From 274902612c23d6a4dad21b78b394f568ab0e6b1a Mon Sep 17 00:00:00 2001 From: first Date: Sun, 6 Jul 2025 07:37:24 +0000 Subject: [PATCH] Add synterloper/setup_synterloper.sh --- synterloper/setup_synterloper.sh | 122 +++++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) create mode 100644 synterloper/setup_synterloper.sh diff --git a/synterloper/setup_synterloper.sh b/synterloper/setup_synterloper.sh new file mode 100644 index 0000000..14be435 --- /dev/null +++ b/synterloper/setup_synterloper.sh @@ -0,0 +1,122 @@ +#!/bin/sh +# +# setup_synterloper.sh +# +# Sets up a background packet capture service for a specified TCP port (default 22). +# Designed for automated execution on first-boot via cloud-init or user data. +# + +# --- Configuration --- +LOG_DIR="/var/log/synterloper" +CAPTURE_PORT="22" +ROTATE_SECONDS="3600" # 3600 seconds = 1 hour +RETENTION_DAYS="7" +SNAP_LEN="128" # Bytes to capture per packet + +# --- Script Logic --- + +# Ensure script is run as root +if [ "$(id -u)" -ne 0 ]; then + echo "Error: This script must be run as root." >&2 + exit 1 +fi + +# Detect OS and install dependencies +OS_TYPE=$(uname) +echo "Initializing SYNterloper setup for OS: ${OS_TYPE}" + +if [ "${OS_TYPE}" = "Linux" ]; then + echo "Installing dependencies (tcpdump) using apt..." + export DEBIAN_FRONTEND=noninteractive + if ! apt-get update >/dev/null; then echo "Error: apt-get update failed."; exit 1; fi + if ! apt-get install -y tcpdump >/dev/null; then echo "Error: apt-get install failed."; exit 1; fi +elif [ "${OS_TYPE}" = "FreeBSD" ]; then + echo "Installing dependencies (tcpdump) using pkg..." + if ! pkg install -y tcpdump >/dev/null; then echo "Error: pkg install failed."; exit 1; fi +else + echo "Error: Unsupported OS type '${OS_TYPE}'" >&2 + exit 1 +fi +echo "Dependency installation complete." + +# Create log directory with appropriate permissions +echo "Creating log directory: ${LOG_DIR}" +mkdir -p "${LOG_DIR}" +chown root:root "${LOG_DIR}" +chmod 700 "${LOG_DIR}" + +# Create the system service +if [ "${OS_TYPE}" = "Linux" ]; then + # Systemd Service for Linux (Debian/Ubuntu) + echo "Creating systemd service: synterloper.service" + cat > /etc/systemd/system/synterloper.service < /usr/local/etc/rc.d/synterloper <<'EOF' +#!/bin/sh +# +# PROVIDE: synterloper +# REQUIRE: NETWORKING +# KEYWORD: shutdown +# +. /etc/rc.subr +name="synterloper" +rcvar="synterloper_enable" +load_rc_config \$name +: \${synterloper_enable:="NO"} +: \${synterloper_port:="22"} +: \${synterloper_logdir:="/var/log/synterloper"} +: \${synterloper_rotate_sec:="3600"} +: \${synterloper_snaplen:="128"} +default_iface=\$(route -n get default | grep 'interface:' | awk '{print \$2}') +command="/usr/sbin/tcpdump" +command_args="-i \${default_iface} -s \${synterloper_snaplen} -w \${synterloper_logdir}/capture-%Y-%m-%d_%H-%M.pcap -G \${synterloper_rotate_sec} \"tcp port \${synterloper_port}\"" +pidfile="/var/run/\${name}.pid" +start_cmd="daemon -p \${pidfile} \${command} \${command_args}" +run_rc_command "\$1" +EOF + chmod +x /usr/local/etc/rc.d/synterloper + + echo "Enabling and starting synterloper service (rc.d)..." + sysrc synterloper_enable=YES + sysrc synterloper_port="${CAPTURE_PORT}" + sysrc synterloper_logdir="${LOG_DIR}" + sysrc synterloper_rotate_sec="${ROTATE_SECONDS}" + sysrc synterloper_snaplen="${SNAP_LEN}" + service synterloper start +fi +echo "Service configuration complete." + +# Create the log rotation cron job +echo "Creating daily log cleanup cron job..." +cat > /etc/cron.daily/synterloper-cleanup <