+++ /dev/null
-#!/bin/bash
-
-function message() {
- printf "%-40s - %s\n" "${file}" "$@"
-}
-
-function verbose() {
- [ "${verbose}" = "1" ]
-}
-
-files=
-for arg in $@; do
- case "${arg}" in
- --verbose|-v)
- verbose=1
- continue
- ;;
- esac
- if [ -d "${arg}" ]; then
- files="${files} $(find ${arg} -type f)"
- else
- files="${files} ${arg}"
- fi
-done
-
-for file in ${files}; do
- if [ -L "${file}" ] || \
- (file ${file} | grep -vq "shared object"); then
- continue
- fi
-
- if readelf -l ${file} 2>/dev/null | grep -q "GNU_RELRO"; then
- if readelf -d ${file} 2>/dev/null | grep -q "BIND_NOW"; then
- verbose && message "full RELRO"
- else
- message "partial RELRO"
- fi
- else
- message "no RELRO"
- fi
-done
+++ /dev/null
-#!/bin/sh
-#
-# This script reads in variables from a config file, and produces a list of
-# commands to run to set these as shell environment variables, it is
-# intended to be used as follows:
-#
-# eval $(readhash /var/ipfire/main/settings)
-#
-
-# shell variables must consist of alphanumeric characters and underscores,
-# and begin with an alphabetic character or underscore.
-VARNAME='[A-Za-z_][A-zA-z0-9_]*'
-
-# For the assigned value we only accept a limited number of characters - none
-# of which are shell metachars
-VARCHARS='A-Za-z0-9=/,._@#+-'
-VARVAL="[${VARCHARS}]*"
-
-sed -ne "s/\(${VARNAME}\)=\(${VARVAL}\)$/\1=\2/p" $1
-
-# Accept space only if it's quoted
-sed -ne "s/\(${VARNAME}\)=\('[ ${VARCHARS}]*'\)$/\1=\2/p" $1
+++ /dev/null
-#!/usr/bin/perl
-##################################################
-##### VPN-Watch.pl Version 0.4 #####
-##################################################
-# #
-# VPN-Watch is part of the IPFire Firewall #
-# #
-##################################################
-
-use strict;
-
-require '/var/ipfire/general-functions.pl';
-my @vpnsettings;
-my $i = 0;
-my $file = "/var/run/vpn-watch.pid";
-my $debug = 0;
-
-if ( -e $file ){
- logger("There my be another vpn-watch runnning because $file exists, vpn-watch will try kill the process.");
- open(FILE, "<$file");
- my $PID = <FILE>;
- close(FILE);
- system("kill -9 $PID");
- }
-
-system("echo $$ > $file");
-
-while ( $i == 0){
- if ($debug){logger("We will wait 300 seconds before next action.");}
- sleep(300);
-
- if (open(FILE, "<${General::swroot}/vpn/config")) {
- @vpnsettings = <FILE>;
- close(FILE);
- unless(@vpnsettings) {exit 1;}
- }
-
-foreach (@vpnsettings){
- my @settings = split(/,/,$_);
-
- if ($settings[27] ne 'RED'){next;}
- if ($settings[4] ne 'net'){next;}
- if ($settings[1] ne 'on'){next;}chomp($settings[29]);
- if ($settings[29] ne 'on'){next;}
-
- my $remotehostname = $settings[11];
-
- if ($debug){logger("Checking connection to $remotehostname.");}
-
- my $remoteip = `/usr/bin/ping -c 1 $remotehostname 2>/dev/null | head -n1 | awk '{print \$3}' | tr -d '()' | tr -d ':'`;chomp($remoteip);
- if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}}
- my $connected= `ipsec whack --status | grep $remoteip`;
- my $established= `ipsec whack --status | grep '$settings[2]' | grep 'IPsec SA established'`;
-
- if ( $established eq '' || $connected eq '' ){
- logger("Remote IP for host $remotehostname has changed or no connection is established, restarting connection to $remoteip.");
- system("/usr/local/bin/ipsecctrl S $settings[0]");
- next;
- }
- if ($debug){logger("All connections may be fine nothing was done.");}
- }
-}
-
-sub logger {
- my $log = shift;
- system("logger -t vpnwatch \"$log\"");
-}
-
projects / ipfire-3.x.git / commitdiff
