[apple/configd.git] / get-network-info

#!/bin/sh

#
#  Copyright © 2015 Apple Inc.
#
#  get-network-info
#
#  Collect network information.
#

PATH=/bin:/usr/bin:/sbin:/usr/sbin

# __SETUP_ROUTINES_BEGIN__

process_opts () {

	for i in $ARGS
           do
		case "$i"
                   in
                           -s)
				   COLLECT_SENSITIVE_INFO="Y"
                                   shift;;
                           -c)
				   COLLECT_CONFIGURATION_FILES="Y"
                                   shift;;
			   --)
				   shift;;
			   *)
				   REQUESTED_OUTDIR="${i}"
                                   shift;;
                   esac
           done

}

set_root () {

	PRIV=""
	if [ ${EUID} -ne 0 ]; then
		PRIV="sudo"
	fi

}

#
# Setup
#
setup () {

	set_root
	umask 077
	cd "${REQUESTED_OUTDIR}"

}

# __SETUP_ROUTINES_END__


# __COMMAND_ROUTINES_BEGIN__

# note: the daemons dump to syslog so you need to wait a bit before
# capturing the logs.
collect_state_dump () {

	${PRIV} /usr/bin/killall -INFO networkd							2>/dev/null

	sleep 1											&
}

collect_state_dump_sensitive () {

	${PRIV} /usr/bin/killall -INFO mDNSResponder						2>/dev/null

	sleep 1											&

}

#
# network interface configuration
#
run_ifconfig () {

	if [ ! -x /sbin/ifconfig ]; then
		return
	fi

	/sbin/ifconfig -a -L -b -m -r -v -v				> ifconfig.txt		2>&1
	if [ $? -ne 0 ]; then
		/sbin/ifconfig -a					> ifconfig.txt		2>&1
	fi

}

#
# network route configuration and statistics
#
run_netstat () {

	if [ ! -x /usr/sbin/netstat ]; then
		return
	fi

	echo "#"							 > netstat.txt
	echo "# netstat -n -r -a -l"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -n -r -a -l					>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -A -a -l -n -v"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -A -a -l -n -v				>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -s"						>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -s						>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -mmm"						>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -mmm						>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -i -n -d"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -i -n -d					>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -i -x R"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -i -x R					>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -a -n -p mptcp"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -anp mptcp					>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -s -p mptcp"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -s -p mptcp					>> netstat.txt		2>&1

	echo "#"							>> netstat.txt
	echo "# netstat -g -n -s"					>> netstat.txt
	echo "#"							>> netstat.txt
	/usr/sbin/netstat -g -n -s					>> netstat.txt		2>&1

	if [ -x /sbin/ifconfig ]; then
		for if in ${IF_LIST}
		do
			IF_INFO=`/sbin/ifconfig -v ${if}`
			`echo $IF_INFO | grep -q TXSTART`
			if [ $? -eq 0 ]; then
				echo "#"				>> netstat.txt
				echo "# netstat -qq -I ${if}"		>> netstat.txt
				echo "#"				>> netstat.txt
				/usr/sbin/netstat -qq -I ${if}		>> netstat.txt		2>&1
			fi
			`echo $IF_INFO | grep -q RXPOLL`
			if [ $? -eq 0 ]; then
				echo "#"				>> netstat.txt
				echo "# netstat -Q -I ${if}"		>> netstat.txt
				echo "#"				>> netstat.txt
				/usr/sbin/netstat -Q -I ${if}		>> netstat.txt		2>&1
			fi
		done
	fi

}

run_ndp () {

	if [ ! -x /usr/sbin/ndp ]; then
		return
	fi

	echo "#"							 > ndp-info.txt
	echo "# ndp -n -a"						>> ndp-info.txt
	echo "#"							>> ndp-info.txt
	/usr/sbin/ndp -n -a						>> ndp-info.txt		2>&1

	echo "#"							>> ndp-info.txt
	echo "# ndp -n -p"						>> ndp-info.txt
	echo "#"							>> ndp-info.txt
	/usr/sbin/ndp -n -p						>> ndp-info.txt		2>&1

	echo "#"							>> ndp-info.txt
	echo "# ndp -n -r"						>> ndp-info.txt
	echo "#"							>> ndp-info.txt
	/usr/sbin/ndp -n -r						>> ndp-info.txt		2>&1

	if [ -x /sbin/ifconfig ]; then
		for if in ${IF_LIST}
		do
			echo "#"					>> ndp-info.txt
			echo "# ndp -i ${if}"				>> ndp-info.txt
			echo "#"					>> ndp-info.txt
			/usr/sbin/ndp -i ${if}				>> ndp-info.txt		2>&1
		done
	fi

