Basically I'm trying to create a script in bash that will do a tcpdump on eth0 and look for two IP addresses communicating on the same port.
Ideally it would return a message saying "Bidirectional traffic confirmed" and output the two lines that are the same as a sort of "proof"
Otherwise it would return " Bidirectional traffic not confirmed "
I'm thinking this needs to be output to a file that can be parsed and have the stdout returned but I'm not sure.
Any help would be awesome!
Have you tried:
netstat -nap
This will display multiple columns but there are two very important ones. You have "Local Address" and "Foreign Address". This will show you if you are connected to an IP and what port.
Very quick script to see if this works could be...
#!/bin/bash
read -p "Please input IP you are searching for" netInput
results=$(netstat -nap | grep ${netInput})
if [[ $(echo ${results} | grep -ic "established") != "0" ]] ; then
echo "Bidirectional communication is established"
else
echo "Bidirectional communication is NOT established"
fi
exit
Related
I have a code which detects if OpenVPN connection is up or down:
if echo 'ifconfig tun0' | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
then
echo "VPN up"
else
echo "VPN down"
fi
exit 0
now I'm trying to re-write the code to work with PPTP or IPSEC connection. I've tried to do:
if echo 'ifconfig ppp0' | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
or the same with ipsec but does not work. Is there any other way to detect PPTP or IPSEC connection?
That echo statement is erroneous. As #unwind says, the single quotes (') should be backtics (`). Your current code is sending the literal value ifconfig ppp0 to grep, which doesn't do anything useful.
But you don't actually need the backtics, either. You can just send the output of ifconfig to grep directory; using echo doesn't get you anything:
if ifconfig ppp0 | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"; then
echo ppp connection is up
fi
The following script will:
Run the ISPConnectivity.sh script every 5 minutes. This will mean that the VPN tunnel will not be down for more than 5 minutes.
Check if the tun interface is down, and start the vpn script if it is.
Check connectivity if the tun0 interface is up. It does ping tests on 2 Public IPs (if I get even a single response from 1 of the IPs tested, I consider this a success ), and all have to fail to run the vpn script. I ran ping tests on multiple hosts to prevent the vpn script from starting in case the ping test failed on 1 IP.
Send all failure output to a file in my home directory. I do not need to see if any test succeeded.
Contents of sudo crontab:
*/5 * * * * /home/userXXX/ISPConnectivity.sh >> /home/userXXX/ISPConnectivity.log 2>&1
Contents of ISPConnectivity.sh script:
#!/bin/bash
# add ip / hostname separated by white space
#HOSTS="1.2.3.4"
HOSTS="8.8.8.8 4.2.2.4"
# no ping request
totalcount=0
COUNT=4
DATE=`date +%Y-%m-%d:%H:%M:%S`
if ! /sbin/ifconfig tun0 | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"
then
echo $DATE tun0 down
sudo /home/userXXX/startVPN.sh start
else
for myHost in $HOSTS;
do
count=`ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }'`
totalcount=$(($totalcount + $count))
done
if [ $totalcount -eq 0 ]
then
echo $DATE $totalcount "fail"
sudo /home/userXXX/startVPN.sh start
#else
# echo $DATE $totalcount "pass"
fi
fi
You can also check with the nmcli command, to check if VPN is running or not.
nmcli c show --active | grep vpn
I'm actually looking into more flexible solution eg:
MyIP=$(curl http://api.ipify.org/?format=text)
if [ "$MyIP" != "MYORYGINALIP" ]
then
echo "IPSEC VPN is Running - " $MyIP
else
echo "IPSEC VPN is Not Running - " $MyIP
fi
exit 0
what about that? can I improve it any way?
ip route list table 220 if Ip address shown -> VPN connection established, none -> no VPN
or
if [ "0" == ifconfig | grep wlan0 | wc -l ]; then echo "NO wlan0 has no VPN"; else echo "YES wlan0 has VPN"; fi
I am newbie to Linux/Asterisk. I am trying to write a shell script that would look for my SIP trunk registration, if found UNREACHABLE then it would execute a command and check my local IP, if my local IP is 192.168.1.106 then it would change the IP to 192.168.1.150 and vice versa, after that issue the commands, network service restart and amportal restart.
I have written following so far, and just by the looks, it seems wrong. Any help would be highly appreciated. Thanks
#!/bin/bash
asteriskbin=`which asterisk`
interval=10
ippath=/sbin/ifconfig
ip1=192.168.1.106
ip2=192.168.1.150
trunk="siptrunk"
run=true
while [[ "$run" == "true" ]]; do
checktrunk=`$asteriskbin -rx “sip show peer $trunk” | grep Status | grep -wc OK`
if [[ $checktrunk == 0 ]]; then
echo “TEST Trunk Down”
else
echo “SIP trunk registration OK.”
whatip=`$ippath eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'
if [[ $whatip == $ip1 ]]; then
ifconfig eth0 $ip2
else
ifconfig eth0 $ip1
network service restart
amportal restart
fi
sleep $interval
done
exit 1
A few things which spring out:
You should be using " quotes.
