Operating Systems Security

Colorizing your Linux commands

The output of some commands are impossible to read, especially a network flow in real time. I’ve collected a few ways to accomplish coloring of keywords.


The conntrack command can show you Netfilters Connection Tracking in real time, on a firewall with lots of traffic you will need to pinpoint whar you are looking for. See the man-page for conntrack for filtering options, -s in the example filters by source IP.

To colorize the source and destination ports of the conntrack command:
# conntrack -s -E | sed -E '/([ds]port?=)([[:digit:]]+?)/s//\1\x1b[33;1m\2\x1b[0m/g'

you can also use grep to colorize conntrack:

# conntrack -s -E | grep --color -E '|$'


Create a function called colorize_ipt and pipe your iptables command like this: # iptables -L -v -n | colorize_ipt
function colorize_ipt { sed -E 's/^Chain.*$/\x1b[4m&\x1b[0m/' | sed -E 's/^num.*/\x1b[33m&\x1b[0m/' | sed -E '/([^y] )((REJECT|DROP))/s//\1\x1b[31m\3\x1b[0m/' | sed -E '/([^y] )(ACCEPT)/s//\1\x1b[32m\2\x1b[0m/' | sed -E '/([ds]pt[s]?:)([[:digit:]]+(:[[:digit:]]+)?)/s//\1\x1b[33;1m\2\x1b[0m/' | sed -E '/([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}(\/([[:digit:]]){1,3}){0,1}/s//\x1b[36;1m&\x1b[0m/g' | sed -E '/([^n] )(LOGDROP)/s//\1\x1b[33;1m\2\x1b[0m/'| sed -E 's/ LOG /\x1b[36;1m&\x1b[0m/'; }

Or perhaps a script which would be easier to read ;)


function colorize {
    sed -E 's/^Chain.*$/\x1b[4m&\x1b[0m/' |\
    sed -E 's/^num.*/\x1b[33m&\x1b[0m/' |\
    sed -E '/([^y] )((REJECT|DROP))/s//\1\x1b[31m\3\x1b[0m/' |\
    sed -E '/([^y] )(ACCEPT)/s//\1\x1b[32m\2\x1b[0m/' |\
    sed -E '/([ds]pt[s]?:)([[:digit:]]+(:[[:digit:]]+)?)/s//\1\x1b[33;1m\2\x1b[0m/' |\
    sed -E '/([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}(\/([[:digit:]]){1,3}){0,1}/s//\x1b[36;1m&\x1b[0m/g' |\
    sed -E '/([^n] )(LOGDROP)/s//\1\x1b[33;1m\2\x1b[0m/'|\
    sed -E 's/ LOG /\x1b[36;1m&\x1b[0m/'
$* | colorize

I found these sed commands on the internet btw so im not responsible for the awesome regex!


By Nimpen J. Nordström

System Developer and Network Security Enthusiast

Leave a Reply

Your email address will not be published. Required fields are marked *