mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-12-04 10:19:26 +00:00
Avoid using perl in the periodic & security scripts. This brings the
base system one step closer to being totally perl-free. Approved by: re (jhb)
This commit is contained in:
parent
f22dda7a29
commit
0333ea509d
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=107674
@ -25,7 +25,7 @@ case "$daily_status_mailq_enable" in
|
||||
rc=$(case "$daily_status_mailq_shorten" in
|
||||
[Yy][Ee][Ss])
|
||||
mailq |
|
||||
perl -ne 'print if /^\s+\S+@/' |
|
||||
egrep -e '^[[:space:]]+[^[:space:]]+@' |
|
||||
sort |
|
||||
uniq -c |
|
||||
sort -nr |
|
||||
@ -45,7 +45,7 @@ case "$daily_status_mailq_enable" in
|
||||
rc=$(case "$daily_status_mailq_shorten" in
|
||||
[Yy][Ee][Ss])
|
||||
mailq -Ac |
|
||||
perl -ne 'print if /^\s+\S+@/' |
|
||||
egrep -e '^[[:space:]]+[^[:space:]]+@' |
|
||||
sort |
|
||||
uniq -c |
|
||||
sort -nr |
|
||||
|
@ -51,8 +51,9 @@ case "$daily_status_mail_rejects_enable" in
|
||||
done
|
||||
cat /var/log/maillog
|
||||
} |
|
||||
perl -ne "print \"\$2\n\"
|
||||
if (/reject=/ and /^$start.*ruleset=check_\S+,\s+arg1=(<[^@]+@)?([^>,]+).*reject=/o);" |
|
||||
fgrep 'reject=' |
|
||||
egrep -e "^$start.*ruleset=check_[^[:space:]]+,[[:space:]]+arg1=(<[^@]+@)?([^>,]+).*reject=.*" |
|
||||
sed -e 's/.*arg1=//' -e 's/.*@//' -e 's/[>[:space:]].*$//' |
|
||||
sort -f | uniq -ic | sort -fnr | tee /dev/stderr | wc -l)
|
||||
[ $rc -gt 0 ] && rc=1
|
||||
fi;;
|
||||
|
@ -25,30 +25,30 @@ case "$daily_status_named_enable" in
|
||||
|
||||
start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'`
|
||||
rc=$(catmsgs |
|
||||
perl -ne 'print "$2 from $1\n"
|
||||
if (/^'"$start"'.*named\[\d+\]: denied [AI]XFR from \[(.*)\]\.\d+ for "(.*)"/);' |
|
||||
sort -f | uniq -ic |
|
||||
perl -e '
|
||||
use Socket;
|
||||
fgrep '^'"$start"'.*named\[[[:digit:]]\+\]: denied [AI]XFR from \[.*\]\.[[:digit:]]\+ for' | \
|
||||
sed -e 's/.*: denied [AI]XFR from \[\(.*\)\]\.[[:digit:]]* for "\(.*\)".*$/\2 from \1/'
|
||||
sort -f | uniq -ic | (
|
||||
usedns=0
|
||||
if [ X"${daily_status_named_usedns}" != X"" ]; then
|
||||
case $daily_status_named_usedns in
|
||||
[yY][eE][sS]) usedns=1 ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
while (<STDIN>) {
|
||||
if (/^.*from (.*)$/) {
|
||||
$ip_addr = $1;
|
||||
chomp;
|
||||
if ($ARGV[0] =~ /^yes$/i) {
|
||||
($host) = gethostbyaddr(inet_aton($ip_addr), AF_INET);
|
||||
} else {
|
||||
$host = "";
|
||||
}
|
||||
|
||||
if ($host) {
|
||||
print "$_ ($host)\n";
|
||||
} else {
|
||||
print "$_\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
' $daily_status_named_usedns | tee /dev/stderr | wc -l)
|
||||
while read line ;do
|
||||
ipaddr=`echo "$line" | sed -e 's/^.*from //'`
|
||||
if [ $usedns -eq 1 ]; then
|
||||
name=`host "${ipaddr}" 2>/dev/null | \
|
||||
grep 'domain name pointer' | \
|
||||
sed -e 's/^.* //'`
|
||||
fi
|
||||
if [ X"${name}" != X"" ]; then
|
||||
echo "${line} (${name})"
|
||||
else
|
||||
echo "${line}"
|
||||
fi
|
||||
done ) | \
|
||||
tee /dev/stderr | wc -l)
|
||||
[ $rc -gt 0 ] && rc=1
|
||||
;;
|
||||
|
||||
|
@ -45,8 +45,10 @@ case "$daily_status_security_ipfwlimit_enable" in
|
||||
TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
|
||||
IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
|
||||
if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then
|
||||
ipfw -a l | grep " log " | perl -n -e \
|
||||
'/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > ${TMP}
|
||||
ipfw -a l | grep " log " | \
|
||||
grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
|
||||
awk -v limit="$IPFW_LOG_LIMIT" \
|
||||
'{if ($2 > limit) {print $0}}' > ${TMP}
|
||||
if [ -s "${TMP}" ]; then
|
||||
rc=1
|
||||
echo ""
|
||||
|
@ -45,8 +45,10 @@ case "$daily_status_security_ip6fwlimit_enable" in
|
||||
TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
|
||||
IP6FW_LOG_LIMIT=`sysctl -n net.inet6.ip6.fw.verbose_limit 2> /dev/null`
|
||||
if [ $? -eq 0 ] && [ "${IP6FW_LOG_LIMIT}" -ne 0 ]; then
|
||||
ip6fw -a l | grep " log " | perl -n -e \
|
||||
'/^\d+\s+(\d+)/; print if ($1 >= '$IP6FW_LOG_LIMIT')' > ${TMP}
|
||||
ip6fw -a l | grep " log " | \
|
||||
grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
|
||||
awk -v limit="$IPFW_LOG_LIMIT" \
|
||||
'{if ($2 > limit) {print $0}}' > ${TMP}
|
||||
if [ -s "${TMP}" ]; then
|
||||
rc=1
|
||||
echo ""
|
||||
|
Loading…
Reference in New Issue
Block a user