The whatip= command substitution is not ended anywhere.
You should use $(cmd) instead of `cmd`
Use More Quotes!
$run and exit 1 are useless since $run is never set to anything other than true.
ifconfig is deprecated in favour of ip.
There's no point in saving which asterisk to a variable. Simply run asterisk; it will perform the exact same lookup.
Why are you doing this in the first place? I don't see how continually changing your IP is useful.
I was given the task to see if we are advertising a list of ip addresses(3000). Not a good idea to do it manually, so I copied all the ip addresses that we are advertising in a file. Now I just have to create a bash script and feed the list of ip address into the script so it can find the ip addresses in the file with the list of ip addresses being advertised. If found save it in one file if not in a different file. This is what I have so far. The problem with this script is that I have to type in manually every ip address. HOW CAN I FEED THE FILE WITH THE LIST OF IP ADDRESSES TO BE SEARCHED IN THE FILE WITH THE LIST OF IP ADDRESSES WE ARE ADVERTISING. Thank you very much in advanced.
#!/bin/bash
while true; do
echo -e "IP address: \c"
read ip
if grep --color "$ip" "ips"; then
echo $ip "was found"
echo $ip >> found
else
echo $ip "was NOT found"
echo $ip >> notFound
fi
done
If you sort the two files, you can use the comm command:
sort all_ip_addresses > all_ip_addresses_sorted
sort adverted_ip_address > advertised_ip_address_unsorted
comm -23 all_ip_addresses_sorted advertised_ip_addresses_sorted
will show the IP addresses that are not advertised, and:
comm -12 all_ip_addresses_sorted advertised_ip_addresses_sorted
will show the advertised IP addresses.
You can also avoid creating the separate sorted files by using process substitution:
comm -23 <(sort all_ip_addresses) <(sort advertised_ip_addresses)
A better script :
while read ip
do
grep "$ip" "$ips" > /dev/null 2>&1 && echo "$ip" >> ip.found || echo "$ip" >> ip.notfound
done
Name the script "searchip.sh"
Assume your input file is "iplist" ,set up variable and call like this:
ips=ips
cat iplist | sh searchip.sh
or
sh searchip.sh < iplist
Then you get two files , one is ip found, other one is ip not found.
What you need is shell I/O redirection.
$ script < list_of_ip_addresses
That's all you need.
I´m trying to understand a Linux Bash Script. The aim of the script is to limit the access to server services only for some dyndns users (by use of ufw rules). Part of the script:
ALLOWEDUSERS="client1.dyndns.org client2.dyndns.org"
for host in $ALLOWEDUSERS ; do
ip=`host $host | cut -d ' ' -f 4`
if [ $? -eq 0 ]; then
ufw allow proto tcp from $ip to any
fi
done
okay
for host in $ALLOWEDUSERS ; do
is clear, it loops through ALLOWEDUSERS,
as far as I understand
if [ $? -eq 0 ]; then
checks if the command executed before is true (if so the ufw rule is added)
but how does the rest of the snippet
ip=`host $host | cut -d ' ' -f 4`
checks if the client ip is the one from the allowed dyndns account?
thanks a lot for your help,
tony
It doesn't realy check anything.
The output from host $host is anything like
$host has address xxx.xxx.xxx.xxx.
For example:
$ host localhost
localhost has address 127.0.0.1
Afterwards cut -d ' ' -f 4 isolates the fourth part, which is the ip address. This is used as the ip address for the ufw command.
The script is essentially equivalent to:
ALLOWEDUSERS="client1.dyndns.org client2.dyndns.org"
for host in $ALLOWEDUSERS ; do
ip=`host $host | cut -d ' ' -f 4`
ufw allow proto tcp from $ip to any
done
The if in the original script was checking the result of cut, not host, and it was always successful, so it served no useful purpose.
When the DynDNS hostname is valid, a rule will be added to the firewall to allow it.
When the hostname isn't found, the host command prints:
Host clientN.dyndns.org not found: 3(NXDOMAIN)
so $ip will be found:. This will try to do:
ufw allow proto tcp from found: to any
Since that's not a valid firewall rule, I expect it will be ignored and an error message issued.
If you want to do what the script was apparently trying to do, it should be:
ALLOWEDUSERS="client1.dyndns.org client2.dyndns.org"
for host in $ALLOWEDUSERS ; do
hostresult=`host $host`
if [ $? -eq 0 ]; then
ip=`echo "$hostresult" | cut -d ' ' -f 4`
ufw allow proto tcp from $ip to any
fi
done
Any idea how to create a script in order to test connectivity with IP that represents a default gateway. And in case of connectivity, to print the message "Default gateway up" and if it's not connected to give a message "Default gateway down"
#!/bin/bash
ping -c 1 192.168.1.1 2>&1 > /dev/null
if [ $? -ne 0 ]
then
echo -e "host does not respond to ping"
fi
Put this script in crontab and let it run every min or whatever frequency you want.