czoczo
/
statesnap
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
1 Branch
0 Tags
220 KiB
 
Tag: Branch: Tree: d493432d77
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd493432d77'
${ noResults }
statesnap/statesnap.sh

141 lines
3.4 KiB
Raw Blame History

#!/bin/bash
### CONFIG BEGIN ###
# Folder to save snaps in
SNAP_FOLDER=~/server_states
# Array with files to snapshot
declare -a CFGBKP=(
"/etc/hosts"
)
# Bash color definitions
C1='\033[00;97m' # white
C2='\033[00;95m' # light magenta
RST='\033[0m'
### CONFIG END ###
# print color message
function msg() {
echo -e "\n$C2 * $C1$1$RST"
}
# print section
function section() {
declare -i X1 X2 X3 WIDTH
WIDTH=60 # total width
X2=${#1}+2 # length of $foo and 2 whitespaces
X1=(WIDTH-X2)/2 # length of first part
X3=$WIDTH-X1-X2 # length of last part
echo -e "$C1"
for ((i=1;i<=$X1;i++)); do echo -n "+"; done
echo -en " $C2$1$C1 +++ (\033[31m missing $C1/\033[32m new$C1 ) "
for ((i=1;i<=$X3;i++)); do echo -n "+"; done
echo -e "$RST"
}
# colorify diff output
function colorFilter {
awk '/^>/ { print "\033[31m"$0"\033[0m"; } /^</ { print "\033[32m"$0"\033[0m"; }'
}
# print and format unique processes names
function procList {
ps aux | awk '{ print $11 }' | sort | uniq | egrep -v '^\['
}
# print and format opened TCP/UDP ports and process names
function portList {
#netstat -lpn | egrep "(tcp.*LISTEN|udp)" | sort | uniq | awk '{split($NF,arr,"/"); print $1 " " $4 " " arr[2]}'
ss -lpn | egrep "(tcp.*LISTEN|udp)" | sort | uniq | awk '{split($NF,arr,"\""); print $1 " " $5 " " arr[2]}' | column -t
}
# print firewall rules (standard + NAT table)
function firewallRules {
(/sbin/iptables -L -n; echo -e "\n#NAT\n"; /sbin/iptables -L -nt nat)
}
# print routing table
function routingTable {
/sbin/ip route
}
# make status snap
function makeSnap {
FOLDER=$SNAP_FOLDER/state_$(date '+%Y%m%d_%H%M%S')
mkdir -p $FOLDER
procList > $FOLDER/ps.out
portList > $FOLDER/netstat.out
firewallRules > $FOLDER/iptables.out
/sbin/iptables-save > $FOLDER/iptables-save.out
mount > $FOLDER/mount.out
routingTable > $FOLDER/routing.out
for i in "${CFGBKP[@]}"
do
DIR=$(dirname "${i}")
mkdir -p "$FOLDER/cfg$DIR"
cp "$i" "$FOLDER/cfg$i"
done
msg "Written state snapshot to $FOLDER"
}
# comapring states to previous snap
function compare {
FOLDER=$SNAP_FOLDER/$(ls ~/server_states/ | tail -n 1)
msg "Comparing with snap $FOLDER"
section "Proccesses diff"; procList | diff - $FOLDER/ps.out | colorFilter
section "Opened ports diff"; portList | diff - $FOLDER/netstat.out | colorFilter
section "Firewall rules diff"; firewallRules | diff - $FOLDER/iptables.out | colorFilter
section "Mounts diff"; mount | diff - $FOLDER/mount.out | colorFilter
section "Routing table diff"; routingTable | diff - $FOLDER/routing.out | colorFilter
for FILE in "${CFGBKP[@]}"
do
section "$FILE diff"; diff "$FILE" "$FOLDER/cfg$FILE" | colorFilter
done
}
# Checking if root privileges
function nonRootExit {
if [[ $EUID -ne 0 ]]; then
msg "This command must be run as root"
exit 1
fi
}
# Printing help
function printHelp {
echo -e "Usage: $0 [command]...\n"
printf " $C1%-6s$RST %s\n" "snap" "- Make server status snapshot"
printf " $C1%-6s$RST %s\n" "diff" "- Make a diff comparison against latest snapshot"
printf " $C1%-6s$RST %s\n\n" "clear" "- Delete all previous snapshots"
exit 0;
}
# Print help if no arguments
if [ $# -lt 1 ]; then
printHelp
fi
# Program starts here
case $1 in
diff)
nonRootExit
compare
;;
snap)
nonRootExit
makeSnap
;;
clear)
rm -r $SNAP_FOLDER/*
;;
*)
msg "Unrecognised command. Run \"$0 help\" to view help."
;;
esac