2. Fórumok
  3. OS, alkalmazások
  4. Shell script topik

Új hozzászólás Aktív témák

  • #1617 Pxs aktív tag
    Új Válasz #1617
    Új hozzászólás
    Összes hozzászólása itt Válaszok az összes hozzászólására itt Válaszok erre a hozzászólásra
    Privát üzenet küldése

    Pxs

    aktív tag

    Sikerült megoldani minden akadályt és ez lett a vége...
    Egy tcpdump-ot használó script, amelyik egy rakás paramétert kezel (beállítható pl. hogy meddig fusson, mekkora helyet harapjon ki max. a diskből és egyebek). Ez nekem házi feladat volt és kb. 5 év szünet után fogtam hozzá újra a shell programozáshoz, úgyhogy örülök, hogy végre elkészült. :D
    Hanem szerintem elég bő lére lett eresztve, valaki adna esetleg tippeket, melyik részein/hogyan lenne érdemes tömöríteni rajta ?

    Példa parancssor kitöltött paraméterekkel, ha valaki kipróbálná:

    ./gkdump -i eth0 -r 1 -M 10 -w $HOME -T 30 -U 40 -C 1 -P 80 -b 100 -X -D 10 -m 600

    És a script (sorry, nem túl rövid, a tördelés meg várhatóan viccesen jön ki majd):

    Üdv

    #################################################################

    #!/bin/bash
    #GKDumpV1 by Gabor Kiss, 2013

    echo

    if [[ $# -eq 0 ]]; then

    #kapott-e parametereket a script
    echo "TCP packet dump script by Gabor Kiss, 2013"
    echo "Requires root or superuser privileges to work !"
    echo
    echo "Required parameters: "
    echo
    echo '-i [interface] -r [rotate time] -M [maximum number of files] -w [work directory]'
    echo '-T [running time] -U [maximum allowed disk usage] -C [1 or any]: compress mode on/off '
    echo
    echo 'Optional/special parameters: '
    echo
    echo '-P [port number] -X: delete logfile -S: silent mode'
    echo '-D [how many old dumpfiles to delete if disk space insufficient]'
    echo '-m [packet count to capture] -b [if this disk size is exceeded, stop at start] '
    echo '-I: list available network interfaces and exit -H: help'
    echo
    echo 'No parameters given ! Exiting...'
    echo 'Use -H option for help.'
    echo
    exit 1
    fi

    if [[ $# -lt 12 && $# -gt 1 ]]; then

    #minden kotelezo parameter megvan ?
    echo "Wrong number of parameters, exiting !"
    echo '7 mandatory parameters are required or use -H for list.'
    echo
    exit 1
    fi

    while getopts i:r:M:w:T:U:C:SP:XD:m:b:HI option #parameterek atadasa
    do

    case "${option}"
    in

    i) INTERFACE=${OPTARG};; #halozati interface valasztas
    r) REPEAT_TIME=${OPTARG};; #milyen gyakran rotalja a file-okat
    M) MAXFILES=${OPTARG};; #maximum hany file-t mentsen le/tartson
    w) WORKDIR=${OPTARG};; #hova mentse a dumpfile-okat
    T) RUNTIME=${OPTARG};; #meddig fusson a script
    U) MAX_USED=${OPTARG};; #mennyi szabad hely szazaleknal alljon le
    C) COMPRESS=${OPTARG};; #BZIP2 compress mode, kulon kezelje !

    S) SILENT_MODE=1;; #silent mode, csak logfile-ba iras
    P) PORTNUM=${OPTARG};; #port number a dump-hoz,

    kulon kezelje
    X) PURGE_LOG=1;; #logfile torlese
    D) GETSPACE=${OPTARG};; #ennyi dumpfile-t toroljon, ha nincs eleg hely
    m) MAXPACKETS=${OPTARG};; #maximum hany packetet mentsen le
    b) DISK_EXCEED=${OPTARG};; #ha ekkora vagy nagyobb a disk usage,

    alljon le a startnal
    I) AVAILABLE_IFACES=1;; #elerheto halozati interface-ek

    H) HELP=1;; #csak

    hasznalati info kiiratasa

    ####

    esac
    done

    if [[ -z $MAXPACKETS ]]; then #default 100.000 packet capture maximum, ha nincs

    megadva a -m paraméter
    MAXPACKETS=100000
    fi

    if [[ -z $HELP ]]; then #ellenorizni, a help funkcio lett-e csak meghivva

    DISK_USAGE=$(df $WORKDIR|tail -1|awk {'print $5'}|awk -F"%" {'print $1'} )
    if [[ $DISK_USAGE -ge $DISK_EXCEED ]]; then
    echo "Current disk usage is $DISK_USAGE %, more than allowed $DISK_EXCEED %. Exiting.."
    echo
    exit 1
    fi

