178 lines
4.9 KiB
Bash
Executable File
178 lines
4.9 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# configure-nfr - post-installation configuration of the NFR software.
|
|
# run after the nfr user and group have been added,
|
|
# and the NFR software has been installed.
|
|
#
|
|
# this should prolly be done in perl (ugh), but it needs to be portable.
|
|
# so this is freak nasty, sue me. it works.
|
|
#
|
|
# dugsong@monkey.org
|
|
|
|
PATH=/bin:/usr/bin:/sbin:/usr/sbin
|
|
|
|
NFRDIR=${NFRHOME:-/nfr}
|
|
NFRD_CFG=${NFRDIR}/etc/nfrd.cfg
|
|
NFR_CONF=${NFRDIR}/etc/nfr.conf
|
|
VALUES_NFR=${NFRDIR}/library/values.nfr
|
|
|
|
TMP=/tmp/nfr_install.$$
|
|
trap 'rm -rf $TMP ; exit 0' 0 1 2 3 13 15
|
|
mkdir $TMP || exit 1
|
|
|
|
echo "Network Flight Recorder configuration"
|
|
|
|
echo "
|
|
This script will walk you through the initial configuration of your NFR.
|
|
Default answers (based on best guesses, given your system configuration)
|
|
are given in brackets [] - hit return if you want to keep the defaults."
|
|
|
|
while true ; do
|
|
|
|
# Get network interfaces for nfrd.cfg
|
|
echo "
|
|
|
|
You need to specify which network interfaces the NFR will be
|
|
monitoring. You may have the NFR listen on more than one interface
|
|
(including \"stealth\" mode interfaces). Enter them as a space
|
|
separated list of interface names."
|
|
|
|
nfr_intf=`ifconfig -a | grep 'flags=' | grep -v '^lo' | cut -f1 -d: | tr '\n' ' '`
|
|
|
|
printf "\nInterfaces? [ $nfr_intf] "
|
|
read intf
|
|
if [ "x$intf" != "x" ]; then nfr_intf=$intf ; fi
|
|
|
|
|
|
# Get network numbers for values.nfr
|
|
echo "
|
|
|
|
What are the network numbers of the networks this NFR is monitoring?
|
|
Enter them as a comma separated list of colon separated
|
|
address:netmask pairs in dotted decimal notation."
|
|
|
|
nfr_networks=""
|
|
for intf in $nfr_intf ; do
|
|
ifline=`ifconfig $intf | grep inet`
|
|
if [ "x$ifline" = "x" ]; then continue; fi
|
|
addr=`echo $ifline | sed 's/^.*inet \([.0-9]*\) netmask .*$/\1/'`
|
|
netmask=`echo $ifline | sed 's/^.* netmask \([.xa-f0-9]*\) .*$/\1/'`
|
|
if echo $netmask | grep -v '\.' >/dev/null ; then
|
|
netmask=`echo $ifline | sed 's/^.* netmask \([xa-f0-9]*\) .*$/\1/
|
|
s/0x//
|
|
s/\([a-f0-9][a-f0-9]\)/0x\1 /g'`
|
|
netmask=`printf "%d.%d.%d.%d" \`echo $netmask\``
|
|
fi
|
|
nfr_networks="${addr}:$netmask, $nfr_networks"
|
|
done
|
|
nfr_networks=`echo $nfr_networks | sed 's/,$//'`
|
|
|
|
printf "\nNetworks? [ $nfr_networks ] "
|
|
read networks
|
|
if [ "x$networks" != "x" ]; then nfr_networks=$networks ; fi
|
|
|
|
|
|
# Get router MAC addresses for values.nfr
|
|
echo "
|
|
|
|
What are the MAC addresses of the routers that route traffic from the
|
|
outside to your local network? Enter them as a comma separated list of
|
|
six colon separated hex bytes in two-digit format."
|
|
|
|
router_addr=`netstat -rn | grep default | awk '{print $2}'`
|
|
router_mac_bytes=`arp $router_addr | awk '{print $4}' | sed 's/:/ 0x/g'`
|
|
nfr_routers=`printf "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x" \`echo $router_mac_bytes\``
|
|
|
|
printf "\nRouters? [ $nfr_routers ] "
|
|
read routers
|
|
if [ "x$routers" != "x" ]; then nfr_routers=$routers ; fi
|
|
|
|
|
|
# Get httpd binary location for nfr.conf
|
|
echo "
|
|
|
|
Where is the location of your Apache webserver program? Enter the
|
|
full path to your httpd binary."