}

run_arp () {

	if   [ ! -x /usr/sbin/arp ]; then
		return
	fi

	echo "#"							 > arp-info.txt
	echo "# arp -n -a"						>> arp-info.txt
	echo "#"							>> arp-info.txt
	/usr/sbin/arp -n -a						>> arp-info.txt		2>&1

}

#
# DHCP configuration
#
run_ipconfig () {

	if [ ! -x /usr/sbin/ipconfig ]; then
		return
	fi

	for if in ${IF_LIST}
	do
		case ${if} in
		lo* )	;;
		*)
			echo "#"					>> ipconfig-info.txt
			echo "# INTERFACE ${if}"			>> ipconfig-info.txt
			echo "#"					>> ipconfig-info.txt

			echo "DHCPv4 information:"			>> ipconfig-info.txt

			IPCONFIG_INFO=`/usr/sbin/ipconfig getpacket ${if}`
			if [ "${IPCONFIG_INFO}" != "" ]; then
				echo "${IPCONFIG_INFO}"			>> ipconfig-info.txt
			else
				echo "not available"			>> ipconfig-info.txt
			fi

			echo""						>> ipconfig-info.txt

			echo "DHCPv6 information:"			>> ipconfig-info.txt

			IPCONFIG_INFO=`/usr/sbin/ipconfig getv6packet ${if}`
			if [ "${IPCONFIG_INFO}" != "" ]; then
				echo "${IPCONFIG_INFO}"			>> ipconfig-info.txt
			else
				echo "not available"			>> ipconfig-info.txt
			fi

			echo""						>> ipconfig-info.txt
			;;
		esac
	done

}

#
# IPsec configuration
#
run_setkey () {

	if [ ! -x /usr/sbin/setkey -o ! -x /usr/bin/perl ]; then
		return
	fi

	echo "#"									>  ipsec.txt
	echo "# setkey -D"								>> ipsec.txt
	echo "#"									>> ipsec.txt
	${PRIV} /usr/sbin/setkey -D				\
	| /usr/bin/perl -l -n -e '
		if (/^(\s+[AE]:\s+\S+\s+)"?(.*)"?\s*$/) {
			printf "%s[redacted]%s\n", $1, $3;
		} else {
			printf "%s\n", $_;
		}
	'										>> ipsec.txt

	echo ""										>> ipsec.txt
	echo "#"									>> ipsec.txt
	echo "# setkey -Pp -D"								>> ipsec.txt
	echo "#"									>> ipsec.txt
	${PRIV} /usr/sbin/setkey -Pp -D							>> ipsec.txt

	for CF in /var/run/racoon/*.conf
	do
		if [ ! -r "${CF}" ]; then
			continue
		fi

		echo ""									>> ipsec.txt
		echo "#"								>> ipsec.txt
		echo "# ${CF}"								>> ipsec.txt
		echo "#"								>> ipsec.txt
		${PRIV} cat ${CF}				\
		| /usr/bin/perl -l -n -e '
			if (/^(\s+shared_secret\s+use\s+)"?([^\s;"]+)"?(.*)/) {
				printf "%s[redacted]%s\n", $1, $3;
			} else {
				printf "%s\n", $_;
			}
		'									>> ipsec.txt
	done

}

#
# Network preferences
#
collect_configuration_files () {

	for f in										\
		/Library/Preferences/com.apple.networkextension.plist				\
		/Library/Preferences/com.apple.networkextension.control.plist			\
		/Library/Preferences/com.apple.networkextension.necp.plist			\
		/Library/Preferences/SystemConfiguration/com.apple.nat.plist			\
		/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist	\
		/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist		\
		/Library/Preferences/com.apple.mDNSResponder.plist				\
		/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist		\
		/Library/Preferences/SystemConfiguration/preferences.plist			\

	do
		if [ -e "${f}" ]; then
			b="`basename ${f}`"
			cat "${f}"							> "${b}"			2>&1
		fi
	done

	if [ -e /etc/resolv.conf ]; then
		cat /etc/resolv.conf							> etc-resolv-conf.txt		2>&1
	fi
	if [ -e /var/run/resolv.conf ]; then
		cat /var/run/resolv.conf						> var-run-resolv-conf.txt	2>&1
	fi
	if [ -e /etc/resolver ]; then
		tar -c -H /etc/resolver							> etc-resolver.tar		2>/dev/null
	fi
}

collect_vpn_logs () {

	for f in										\
		/var/log/vpnd.log								\
		/var/log/racoon.log								\

	do
		if [ -e "${f}" ]; then
			b="`basename ${f}`"
			${PRIV} cat "${f}"							> "${b}".txt	2>&1
		fi
	done
}

