Delete synterloper/setup_synterloper.sh
This commit is contained in:
parent
7a3cbf5630
commit
ca14a9a351
1 changed files with 0 additions and 122 deletions
|
|
@ -1,122 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# setup_synterloper.sh
|
|
||||||
#
|
|
||||||
# Sets up a background packet capture service for a specified TCP port (default 22).
|
|
||||||
# Designed for automated execution on first-boot via cloud-init or user data.
|
|
||||||
#
|
|
||||||
|
|
||||||
# --- Configuration ---
|
|
||||||
LOG_DIR="/var/log/synterloper"
|
|
||||||
CAPTURE_PORT="22"
|
|
||||||
ROTATE_SECONDS="3600" # 3600 seconds = 1 hour
|
|
||||||
RETENTION_DAYS="7"
|
|
||||||
SNAP_LEN="128" # Bytes to capture per packet
|
|
||||||
|
|
||||||
# --- Script Logic ---
|
|
||||||
|
|
||||||
# Ensure script is run as root
|
|
||||||
if [ "$(id -u)" -ne 0 ]; then
|
|
||||||
echo "Error: This script must be run as root." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Detect OS and install dependencies
|
|
||||||
OS_TYPE=$(uname)
|
|
||||||
echo "Initializing SYNterloper setup for OS: ${OS_TYPE}"
|
|
||||||
|
|
||||||
if [ "${OS_TYPE}" = "Linux" ]; then
|
|
||||||
echo "Installing dependencies (tcpdump) using apt..."
|
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
|
||||||
if ! apt-get update >/dev/null; then echo "Error: apt-get update failed."; exit 1; fi
|
|
||||||
if ! apt-get install -y tcpdump >/dev/null; then echo "Error: apt-get install failed."; exit 1; fi
|
|
||||||
elif [ "${OS_TYPE}" = "FreeBSD" ]; then
|
|
||||||
echo "Installing dependencies (tcpdump) using pkg..."
|
|
||||||
if ! pkg install -y tcpdump >/dev/null; then echo "Error: pkg install failed."; exit 1; fi
|
|
||||||
else
|
|
||||||
echo "Error: Unsupported OS type '${OS_TYPE}'" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
echo "Dependency installation complete."
|
|
||||||
|
|
||||||
# Create log directory with appropriate permissions
|
|
||||||
echo "Creating log directory: ${LOG_DIR}"
|
|
||||||
mkdir -p "${LOG_DIR}"
|
|
||||||
chown root:root "${LOG_DIR}"
|
|
||||||
chmod 700 "${LOG_DIR}"
|
|
||||||
|
|
||||||
# Create the system service
|
|
||||||
if [ "${OS_TYPE}" = "Linux" ]; then
|
|
||||||
# Systemd Service for Linux (Debian/Ubuntu)
|
|
||||||
echo "Creating systemd service: synterloper.service"
|
|
||||||
cat > /etc/systemd/system/synterloper.service <<EOF
|
|
||||||
[Unit]
|
|
||||||
Description=SYNterloper - TCP Port Connection Logger
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
ExecStart=/bin/sh -c 'exec /usr/sbin/tcpdump -i \$(ip -4 route get 1.1.1.1 | grep -oP "dev \\K\\S+") -s ${SNAP_LEN} -w ${LOG_DIR}/capture-%Y-%m-%d_%H-%M.pcap -G ${ROTATE_SECONDS} "tcp port ${CAPTURE_PORT}"'
|
|
||||||
Restart=on-failure
|
|
||||||
RestartSec=5
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
EOF
|
|
||||||
|
|
||||||
echo "Enabling and starting synterloper service (systemd)..."
|
|
||||||
systemctl daemon-reload
|
|
||||||
systemctl enable synterloper.service
|
|
||||||
systemctl start synterloper.service
|
|
||||||
|
|
||||||
elif [ "${OS_TYPE}" = "FreeBSD" ]; then
|
|
||||||
# rc.d Service for FreeBSD
|
|
||||||
echo "Creating rc.d script: /usr/local/etc/rc.d/synterloper"
|
|
||||||
cat > /usr/local/etc/rc.d/synterloper <<'EOF'
|
|
||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# PROVIDE: synterloper
|
|
||||||
# REQUIRE: NETWORKING
|
|
||||||
# KEYWORD: shutdown
|
|
||||||
#
|
|
||||||
. /etc/rc.subr
|
|
||||||
name="synterloper"
|
|
||||||
rcvar="synterloper_enable"
|
|
||||||
load_rc_config \$name
|
|
||||||
: \${synterloper_enable:="NO"}
|
|
||||||
: \${synterloper_port:="22"}
|
|
||||||
: \${synterloper_logdir:="/var/log/synterloper"}
|
|
||||||
: \${synterloper_rotate_sec:="3600"}
|
|
||||||
: \${synterloper_snaplen:="128"}
|
|
||||||
default_iface=\$(route -n get default | grep 'interface:' | awk '{print \$2}')
|
|
||||||
command="/usr/sbin/tcpdump"
|
|
||||||
command_args="-i \${default_iface} -s \${synterloper_snaplen} -w \${synterloper_logdir}/capture-%Y-%m-%d_%H-%M.pcap -G \${synterloper_rotate_sec} \"tcp port \${synterloper_port}\""
|
|
||||||
pidfile="/var/run/\${name}.pid"
|
|
||||||
start_cmd="daemon -p \${pidfile} \${command} \${command_args}"
|
|
||||||
run_rc_command "\$1"
|
|
||||||
EOF
|
|
||||||
chmod +x /usr/local/etc/rc.d/synterloper
|
|
||||||
|
|
||||||
echo "Enabling and starting synterloper service (rc.d)..."
|
|
||||||
sysrc synterloper_enable=YES
|
|
||||||
sysrc synterloper_port="${CAPTURE_PORT}"
|
|
||||||
sysrc synterloper_logdir="${LOG_DIR}"
|
|
||||||
sysrc synterloper_rotate_sec="${ROTATE_SECONDS}"
|
|
||||||
sysrc synterloper_snaplen="${SNAP_LEN}"
|
|
||||||
service synterloper start
|
|
||||||
fi
|
|
||||||
echo "Service configuration complete."
|
|
||||||
|
|
||||||
# Create the log rotation cron job
|
|
||||||
echo "Creating daily log cleanup cron job..."
|
|
||||||
cat > /etc/cron.daily/synterloper-cleanup <<EOF
|
|
||||||
#!/bin/sh
|
|
||||||
# Deletes SYNterloper capture files older than ${RETENTION_DAYS} days.
|
|
||||||
find "${LOG_DIR}" -name "*.pcap" -type f -mtime +${RETENTION_DAYS} -delete
|
|
||||||
EOF
|
|
||||||
chmod +x /etc/cron.daily/synterloper-cleanup
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
echo "--- SYNterloper Setup Complete ---"
|
|
||||||
echo "Service is now logging TCP port ${CAPTURE_PORT} to ${LOG_DIR}"
|
|
||||||
echo "----------------------------------"
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue