lol
This commit is contained in:
commit
edb38ff5cc
4983 changed files with 583086 additions and 0 deletions
2
.gitattributes
vendored
Normal file
2
.gitattributes
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
*.squashfs filter=lfs diff=lfs merge=lfs -text
|
||||
*.img filter=lfs diff=lfs merge=lfs -text
|
7
README.md
Normal file
7
README.md
Normal file
|
@ -0,0 +1,7 @@
|
|||
![](https://count.ayaya.beauty/get/@lol219321?theme=asoul)
|
||||
|
||||
---
|
||||
|
||||
Root files from the GPT-2741 GPON router. Extracted using the bundled sftp server (I don't remember correctly, but I used dd to copy the images to a file)
|
||||
|
||||
mtdblock3 and mtdblock5 were extracted using `binwalk -eB`. The other filesystems and partitions failed to extract automaticalle but they should be YAFFS2 filesystems.
|
BIN
_mtdblock3.img.extracted/0.squashfs
Normal file
BIN
_mtdblock3.img.extracted/0.squashfs
Normal file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/ash
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ash
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/bash
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/bash
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/bob
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/bob
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/bin/busybox
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/busybox
Executable file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/cat
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/cat
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/chmod
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/chmod
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/cmdsh
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/cmdsh
Executable file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/cp
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/cp
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/date
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/date
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/dd
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/dd
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/dmesg
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/dmesg
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/echo
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/echo
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/false
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/false
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/grep
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/grep
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/gzip
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/gzip
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/hostname
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/hostname
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/hz_service
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/hz_service
Executable file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/kill
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/kill
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/ln
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ln
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/loggen
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/loggen
Executable file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/login
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/login
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/ls
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ls
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/maceui
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/maceui
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/mkdir
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/mkdir
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/more
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/more
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/mount
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/mount
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/mv
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/mv
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/netstat
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/netstat
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/nice
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/nice
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/pdbtool
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/pdbtool
Executable file
Binary file not shown.
1
_mtdblock3.img.extracted/squashfs-root/bin/pidof
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/pidof
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/pidofzombie
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/pidofzombie
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/ping
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ping
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/ping6
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ping6
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/ps
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/ps
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/pwd
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/pwd
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/rm
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/rm
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/rmdir
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/rmdir
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/run-parts
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/run-parts
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/sed
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/sed
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/sh
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/sh
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
566
_mtdblock3.img.extracted/squashfs-root/bin/shgw
Executable file
566
_mtdblock3.img.extracted/squashfs-root/bin/shgw
Executable file
|
@ -0,0 +1,566 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
#
|
||||
# Used for matching the version
|
||||
. /etc/shgw/shgw.version
|
||||
|
||||
#
|
||||
# Load all the variables
|
||||
. /etc/shgw/shgw.constants
|
||||
. /etc/shgw/shgw.common
|
||||
. /etc/shgw/shgw.env
|
||||
. /etc/shgw/shgw.errno
|
||||
. /etc/shgw/shgw_migrate
|
||||
|
||||
fn_trim_startup_log
|
||||
${SHGW_LOG_TRIMMER} &
|
||||
|
||||
#
|
||||
# Enable deep inspection debugging of this shell script
|
||||
|
||||
exec 3>&1 4>&2 1>> ${SHGW_STARTUP_LOG} 2>&1
|
||||
set -x
|
||||
|
||||
fn_retry_cmd_upto_five_times() {
|
||||
local _cmd=$1
|
||||
local _ecode=$2
|
||||
COUNT=1
|
||||
while [ $COUNT -lt $SQL_FAILURE_RETRY_COUNT ]; do
|
||||
eval $_cmd > /dev/null 2>&1
|
||||
if [ $? -eq 0 ]; then
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
COUNT=$((${COUNT} + 1))
|
||||
done
|
||||
|
||||
if [ $COUNT -eq $SQL_FAILURE_RETRY_COUNT ]; then
|
||||
fn_err_exit $_ecode
|
||||
fi
|
||||
}
|
||||
|
||||
create_debug_files(){
|
||||
if [ ! -f ${SHGW_STARTUP_STATUS} ]; then
|
||||
> ${SHGW_STARTUP_STATUS}
|
||||
fi
|
||||
|
||||
if [ ! -f ${SHGW_ERROR_FILE} ]; then
|
||||
> ${SHGW_ERROR_FILE}
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
get_lan_ifaces() {
|
||||
local _IFACE=""
|
||||
LAN_INTERFACE_JSON_LIST=""
|
||||
for _IFACE in ${LAN_INTERFACES}; do
|
||||
if [ ! -z ${LAN_INTERFACE_JSON_LIST} ]; then
|
||||
LAN_INTERFACE_JSON_LIST=${LAN_INTERFACE_JSON_LIST}','
|
||||
fi
|
||||
LAN_INTERFACE_JSON_LIST=${LAN_INTERFACE_JSON_LIST}'"'${_IFACE}'"'
|
||||
done
|
||||
if [ -z ${LAN_INTERFACE_JSON_LIST} ]; then
|
||||
fn_err_exit ${NO_LAN_IFACE}
|
||||
fi
|
||||
LAN_INTERFACE_JSON_LIST='['${LAN_INTERFACE_JSON_LIST}']'
|
||||
${ECHO} "[$(fn_time_now)] LAN_INTERFACES = ${LAN_INTERFACE_JSON_LIST} " >> ${SHGW_STARTUP_STATUS}
|
||||
}
|
||||
|
||||
create_persistant_sqlite_db(){
|
||||
${SHGW_ENCRYPT_SQL} "START" "PERSIST"
|
||||
}
|
||||
|
||||
update_persistant_sqlite_db() {
|
||||
if [ X"$mode" == X"softstart" ]; then
|
||||
reset=0
|
||||