#
# Network, DNS, Proxy, Reachability, Cache information
#
run_scutil () {

	if [ ! -x /usr/sbin/scutil ]; then
		return
	fi

	echo "#"								>  network-information.txt
	echo "# scutil -d -v --nwi"						>> network-information.txt
	echo "#"								>> network-information.txt
	/usr/sbin/scutil -d -v --nwi						>> network-information.txt	2>&1
	for if in ${IF_LIST}
	do
		echo ""								>> network-information.txt
		echo "#"							>> network-information.txt
		echo "# scutil --nwi ${if}"					>> network-information.txt
		echo "#"							>> network-information.txt
		scutil --nwi ${if}						>> network-information.txt	2>&1
	done

	echo "#"								>  dns-configuration.txt
	echo "# scutil -d -v --dns"						>> dns-configuration.txt
	echo "#"								>> dns-configuration.txt
	/usr/sbin/scutil -d -v --dns						>> dns-configuration.txt	2>&1

	echo "#"								>  proxy-configuration.txt
	echo "# scutil -d -v --proxy"						>> proxy-configuration.txt
	echo "#"								>> proxy-configuration.txt
	/usr/sbin/scutil -d -v --proxy						>> proxy-configuration.txt	2>&1

	echo "#"								>  reachability-info.txt
	echo '# scutil -d -v -r www.apple.com'					>> reachability-info.txt
	echo "#"								>> reachability-info.txt
	/usr/sbin/scutil -d -v -r www.apple.com					>> reachability-info.txt	2>&1

	echo "#"								>> reachability-info.txt
	echo '# scutil -d -v -r 0.0.0.0'					>> reachability-info.txt
	echo "#"								>> reachability-info.txt
	/usr/sbin/scutil -d -v -r 0.0.0.0					>> reachability-info.txt	2>&1

	${PRIV} /usr/sbin/scutil -p --snapshot
	if [ -f /var/tmp/configd-store.plist ]; then
		cat /var/tmp/configd-store.plist				> configd-store.plist		2>&1
	fi
	if [ -f /var/tmp/configd-pattern.plist ]; then
		cat /var/tmp/configd-pattern.plist				> configd-pattern.plist		2>&1
	fi
	if [ -f /var/tmp/configd-session.plist ]; then
		cat /var/tmp/configd-session.plist				> configd-session.plist		2>&1
	fi
	if [ -f /var/tmp/configd-state ]; then
		cat /var/tmp/configd-state					> configd-state			2>&1
	fi

}

run_route () {

	if [ ! -x /sbin/route ]; then
		return
	fi

	echo "#"								>  route-info.txt
	echo '# route -n -v get www.apple.com'					>> route-info.txt
	echo "#"								>> route-info.txt
	/sbin/route -n -v get www.apple.com					>> route-info.txt	2>&1

	echo "#"								>> route-info.txt
	echo '# route -n -v get 0.0.0.0'					>> route-info.txt
	echo "#"								>> route-info.txt
	/sbin/route -n -v get 0.0.0.0						>> route-info.txt	2>&1

}

run_dig () {

	if [ ! -x /usr/bin/dig -o ! -f /etc/resolv.conf ]; then
		return
	fi

	echo "#"								>  dig-info.txt
	echo '# dig -t any -c any www.apple.com'				>> dig-info.txt
	echo "#"								>> dig-info.txt
	/usr/bin/dig +time=2 -t any -c any www.apple.com			>> dig-info.txt		2>/dev/null