    fi

    if [[ $AVAILABLE_IFACES -gt 0 ]] ; then #elerheto halozati

    interface-ek kiiratasa es kilepes
    echo
    echo "Available network interfaces for listening: "
    echo
    ifconfig -s|grep -vi "iface"|awk {'print $1'}
    echo
    exit 0
    fi

    if [[ PURGE_LOG -gt 0 ]]; then #logfile torlese
    rm -f dumped.log
    echo
    echo 'Logfile dumped.log deleted.'
    echo
    fi

    if [[ -z $SILENT_MODE && $HELP -eq 1 ]]; then #HELP mode
    echo
    echo "TCP packet dump script by Gabor Kiss, 2013"
    echo "Requires root or superuser privileges to work !"
    echo
    echo 'Required parameters & functions: '
    echo
    echo '-i: which network interface to use'
    echo '-r: how often to rotate the dump files (in seconds, greater than zero)'
    echo '-M: maximum number of PCAP dump files to keep (greater than zero)'
    echo '-w: working directory to save dump files into'
    echo '-T: maximum allowed runtime in seconds (greater than zero)'
    echo '-U: do not start operation/stop when directory FS usage hits this value (greater than zero)'
    echo '-C: use BZIP2 compression (1=enabled, any other value=disabled)'
    echo
    echo "Optional parameters & functions: "
    echo
    echo '-S: silent mode, do not write anything on screen, write results only to logfile: dumped.log'
    echo '-P: listen on this port number (greater than zero)'
    echo '-X: delete existing logfile'
    echo '-D: delete this many old dump files, if there is insufficient space on startup (greater than zero)'
    echo '-m: maximum number of packets to capture'
    echo '-b: if current disk usage is equal or greater than this, stop the script after starting'
    echo '-H: display this help message'
    echo
    exit 0
    fi

    if [[ $SILENT_MODE -eq 1 ]] ; then #silent

    mode bekapcsolasa es logolas (hozzafuzes a loghoz)
    logfile=dumped.log
    exec >> $logfile 2>&1
    fi

    if [[ SILENT_MODE -eq 1 ]]; then

    #logfile fejlec datumozasa silent mode eseten
    echo
    echo '#############################'
    date
    echo '#############################'
    echo
    fi

    if [[ $REPEAT_TIME -eq 0 || $MAXFILES -eq 0 || $RUNTIME -eq 0 || $MAX_USED -eq 0 ]]; then #kotelezo numerikus

    parameter ne legyen 0

    echo
    echo "One or more numeric parameters with zero value ! Exiting..."
    echo
    exit 1
    fi

    echo "TCP packet dump script by Gabor Kiss, 2013"
    echo "Requires root or superuser privileges to work."

    DISK_USAGE=$(df $WORKDIR|tail -1|awk {'print $5'}|awk -F"%" {'print $1'} ) #mentes helyen mennyi hely

    van az FS-ben

    if [[ $DISK_USAGE -gt $MAX_USED ]] ; then #ne

    induljon el, ha x% felett van a filesystem kihasznaltsaga
    echo
    echo "Disk usage in working directory is $DISK_USAGE %. Maximum allowed is $MAX_USED %."

    if [[ $GETSPACE -gt 0 ]]; then

    ITERATION=0
    echo "Trying to get enough disk space. Deleting $GETSPACE old dumpfiles..."

    while [[ $ITERATION -le $GETSPACE ]]; do

    let ITERATION++
    sudo rm -f $(ls -tc $WORKDIR/*pcap* 2>/dev/null|awk {'print $1'}|tail -1)
    done

    DISK_USAGE=$(df $WORKDIR|tail -1|awk {'print $5'}|awk -F"%" {'print $1'} )

    echo "Completed. New disk usage is $DISK_USAGE%."

    if [[ $DISK_USAGE -gt $MAX_USED ]]; then

    echo "Could not free enough disk space. Exiting..."
    echo
    exit 1

    fi

    fi

    if [[ -z $GETSPACE ]]; then

    #ha nincs megadva, hany file-t toroljon hely felszabaditasra, kilepes
    echo 'No -D value was given. Exiting...'
    echo
    exit 1
    fi

    else

    echo
    echo "Disk usage in working directory is $DISK_USAGE %. Maximum allowed is $MAX_USED %. Proceeding.." #eleg

    hely eseten tovabb
    fi

    echo
    echo "Running tcpdump on network interface: $INTERFACE. Rotating dumpfiles every: $REPEAT_TIME second." #

    parameterek osszegzese
    echo "Maximum dump files to keep: $MAXFILES. Allowed runtime: $RUNTIME seconds."

    if [[ $MAXPACKETS -gt 0 ]]; then
    echo "Maximum number of packets to capture: $MAXPACKETS"

    fi

    if [[ $PORTNUM -gt 0 ]]; then
    echo "Listening on port $PORTNUM."
    fi
    if [[ $COMPRESS -eq 1 ]]; then
    echo "Using BZIP2 compression on dump files."
    else
    echo "Not using compression on dump files."
    fi
    echo "Saving files in directory $WORKDIR."
    echo "PLEASE WAIT..."