${SHGW_ENCRYPT_SQL} "UPDATE_START" "${LAN_INTERFACE_JSON_LIST}" "${SHGW_VERSION}" "${IP_SKIP_JSON_LIST}" "${base_mac}" "${serial}" "${model}" "${country_code}" "${timezone}" "${WAN_INTERFACE_JSON_LIST}" "${DEFAULT_WAN_INTERFACE}" "${DEFAULT_DNS_SERVER_LIST}" "${LAN_IP_LIST}" "${LAN_IFACE_IP_LIST}" "${reset}"
|
||||
elif [ X"$mode" == X"db_start" ]; then
|
||||
reset=2
|
||||
${SHGW_ENCRYPT_SQL} "UPDATE_START" "${LAN_INTERFACE_JSON_LIST}" "${SHGW_VERSION}" "${IP_SKIP_JSON_LIST}" "${base_mac}" "${serial}" "${model}" "${country_code}" "${timezone}" "${WAN_INTERFACE_JSON_LIST}" "${DEFAULT_WAN_INTERFACE}" "${DEFAULT_DNS_SERVER_LIST}" "${LAN_IP_LIST}" "${LAN_IFACE_IP_LIST}" "${reset}"
|
||||
else
|
||||
${SHGW_ENCRYPT_SQL} "UPDATE_START" "${LAN_INTERFACE_JSON_LIST}" "${SHGW_VERSION}" "${IP_SKIP_JSON_LIST}" "${base_mac}" "${serial}" "${model}" "${country_code}" "${timezone}" "${WAN_INTERFACE_JSON_LIST}" "${DEFAULT_WAN_INTERFACE}" "${DEFAULT_DNS_SERVER_LIST}" "${LAN_IP_LIST}" "${LAN_IFACE_IP_LIST}"
|
||||
fi
|
||||
}
|
||||
|
||||
check_persistant_db(){
|
||||
|
||||
local _need_to_create_db=0
|
||||
if [ -f ${SHGW_PERSISTANT_DB} ]; then
|
||||
local _shgw_version_from_sql=$(${SHGW_ENCRYPT_SQL} "GET" "VERSION" "shgw_config_store")
|
||||
if [ "${_shgw_version_from_sql}" != "${SHGW_VERSION}" ]; then
|
||||
fn_migrate_persistant_db
|
||||
fi
|
||||
else
|
||||
# persistant db not found
|
||||
_need_to_create_db=1
|
||||
fi
|
||||
|
||||
if [ ${_need_to_create_db} -eq 1 ]; then
|
||||
create_persistant_sqlite_db
|
||||
fi
|
||||
}
|
||||
|
||||
fetch_skip_ips() {
|
||||
if [ ! -f ${IP_SKIP_LIST_FILE} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No Skip IPs file" >> ${SHGW_STARTUP_STATUS}
|
||||
IP_SKIP_JSON_LIST='[""]'
|
||||
else
|
||||
IP_SKIP_JSON_LIST=""
|
||||
while read line
|
||||
do
|
||||
if [ ! -z ${IP_SKIP_JSON_LIST} ]; then
|
||||
IP_SKIP_JSON_LIST=${IP_SKIP_JSON_LIST}','
|
||||
fi
|
||||
IP_SKIP_JSON_LIST=${IP_SKIP_JSON_LIST}'"'${line}'"'
|
||||
done < ${IP_SKIP_LIST_FILE}
|
||||
|
||||
if [ -z ${IP_SKIP_JSON_LIST} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No Skip IPs" >> ${SHGW_STARTUP_STATUS}
|
||||
fi
|
||||
|
||||
IP_SKIP_JSON_LIST='['${IP_SKIP_JSON_LIST}']'
|
||||
${ECHO} "[$(fn_time_now)] Skipping IPs = ${IP_SKIP_JSON_LIST} " >> ${SHGW_STARTUP_STATUS}
|
||||
fi
|
||||
}
|
||||
|
||||
__fetch_wan_and_dns_data() {
|
||||
local line=${1}
|
||||
local wan=""
|
||||
local dns=""
|
||||
local res=""
|
||||
|
||||
wan=$(${ECHO} ${line} | ${CUT} -d';' -f1)
|
||||
dns=$(${ECHO} ${line} | ${CUT} -d';' -f2 | ${SED} 's/,/ /g')
|
||||
dns_list=""
|
||||
|
||||
if [ ! -z "${dns}" ]; then
|
||||
for i in ${dns}; do
|
||||
if [ ! -z ${dns_list} ]; then
|
||||
dns_list=${dns_list}','
|
||||
fi
|
||||
dns_list=${dns_list}'"'${i}'"'
|
||||
done
|
||||
res='{"interface":"'${wan}'","dns":['${dns_list}']}'
|
||||
fi
|
||||
|
||||
${ECHO} $res
|
||||
}
|
||||
|
||||
fetch_wan_interfaces() {
|
||||
DEFAULT_WAN_INTERFACE=""
|
||||
WAN_INTERFACE_JSON_LIST=''
|
||||
if [ ! -f ${WAN_INFO} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No WAN Info file" >> ${SHGW_STARTUP_STATUS}
|
||||
fn_err_exit ${NO_DEFAULT_WAN_IFACE}
|
||||
else
|
||||
while read line
|
||||
do
|
||||
if [ ! -z "$(${ECHO} ${line} | ${GREP} default)" ]; then
|
||||
DEFAULT_WAN_INTERFACE=$(${ECHO} ${line} | ${AWK} '{print $2}')
|
||||
else
|
||||
dns_list=""
|
||||
dns_list=$(__fetch_wan_and_dns_data ${line})
|
||||
#fetch default DNS server
|
||||
CUR_WAN_INTERFACE=$(${ECHO} ${dns_list} | ${CUT} -d':' -f2 | ${CUT} -d',' -f1 | ${SED} -e 's/"//g')
|
||||
if [ X"$CUR_WAN_INTERFACE" = X"$DEFAULT_WAN_INTERFACE" ]; then
|
||||
DEFAULT_DNS_SERVER_LIST=$(${ECHO} ${dns_list} | ${CUT} -d'[' -f2 | ${SED} -e 's/"//g' -e 's/]//g' -e 's/}//g')
|
||||
fi
|
||||
|
||||
if [ ! -z ${dns_list} ]; then
|
||||
if [ ! -z ${WAN_INTERFACE_JSON_LIST} ]; then
|
||||
WAN_INTERFACE_JSON_LIST=${WAN_INTERFACE_JSON_LIST}','
|
||||
fi
|
||||
WAN_INTERFACE_JSON_LIST=${WAN_INTERFACE_JSON_LIST}${dns_list}
|
||||
fi
|
||||
fi
|
||||
done < ${WAN_INFO}
|
||||
fi
|
||||
|
||||
if [ -z ${DEFAULT_WAN_INTERFACE} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No Default WAN Interface" >> ${SHGW_STARTUP_STATUS}
|
||||
fn_err_exit ${NO_DEFAULT_WAN_IFACE}
|
||||
fi
|
||||
# exit if there is no default DNS server
|
||||
if [ -z ${DEFAULT_DNS_SERVER_LIST} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No Default DNS Server" >> ${SHGW_STARTUP_STATUS}
|
||||
fn_err_exit ${NO_DEFAULT_DNS_SERVER_LIST}
|
||||
fi
|
||||
|
||||
if [ -z ${WAN_INTERFACE_JSON_LIST} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No WAN Interfaces" >> ${SHGW_STARTUP_STATUS}
|
||||
fn_err_exit ${NO_DEFAULT_WAN_IFACE}
|
||||
fi
|
||||
|
||||
WAN_INTERFACE_JSON_LIST="["${WAN_INTERFACE_JSON_LIST}"]"
|
||||
${ECHO} "[$(fn_time_now)] Default WAN Interfaces: ${DEFAULT_WAN_INTERFACE}" >> ${SHGW_STARTUP_STATUS}
|
||||
${ECHO} "[$(fn_time_now)] Default DNS server list: ${DEFAULT_DNS_SERVER_LIST}" >> ${SHGW_STARTUP_STATUS}
|
||||
${ECHO} "[$(fn_time_now)] WAN Interfaces: ${WAN_INTERFACE_JSON_LIST}" >> ${SHGW_STARTUP_STATUS}
|
||||
}
|
||||
|
||||
__fetch_lan_and_ip_data() {
|
||||
local line=${1}
|
||||
local lan=""
|
||||
local ip=""
|
||||
local res=""
|
||||
|
||||
lan=$(${ECHO} ${line} | ${CUT} -d';' -f1)
|
||||
ip=$(${ECHO} ${line} | ${CUT} -d';' -f2 | ${SED} 's/,/ /g')
|
||||
ip_list=""
|
||||
|
||||
if [ ! -z "${ip}" ]; then
|
||||
for i in ${ip}; do
|
||||
if [ ! -z ${ip_list} ]; then
|
||||
ip_list=${ip_list}','
|
||||
fi
|
||||
ip_list=${ip_list}'"'${i}'"'
|
||||
done
|
||||
res='{"interface":"'${lan}'","lan_ip":['${ip_list}']}'
|
||||
fi
|
||||
${ECHO} $res
|
||||
}
|
||||
|
||||
fetch_lan_ip() {
|
||||
local line=${1}
|
||||
local ip=""
|
||||
|
||||
ip=$(${ECHO} ${line} | ${CUT} -d';' -f2 | ${SED} 's/,/ /g')
|
||||
if [ ! -z "${ip}" ]; then
|
||||
for i in ${ip}; do
|
||||
if [ ! -z "$LAN_IP_LIST" ]; then
|
||||
LAN_IP_LIST=${LAN_IP_LIST}','
|
||||
fi
|
||||
LAN_IP_LIST=${LAN_IP_LIST}'"'${i}'"'
|
||||
done
|
||||
else
|
||||
LAN_IP_LIST='"192.168.1.1"'
|
||||
fi
|
||||
${ECHO} ${LAN_IP_LIST}
|
||||
}
|
||||
|
||||
fetch_lan_interfaces() {
|
||||
LAN_INTERFACES=""
|
||||
LAN_IP_LIST=""
|
||||
LAN_IFACE_IP_LIST=""
|
||||
|
||||
local lan=""
|
||||
if [ ! -f ${LAN_INFO} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No LAN Info file" >> ${SHGW_STARTUP_STATUS}
|
||||
LAN_INTERFACES="br0"
|
||||
LAN_IP_LIST='"192.168.1.1"'
|
||||
else
|
||||
while read line
|
||||
do
|
||||
if [ ! -z "$LAN_INTERFACES" ]; then
|
||||
LAN_INTERFACES=${LAN_INTERFACES}' '
|
||||
fi
|
||||
lan=$(${ECHO} ${line} | ${CUT} -d';' -f1)
|
||||
LAN_INTERFACES=${LAN_INTERFACES}${lan}
|
||||
if [ ! -z "$(${ECHO} ${line} | ${GREP} br0)" ]; then
|
||||
LAN_IP_LIST=$(fetch_lan_ip ${line})
|
||||
fi
|
||||
ip_list=""
|
||||
ip_list=$(__fetch_lan_and_ip_data ${line})
|
||||
if [ ! -z ${ip_list} ]; then
|
||||
if [ ! -z ${LAN_IFACE_IP_LIST} ]; then
|
||||
LAN_IFACE_IP_LIST=${LAN_IFACE_IP_LIST}','
|
||||
fi
|
||||
LAN_IFACE_IP_LIST=${LAN_IFACE_IP_LIST}${ip_list}
|
||||
fi
|
||||
done < ${LAN_INFO}
|
||||
fi
|
||||
LAN_IP_LIST='['${LAN_IP_LIST}']'
|
||||
LAN_IFACE_IP_LIST='['${LAN_IFACE_IP_LIST}']'
|
||||
|
||||
${ECHO} "[$(fn_time_now)] LAN Interfaces: ${LAN_INTERFACES}" >> ${SHGW_STARTUP_STATUS}
|
||||
${ECHO} "[$(fn_time_now)] LAN IP for br0: ${LAN_IP_LIST}" >> ${SHGW_STARTUP_STATUS}
|
||||
${ECHO} "[$(fn_time_now)] LAN IP for all interfcaes: ${LAN_IFACE_IP_LIST}" >> ${SHGW_STARTUP_STATUS}
|
||||
|
||||
}
|
||||
|
||||
fetch_and_update_gwinfo() {
|
||||
if [ ! -f ${HGUINFO} ]; then
|
||||
${ECHO} "[$(fn_time_now)] No HGU Info file" >> ${SHGW_STARTUP_STATUS}
|
||||
fn_err_exit ${FETCH_BASE_MAC_FAILED}
|
||||
else
|
||||
serial=$(${ECHO} $(${CUT} -d ';' -f1 ${HGUINFO}))
|
||||
model=$(${ECHO} $(${CUT} -d ';' -f2 ${HGUINFO}))
|
||||
timezone=$(${ECHO} $(${CUT} -d ';' -f3 ${HGUINFO}))
|
||||
country_code=$(${ECHO} $(${CUT} -d ';' -f4 ${HGUINFO}))
|
||||
base_mac=$(${ECHO} $(${CUT} -d ';' -f5 ${HGUINFO}))
|
||||
fi
|
||||
|
||||
if [ -z "${base_mac}" ]; then
|
||||
fn_err_exit ${FETCH_BASE_MAC_FAILED}
|
||||
fi
|
||||
|
||||
if [ -z ${serial} ]; then
|
||||
${ECHO} "[$(fn_time_now)] Serial number is empty!"
