Sounds a bit tricky, there are many ways to get this done, we can setup a monitoring function in application listening port, regardless which application, or monitoring particular application to get this done.

Is there a universal way? yes, for sure.

In the article the netstat command useful examples, we described many ways to watch network activates on a Linux server, surely we can still use the utility.

Get remtely connected client ip

netstat -tn | grep `hostname -i` | awk '{print $5}'

Get locally connected client info(internal connection)

netstat -tn | grep "127.0.0.1" | awk '{print $5}'

Get remotely connected client ip via certain port

netstat -tn | grep "`hostname -i`:2049" | awk '{print $5}'

Above just few examples, surely you can find more examples by using netstat command

Some exceptional cases

In some scenarios, particularly if the server is behind a proxy (i.e. a caching proxy), or the client is accessing the server via a proxy/tunnel, then 
you will only get the IP of the proxy/forword server, and there will be an extra value, forware kind, that contains the IP of the original request client.
Sometimes, particularly when you're dealing with an anonymizing proxy that you don't control, the proxy won't return the real IP address, and all you can hope for is the IP address of the proxy.

Clients behind a NAT box

Same as a client behind a proxy server, or you can get from the server is the NAX box ip

Comments powered by CComment