|
|
|
|
nfr_httpd=`grep ^HTTPD= $NFR_CONF | cut -f2 -d=`
|
|
|
|
printf "\nWebserver? [ $nfr_httpd ] "
|
|
read httpd
|
|
if [ "x$httpd" != "x" ]; then nfr_httpd=$httpd ; fi
|
|
|
|
|
|
# Print summary
|
|
echo "
|
|
|
|
You've entered the following NFR configuration values:
|
|
|
|
Network interfaces: $nfr_intf
|
|
Network numbers: $nfr_networks
|
|
Router MAC addresses: $nfr_routers
|
|
Webserver location: $nfr_httpd"
|
|
|
|
printf "\nIs this correct? [y] "
|
|
read answer
|
|
echo ""
|
|
case x$answer in
|
|
xn*|xN*|xq*) echo "Repeating NFR configuration..." ;;
|
|
x*|xy*|xY*) break ;;
|
|
esac
|
|
|
|
done # End of main while loop
|
|
|
|
|
|
# Modify nfrd.cfg
|
|
sed "s/^\(nfr_intf=.*\)$/# \1/g
|
|
s/^# nfr_intf=.*$/nfr_intf=$nfr_intf/" $NFRD_CFG > $TMP/nfrd.cfg
|
|
cp $NFRD_CFG ${NFRD_CFG}-orig
|
|
cp $TMP/nfrd.cfg $NFRD_CFG
|
|
echo "$NFRD_CFG updated."
|
|
|
|
# Modify values.nfr
|
|
sed "s/^\(my_network.*\)$/# \1/g
|
|
s/^# my_network.*$/my_network = [ $nfr_networks ]/
|
|
s/^\(my_router_mac_list.*\)$/# \1/g
|
|
s/^# my_router_mac_list.*$/my_router_mac_list = [ $nfr_routers ]/" \
|
|
$VALUES_NFR > $TMP/values.nfr
|
|
cp $VALUES_NFR ${VALUES_NFR}-orig
|
|
cp $TMP/values.nfr $VALUES_NFR
|
|
echo "$VALUES_NFR updated."
|
|
|
|
# Modify nfr.conf
|
|
sed "s%^\(HTTPD=.*\)$%# \1%g
|
|
s%^# HTTPD=.*$%HTTPD=$nfr_httpd%" $NFR_CONF > $TMP/nfr.conf
|
|
cp $NFR_CONF ${NFR_CONF}-orig
|
|
cp $TMP/nfr.conf $NFR_CONF
|
|
echo "$NFR_CONF updated."
|
|
|
|
|
|
# Set initial NFR htpasswd
|
|
echo "
|
|
You now need to set an initial password for the NFR web account.
|
|
Running \"$NFRDIR/bin/htpasswd -c $NFRDIR/etc/httpd/conf/htpasswd nfr\"...
|
|
"
|
|
while ! $NFRDIR/bin/htpasswd -c $NFRDIR/etc/httpd/conf/htpasswd nfr ; do
|
|
echo ""
|
|
done
|
|
echo ""
|
|
|
|
# Make sure our NFR directory looks sane.
|
|
if [ ! -p $NFRDIR/etc/run/alertd/alertsin ]; then
|
|
mkfifo -m 600 $NFRDIR/etc/run/alertd/alertsin
|
|
fi
|
|
if [ ! -p $NFRDIR/etc/run/spacemand/infifo ]; then
|
|
mkfifo -m 644 $NFRDIR/etc/run/spacemand/infifo
|
|
fi
|
|
touch $NFRDIR/nfrd.log
|
|
chown -R nfr:nfr $NFRDIR
|
|
|
|
if [ "x${NFRDIR}" != "x/nfr" ]; then
|
|
rm -f /nfr
|
|
ln -s $NFRDIR /nfr
|
|
fi
|
|
|
|
exit 0
|
|
|
|
# 5000.
|