|
||||
serial="serial"
|
||||
fi
|
||||
|
||||
if [ -z ${model} ]; then
|
||||
${ECHO} "[$(fn_time_now)] Model number is empty!"
|
||||
model="model"
|
||||
fi
|
||||
|
||||
if [ -z ${country_code} ]; then
|
||||
${ECHO} "[$(fn_time_now)] Country code is empty!"
|
||||
country_code="ES" #Should we quit instead of this?
|
||||
fi
|
||||
|
||||
# Timezone in Econet is a huge string need to understand
|
||||
timezone=""
|
||||
if [ -z ${timezone} ]; then
|
||||
${ECHO} "[$(fn_time_now)] Timezone is empty!"
|
||||
timezone="GMT"
|
||||
fi
|
||||
|
||||
if [ -z ${tproxy_mark} ]; then
|
||||
${ECHO} "[$(fn_time_now)] tproxy_mark is empty!"
|
||||
tproxy_mark="0x4000"
|
||||
fi
|
||||
|
||||
if [ -z ${tproxy_mask} ]; then
|
||||
${ECHO} "[$(fn_time_now)] tproxy_mask is empty!"
|
||||
tproxy_mask="0x4000"
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
create_non_persistant_sqlite_db(){
|
||||
fn_retry_query_upto_five_times "CREATE TABLE IF NOT EXISTS device_discovery_table(dev_id TEXT PRIMARY KEY, mac TEXT,ip_address TEXT,ip6_address TEXT,host_name TEXT,headless INTEGER,status INTEGER,last_seen INTEGER,trusted INTEGER);" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
fn_retry_query_upto_five_times "CREATE TABLE IF NOT EXISTS stats(key TEXT PRIMARY KEY, value TEXT);" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
fn_retry_query_upto_five_times "DELETE FROM stats;" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
fn_retry_query_upto_five_times "INSERT INTO stats VALUES('dns_stats', '{}');" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
fn_retry_query_upto_five_times "INSERT INTO stats VALUES('sys_stats', '{}');" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
fn_retry_query_upto_five_times "CREATE TABLE IF NOT EXISTS shgw_access_restrictions(status INTEGER, protocol TEXT, port INTEGER, source TEXT, devices TEXT);" "${SHGW_NON_PERSISTANT_DB}" "${NON_PERSISTANT_DB_UPDATE_FAILED}" "${ONE_SEC}"
|
||||
}
|
||||
|
||||
delete_old_persistent_db() {
|
||||
if [ -f ${SHGW_OLD_PERSISTANT_DB} ]; then
|
||||
${RM} -f ${SHGW_OLD_PERSISTANT_DB}
|
||||
fi
|
||||
}
|
||||
|
||||
#------------------------------------start_server------------------------------
|
||||
|
||||
start_watchdogd() {
|
||||
#Remove the o/p redirection done by exec
|
||||
exec 1>&3 2>&4
|
||||
|
||||
${SHGW_WD_MONIT} &
|
||||
|
||||
#Add the o/p redirection
|
||||
exec 3>&1 4>&2 1>> ${SHGW_STARTUP_LOG} 2>&1
|
||||
|
||||
wd_pid=$(${PS} | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_pid ]; then
|
||||
# request start
|
||||
${KILL} -SIGUSR2 $wd_pid
|
||||
fi
|
||||
}
|
||||
|
||||
create_shgw_directories() {
|
||||
${MKDIR} -p ${SHGW_NVRAM}
|
||||
${MKDIR} -p ${SHGW_TMPFS_PATH}
|
||||
}
|
||||
|
||||
|
||||
check_tld_json_existence() {
|
||||
if [ ! -f ${TLD_JSON_FILE} ];then
|
||||
${CP} ${SHGW_PRIVATE}/shgw_tld_file.json ${SHGW_NVRAM}
|
||||
${CHMOD} 666 ${TLD_JSON_FILE}
|
||||
fi
|
||||
}
|
||||
|
||||
set_time() {
|
||||
rtm_util cfg igd time_ntp set 1 adm_state enable ip_intf 2 ntp_svr_1 211.22.103.157
|
||||
}
|
||||
|
||||
#------------------------------------>MAIN<----------------------------------------
|
||||
|
||||
start_shg(){
|
||||
delete_old_persistent_db
|
||||
create_shgw_directories
|
||||
|
||||
fetch_wan_interfaces
|
||||
fetch_lan_interfaces
|
||||
get_lan_ifaces
|
||||
|
||||
check_persistant_db
|
||||
fetch_and_update_gwinfo
|
||||
#calc_gwinfo
|
||||
fetch_skip_ips
|
||||
update_persistant_sqlite_db
|
||||
|
||||
#set_time
|
||||
|
||||
${SHGW_ACCESS_RESTRICTION} "inbound_sec_start"
|
||||
create_non_persistant_sqlite_db
|
||||
${ECHO} "[$(fn_time_now)] Database created successfully" >> ${SHGW_STARTUP_STATUS}
|
||||
check_tld_json_existence
|
||||
start_watchdogd
|
||||
|
||||
}
|
||||
|
||||
force_start_shg() {
|
||||
${SHGW_ENCRYPT_SQL} "UPDATE" "STOP_STATUS" "0"
|
||||
start_shg
|
||||
}
|
||||
|
||||
stop_shg(){
|
||||
${SHGW_ACCESS_RESTRICTION} "inbound_sec_stop"
|
||||
|
||||
# request stop
|
||||
wd_pid=$(ps | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_pid ]; then
|
||||
# request stop
|
||||
${KILL} -SIGUSR1 $wd_pid
|
||||
fi
|
||||
}
|
||||
|
||||
force_stop_shg(){
|
||||
${SHGW_ENCRYPT_SQL} "UPDATE" "STOP_STATUS" "1"
|
||||
stop_shg
|
||||
}
|
||||
|
||||
kill_shg() {
|
||||
${ECHO} "Killing SHGW"
|
||||
|
||||
stop_shg
|
||||
|
||||
wd_monit_pid=$(${PS} | ${GREP} -i "shgw_wd_monit" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_monit_pid ]; then
|
||||
${ECHO} "Stopping monit!"
|
||||
${KILL} -9 $wd_monit_pid
|
||||
fi
|
||||
|
||||
wd_pid=$(${PS} | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_pid ]; then
|
||||
${ECHO} "Stopping watchdog!"
|
||||
${KILL} -9 $wd_pid
|
||||
fi
|
||||
|
||||
|
||||
${RM} -rf ${SHGW_TMPFS_PATH}
|
||||
${RM} -rf ${SHGW_STARTUP_STATUS}
|
||||
${RM} -rf ${SHGW_STARTUP_LOG}
|
||||
${RM} -rf ${SHGW_ERROR_FILE}
|
||||
|
||||
}
|
||||
|
||||
reset_shg() {
|
||||
${ECHO} "Resetting SHGW!"
|
||||
|
||||
${SHGW_ROUTER_RESET} hard
|
||||
|
||||
wd_monit_pid=$(${PS} | ${GREP} -i "shgw_wd_monit" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_monit_pid ]; then
|
||||
${ECHO} "Stopping monit!"
|
||||
${KILL} -9 $wd_monit_pid
|
||||
fi
|
||||
|
||||
wd_pid=$(${PS} | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_pid ]; then
|
||||
${ECHO} "Stopping watchdog!"
|
||||
${KILL} -9 $wd_pid
|
||||
fi
|
||||
# backup
|
||||
${RM} -f ${SHGW_PERSISTANT_DB}
|
||||
|
||||
${ECHO} "Reset done!"
|
||||
}
|
||||
|
||||
shgw_mode() {
|
||||
if [ X"$mode" == X"start" ]; then
|
||||
${ECHO} "SHGW start called!"
|
||||
start_shg
|
||||
elif [ X"$mode" == X"stop" ]; then
|
||||
${ECHO} "SHGW stop called!"
|
||||
stop_shg
|
||||
elif [ X"$mode" == X"kill" ]; then
|
||||
${ECHO} "SHGW kill called!"
|
||||
kill_shg
|
||||
elif [ X"$mode" == X"restart" ]; then
|
||||
${ECHO} "SHGW restart called!"
