avlytt

#!/bin/sh

# avlytt
# File ID: 2814c376-5d37-11df-bff6-90e6ba3022ac

if [ -e /ww.mrk ]; then
  ntpservs='(gps\.dix\.dk|swisstime\.ee\.ethz\.ch|ntp1-rz\.rrze\.uni-erlangen\.de|hora\.cs\.tu-berlin\.de|svn\.sunbase\.org|194\.248\.216\.3|nett\.ba\.no|194\.248\.216\.20|vagen|stein)'
  tethereal -t ad -l -q -f '(not port 80)' | \
  egrep -v \
    -e '194\.248\.216\.3 .*TCP .*ssh' \
    -e 'Intel_22:.*Ethernet II' \
    -e 'Cisco_[1-9].* -> ' \
    -e '(radio1\.hiof\.no|nett\.ba\.no) -> (radio1\.hiof\.no|nett\.ba\.no)' \
    -e '(ns\.online\.no|nett\.ba\.no) -> (ns\.online\.no|nett\.ba\.no)' \
    -e "   nett.ba.no -> $ntpservs +NTP NTP" \
    -e "$ntpservs -> nett.ba.no   NTP NTP"
    # -e '   nett.ba.no -> svn.sunbase.org ARP Who has 194.248.216.20?  Tell 194.248.216.19'
    # -e ' svn.sunbase.org -> nett.ba.no   ARP 194.248.216.20 is at 00:50:04:3b:83:3f'
elif [ -e /nett2.mrk ]; then
  tethereal -t ad -l -q -f '' | \
  egrep -v \
    -e '194\.248\.216\.3 .*TCP .*ssh' \
    -e 'Intel_22:.*Ethernet II' \
    -e 'Cisco_[1-9].* -> ' \
    -e '(ns\.online\.no|194\.248\.216\.20|nett2\.ba\.no) -> (ns\.online\.no|194\.248\.216\.20|nett2\.ba\.no)' \
    -e ' HTTP Continuation'
elif [ -e /sunba.mrk ]; then
  tethereal -t ad -l -q -f '' $* | \
  egrep -v \
    -e '32\.10\.69\.18[01] .*TCP .*ssh' \
    -e '(sunba\.sunbase\.org|ba0614|badomain.banett.ba.no) -> (ba0614|sunba\.sunbase\.org|badomain.banett.ba.no)' \
    -e '(Intel|INTEL)_.*(Intel ANS |Ethernet II)' \
    -e 'Cisco_[1-9].* -> ' \
    -e ' ff:ff:ff:ff:ff:ff ' \
    -e '0\.ffffffffffff'
fi

# vim: set ts=2 sw=2 sts=2 et :