax | awk '$NF ~ /isp/{ print $1 }'`

and if isip is EXACLTY what you want in that column:

PPP_PID=`ps ax | awk '$NF == "isp"{ print $1 }'`

There are many other possibilities - if you post your actual "ps ax"
output someone here can tell you exactly the right pattern for you.

        Ed.

Quote:> if [ -n "$PPP_PID" ]; then
>    kill $PPP_PID
>    echo "PPP Killed"
> else
>    echo "PPP Not Running"
> fi

 
 
 

killppp attempt.

Post by nabi » Mon, 24 May 2004 23:14:46


Thank you for your reply. I will try your suggestions.

Quote:> There are many other possibilities - if you post your actual "ps ax"
> output someone here can tell you exactly the right pattern for you.

Since I don't have too many processes running, I guess I could post it:


Working in auto mode
Using interface: tun0

   PID TT   STAT      TIME COMMAND
     1 ??  Is      0:00.01 /sbin/init
25916 ??  Is      0:00.02 syslogd: [priv] (syslogd)
22536 ??  I       0:00.07 syslogd -a /var/empty/dev/log
28220 ??  Is      0:00.01 inetd
17234 ??  Is      0:00.36 sendmail: accepting connections (sendmail)
12210 ??  Is      0:00.35 /usr/sbin/sshd
32524 ??  Is      0:00.03 cron
    22 ??  I       0:32.79 X :0 (XFree86)
  6242 ??  I       0:00.01 X: [priv] (XFree86)
20510 ??  Is      0:00.01 ppp -auto isp
14971 p0  Is+     0:00.08 bash
  2202 p1  Is      0:00.10 bash
  6159 p1  I       0:00.04 bash
10938 p1  R+      0:00.00 ps -ax
  4854 C0  Is      0:00.05 -bash (bash)
24140 C0  I+      0:00.01 /bin/sh /usr/X11R6/bin/startx
  3852 C0  I+      0:00.01 xinit /home/nabis/.xinitrc --
12987 C0  I       0:12.19 /usr/local/bin/wmaker
21694 C0  I       0:00.93 xterm
  5518 C0  R       0:00.41 xterm
  4777 C1  Is+     0:00.01 /usr/libexec/getty Pc ttyC1
  3589 C2  Is+     0:00.01 /usr/libexec/getty Pc ttyC2
  7784 C3  Is+     0:00.01 /usr/libexec/getty Pc ttyC3
14139 C5  Is+     0:00.01 /usr/libexec/getty Pc ttyC5

PPP Killed

PPP Not Running

 
 
 

killppp attempt.

Post by Ed Morto » Tue, 25 May 2004 12:25:09



> Thank you for your reply. I will try your suggestions.

>> There are many other possibilities - if you post your actual "ps ax"
>> output someone here can tell you exactly the right pattern for you.

> Since I don't have too many processes running, I guess I could post it:
<snip>
> 20510 ??  Is      0:00.01 ppp -auto isp

<snip>
Then $NF == "isp" will work for you. You could further qualify it to
something like:

$NF == "isp" && $(NF-2) == "ppp"

if there's a chance of some other process having "isp" in the last column.

        Ed.

 
 
 

killppp attempt.

Post by nabi » Tue, 25 May 2004 07:55:44



> $NF == "isp" && $(NF-2) == "ppp"

Thanks, Ed. Works just great.

PPP_PID=`ps ax | awk '$NF == "isp" && $(NF-2) == "ppp" {print $1}'`

For the curious: see what happens when you put a semicolon before
the {print $1} statement and execute it as root :).

-nabis

 
 
 

1. Apache - Attempt hack attempt?

On one of our Apache WWW servers, we have started to notice lot of
activity where people are starting to access URLs in a strange manner.

For example:

        Normal URL:
                /blah/foo/bar.html

        What they are calling:
                /blah/../foo/../foo/../foo/bar.html

This has been happening from a number of different sites (some of which
are AOL), and I assume they are attempting to hack the site in some
manner (like it is possible to do on NT WWW servers) as this goes on for
up to 5 hours from a single user, calling 1 URL per second.

Is there any way to prevent knobheads like this doing such a thing?
And what are they trying to achieve??

Thanks.
Richard

--
-----------------------------------------------------------------

Beam Software         +61-3-9866-8300 x212      ICQ Pager:1231216
-----------------------------------------------------------------

2. Newbie: How to move directories?

3. Could someone please tell me if this is this an attempted crack ?

4. Easiest way to try various distributions

5. PF - What are these attempts ?

6. kernel 2.5.x

7. UNIX login attempt restriction

8. RealTek 8129/8139 vs. Alternative RealTek 8139

9. vnode_pager_output: attempt to write meta-data!!!

10. Screen shot of my last attempt at installing RH Linux 7.1

11. Logging finger attempts on one's account

12. Setting Login Attempt Limits

13. Help: Attempting port of winsock2 LSP to linux