|
||||
stop_shg
|
||||
sleep 3
|
||||
start_shg
|
||||
elif [ X"$mode" == X"force_start" ]; then
|
||||
${ECHO} "SHGW force_start called!"
|
||||
force_start_shg
|
||||
elif [ X"$mode" == X"force_stop" ]; then
|
||||
${ECHO} "SHGW force_stop called!"
|
||||
force_stop_shg
|
||||
elif [ X"$mode" == X"reset" ]; then
|
||||
${ECHO} "SHGW reset called!"
|
||||
reset_shg
|
||||
elif [ X"$mode" == X"softstart" ]; then
|
||||
${ECHO} "SHGW softstart called!"
|
||||
start_shg
|
||||
elif [ X"$mode" == X"db_start" ]; then
|
||||
${ECHO} "SHGW DB start called!"
|
||||
start_shg
|
||||
else
|
||||
${ECHO} "Usage: $0 [start|stop|kill|restart|force_start|force_stop|reset|softstart|db_start]"
|
||||
fn_err_exit ${INVALID_MODE}
|
||||
fi
|
||||
${RM} -rf $STARTUP_LOCK
|
||||
}
|
||||
|
||||
|
||||
exit_if_running() {
|
||||
# TODO : Add a fdlock implementaion
|
||||
local mypid=$$
|
||||
|
||||
if ! [ -f "$STARTUP_LOCK" ]; then
|
||||
${ECHO} $$ > $STARTUP_LOCK
|
||||
return
|
||||
fi
|
||||
|
||||
local pid_on_file=$(${CAT} "$STARTUP_LOCK")
|
||||
[ X"$pid_on_file" == X"$mypid" ] && return
|
||||
|
||||
old_cmd_line=$(${CAT} /proc/$pid_on_file/cmdline 2>/dev/null)
|
||||
[ "$?" != "0" ] && ${ECHO} $$ > $STARTUP_LOCK && return
|
||||
|
||||
${ECHO} "$old_cmd_line" | ${GREP} "shgw"
|
||||
[ "$?" == "0" ] && ${ECHO} "Already running" && exit 127
|
||||
|
||||
${ECHO} $$ > $STARTUP_LOCK
|
||||
}
|
||||
|
||||
#--------------------------------------------------------------------------------
|
||||
|
||||
${ECHO} "Called for: $1"
|
||||
exit_if_running
|
||||
|
||||
create_debug_files
|
||||
${ECHO} "[$(fn_time_now)] starting" >> ${SHGW_STARTUP_STATUS}
|
||||
mode=$1
|
||||
shgw_mode
|
||||
${ECHO} "[$(fn_time_now)] done" >> ${SHGW_STARTUP_STATUS}
|
252
_mtdblock3.img.extracted/squashfs-root/bin/shgw_access_restriction
Executable file
252
_mtdblock3.img.extracted/squashfs-root/bin/shgw_access_restriction
Executable file
|
@ -0,0 +1,252 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
|
||||
. /etc/shgw/shgw.constants
|
||||
. /etc/shgw/shgw.common
|
||||
. /etc/shgw/shgw.errno
|
||||
. /etc/shgw/shgw.env
|
||||
|
||||
|
||||
get_wan_iface(){
|
||||
WAN_IFACE=$(fn_get_wan_iface)
|
||||
}
|
||||
|
||||
flush_ipv4_tables() {
|
||||
${IPTABLES} -w -F SHP_MGT_CONSOLE_B -t filter
|
||||
${IPTABLES} -w -F SHP_MGT_CONSOLE_A -t filter
|
||||
|
||||
${IPTABLES} -w -F SHP_WAN_BLOCK -t filter
|
||||
${IPTABLES} -w -F SHP_WAN_ALLOW -t filter
|
||||
}
|
||||
|
||||
flush_ipv4_ipset() {
|
||||
${IPSET} -F SHP_MGT_CONSOLE_SET_A
|
||||
${IPSET} -F SHP_WAN_ALLOW_SET
|
||||
}
|
||||
|
||||
flush_ipv6_tables() {
|
||||
${IP6TABLES} -w -F SHP_MGT_CONSOLE_B -t filter
|
||||
${IP6TABLES} -w -F SHP_MGT_CONSOLE_A -t filter
|
||||
|
||||
${IP6TABLES} -w -F SHP_WAN_BLOCK -t filter
|
||||
${IP6TABLES} -w -F SHP_WAN_ALLOW -t filter
|
||||
|
||||
${IP6TABLES} -w -F SHGW_EXCLUSION_WAN_IPV6 -t filter
|
||||
${IP6TABLES} -w -F SHGW_EXCLUSION_IPV6 -t filter
|
||||
}
|
||||
|
||||
flush_ipv6_ipset() {
|
||||
${IPSET} -F SHP_MGT_CONSOLE_SET_A_IP6
|
||||
${IPSET} -F SHP_WAN_ALLOW_SET_IP6
|
||||
}
|
||||
|
||||
add_ipsets_to_iptables() {
|
||||
${IPTABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHP_WAN_ALLOW_SET dst,dst -t filter -i ${WAN_IFACE} -p tcp -j ACCEPT
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHP_MGT_CONSOLE_SET_A src,dst -t filter -j ACCEPT
|
||||
${IPTABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHGW_EXCLUSION dst -t filter -i ${WAN_IFACE} -p tcp -j RETURN
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHGW_EXCLUSION src -t filter -j RETURN
|
||||
${IPTABLES} -w -I SHP_WAN_BLOCK -m set --match-set SHGW_EXCLUSION dst -t filter -i ${WAN_IFACE} -p tcp -j RETURN
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_B -m set --match-set SHGW_EXCLUSION src -t filter -j RETURN
|
||||
${IP6TABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHP_WAN_ALLOW_SET_IP6 dst,dst -i ${WAN_IFACE} -p tcp -t filter -j ACCEPT
|
||||
${IP6TABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHP_MGT_CONSOLE_SET_A_IP6 src,dst -t filter -j ACCEPT
|
||||
}
|
||||
|
||||
check_and_run_script() {
|
||||
flush_ipv4_tables
|
||||
flush_ipv6_tables
|
||||
add_ipsets_to_iptables
|
||||
if [ -f ${SHGW_INBOUND_SEC_SCRIPT} ]; then
|
||||
${CHMOD} +x ${SHGW_INBOUND_SEC_SCRIPT}
|
||||
${SHGW_INBOUND_SEC_SCRIPT}
|
||||
${RM} -f ${SHGW_INBOUND_SEC_SCRIPT}
|
||||
fi
|
||||
}
|
||||
|
||||
#Creates 4 user defined chains and inserts rules
|
||||
create_ip4table_chains() {
|
||||
${IPTABLES} -w -N SHP_WAN_BLOCK -t filter
|
||||
${IPTABLES} -w -N SHP_WAN_ALLOW -t filter
|
||||
${IPSET} -N SHP_WAN_ALLOW_SET hash:ip,port
|
||||
|
||||
insert_filter_forward_ipset_ip4targets
|
||||
${IPTABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHP_WAN_ALLOW_SET dst,dst -t filter -i ${WAN_IFACE} -p tcp -j ACCEPT
|
||||
${IPTABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHGW_EXCLUSION dst -t filter -i ${WAN_IFACE} -p tcp -j RETURN
|
||||
${IPTABLES} -w -I SHP_WAN_BLOCK -m set --match-set SHGW_EXCLUSION dst -t filter -i ${WAN_IFACE} -p tcp -j RETURN
|
||||
|
||||
${IPTABLES} -w -N SHP_MGT_CONSOLE_B -t filter
|
||||
${IPTABLES} -w -N SHP_MGT_CONSOLE_A -t filter
|
||||
${IPSET} -N SHP_MGT_CONSOLE_SET_A hash:ip,port
|
||||
|
||||
insert_filter_input_ipset_ip4targets
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHP_MGT_CONSOLE_SET_A src,dst -t filter -j ACCEPT
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHGW_EXCLUSION src -t filter -j RETURN
|
||||
${IPTABLES} -w -I SHP_MGT_CONSOLE_B -m set --match-set SHGW_EXCLUSION src -t filter -j RETURN
|
||||
}
|
||||
|
||||
remove_ip4table_chains() {
|
||||
flush_ipv4_tables
|
||||
flush_ipv4_ipset
|
||||
|
||||
|
||||
remove_filter_input_ipset_ip4targets
|
||||
${IPSET} -X SHP_MGT_CONSOLE_SET_A
|
||||
${IPTABLES} -w -X SHP_MGT_CONSOLE_B -t filter
|
||||
${IPTABLES} -w -X SHP_MGT_CONSOLE_A -t filter
|
||||
|
||||
remove_filter_forward_ipset_ip4targets
|
||||
|
||||
${IPSET} -X SHP_WAN_ALLOW_SET
|
||||
${IPTABLES} -w -X SHP_WAN_BLOCK -t filter
|
||||
${IPTABLES} -w -X SHP_WAN_ALLOW -t filter
|
||||
}
|
||||
|
||||
# Insert IP4 targets in INPUT chain for ipset interception
|
||||
insert_filter_input_ipset_ip4targets() {
|
||||
${IPTABLES} -w -I INPUT -t filter -j SHP_MGT_CONSOLE_B
|
||||
${IPTABLES} -w -I INPUT -t filter -j SHP_MGT_CONSOLE_A
|
||||
}
|
||||
|
||||
# Insert IP6 targets in INPUT chain for ipset interception
|
||||
insert_filter_input_ipset_ip6targets() {
|
||||
${IP6TABLES} -w -I INPUT -t filter -j SHGW_EXCLUSION_IPV6
|
||||
|
||||
${IP6TABLES} -w -t filter -A SHGW_EXCLUSION_IPV6 -j SHP_MGT_CONSOLE_B
|
||||
${IP6TABLES} -w -t filter -A SHGW_EXCLUSION_IPV6 -j SHP_MGT_CONSOLE_A
|
||||
}
|
||||
|
||||
# Insert IP4 targets in FORWARD chain for ipset interception
|
||||
insert_filter_forward_ipset_ip4targets() {
|
||||
${IPTABLES} -w -I FORWARD -t filter -j SHP_WAN_BLOCK
|
||||
${IPTABLES} -w -I FORWARD -t filter -j SHP_WAN_ALLOW
