xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

more netaudit stuff

Browse source
This commit is contained in:
aiju 2012-08-26 16:10:01 +02:00
parent 90ea636ce1
commit 681f273489
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
rc/bin/netaudit
View file

@ -5,7 +5,7 @@ fn checkhost {
echo 'sysname= env var is not set' echo 'sysname= env var is not set'
exit 'fail' exit 'fail'
} }
dom=`{ndb/ipquery sys $sysname dom | sed 's/^dom=//'} dom=`{ndb/query sys $sysname dom}
echo 'checking this host''s tuple:' echo 'checking this host''s tuple:'
if(~ $dom '') if(~ $dom '')
echo ' no dom= entry' echo ' no dom= entry'
@ -15,7 +15,7 @@ fn checkhost {
echo ' dom='$dom 'does not start with' $sysname^'; it''s supposed to be the FQDN, not the domain name!' echo ' dom='$dom 'does not start with' $sysname^'; it''s supposed to be the FQDN, not the domain name!'
if not if not
echo ' dom='$dom 'looks ok' echo ' dom='$dom 'looks ok'
ether=`{ndb/ipquery sys $sysname ether | sed 's/^ether=//'} ether=`{ndb/query sys $sysname ether}
if(~ $ether '') if(~ $ether '')
echo ' no ether entry' echo ' no ether entry'
if not if(! ~ $ether [0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]) if not if(! ~ $ether [0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f])
@ -34,14 +34,14 @@ fn checknet {
} }
if not if not
echo ' we are in ipnet='^$ipnet echo ' we are in ipnet='^$ipnet
dns=`{ndb/query ipnet $ipnet dns | sed 's/^dns=//'} dns=`{ndb/query ipnet $ipnet dns}
if(~ $dns '') if(~ $dns '')
echo ' no dns= entry' echo ' no dns= entry'
if not if(! ip/ping -n 1 $dns >/dev/null >[2=1]) if not if(! ip/ping -n 1 $dns >/dev/null >[2=1])
echo ' dns='$dns 'does not reply to ping' echo ' dns='$dns 'does not reply to ping'
if not if not
echo ' dns='$dns 'looks ok' echo ' dns='$dns 'looks ok'
auth=`{ndb/query ipnet $ipnet auth | sed 's/^auth=//'} auth=`{ndb/query ipnet $ipnet auth}
if(~ $auth '') if(~ $auth '')
echo ' no auth= entry' echo ' no auth= entry'
if not if(! ip/ping -n 1 $auth >/dev/null >[2=1]) if not if(! ip/ping -n 1 $auth >/dev/null >[2=1])
@ -50,7 +50,7 @@ fn checknet {
authok=1 authok=1
echo ' auth='$auth 'looks ok' echo ' auth='$auth 'looks ok'
} }
authdom=`{ndb/query ipnet $ipnet authdom | sed 's/^authdom=//'} authdom=`{ndb/query ipnet $ipnet authdom}
if(~ $authdom '') if(~ $authdom '')
echo ' no authdom= entry' echo ' no authdom= entry'
if not if not
@ -58,7 +58,7 @@ fn checknet {
} }
fn checkauth { fn checkauth {
echo 'checking auth server configuration:' echo 'checking auth server configuration:'
auth=`{ndb/ipquery ipnet $ipnet auth | sed 's/^auth=//' } auth=`{ndb/query ipnet $ipnet auth}
if(~ $auth ''){ if(~ $auth ''){
echo ' no auth server' echo ' no auth server'
exit fail exit fail
@ -94,7 +94,7 @@ fn checkauth {
fn checksec { fn checksec {
echo 'checking basic security:' echo 'checking basic security:'
if(@{rfork n; mount -n /srv/boot /root >/dev/null >[2=1]}) if(@{rfork n; mount -n /srv/boot /root >/dev/null >[2=1]})
echo ' file server does not require auth' echo ' file server does not require auth for user '^`{cat '#c'/user}
if not if not
echo ' file server seems to require auth' echo ' file server seems to require auth'
} }