Sockets vs Process

De Wiki Clusterlab.com.br
Revisão de 18h00min de 13 de setembro de 2019 por Damato (discussão | contribs)
Ir para navegação Ir para pesquisar
#!/bin/bash
function TEMPFILE() {
	case $1 in
	create)
		mktemp -p /tmp --suffix tmpdoc
		;;
	delete)
		rm  -f $2
		;;
	*)
		EXITNOW "could not create temporary file"
		;;
	esac
}
function ALLTOCSV() {
  INPUT=$1
  cat *.csv > $INPUT
}
function PARSE() {
  export INPUT=$1
  export LOCAL_PORT_LISTENING=$(TEMPFILE create)

  #Get the ports for the listening services
  cat $INPUT | grep -v ^\# | \
  while IFS=',' read HOSTNAME PUBLIC_IP STATE LOCAL_ADDRESS LOCAL_PORT REMOTE_ADDRESS REMOTE_PORT PROCESS_ID PROCESS_NAME OS_VERSION PROCESSOR_COUNT RAM_MEMORY_KB
  do
    echo $HOSTNAME
  done | sort -u | \
  while IFS=',' read SERVERNAME
  do
    cat $1 | grep -v ^\# | \
    while IFS=',' read HOSTNAME PUBLIC_IP STATE LOCAL_ADDRESS LOCAL_PORT REMOTE_ADDRESS REMOTE_PORT PROCESS_ID PROCESS_NAME OS_VERSION PROCESSOR_COUNT RAM_MEMORY_KB
    do
      if [[ ( "$SERVERNAME" == "$HOSTNAME" ) && ( "$STATE" == "LISTENING" )  && ( "$LOCAL_ADDRESS" != "127.0.0.1" ) ]]
      then
        echo $HOSTNAME $LOCAL_PORT
      fi
    done | sort -u -n -k2
  done > $LOCAL_PORT_LISTENING

  # Show only established sockets
  cat $INPUT | grep -v ^\# | \
  while IFS=',' read HOSTNAME PUBLIC_IP STATE LOCAL_ADDRESS LOCAL_PORT REMOTE_ADDRESS REMOTE_PORT PROCESS_ID PROCESS_NAME OS_VERSION PROCESSOR_COUNT RAM_MEMORY_KB
  do
    while read SERVERNAME PORT
    do
      #Show established sockets with listener process on the server, server side
      if [[ ( "$SERVERNAME" == "$HOSTNAME" ) && ( $PORT -eq $LOCAL_PORT ) && ( "$STATE" == "ESTABLISHED" ) && ( "$LOCAL_ADDRESS" != "$REMOTE_ADDRESS" ) && ( "$PUBLIC_IP" != "$REMOTE_ADDRESS" ) ]]
      then
        echo $HOSTNAME LOCAL $LOCAL_PORT $REMOTE_ADDRESS $PROCESS_NAME
      fi
      #Sow eatablished sockets withot listener, client side
      #PORT diferente local_port
      RETORNO=$(grep -w $LOCAL_PORT $LOCAL_PORT_LISTENING | wc -l)
      if [[ ( "$SERVERNAME" == "$HOSTNAME" ) && ( $RETORNO == 0 ) && ( "$STATE" == "ESTABLISHED" ) && ( "$LOCAL_ADDRESS" != "$REMOTE_ADDRESS" )  && ( "$PUBLIC_IP" == "$REMOTE_ADDRESS" )  ]]
      then