|
||||
}
|
||||
|
||||
# Insert IP6 targets in FORWARD chain for ipset interception
|
||||
insert_filter_forward_ipset_ip6targets() {
|
||||
${IP6TABLES} -w -I FORWARD -t filter -j SHGW_EXCLUSION_WAN_IPV6
|
||||
|
||||
${IP6TABLES} -w -t filter -A SHGW_EXCLUSION_WAN_IPV6 -j SHP_WAN_BLOCK
|
||||
${IP6TABLES} -w -t filter -A SHGW_EXCLUSION_WAN_IPV6 -j SHP_WAN_ALLOW
|
||||
}
|
||||
# Remove IP4 targets from INPUT chain for ipset interception
|
||||
remove_filter_input_ipset_ip4targets() {
|
||||
${IPTABLES} -w -D INPUT -t filter -j SHP_MGT_CONSOLE_B
|
||||
${IPTABLES} -w -D INPUT -t filter -j SHP_MGT_CONSOLE_A
|
||||
}
|
||||
|
||||
# Remove IP6 targets from INPUT chain for ipset interception
|
||||
remove_filter_input_ipset_ip6targets() {
|
||||
${IP6TABLES} -w -D INPUT -t filter -j SHP_MGT_CONSOLE_B
|
||||
${IP6TABLES} -w -D INPUT -t filter -j SHP_MGT_CONSOLE_A
|
||||
}
|
||||
|
||||
# Remove IP4 targets from FORWARD chain for ipset interception
|
||||
remove_filter_forward_ipset_ip4targets() {
|
||||
${IPTABLES} -w -D FORWARD -t filter -j SHP_WAN_BLOCK
|
||||
${IPTABLES} -w -D FORWARD -t filter -j SHP_WAN_ALLOW
|
||||
}
|
||||
|
||||
# Remove IP6 targets from FORWARD chain for ipset interception
|
||||
remove_filter_forward_ipset_ip6targets() {
|
||||
${IP6TABLES} -w -D FORWARD -t filter -j SHP_WAN_BLOCK
|
||||
${IP6TABLES} -w -D FORWARD -t filter -j SHP_WAN_ALLOW
|
||||
}
|
||||
|
||||
#Creates 4 user defined chains and inserts rules
|
||||
create_ip6table_chains() {
|
||||
${IP6TABLES} -w -N SHP_WAN_BLOCK -t filter
|
||||
${IP6TABLES} -w -N SHP_WAN_ALLOW -t filter
|
||||
${IP6TABLES} -w -N SHGW_EXCLUSION_WAN_IPV6 -t filter
|
||||
${IPSET} -N SHP_WAN_ALLOW_SET_IP6 hash:ip,port family inet6
|
||||
|
||||
insert_filter_forward_ipset_ip6targets
|
||||
${IP6TABLES} -w -I SHP_WAN_ALLOW -m set --match-set SHP_WAN_ALLOW_SET_IP6 dst,dst -i ${WAN_IFACE} -p tcp -t filter -j ACCEPT
|
||||
|
||||
${IP6TABLES} -w -N SHP_MGT_CONSOLE_B -t filter
|
||||
${IP6TABLES} -w -N SHP_MGT_CONSOLE_A -t filter
|
||||
${IPSET} -N SHP_MGT_CONSOLE_SET_A_IP6 hash:ip,port family inet6
|
||||
|
||||
insert_filter_input_ipset_ip6targets
|
||||
${IP6TABLES} -w -I SHP_MGT_CONSOLE_A -m set --match-set SHP_MGT_CONSOLE_SET_A_IP6 src,dst -t filter -j ACCEPT
|
||||
}
|
||||
|
||||
remove_ip6table_chains() {
|
||||
flush_ipv6_tables
|
||||
flush_ipv6_ipset
|
||||
|
||||
remove_filter_input_ipset_ip6targets
|
||||
|
||||
${IPSET} -X SHP_MGT_CONSOLE_SET_A_IP6
|
||||
${IP6TABLES} -w -X SHP_MGT_CONSOLE_B -t filter
|
||||
${IP6TABLES} -w -X SHP_MGT_CONSOLE_A -t filter
|
||||
|
||||
remove_filter_forward_ipset_ip6targets
|
||||
|
||||
${IPSET} -X SHP_WAN_ALLOW_SET_IP6
|
||||
${IP6TABLES} -w -X SHP_WAN_BLOCK -t filter
|
||||
${IP6TABLES} -w -X SHP_WAN_ALLOW -t filter
|
||||
${IP6TABLES} -w -X SHGW_EXCLUSION_WAN_IPV6 -t filter
|
||||
}
|
||||
|
||||
#Main
|
||||
|
||||
get_wan_iface
|
||||
|
||||
case $1 in
|
||||
inbound_sec_start)
|
||||
remove_ip4table_chains
|
||||
remove_ip6table_chains
|
||||
create_ip4table_chains
|
||||
create_ip6table_chains
|
||||
;;
|
||||
inbound_sec_stop)
|
||||
remove_ip4table_chains
|
||||
remove_ip6table_chains
|
||||
;;
|
||||
add_rules)
|
||||
check_and_run_script
|
||||
;;
|
||||
flush_ipset)
|
||||
flush_ipv4_ipset
|
||||
flush_ipv6_ipset
|
||||
;;
|
||||
halt_ipset)
|
||||
remove_filter_input_ipset_ip4targets
|
||||
remove_filter_input_ipset_ip6targets
|
||||
remove_filter_forward_ipset_ip4targets
|
||||
remove_filter_forward_ipset_ip6targets
|
||||
;;
|
||||
resume_ipset)
|
||||
remove_filter_input_ipset_ip4targets
|
||||
remove_filter_input_ipset_ip6targets
|
||||
remove_filter_forward_ipset_ip4targets
|
||||
remove_filter_forward_ipset_ip6targets
|
||||
insert_filter_input_ipset_ip4targets
|
||||
insert_filter_input_ipset_ip6targets
|
||||
insert_filter_forward_ipset_ip4targets
|
||||
insert_filter_forward_ipset_ip6targets
|
||||
;;
|
||||
esac
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_device_discovery
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_device_discovery
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_dnsproxy
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_dnsproxy
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_encrypt_sql
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_encrypt_sql
Executable file
Binary file not shown.
63
_mtdblock3.img.extracted/squashfs-root/bin/shgw_hard_block_get_n_set.sh
Executable file
63
_mtdblock3.img.extracted/squashfs-root/bin/shgw_hard_block_get_n_set.sh
Executable file
|
@ -0,0 +1,63 @@
|
|||
#!/bin/sh
|
||||
. /etc/shgw/shgw.constants
|
||||
|
||||
_temp_file="${TMPFS_PATH}/temp_hard_blk"
|
||||
case $1 in
|
||||
|
||||
get)
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.1.X_LANTIQ_COM_Vendor: :GET" > ${_temp_file}
|
||||
$ECHO "param:MACAddressControlList: :" >> ${_temp_file}
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.2.X_LANTIQ_COM_Vendor: :GET" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlList: :" >> ${_temp_file}
|
||||
|
||||
${CALTEST} -g ${_temp_file} 2>&1 | ${GREP} ${PARAMVALUE} | ${AWK} 'FNR == 3 {print $3}' | ${TR} -d '""' > /var/.shgw/temp_caltest
|
||||
${CALTEST} -g ${_temp_file} 2>&1 | ${GREP} ${PARAMVALUE} | ${AWK} 'FNR == 4 {print $3}' | ${TR} -d '""' >> /var/.shgw/temp_caltest
|
||||
;;
|
||||
|
||||
set)
|
||||
|
||||
case $2 in
|
||||
|
||||
block)
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.1.X_LANTIQ_COM_Vendor: :MODIFY" > ${_temp_file}
|
||||
$ECHO "param:MACAddressControlList: :$3" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Deny" >> ${_temp_file}
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.2.X_LANTIQ_COM_Vendor: :MODIFY" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlList: :$4" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Deny" >> ${_temp_file}
|
||||
${CALTEST} -s ${_temp_file}
|
||||
|
||||
;;
|
||||
|
||||
unblock)
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.1.X_LANTIQ_COM_Vendor: :MODIFY" > ${_temp_file}
|
||||
if [ ${#3} -le 1 ]
|
||||
then
|
||||
$ECHO "param:MACAddressControlList: :\"" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Disabled" >> ${_temp_file}
|
||||
else
|
||||
$ECHO "param:MACAddressControlList: :${3}" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Deny" >> ${_temp_file}
|
||||
fi
|
||||
|
||||
$ECHO "object:Device.WiFi.AccessPoint.2.X_LANTIQ_COM_Vendor: :MODIFY" >> ${_temp_file}
|
||||
if [ ${#4} -le 1 ]
|
||||
then
|
||||
$ECHO "param:MACAddressControlList: :\"" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Disabled" >> ${_temp_file}
|
||||
else
|
||||
$ECHO "param:MACAddressControlList: :${4}" >> ${_temp_file}
|
||||
$ECHO "param:MACAddressControlMode: :Deny" >> ${_temp_file}
|
||||
fi
|
||||
${CALTEST} -s ${_temp_file}
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_httpd
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_httpd
Executable file
Binary file not shown.
