#!/bin/sh
#----------------------------------------------------------------------------
# /var/install/bin/pre-setup-service-rsyslogd-list-allowed-sender
#
# Creation: 2019-07-21 ansgar
# Last Update: $Id$
#
# Copyright (c) 2011-2022 the eisfair team, team(at)eisfair(dot)org
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#----------------------------------------------------------------------------
. /var/install/include/eislib
. /etc/config.d/rsyslogd
#exec 2>/tmp/$(basename ${0})-trace$$.log
#set -x
OUTPUT_FILE='/tmp/rsyslogd_allowed_sender'
rsyslogdfile=/etc/config.d/rsyslogd
possible_file='/tmp/rsyslogd_possible'
allowed_file='/tmp/rsyslogd_allowed'
possible_file_sort='/tmp/rsyslogd_possible_sort'
allowed_file_sort='/tmp/rsyslogd_allowed_sort'
# read configuration
. $rsyslogdfile
# ---------------------------------------------------------------------------
# assemble information
# ---------------------------------------------------------------------------
assemble_information ()
{
> $OUTPUT_FILE
> $possible_file
> $allowed_file
if [ "$RSYSLOGD_IMUDP" = 'yes' ]
then
idx=1
while [ "$idx" -le "$RSYSLOGD_IMUDP_N" ]
do
eval act_port='$RSYSLOGD_IMUDP_'${idx}'_PORT'
echo "1 UDP $act_port" >> $possible_file
idx=`expr $idx + 1`
done
fi
if [ "$RSYSLOGD_IMTCP" = 'yes' ]
then
idx=1
while [ "$idx" -le "$RSYSLOGD_IMTCP_N" ]
do
eval act_port='$RSYSLOGD_IMTCP_'${idx}'_PORT'
echo "2 TCP $act_port" >> $possible_file
idx=`expr $idx + 1`
done
fi
if [ "$RSYSLOGD_IMRELP" = 'yes' ]
then
idx=1
while [ "$idx" -le "$RSYSLOGD_IMRELP_N" ]
do
eval act_port='$RSYSLOGD_IMRELP_'${idx}'_PORT'
echo "3 RELP $act_port" >> $possible_file
idx=`expr $idx + 1`
done
fi
if [ ! "$RSYSLOGD_ALLOWED_SENDER_N" = 0 ]
then
idx=1
while [ "$idx" -le "$RSYSLOGD_ALLOWED_SENDER_N" ]
do
eval act_sender_active='$RSYSLOGD_ALLOWED_SENDER_'${idx}'_ACTIVE'
eval act_sender_prot='$RSYSLOGD_ALLOWED_SENDER_'${idx}'_PROT'
eval act_sender_port='$RSYSLOGD_ALLOWED_SENDER_'${idx}'_PORT'
eval act_sender='$RSYSLOGD_ALLOWED_SENDER_'${idx}''
if [ "$act_sender_active" = 'yes' ]
then
case $act_sender_prot in
TCP) act_index='2'
;;
UDP) act_index='1'
;;
RELP) act_index='3'
;;
esac
echo "$act_index $act_sender_prot $act_sender_port $act_sender" >> $allowed_file
fi
idx=`expr $idx + 1`
done
fi
sort $possible_file > $possible_file_sort
sort $allowed_file > $allowed_file_sort
rm -f $possible_file
rm -f $allowed_file
last_sender_prot=''
last_sender_port=''
echo '' >> $OUTPUT_FILE
echo ' Protocol Port Allowed Sender' >> $OUTPUT_FILE
# 01234567890
# 012345678
echo '' >> $OUTPUT_FILE
while read act_index act_sender_prot act_sender_port
do
act_allowed=$(grep "^$act_index $act_sender_prot $act_sender_port" $allowed_file_sort)
if [ -z "$act_allowed" ]
then
act_allowed='All sender allowed'
printf " %-10s %-8s %-30s\n" $act_sender_prot $act_sender_port "$act_allowed" >> $OUTPUT_FILE
else
# IFS aendern, weil sonst nach jedem Space getrennt wird
OLDIFS="${IFS}"
IFS="
"
for act_value in $act_allowed
do
IFS="${OLDIFS}"
act_value=$(echo "$act_value" | sed "s|$act_index $act_sender_prot $act_sender_port ||")
if [ "$act_sender_prot" = "$last_sender_prot" -a "$act_sender_port" = "$last_sender_port" ]
then
act_sender_prot=' '
act_sender_port=' '
fi
printf " %-10s %-8s %-30s\n" "$act_sender_prot" "$act_sender_port" "$act_value" >> $OUTPUT_FILE
last_sender_prot="$act_sender_prot"
last_sender_port="$act_sender_port"
done
fi
done < $possible_file_sort
rm -f $possible_file_sort
rm -f $allowed_file_sort
}
# ---------------------------------------------------------------------------
# main
# ---------------------------------------------------------------------------
assemble_information
# ---------------------------------------------------------------------------
# end
# ---------------------------------------------------------------------------