Avoid using perl in the periodic & security scripts. This brings the

base system one step closer to being totally perl-free.

Approved by:	re (jhb)
This commit is contained in:
Giorgos Keramidas 2002-12-07 23:37:44 +00:00
parent f22dda7a29
commit 0333ea509d
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=107674
5 changed files with 36 additions and 31 deletions

View File

@ -25,7 +25,7 @@ case "$daily_status_mailq_enable" in
rc=$(case "$daily_status_mailq_shorten" in
[Yy][Ee][Ss])
mailq |
perl -ne 'print if /^\s+\S+@/' |
egrep -e '^[[:space:]]+[^[:space:]]+@' |
sort |
uniq -c |
sort -nr |
@ -45,7 +45,7 @@ case "$daily_status_mailq_enable" in
rc=$(case "$daily_status_mailq_shorten" in
[Yy][Ee][Ss])
mailq -Ac |
perl -ne 'print if /^\s+\S+@/' |
egrep -e '^[[:space:]]+[^[:space:]]+@' |
sort |
uniq -c |
sort -nr |

View File

@ -51,8 +51,9 @@ case "$daily_status_mail_rejects_enable" in
done
cat /var/log/maillog
} |
perl -ne "print \"\$2\n\"
if (/reject=/ and /^$start.*ruleset=check_\S+,\s+arg1=(<[^@]+@)?([^>,]+).*reject=/o);" |
fgrep 'reject=' |
egrep -e "^$start.*ruleset=check_[^[:space:]]+,[[:space:]]+arg1=(<[^@]+@)?([^>,]+).*reject=.*" |
sed -e 's/.*arg1=//' -e 's/.*@//' -e 's/[>[:space:]].*$//' |
sort -f | uniq -ic | sort -fnr | tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
fi;;

View File

@ -25,30 +25,30 @@ case "$daily_status_named_enable" in
start=`date -v-1d '+%b %d' | sed 's/0\(.\)$/ \1/'`
rc=$(catmsgs |
perl -ne 'print "$2 from $1\n"
if (/^'"$start"'.*named\[\d+\]: denied [AI]XFR from \[(.*)\]\.\d+ for "(.*)"/);' |
sort -f | uniq -ic |
perl -e '
use Socket;
fgrep '^'"$start"'.*named\[[[:digit:]]\+\]: denied [AI]XFR from \[.*\]\.[[:digit:]]\+ for' | \
sed -e 's/.*: denied [AI]XFR from \[\(.*\)\]\.[[:digit:]]* for "\(.*\)".*$/\2 from \1/'
sort -f | uniq -ic | (
usedns=0
if [ X"${daily_status_named_usedns}" != X"" ]; then
case $daily_status_named_usedns in
[yY][eE][sS]) usedns=1 ;;
esac
fi
while (<STDIN>) {
if (/^.*from (.*)$/) {
$ip_addr = $1;
chomp;
if ($ARGV[0] =~ /^yes$/i) {
($host) = gethostbyaddr(inet_aton($ip_addr), AF_INET);
} else {
$host = "";
}
if ($host) {
print "$_ ($host)\n";
} else {
print "$_\n";
}
}
}
' $daily_status_named_usedns | tee /dev/stderr | wc -l)
while read line ;do
ipaddr=`echo "$line" | sed -e 's/^.*from //'`
if [ $usedns -eq 1 ]; then
name=`host "${ipaddr}" 2>/dev/null | \
grep 'domain name pointer' | \
sed -e 's/^.* //'`
fi
if [ X"${name}" != X"" ]; then
echo "${line} (${name})"
else
echo "${line}"
fi
done ) | \
tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
;;

View File

@ -45,8 +45,10 @@ case "$daily_status_security_ipfwlimit_enable" in
TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then
ipfw -a l | grep " log " | perl -n -e \
'/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > ${TMP}
ipfw -a l | grep " log " | \
grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
awk -v limit="$IPFW_LOG_LIMIT" \
'{if ($2 > limit) {print $0}}' > ${TMP}
if [ -s "${TMP}" ]; then
rc=1
echo ""

View File

@ -45,8 +45,10 @@ case "$daily_status_security_ip6fwlimit_enable" in
TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
IP6FW_LOG_LIMIT=`sysctl -n net.inet6.ip6.fw.verbose_limit 2> /dev/null`
if [ $? -eq 0 ] && [ "${IP6FW_LOG_LIMIT}" -ne 0 ]; then
ip6fw -a l | grep " log " | perl -n -e \
'/^\d+\s+(\d+)/; print if ($1 >= '$IP6FW_LOG_LIMIT')' > ${TMP}
ip6fw -a l | grep " log " | \
grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
awk -v limit="$IPFW_LOG_LIMIT" \
'{if ($2 > limit) {print $0}}' > ${TMP}
if [ -s "${TMP}" ]; then
rc=1
echo ""