43
_mtdblock3.img.extracted/squashfs-root/bin/shgw_log_trimmer
Executable file
43
_mtdblock3.img.extracted/squashfs-root/bin/shgw_log_trimmer
Executable file
|
@ -0,0 +1,43 @@
|
|||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
#
|
||||
#
|
||||
# Date : 09/Apr/2019
|
||||
##############################################################################
|
||||
|
||||
. /etc/shgw/shgw.common
|
||||
. /etc/shgw/shgw.constants
|
||||
|
||||
|
||||
#TODO: Make this file as one stop for trimming all kind of log files except shgw.log
|
||||
|
||||
# Trim shgw error log file
|
||||
fn_trim_error_log() {
|
||||
${TAIL} -n ${NO_ERROR_LOG_LINES} ${SHGW_ERROR_FILE} > ${SHGW_ERROR_FILE_TMP}
|
||||
${CAT} ${SHGW_ERROR_FILE_TMP} > ${SHGW_ERROR_FILE}
|
||||
${RM} -f ${SHGW_ERROR_FILE_TMP}
|
||||
}
|
||||
|
||||
|
||||
fn_trim_error_log
|
105
_mtdblock3.img.extracted/squashfs-root/bin/shgw_router_reset
Executable file
105
_mtdblock3.img.extracted/squashfs-root/bin/shgw_router_reset
Executable file
|
@ -0,0 +1,105 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
. /etc/shgw/shgw.constants
|
||||
|
||||
#This script is called after SHGW stop is performed from code
|
||||
#Do not change this implementation
|
||||
|
||||
delete_database() {
|
||||
${RM} -f ${SHGW_PERSISTANT_DB}
|
||||
${RM} -f ${TLD_JSON_FILE}
|
||||
${RM} -f ${BOTNET_FEED_FILE}
|
||||
${RM} -f ${SHGW_NON_PERSISTANT_DB}
|
||||
${RM} -f ${SHGW_LOG_FILE}
|
||||
${RM} -rf ${SHGW_TMPFS_PATH}
|
||||
${RM} -f ${TEMP_HARD_BLK}
|
||||
}
|
||||
|
||||
delete_shgw_debug_data_files() {
|
||||
${RM} -f ${SHGW_TMPFS_PATH}/shgw_debug_data*
|
||||
}
|
||||
|
||||
hard_reset() {
|
||||
delete_database
|
||||
}
|
||||
|
||||
kill_wd_monit_del_db() {
|
||||
|
||||
wd_monit_pid=$(${PS} | ${GREP} -i "shgw_wd_monit" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_monit_pid ]; then
|
||||
${ECHO} "Stopping monit!"
|
||||
${KILL} -9 $wd_monit_pid
|
||||
fi
|
||||
|
||||
wd_pid=$(${PS} | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z $wd_pid ]; then
|
||||
${ECHO} "Stopping watchdog!"
|
||||
${KILL} -9 $wd_pid
|
||||
fi
|
||||
|
||||
delete_database
|
||||
|
||||
}
|
||||
|
||||
soft_reset() {
|
||||
kill_wd_monit_del_db
|
||||
${SHGW_STARTUP_SCRIPT} softstart &
|
||||
}
|
||||
|
||||
db_reset() {
|
||||
kill_wd_monit_del_db
|
||||
delete_shgw_debug_data_files
|
||||
#Try to restart N number of times. After that don't restart SHP till reboot
|
||||
if [ -f ${SHGW_DB_FAIL_COUNT} ]; then
|
||||
COUNT=`${CAT} ${SHGW_DB_FAIL_COUNT}`
|
||||
COUNT=$((COUNT+1))
|
||||
else
|
||||
COUNT=0
|
||||
fi
|
||||
|
||||
${ECHO} $COUNT > ${SHGW_DB_FAIL_COUNT}
|
||||
if [ $COUNT -lt $SQL_DB_MAX_FAIL_COUNT ]; then
|
||||
${SHGW_STARTUP_SCRIPT} db_start &
|
||||
else
|
||||
${RM} -f ${SHGW_DB_FAIL_COUNT}
|
||||
${ECHO} "Max Reset tried. Exit now" && exit 127
|
||||
fi
|
||||
}
|
||||
|
||||
#Main
|
||||
reset_type=$1
|
||||
|
||||
if [ X"$reset_type" == X"hard" ]; then
|
||||
${ECHO} "Hard reset called!" >> ${SHGW_STARTUP_STATUS}
|
||||
hard_reset
|
||||
elif [ X"$reset_type" == X"soft" ]; then
|
||||
${ECHO} "Soft reset called!" >> ${SHGW_STARTUP_STATUS}
|
||||
soft_reset
|
||||
elif [ X"$reset_type" == X"db_fail" ]; then
|
||||
${ECHO} "DB reset called!" >> ${SHGW_STARTUP_STATUS}
|
||||
db_reset
|
||||
fi
|
75
_mtdblock3.img.extracted/squashfs-root/bin/shgw_run_ndp_scan.sh
Executable file
75
_mtdblock3.img.extracted/squashfs-root/bin/shgw_run_ndp_scan.sh
Executable file
|
@ -0,0 +1,75 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
|
||||
. /etc/shgw/shgw.constants
|
||||
. /etc/shgw/shgw.env
|
||||
|
||||
SCAN_FILE="${SHGW_TMPFS_PATH}/ndp_scan_file"
|
||||
NDP_LOCK_FILE="${SHGW_TMPFS_PATH}/ndp_lock_file"
|
||||
|
||||
ping_on_multicast() {
|
||||
local _LAN_IFACES=$(fn_get_lan_ifaces)
|
||||
local _IFACE=""
|
||||
for _IFACE in ${_LAN_IFACES}; do
|
||||
${PING6} -I ${_IFACE} -c 2 ${LOCAL_MULTICAST_ADDRESS} > /dev/null 2>&1
|
||||
done
|
||||
}
|
||||
|
||||
parse_ndp_cache() {
|
||||
local _LAN_IFACES=$(fn_get_lan_ifaces)
|
||||
local _IFACE=""
|
||||
for _IFACE in ${_LAN_IFACES}; do
|
||||
${IP} -6 neigh \
|
||||
| ${GREP} ${_IFACE} \
|
||||
| ${GREP} -vi fail \
|
||||
| ${AWK} '{print $5,$1}' >> ${SCAN_FILE} 2> /dev/null
|
||||
done
|
||||
}
|
||||
|
||||
empty_scan_file() {
|
||||
> ${SCAN_FILE}
|
||||
}
|
||||
|
||||
exit_if_running() {
|
||||
if [ -f "$NDP_LOCK_FILE" ]; then
|
||||
${ECHO} "Already running" && exit 127
|
||||
fi
|
||||
${ECHO} $$ > ${NDP_LOCK_FILE}
|
||||
}
|
||||
|
||||
remove_ndp_lock_file() {
|
||||
${RM} ${NDP_LOCK_FILE}
|
||||
}
|
||||
|
||||
#
|
||||
# Main
|
||||
exit_if_running
|
||||
empty_scan_file
|
||||
ping_on_multicast
|
||||
parse_ndp_cache
|
||||
remove_ndp_lock_file
|
||||
|
49
_mtdblock3.img.extracted/squashfs-root/bin/shgw_version
Executable file
49
_mtdblock3.img.extracted/squashfs-root/bin/shgw_version
Executable file
|
@ -0,0 +1,49 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
|
||||
#############################################################################
|
||||
# Print the SHGW version details
|
||||
# The version details are generated by build system
|
||||
#
|
||||
# Date: 23/03/2016
|
||||
#############################################################################
|
||||
|
||||
. /etc/shgw/shgw.version
|
||||
|
||||
echo
|
||||
echo "System Version : ${SHGW_SYSTEM_VERSION}"
|
||||
echo "Version : ${SHGW_VERSION}"
|
||||
echo "Version Date : ${SHGW_VERSION_DATE}"
|
||||
echo "Build Date : ${SHGW_BUILD_DATE}"
|
||||
if [ ! -z ${SHGW_BUILD_NUMBER} ]; then
|
||||
echo "Build Number : ${SHGW_BUILD_NUMBER}"
|
||||
fi
|
||||
if [ ! -z ${SHGW_BUILD_BRANCH} ]; then
|
||||
echo "GIT Branch : ${SHGW_BUILD_BRANCH}"
|
||||
fi
|
||||
echo
|
||||
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_watchdogd
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/shgw_watchdogd
Executable file
Binary file not shown.