}

#
# Host name
#
run_hostname () {

	if [ ! -x /bin/hostname ]; then
		return
	fi

	/bin/hostname								> hostname.txt		2>&1

}

collect_sensitive_info () {
	collect_state_dump_sensitive
	run_ndp
	run_arp
}

collect_info () {
	collect_state_dump

	if [ "${COLLECT_SENSITIVE_INFO}" == "Y" ]; then
		collect_sensitive_info
	fi

	run_scutil
	run_dig
	run_ifconfig
	run_netstat
	run_ipconfig
	run_setkey
	collect_vpn_logs
	run_route
	run_hostname

	if [ "${COLLECT_CONFIGURATION_FILES}" == "Y" ]; then
		collect_configuration_files
	fi
}

# __COMMAND_ROUTINES_END__

# __HELPER_ROUTINES_BEGIN__

usage () {

	echo "Usage: get-network-info [-s] [-c] <info-directory>"
	echo "		-s		    collects sensitive information (ARP/NDP/mDNS cache)"
	echo "		-c		    collects system configuration files"
	echo "		<info-directory>    path to directory where all the information will be collected"

}

is_outdir_valid () {

	if [ ! -d ${REQUESTED_OUTDIR} ] ||
	   [ "${REQUESTED_OUTDIR}" = "" ]; then
		usage
		exit 1
	fi

	if [ ! -w ${REQUESTED_OUTDIR} ]; then
		echo "${REQUESTED_OUTDIR} is write-protected"
		exit 1
	fi
}

