#!/bin/sh

### Bilgi
# Tshark zimbirtisi icin, Ozan UCAR tarafindan yazildi.
# www.cehturkiye.com
# root@cehturkiye.com
# HTTP, FTP ve DHCP isteklerini analiz etmenizi saglar.
# Eklenecek(ler): SMTP baslik bilgileri.
### Son

case "$2" in
  http)
        tshark -nn -i $1 not arp and port not 53 -d tcp.port==3128,http -R http.request -T fields -e frame.time_relative -e ip.src -e eth.src -e ip.dst -e tcp.dstport -e http.host -e http.request.uri -e http.request.method -E separator=' '
	;;
  ftp)
        tshark -nn -i $1 not arp and port not 53 -R ftp -T fields -e frame.time -e ip.src -e eth.src -e tcp.srcport -e ip.dst -e tcp.dstport -e ftp.request.command -e ftp.request.arg -e ftp.response.code -e ftp.response.arg -E separator=' '
	;;
  dhcp)
        tshark -i $1 port not 53 -R bootp -T fields -e bootp.ip.client -e bootp.hw.mac_addr -e bootp.ip.your
	;;	
  stop|restart|force-reload)
	;;
  *)
	echo "Kullanimi: $SCRIPTNAME {ag arayuzu http|ftp|dhcp}" >&2
	exit 3
	;;
esac