You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
129 lines
3.1 KiB
129 lines
3.1 KiB
#!/bin/bash
|
|
|
|
################
|
|
## CONFIG ##
|
|
################
|
|
|
|
# Folder to save snaps in
|
|
SNAP_FOLDER=~/server_states
|
|
|
|
# Array with files to snapshot
|
|
declare -a CFGBKP=(
|
|
"/etc/motd"
|
|
"/etc/hosts"
|
|
)
|
|
|
|
# Bash color definitions
|
|
GREEN='\033[00;92m'
|
|
BLUE='\033[00;94m'
|
|
RST='\033[0m'
|
|
|
|
# print color message
|
|
function msg() {
|
|
echo -e "$BLUE * $GREEN$1$RST"
|
|
}
|
|
|
|
# colorify diff output
|
|
function colorDiff {
|
|
awk '/^>/ { print "\033[31m"$0"\033[0m"; } /^</ { print "\033[32m"$0"\033[0m"; } /^[^<>]/ { print $0; }'
|
|
}
|
|
|
|
# print horizontal line
|
|
function HL {
|
|
echo -e "$BLUE============================================================================$RST"
|
|
}
|
|
|
|
# print and format unique processes names
|
|
function procList {
|
|
ps aux | awk '{ print $11 }' | sort | uniq | egrep -v '^\['
|
|
}
|
|
|
|
# print and format opened TCP/UDP ports and process names
|
|
function portList {
|
|
netstat -lpn | egrep "(tcp.*LISTEN|udp)" | sort | uniq | awk '{split($NF,arr,"/"); print $1 " " $4 " " arr[2]}'
|
|
}
|
|
|
|
# print firewall rules (standard + NAT table)
|
|
function firewallRules {
|
|
(/sbin/iptables -L -n; echo -e "\n#NAT\n"; /sbin/iptables -L -nt nat)
|
|
}
|
|
|
|
# print routing table
|
|
function routingTable {
|
|
/sbin/ip route
|
|
}
|
|
|
|
# make status snap
|
|
function makeSnap {
|
|
FOLDER=$SNAP_FOLDER/state_$(date '+%Y%m%d_%H%M%S')
|
|
mkdir -p $FOLDER
|
|
procList > $FOLDER/ps.out
|
|
portList > $FOLDER/netstat.out
|
|
firewallRules > $FOLDER/iptables.out
|
|
/sbin/iptables-save > $FOLDER/iptables-save.out
|
|
mount > $FOLDER/mount.out
|
|
routingTable > $FOLDER/routing.out
|
|
for i in "${CFGBKP[@]}"
|
|
do
|
|
DIR=$(dirname "${i}")
|
|
mkdir -p "$FOLDER/cfg$DIR"
|
|
cp "$i" "$FOLDER/cfg$i"
|
|
done
|
|
msg "Written state snapshot to $FOLDER"
|
|
}
|
|
|
|
# comapring states to previous snap
|
|
function compare {
|
|
FOLDER=$SNAP_FOLDER/$(ls ~/server_states/ | tail -n 1)
|
|
msg "Comparing with snap $FOLDER"
|
|
echo -e "$GREEN\nProcesses diff$RST"; HL; procList | diff - $FOLDER/ps.out | colorDiff
|
|
echo -e "$GREEN\nOpened ports diff$RST"; HL; portList | diff - $FOLDER/netstat.out | colorDiff
|
|
echo -e "$GREEN\nFirewall rules diff$RST"; HL; firewallRules | diff - $FOLDER/iptables.out | colorDiff
|
|
echo -e "$GREEN\nMounts diff$RST"; HL; mount | diff - $FOLDER/mount.out | colorDiff
|
|
echo -e "$GREEN\nRouting table diff$RST"; HL; routingTable | diff - $FOLDER/routing.out | colorDiff
|
|
for i in "${CFGBKP[@]}"
|
|
do
|
|
echo -e "$GREEN\n$i config diff$RST"; HL; diff "$i" "$FOLDER/cfg$i" | colorDiff
|
|
done
|
|
}
|
|
|
|
# Checking if root privileges
|
|
function nonRootExit {
|
|
if [[ $EUID -ne 0 ]]; then
|
|
msg "This command must be run as root"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
# Printing help
|
|
function printHelp {
|
|
echo -e "State Snap 0.3"; HL
|
|
echo -e "Use: $0 [PARAMETRS]...\n"
|
|
printf " $GREEN%-6s$RST %s\n" "snap" "- Make server status snapshot"
|
|
printf " $GREEN%-6s$RST %s\n" "diff" "- Make a diff comparison against latest snapshot"
|
|
printf " $GREEN%-6s$RST %s\n\n" "clear" "- Delete all previous snapshots"
|
|
exit 0;
|
|
}
|
|
|
|
# Print help if no arguments
|
|
if [ $# -lt 1 ]; then
|
|
printHelp
|
|
fi
|
|
|
|
# Program starts here
|
|
case $1 in
|
|
diff)
|
|
nonRootExit
|
|
compare
|
|
;;
|
|
snap)
|
|
nonRootExit
|
|
makeSnap
|
|
;;
|
|
clear)
|
|
rm -r $SNAP_FOLDER/*
|
|
;;
|
|
*)
|
|
msg "Unrecognised command. Run \"$0 help\" to view help."
|
|
;;
|
|
esac
|
|
|