#!/bin/bash

while true; do
    echo "时间戳: $(date)" >> network_info.log
    # 获取所有建立的 TCP 连接信息
    netstat -tuplna | grep -E "ESTABLISHED|CLOSE_WAIT|FIN_WAIT|SYN_SENT|SYN_RECV|TIME_WAIT" | {
        while read line; do
            # 提取出连接对应的进程 PID
            pid=$(echo "$line" | awk '{print $7}' | cut -d '/' -f1)
            # 获取程序名称
            program_name=$(echo "$line" | awk -F '[:/]' '{print $2}')
            echo "网络连接: $line" >> network_info.log
            echo "进程打开的文件 (PID: $pid):" >> network_info.log
            if [ -n "$pid" ] && [ "$pid" != "-" ]; then
                lsof -p $pid >> network_info.log
            fi
            echo "------------------------------------" >> network_info.log
        done
    }
    echo "#######################################" >> network_info.log
    sleep 1
done