272
_mtdblock3.img.extracted/squashfs-root/bin/shgw_wd_dpwrap
Executable file
272
_mtdblock3.img.extracted/squashfs-root/bin/shgw_wd_dpwrap
Executable file
|
@ -0,0 +1,272 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
|
||||
trap fn_on_sigterm SIGTERM
|
||||
|
||||
. /etc/shgw/shgw.constants
|
||||
. /etc/shgw/shgw.common
|
||||
. /etc/shgw/shgw.env
|
||||
|
||||
LAN_INTERFACES=$(fn_get_lan_ifaces)
|
||||
if [ -z ${LAN_INTERFACES} ]; then
|
||||
${ECHO} "No Lan interfaces! Exiting from dpwrap" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
exit 0
|
||||
fi
|
||||
SHGW_DNSPROXY_PID=0
|
||||
|
||||
fn_kill_dpwrap_if_running() {
|
||||
if [ -f ${SHGW_DPWRAP_LOCK} ]; then
|
||||
${ECHO} "[$(fn_time_now)] Pid of the previous dpwarp that is running - $(${CAT} ${SHGW_DPWRAP_LOCK}). Going to kill it!" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
kill -SIGKILL $(${CAT} ${SHGW_DPWRAP_LOCK})
|
||||
fi
|
||||
${ECHO} $$ > ${SHGW_DPWRAP_LOCK}
|
||||
${ECHO} "[$(fn_time_now)] Pid of the current dpwrap - $(${CAT} ${SHGW_DPWRAP_LOCK})]" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
}
|
||||
|
||||
fn_shgw_ipv4_tproxy_setup() {
|
||||
local _IFACE=""
|
||||
${IPTABLES} -w -t mangle -N SHGW_DNS > /dev/null 2>&1
|
||||
for _IFACE in ${LAN_INTERFACES}; do
|
||||
${IPTABLES} -w -t mangle -A SHGW_DNS \
|
||||
-i ${_IFACE} \
|
||||
-p udp --dport 53 \
|
||||
-j TPROXY --tproxy-mark ${SHGW_TPROXY_MARK} --on-port ${SHGW_REQ_PORT} > /dev/null 2>&1
|
||||
done
|
||||
|
||||
${IPTABLES} -w -t mangle -I PREROUTING -j SHGW_DNS > /dev/null 2>&1
|
||||
|
||||
${IP} rule add fwmark ${SHGW_TPROXY_MARK} lookup ${SHGW_TABLE} ${SHGW_IPV4_RULE_PREF} > /dev/null 2>&1
|
||||
${IP} route add local 0.0.0.0/0 dev lo table ${SHGW_TABLE} > /dev/null 2>&1
|
||||
}
|
||||
|
||||
fn_shgw_ipv4_tproxy_cleanup() {
|
||||
local _IFACE=""
|
||||
for _IFACE in ${LAN_INTERFACES}; do
|
||||
fn_run_until_failure "${IPTABLES} -w -t mangle -D SHGW_DNS \
|
||||
-i ${_IFACE} \
|
||||
-p udp --dport 53 \
|
||||
-j TPROXY --tproxy-mark ${SHGW_TPROXY_MARK} --on-port ${SHGW_REQ_PORT}"
|
||||
done
|
||||
fn_run_until_failure "${IPTABLES} -w -t mangle -D PREROUTING -j SHGW_DNS"
|
||||
${IPTABLES} -w -t mangle -F SHGW_DNS > /dev/null 2>&1
|
||||
${IPTABLES} -w -t mangle -X SHGW_DNS > /dev/null 2>&1
|
||||
|
||||
${IP} route del local 0.0.0.0/0 dev lo table ${SHGW_TABLE} > /dev/null 2>&1
|
||||
fn_run_until_failure "${IP} rule del fwmark ${SHGW_TPROXY_MARK} lookup ${SHGW_TABLE} ${SHGW_IPV4_RULE_PREF}"
|
||||
}
|
||||
|
||||
fn_shgw_ipv6_tproxy_setup() {
|
||||
local _IFACE=""
|
||||
${IP6TABLES} -w -t mangle -N SHGW_DNS > /dev/null 2>&1
|
||||
for _IFACE in ${LAN_INTERFACES}; do
|
||||
${IP6TABLES} -w -t mangle -A SHGW_DNS \
|
||||
-i ${_IFACE} \
|
||||
-p udp --dport 53 \
|
||||
-j TPROXY --tproxy-mark ${SHGW_TPROXY_MARK6} --on-port ${SHGW_REQ_PORT} > /dev/null 2>&1
|
||||
done
|
||||
|
||||
${IP6TABLES} -w -t mangle -I PREROUTING -j SHGW_DNS > /dev/null 2>&1
|
||||
|
||||
${IP} -6 rule add fwmark ${SHGW_TPROXY_MARK6} lookup ${SHGW_TABLE6} ${SHGW_IPV6_RULE_PREF} > /dev/null 2>&1
|
||||
${IP} -6 route add local ::/0 dev lo table ${SHGW_TABLE6} > /dev/null 2>&1
|
||||
}
|
||||
|
||||
fn_shgw_ipv6_tproxy_cleanup() {
|
||||
local _IFACE=""
|
||||
for _IFACE in ${LAN_INTERFACES}; do
|
||||
fn_run_until_failure "${IP6TABLES} -w -t mangle -D SHGW_DNS \
|
||||
-i ${_IFACE} \
|
||||
-p udp --dport 53 \
|
||||
-j TPROXY --tproxy-mark ${SHGW_TPROXY_MARK6} --on-port ${SHGW_REQ_PORT}"
|
||||
done
|
||||
fn_run_until_failure "${IP6TABLES} -w -t mangle -D PREROUTING -j SHGW_DNS"
|
||||
${IP6TABLES} -w -t mangle -F SHGW_DNS > /dev/null 2>&1
|
||||
${IP6TABLES} -w -t mangle -X SHGW_DNS > /dev/null 2>&1
|
||||
|
||||
${IP} -6 route del local ::/0 dev lo table ${SHGW_TABLE6} > /dev/null 2>&1
|
||||
fn_run_until_failure "${IP} -6 rule del fwmark ${SHGW_TPROXY_MARK6} lookup ${SHGW_TABLE6} ${SHGW_IPV6_RULE_PREF}"
|
||||
}
|
||||
|
||||
fn_on_sigterm() {
|
||||
fn_shgw_ipset_cleanup
|
||||
fn_shgw_ipv6_tproxy_cleanup
|
||||
fn_shgw_ipv4_tproxy_cleanup
|
||||
fn_kill_if_running
|
||||
${ECHO} "[$(fn_time_now)] Trap handler.Dnsproxy exited!" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
exit 0
|
||||
}
|
||||
|
||||
fn_kill_if_running() {
|
||||
dp_pids=$(${PS} | ${GREP} shgw_dnsproxy | ${GREP} -v grep | ${AWK} '{ print $1 }')
|
||||
if [ ! -z "$dp_pids" ]; then
|
||||
for dp_pid in $dp_pids; do
|
||||
${KILL} -s KILL $dp_pid
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
fn_launch_and_wait() {
|
||||
${ECHO} "[$(fn_time_now)]" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
${IPTABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
${IP6TABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
fn_kill_if_running
|
||||
${IPTABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
${IP6TABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
$SHGW_DNSPROXY &
|
||||
SHGW_DNSPROXY_PID=$!
