In [1]:
import subprocess
import socket
import re

def get_active_connections():
    # Run the netstat command and get output
    result = subprocess.run(['netstat', '-tun'], capture_output=True, text=True)
    lines = result.stdout.splitlines()[2:]  # Skip headers

    connections = []
    for line in lines:
        parts = re.split(r'\s+', line.strip())
        if len(parts) >= 5:
            proto = parts[0]
            local_address = parts[3]
            foreign_address = parts[4]
            connections.append((proto, local_address, foreign_address))
    return connections

def resolve_domain(ip):
    try:
        return socket.gethostbyaddr(ip)[0]
    except:
        return "Unknown"

def analyze():
    conns = get_active_connections()
    print(f"{'Proto':<6} {'Local':<22} {'Remote':<22} {'Domain':<30}")
    print("-" * 80)
    for proto, local, remote in conns:
        remote_ip = remote.split(':')[0]
        domain = resolve_domain(remote_ip)
        print(f"{proto:<6} {local:<22} {remote:<22} {domain:<30}")

if __name__ == '__main__':
    analyze()


Proto  Local                  Remote                 Domain                        
--------------------------------------------------------------------------------
tcp    127.0.0.1:56027        127.0.0.1:49890        localhost                     
tcp    127.0.0.1:45780        127.0.0.1:8888         localhost                     
tcp    127.0.0.1:49901        127.0.0.1:34230        localhost                     
tcp    127.0.0.1:55929        127.0.0.1:51992        localhost                     
tcp    127.0.0.1:34332        127.0.0.1:48797        localhost                     
tcp    127.0.0.1:59939        127.0.0.1:37392        localhost                     
tcp    127.0.0.1:39538        127.0.0.1:34071        localhost                     
tcp    127.0.0.1:56470        127.0.0.1:49241        localhost                     
tcp    127.0.0.1:44070        127.0.0.1:35089        localhost                     
tcp    192.168.100.16:47988   3.227.57.156:443       ec2-3-227-57-156.compute-1