#
# Collect most used command output to be used later
#
optimize () {

	if [ ! -x /sbin/ifconfig ]; then
		return
	fi

	IF_LIST=`/sbin/ifconfig -l`

}

init_globals () {
	REQUESTED_OUTDIR=""
	COLLECT_SENSITIVE_INFO=""
	COLLECT_CONFIGURATION_FILES=""
}

# __HELPER_ROUTINES_END__

#
# __MAIN__
#
ARGS=`getopt sc $*`
if [ $? != 0 ]; then
	usage
	exit 1
fi

init_globals
process_opts
is_outdir_valid
setup
optimize
collect_info
wait

#TO-DO: Add packet trace

exit 0
Commit	Line	Data
9de8ab86 A	1	#!/bin/sh
	2
	3	#
	4	# Copyright © 2015 Apple Inc.
	5	#
	6	# get-network-info
	7	#
	8	# Collect network information.
	9	#
	10
	11	PATH=/bin:/usr/bin:/sbin:/usr/sbin
	12
	13	# __SETUP_ROUTINES_BEGIN__
	14
	15	process_opts () {
	16
	17	for i in $ARGS
	18	do
	19	case "$i"
	20	in
	21	-s)
	22	COLLECT_SENSITIVE_INFO="Y"
	23	shift;;
	24	-c)
	25	COLLECT_CONFIGURATION_FILES="Y"
	26	shift;;
	27	--)
	28	shift;;
	29	*)
	30	REQUESTED_OUTDIR="${i}"
	31	shift;;
	32	esac
	33	done
	34
	35	}
	36
	37	set_root () {
	38
	39	PRIV=""
	40	if [ ${EUID} -ne 0 ]; then
	41	PRIV="sudo"
	42	fi
	43
	44	}
	45
	46	#
	47	# Setup
	48	#
	49	setup () {
	50
	51	set_root
	52	umask 077
	53	cd "${REQUESTED_OUTDIR}"
	54
	55	}
	56
	57	# __SETUP_ROUTINES_END__
	58
	59
	60	# __COMMAND_ROUTINES_BEGIN__
	61
	62	# note: the daemons dump to syslog so you need to wait a bit before
	63	# capturing the logs.
	64	collect_state_dump () {
65
66	${PRIV} /usr/bin/killall -INFO networkd 2>/dev/null
67
68	sleep 1 &
69	}
70
71	collect_state_dump_sensitive () {
72
73	${PRIV} /usr/bin/killall -INFO mDNSResponder 2>/dev/null
74
75	sleep 1 &
76
77	}
78
79	#
80	# network interface configuration
81	#
82	run_ifconfig () {
83
84	if [ ! -x /sbin/ifconfig ]; then
85	return
86	fi
87
88	/sbin/ifconfig -a -L -b -m -r -v -v > ifconfig.txt 2>&1
89	if [ $? -ne 0 ]; then
90	/sbin/ifconfig -a > ifconfig.txt 2>&1
91	fi
92
93	}
94
95	#
96	# network route configuration and statistics
97	#
98	run_netstat () {
99
100	if [ ! -x /usr/sbin/netstat ]; then
101	return
102	fi
103
104	echo "#" > netstat.txt
105	echo "# netstat -n -r -a -l" >> netstat.txt
106	echo "#" >> netstat.txt
107	/usr/sbin/netstat -n -r -a -l >> netstat.txt 2>&1
108
109	echo "#" >> netstat.txt
110	echo "# netstat -A -a -l -n -v" >> netstat.txt
111	echo "#" >> netstat.txt
112	/usr/sbin/netstat -A -a -l -n -v >> netstat.txt 2>&1
113
114	echo "#" >> netstat.txt
115	echo "# netstat -s" >> netstat.txt
116	echo "#" >> netstat.txt
117	/usr/sbin/netstat -s >> netstat.txt 2>&1
118
119	echo "#" >> netstat.txt
120	echo "# netstat -mmm" >> netstat.txt
121	echo "#" >> netstat.txt
122	/usr/sbin/netstat -mmm >> netstat.txt 2>&1
123
124	echo "#" >> netstat.txt
125	echo "# netstat -i -n -d" >> netstat.txt
126	echo "#" >> netstat.txt
127	/usr/sbin/netstat -i -n -d >> netstat.txt 2>&1
128
129	echo "#" >> netstat.txt
130	echo "# netstat -i -x R" >> netstat.txt
131	echo "#" >> netstat.txt
132	/usr/sbin/netstat -i -x R >> netstat.txt 2>&1
133
134	echo "#" >> netstat.txt
135	echo "# netstat -a -n -p mptcp" >> netstat.txt
136	echo "#" >> netstat.txt
137	/usr/sbin/netstat -anp mptcp >> netstat.txt 2>&1
138
139	echo "#" >> netstat.txt
140	echo "# netstat -s -p mptcp" >> netstat.txt
141	echo "#" >> netstat.txt
142	/usr/sbin/netstat -s -p mptcp >> netstat.txt 2>&1
143
144	echo "#" >> netstat.txt
145	echo "# netstat -g -n -s" >> netstat.txt
146	echo "#" >> netstat.txt
147	/usr/sbin/netstat -g -n -s >> netstat.txt 2>&1
148
149	if [ -x /sbin/ifconfig ]; then
150	for if in ${IF_LIST}
151	do
152	IF_INFO=`/sbin/ifconfig -v ${if}`
153	`echo $IF_INFO \| grep -q TXSTART`
154	if [ $? -eq 0 ]; then
155	echo "#" >> netstat.txt
156	echo "# netstat -qq -I ${if}" >> netstat.txt
157	echo "#" >> netstat.txt
158	/usr/sbin/netstat -qq -I ${if} >> netstat.txt 2>&1
159	fi
160	`echo $IF_INFO \| grep -q RXPOLL`
161	if [ $? -eq 0 ]; then
162	echo "#" >> netstat.txt
163	echo "# netstat -Q -I ${if}" >> netstat.txt
164	echo "#" >> netstat.txt
165	/usr/sbin/netstat -Q -I ${if} >> netstat.txt 2>&1
166	fi
167	done
168	fi