|
||||
wait $SHGW_DNSPROXY_PID
|
||||
${ECHO} "[$(fn_time_now)] Dnsproxy exited!" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
}
|
||||
|
||||
fn_shgw_ipset_cleanup() {
|
||||
|
||||
## RULES UNDER NAT TABLE
|
||||
${IPTABLES} -w -t nat -F SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -F SHGW_WHITELIST > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D SHGW_IPSET -j SHGW_WHITELIST > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -D ${SHGW_PREROUTING_CHAIN} -j SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -X SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_WHITELIST > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -X SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
## RULES UNDER FILTER TABLE
|
||||
${IPTABLES} -w -t filter -F SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -F SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -F SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -F SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t filter -D SHGW_IPSET -j SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -D SHGW_IPSET -j SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -D SHGW_IPSET -j SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -D SHGW_IPSET -j SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -D ${SHGW_FORWARD_CHAIN} -j SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t filter -X SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -X SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -X SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -X SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -X SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
|
||||
${IPSET} destroy SHGW_HOST_REPUTATION > /dev/null 2>&1 ##Set name and Iptable chain name are same
|
||||
${IPSET} destroy SHGW_HOST_REPUTATION_DST > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPSET} destroy SHGW_WHITELIST > /dev/null 2>&1
|
||||
}
|
||||
|
||||
##Creating custom iptable chains for matching the shgw ipsets
|
||||
fn_shgw_ipset_setup() {
|
||||
|
||||
## RULES UNDER NAT TABLE
|
||||
${IPTABLES} -w -t nat -N SHGW_IPSET > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_WHITELIST > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -N SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -N SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_WHITELIST > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_EULA_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_PC_ASK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_PC_PENDING > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_PC_BLOCK > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t nat -A SHGW_IPSET -j SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t nat -I ${SHGW_PREROUTING_CHAIN} -j SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
## RULES UNDER FILTER TABLE
|
||||
${IPTABLES} -w -t filter -N SHGW_IPSET > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -N SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -N SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -N SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -N SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
|
||||
${IPTABLES} -w -t filter -A SHGW_IPSET -j SHGW_NETWORK_PAUSE > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -A SHGW_IPSET -j SHGW_DEVICE_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -A SHGW_IPSET -j SHGW_PC_TIME_BLOCK > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -A SHGW_IPSET -j SHGW_HOST_REPUTATION > /dev/null 2>&1
|
||||
${IPTABLES} -w -t filter -I ${SHGW_FORWARD_CHAIN} -j SHGW_IPSET > /dev/null 2>&1
|
||||
|
||||
|
||||
}
|
||||
|
||||
# main
|
||||
${ECHO} "Starting dpwrap" >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
fn_trim_startup_log
|
||||
fn_kill_dpwrap_if_running
|
||||
fn_shgw_ipv6_tproxy_cleanup
|
||||
fn_shgw_ipv6_tproxy_setup
|
||||
fn_shgw_ipv4_tproxy_cleanup
|
||||
fn_shgw_ipv4_tproxy_setup
|
||||
fn_shgw_ipset_cleanup
|
||||
fn_shgw_ipset_setup
|
||||
fn_launch_and_wait
|
||||
fn_shgw_ipset_cleanup
|
||||
fn_shgw_ipv4_tproxy_cleanup
|
||||
fn_shgw_ipv6_tproxy_cleanup
|
||||
${IPTABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
${IP6TABLES} -t mangle -nvL | ${GREP} ${SHGW_REQ_PORT} >> ${SHGW_STARTUP_LOG} 2>&1
|
||||
${ECHO} "Stopping dpwrap" >> ${SHGW_STARTUP_LOG} 2>&1
|
83
_mtdblock3.img.extracted/squashfs-root/bin/shgw_wd_monit
Executable file
83
_mtdblock3.img.extracted/squashfs-root/bin/shgw_wd_monit
Executable file
|
@ -0,0 +1,83 @@
|
|||
#!/bin/sh
|
||||
|
||||
#############################################################################
|
||||
#
|
||||
# MCAFEE CONFIDENTIAL
|
||||
# Copyright ©2018 McAfee, LLC
|
||||
#
|
||||
# The source code contained or described herein and all documents related
|
||||
# to the source code ("Material") are owned by McAfee or its
|
||||
# suppliers or licensors. Title to the Material remains with McAfee
|
||||
# or its suppliers and licensors. The Material contains trade
|
||||
# secrets and proprietary and confidential information of McAfee or its
|
||||
# suppliers and licensors. The Material is protected by worldwide copyright
|
||||
# and trade secret laws and treaty provisions. No part of the Material may
|
||||
# be used, copied, reproduced, modified, published, uploaded, posted,
|
||||
# transmitted, distributed, or disclosed in any way without McAfee's prior
|
||||
# express written permission.
|
||||
#
|
||||
# No license under any patent, copyright, trade secret or other intellectual
|
||||
# property right is granted to or conferred upon you by disclosure or
|
||||
# delivery of the Materials, either expressly, by implication, inducement,
|
||||
# estoppel or otherwise. Any license under such intellectual property rights
|
||||
# must be express and approved by McAfee in writing.
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
# A script to monitor if watchdogd is running or not
|
||||
#
|
||||
# Author : Eswar Yaganti
|
||||
# Date : 10-Mar-2016
|
||||
|
||||
. /etc/shgw/shgw.constants
|
||||
. /etc/shgw/shgw.common
|
||||
|
||||
MONIT_PID_FILE=${SHGW_TMPFS_PATH}/.shgw_wd_monit_pid
|
||||
|
||||
start_and_monitor_WD() {
|
||||
wd_died=0
|
||||
while true ; do
|
||||
fn_trim_startup_log
|
||||
${SHGW_LOG_TRIMMER} &
|
||||
wd_pid=$(${PS} | ${GREP} -i "shgw_watchdogd" | ${GREP} -v "grep" | ${AWK} -v OFS=' ' '{print $1}')
|
||||
if [ ! -z ${wd_pid} ]; then
|
||||
${ECHO} "[$$] $0 killing previous WD, pid=${wd_pid}, at `uptime`"
|
||||
${ECHO} "[$$] $0 killing previous WD, pid=${wd_pid}, at `uptime`" >> ${SHGW_STARTUP_LOG}
|
||||
${KILL} -9 ${wd_pid}
|
||||
${SLEEP} 2
|
||||
fi
|
||||
|
||||
${ECHO} "[$$] $0 starting ${SHGW_WD} ${SHGW_WD_CONF}, at `uptime`"
|
||||
${ECHO} "[$$] $0 starting ${SHGW_WD} ${SHGW_WD_CONF}, at `uptime`" >> ${SHGW_STARTUP_LOG}
|
||||
${SHGW_WD} ${SHGW_WD_CONF} ${wd_died} 2>>${SHGW_ERROR_FILE} &
|
||||
SHGW_WD_PID=$!
|
||||
wait ${SHGW_WD_PID}
|
||||
|
||||
# Is this required?
|
||||
${SLEEP} 2
|
||||
wd_died=1
|
||||
done
|
||||
}
|
||||
|
||||
exit_if_running() {
|
||||
if [ ! -f ${MONIT_PID_FILE} ]; then
|
||||
${ECHO} "[$$] Fresh instance at `uptime`"
|
||||
${ECHO} "[$$] Fresh instance at `uptime`" >> ${SHGW_STARTUP_LOG}
|
||||
${ECHO} $$ > ${MONIT_PID_FILE}
|
||||
else
|
||||
_PID=$(${CAT} ${MONIT_PID_FILE})
|
||||
if [ ! -z $(${CAT} /proc/${_PID}/cmdline | ${GREP} shgw_wd_monit) ];then
|
||||
${ECHO} "[$$] Another instance running, pids=[${_PID}] at `uptime`"
|
||||
${ECHO} "[$$] Another instance running, pids=[${_PID}] at `uptime`" >> ${SHGW_STARTUP_LOG}
|
||||
exit 1
|
||||
else
|
||||
${ECHO} "[$$] Overwriting ${MONIT_PID_FILE} at `uptime`"
|
||||
${ECHO} "[$$] Overwriting ${MONIT_PID_FILE} at `uptime`" >> ${SHGW_STARTUP_LOG}
|
||||
${ECHO} $$ > ${MONIT_PID_FILE}
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
exit_if_running
|
||||
start_and_monitor_WD
|
||||
|
1
_mtdblock3.img.extracted/squashfs-root/bin/sleep
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/sleep
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/tar
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/tar
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/touch
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/touch
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/true
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/true
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/umount
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/umount
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/uname
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/uname
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/uncompress
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/uncompress
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
BIN
_mtdblock3.img.extracted/squashfs-root/bin/unqKeyHandler
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/bin/unqKeyHandler
Executable file
Binary file not shown.
8
_mtdblock3.img.extracted/squashfs-root/bin/update-patterndb
Executable file
8
_mtdblock3.img.extracted/squashfs-root/bin/update-patterndb
Executable file
|
@ -0,0 +1,8 @@
|
|||
#!/bin/sh
|
||||
prefix=
|
||||
exec_prefix=${prefix}
|
||||
bindir=${exec_prefix}/bin
|
||||
sysconfdir=/etc
|
||||
localstatedir=${prefix}/var
|
||||
|
||||
${bindir}/pdbtool merge -r --glob \*.pdb -D ${sysconfdir}/patterndb.d -p ${localstatedir}/patterndb.xml
|
1
_mtdblock3.img.extracted/squashfs-root/bin/usleep
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/usleep
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/bin/vi
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/bin/vi
Symbolic link
|
@ -0,0 +1 @@
|
|||
busybox
|
1
_mtdblock3.img.extracted/squashfs-root/dev/log
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/dev/log
Symbolic link
|
@ -0,0 +1 @@
|
|||
/dev/null
|
1
_mtdblock3.img.extracted/squashfs-root/etc
Symbolic link
1
_mtdblock3.img.extracted/squashfs-root/etc
Symbolic link
|
@ -0,0 +1 @@
|
|||
/dev/null
|
BIN
_mtdblock3.img.extracted/squashfs-root/lib/ld-uClibc.so.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/ld-uClibc.so.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libCmd.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libCmd.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libadam.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libadam.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_eponmgr.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_fe.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_gponmgr.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_pcie.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_ppe.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_lan.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_qdmamgr_wan.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so.1
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so.1.0.0
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_switchmgr.so.1.0.0
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_utility.so
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_utility.so
Executable file
Binary file not shown.
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_utility.so.1
Executable file
BIN
_mtdblock3.img.extracted/squashfs-root/lib/libapi_lib_utility.so.1
Executable file
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Reference in a new issue