#!/bin/sh
# runs netstat and outputs any new connections

# written by David Price <mantys@goldweb.com.au>
# suggested by The Celestial Wizard <celestialwizard@merlin.hatfields.com.au>

# ips are shown instead of hostnames.  if you want hostnames (and don't mind your nameserver being
# constacted everytime this script gets run, then remove the `n' from the netstat options
if test ! -f ${HOME}/.netstat.old
then
	echo > ${HOME}/.netstat.old
fi

netstat -tpn 2>/dev/null | sed '1,4d' | tac | sed -n '1~2h;1~2!G;1~2!p' > ${HOME}/.netstat.new

diff ${HOME}/.netstat.old ${HOME}/.netstat.new | grep '> *tcp' | sed 's/> tcp *//g' | grep -v 127.0.0.1
cp ${HOME}/.netstat.new ${HOME}/.netstat.old