    if [[ ! -d "$WORKDIR" ]]; then #ha nem letezik a mentesekhez konyvtar, hozza letre
    sudo mkdir $WORKDIR
    fi

    echo

    if [[ $COMPRESS -gt 0 ]]; then #BZIP2 tomorites hasznalata

    if [[ -z $PORTNUM ]]; then

    sudo tcpdump -i $INTERFACE -G $REPEAT_TIME -W $MAXFILES -c $MAXPACKETS -z bzip2 -w

    "$WORKDIR/tcpdump_%Y-%m-%d_%H:%M:%S.pcap" &

    else

    sudo tcpdump port $PORTNUM -i $INTERFACE -G $REPEAT_TIME -W $MAXFILES -c $MAXPACKETS -z bzip2 -w

    "$WORKDIR/tcpdump_%Y-%m-%d_%H:%M:%S.pcap" &

    fi

    else

    if [[ $PORTNUM -gt 0 ]]; then

    sudo tcpdump port $PORTNUM -i $INTERFACE -G $REPEAT_TIME -W $MAXFILES -c $MAXPACKETS -w

    "$WORKDIR/tcpdump_%Y-%m-%d_%H:%M:%S.pcap" 1>/dev/null &
    fi

    if [[ -z $PORTNUM ]]; then
    sudo tcpdump -i $INTERFACE -G $REPEAT_TIME -W $MAXFILES -c $MAXPACKETS -w "$WORKDIR/tcpdump_%Y-

    %m-%d_%H:%M:%S.pcap" 1>/dev/null &
    fi

    fi

    TCPD_BACKGROUND=$!

    #hatterben futo tcpdump PID megjegyzese

    COUNTER=0

    #ellenorzo rutin az aktualis disk space-hez es "visszaszamlalo"
    KILLED=0
    until [[ $COUNTER -eq $RUNTIME ]]; do

    DISK_USAGE=$(df $WORKDIR|tail -1|awk {'print $5'}|awk -F"%" {'print $1'})
    if [[ $DISK_USAGE -ge $MAX_USED ]]; then
    RED_FLAG=1
    else
    RED_FLAG=0
    fi

    if [[ RED_FLAG -gt 0 ]] ; then
    sudo kill $TCPD_BACKGROUND
    echo
    echo '*** Disk space exceeded ! Killed tcpdump process !***'
    echo "Runtime was: $COUNTER seconds."
    echo
    KILLED=1
    break
    fi

    sleep 1
    let COUNTER++

    if [[ KILLED -gt 0 ]]; then
    break
    fi

    done

    if [[ RED_FLAG -eq 0 ]]; then
    sudo kill $TCPD_BACKGROUND
    echo
    echo '*** Tcpdump background process was killed. Disk space OK. ***'
    echo "Runtime was: $RUNTIME seconds."
    echo
    fi

    ###

    CURRENT_FILES=$(sudo ls -l $WORKDIR/*pcap* 2>/dev/null|wc -l) #file

    darabszamot ellenorzo es takarito rutin
    TOTAL=0

    if [[ $CURRENT_FILES -gt $MAXFILES ]]; then

    echo
    echo "There are $CURRENT_FILES dumpfiles in the working directory of maximum $MAXFILES, cleaning old files.."
    DIFFERENCE=$CURRENT_FILES-$MAXFILES

    while [ $CURRENT_FILES -gt $MAXFILES ]; do
    CURRENT_FILES=$(sudo ls -l $WORKDIR/*pcap*|wc -l) 2>/dev/null
    sudo rm -f $(ls -tc $WORKDIR/*pcap*|awk {'print $1'}|tail -1) 2>/dev/null #legregebbi file-ok torlese
    let TOTAL++

    if [[ $DIFFERENCE -eq $TOTAL ]]; then
    break
    fi

    done

    else

    echo
    echo "There are $CURRENT_FILES dumpfiles in the working directory, cleaning is NOT necessary."
    echo "Operation summary: "

    fi

    echo

    #muveletek osszegzese
    TOTAL_DUMP=$(ls -l $WORKDIR/*pcap*|wc -l)
    echo "$TOTAL old files were deleted."
    echo "There are a total of $TOTAL_DUMP dumpfiles available."
    NEWEST=$(ls -tc $WORKDIR/*pcap*|awk {'print $1'}|head -1)
    echo "Newest file is: $NEWEST"
    OLDEST=$(ls -tc $WORKDIR/*pcap*|awk {'print $1'}|tail -1)
    echo "Oldest file is: $OLDEST"

    echo
    echo "Operation complete. Bye. "
    echo

    if [[ $SILENT_MODE -eq 1 ]]; then

    #silent mode veget jelzo uzenet es stdout visszairanyitasa a terminalra
    exec >/dev/tty
    echo "Completed without severe errors. See logfile $HOME/dumped.log for results."
    echo
    fi

    exit 0

Új hozzászólás Aktív témák