        echo $HOSTNAME REMOTE $REMOTE_PORT $REMOTE_ADDRESS $PROCESS_NAME
      fi
    done < $LOCAL_PORT_LISTENING
  done | sort -u
  # cat $LOCAL_PORT_LISTENING
  TEMPFILE delete $LOCAL_PORT_LISTENING
}
function SQLITE_START() {
  #HOSTNAME PUBLIC_IP STATE LOCAL_ADDRESS LOCAL_PORT REMOTE_ADDRESS REMOTE_PORT PROCESS_ID PROCESS_NAME OS_VERSION PROCESSOR_COUNT RAM_MEMORY_KB
  sqlite3 $BASE "CREATE TABLE IF NOT EXISTS arquitetura(
    HOSTNAME text,
    PUBLIC_IP text,
    STATE text,
    LOCAL_ADDRESS text,
    LOCAL_PORT integer,
    REMOTE_ADDRESS text,
    REMOTE_PORT integer,
    PROCESS_ID integer,
    PROCESS_NAME text,
    OS_VERSION text,
    PROCESSOR_COUNT integer,
    RAM_MEMORY_KB real)"
  # sqlite3 base.sb "create table IF NOT EXISTS hosts(endereco varchar(15) , nome varchar(60) primary key,TTL integer, tipo varchar(30))"
}
function SQLITE_INSERT() {
  INPUT=$1
  export COUNTER=0
  wc -l $INPUT
  cat $INPUT | grep -v ^\# | \
  while IFS=',' read HOSTNAME PUBLIC_IP STATE LOCAL_ADDRESS LOCAL_PORT REMOTE_ADDRESS REMOTE_PORT PROCESS_ID PROCESS_NAME OS_VERSION PROCESSOR_COUNT RAM_MEMORY_KB
  do
    echo -ne "\rInserted $COUNTER Record(s)"
    export COUNTER=$(expr $COUNTER + 1)
    sqlite3 $BASE "INSERT INTO arquitetura(HOSTNAME,PUBLIC_IP,STATE,LOCAL_ADDRESS,LOCAL_PORT,REMOTE_ADDRESS,REMOTE_PORT,PROCESS_ID,PROCESS_NAME,OS_VERSION,PROCESSOR_COUNT,RAM_MEMORY_KB)  VALUES('$HOSTNAME', '$PUBLIC_IP', '$STATE', '$LOCAL_ADDRESS', $LOCAL_PORT, '$REMOTE_ADDRESS', $REMOTE_PORT, $PROCESS_ID, '$PROCESS_NAME', '$OS_VERSION', $PROCESSOR_COUNT, $RAM_MEMORY_KB)"
  done
}
function SQLITE_SELECT() {
  # WHERE STATE == 'ESTABLIHED' AND LOCAL_ADDRESS <> '127.0.0.1'
  sqlite3 $BASE -csv "$1"
}
function SQLITE_PURGE() {
  rm -fr $BASE
}
function SERVER() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      REMOTE_ADDRESS,
      LOCAL_ADDRESS
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT NOT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'REMOTE_ADDRESS'"
}
function CLIENT() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      LOCAL_ADDRESS,
      REMOTE_ADDRESS
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'REMOTE_ADDRESS'"
}
function ESTABLISHED() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      'SERVER',
      PROCESS_NAME,
      PUBLIC_IP,
      LOCAL_ADDRESS,
      LOCAL_PORT,
      REMOTE_ADDRESS,
      REMOTE_PORT
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'REMOTE_PORT'"
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      'CLIENT',
      PROCESS_NAME,
      PUBLIC_IP,
      LOCAL_ADDRESS,
      LOCAL_PORT,
      REMOTE_ADDRESS,
      REMOTE_PORT
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT NOT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'LOCAL_PORT'"
}
function SERVER_PORT() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      REMOTE_ADDRESS,
      REMOTE_PORT,
      PROCESS_NAME
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT NOT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'REMOTE_PORT'"
}
function CLIENT_PORT() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      REMOTE_ADDRESS,
      LOCAL_PORT,
      PROCESS_NAME
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'REMOTE_ADDRESS'"
}
function INVENTORY() {
  SQLITE_SELECT "
    SELECT DISTINCT
      HOSTNAME,
      PUBLIC_IP,
      PROCESSOR_COUNT,
      CAST((RAM_MEMORY_KB/1024/1024) AS INT),
      OS_VERSION
    FROM
      arquitetura
    ORDER BY
      HOSTNAME"
}
function UNMAPPED_HOSTS() {
  SQLITE_SELECT "
    SELECT DISTINCT
      REMOTE_ADDRESS
    FROM
      arquitetura
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    AND
      REMOTE_ADDRESS <> '0.0.0.0'
    AND
      REMOTE_ADDRESS NOT IN (
        SELECT DISTINCT
          PUBLIC_IP
        FROM
          arquitetura
      )"
}
function PREGRAPH() {
  SQLITE_SELECT "
  SELECT DISTINCT
      c.HOSTNAME,
      c.PUBLIC_IP,
      c.PROCESS_NAME,
      (select HOSTNAME from arquitetura as d where c.REMOTE_ADDRESS == d.PUBLIC_IP),
      c.REMOTE_ADDRESS
    FROM
      arquitetura as c
    WHERE
      STATE == 'ESTABLISHED'
    AND
      LOCAL_PORT NOT IN (
        SELECT DISTINCT
          LOCAL_PORT
        FROM
          arquitetura
        WHERE
          STATE == 'LISTENING'
        AND
          LOCAL_ADDRESS <> '127.0.0.1'
          )
    AND
      LOCAL_ADDRESS <> '127.0.0.1'
    ORDER BY
      'LOCAL_PORT'"
}
if [ $# -ne 1 ]
then
  exit 1
else
  export INPUT=$(TEMPFILE create)
  export BASE=base.db
  ALLTOCSV $INPUT
  dos2unix $INPUT >&2
  case $1 in
    zerado)
      SQLITE_PURGE
      SQLITE_START
      SQLITE_INSERT $INPUT
      ;;
    coletar)
      SQLITE_START
      SQLITE_INSERT $INPUT
      ;;
    established)
      ESTABLISHED
      ;;
    server_port)
      SERVER_PORT
      ;;
    server)
      SERVER
      ;;
    client)
      CLIENT
      ;;
    client_port)
      CLIENT_PORT
      ;;
    server_client)
      SERVER
      CLIENT
      ;;
    inventario)
      INVENTORY
      ;;
    unmapped_hosts)
      UNMAPPED_HOSTS
      ;;
    pregraph)
      PREGRAPH
      ;;
    *)

      exit 1
      ;;
  esac
  # PARSE $INPUT
  # SQLITE_START
  # SQLITE_INSERT $INPUT
  TEMPFILE delete $INPUT
fi