169
170	}
171
172	run_ndp () {
173
174	if [ ! -x /usr/sbin/ndp ]; then
175	return
176	fi
177
178	echo "#" > ndp-info.txt
179	echo "# ndp -n -a" >> ndp-info.txt
180	echo "#" >> ndp-info.txt
181	/usr/sbin/ndp -n -a >> ndp-info.txt 2>&1
182
183	echo "#" >> ndp-info.txt
184	echo "# ndp -n -p" >> ndp-info.txt
185	echo "#" >> ndp-info.txt
186	/usr/sbin/ndp -n -p >> ndp-info.txt 2>&1
187
188	echo "#" >> ndp-info.txt
189	echo "# ndp -n -r" >> ndp-info.txt
190	echo "#" >> ndp-info.txt
191	/usr/sbin/ndp -n -r >> ndp-info.txt 2>&1
192
193	if [ -x /sbin/ifconfig ]; then
194	for if in ${IF_LIST}
195	do
196	echo "#" >> ndp-info.txt
197	echo "# ndp -i ${if}" >> ndp-info.txt
198	echo "#" >> ndp-info.txt
199	/usr/sbin/ndp -i ${if} >> ndp-info.txt 2>&1
200	done
201	fi
202
203	}
204
205	run_arp () {
206
207	if [ ! -x /usr/sbin/arp ]; then
208	return
209	fi
210
211	echo "#" > arp-info.txt
212	echo "# arp -n -a" >> arp-info.txt
213	echo "#" >> arp-info.txt
214	/usr/sbin/arp -n -a >> arp-info.txt 2>&1
215
216	}
217
218	#
219	# DHCP configuration
220	#
221	run_ipconfig () {
222
223	if [ ! -x /usr/sbin/ipconfig ]; then
224	return
225	fi
226
227	for if in ${IF_LIST}
228	do
229	case ${if} in
230	lo* ) ;;
231	*)
232	echo "#" >> ipconfig-info.txt
233	echo "# INTERFACE ${if}" >> ipconfig-info.txt
234	echo "#" >> ipconfig-info.txt
235
236	echo "DHCPv4 information:" >> ipconfig-info.txt
237
238	IPCONFIG_INFO=`/usr/sbin/ipconfig getpacket ${if}`
239	if [ "${IPCONFIG_INFO}" != "" ]; then
240	echo "${IPCONFIG_INFO}" >> ipconfig-info.txt
241	else
242	echo "not available" >> ipconfig-info.txt
243	fi
244
245	echo"" >> ipconfig-info.txt
246
247	echo "DHCPv6 information:" >> ipconfig-info.txt
248
249	IPCONFIG_INFO=`/usr/sbin/ipconfig getv6packet ${if}`
250	if [ "${IPCONFIG_INFO}" != "" ]; then
251	echo "${IPCONFIG_INFO}" >> ipconfig-info.txt
252	else
253	echo "not available" >> ipconfig-info.txt
254	fi
255
256	echo"" >> ipconfig-info.txt
257	;;
258	esac
259	done
260
261	}
262
263	#
264	# IPsec configuration
265	#
266	run_setkey () {
267
268	if [ ! -x /usr/sbin/setkey -o ! -x /usr/bin/perl ]; then
269	return
270	fi
271
272	echo "#" > ipsec.txt
273	echo "# setkey -D" >> ipsec.txt
274	echo "#" >> ipsec.txt
275	${PRIV} /usr/sbin/setkey -D \
276	\| /usr/bin/perl -l -n -e '
277	if (/^(\s+[AE]:\s+\S+\s+)"?(.)"?\s$/) {
278	printf "%s[redacted]%s\n", $1, $3;
279	} else {
280	printf "%s\n", $_;
281	}
282	' >> ipsec.txt
283
284	echo "" >> ipsec.txt
285	echo "#" >> ipsec.txt
286	echo "# setkey -Pp -D" >> ipsec.txt
287	echo "#" >> ipsec.txt
288	${PRIV} /usr/sbin/setkey -Pp -D >> ipsec.txt
289
290	for CF in /var/run/racoon/*.conf
291	do
292	if [ ! -r "${CF}" ]; then
293	continue
294	fi
295
296	echo "" >> ipsec.txt
297	echo "#" >> ipsec.txt
298	echo "# ${CF}" >> ipsec.txt
299	echo "#" >> ipsec.txt
300	${PRIV} cat ${CF} \
301	\| /usr/bin/perl -l -n -e '
302	if (/^(\s+shared_secret\s+use\s+)"?([^\s;"]+)"?(.*)/) {
303	printf "%s[redacted]%s\n", $1, $3;
304	} else {
305	printf "%s\n", $_;
306	}
307	' >> ipsec.txt
308	done
309
310	}
311
312	#
313	# Network preferences
314	#
315	collect_configuration_files () {
316
317	for f in \
318	/Library/Preferences/com.apple.networkextension.plist \
319	/Library/Preferences/com.apple.networkextension.control.plist \
320	/Library/Preferences/com.apple.networkextension.necp.plist \
321	/Library/Preferences/SystemConfiguration/com.apple.nat.plist \
322	/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist \
323	/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist \
324	/Library/Preferences/com.apple.mDNSResponder.plist \
325	/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist \
326	/Library/Preferences/SystemConfiguration/preferences.plist \
327
328	do
329	if [ -e "${f}" ]; then
330	b="`basename ${f}`"
331	cat "${f}" > "${b}" 2>&1
332	fi
333	done
334
335	if [ -e /etc/resolv.conf ]; then
336	cat /etc/resolv.conf > etc-resolv-conf.txt 2>&1
337	fi
338	if [ -e /var/run/resolv.conf ]; then
339	cat /var/run/resolv.conf > var-run-resolv-conf.txt 2>&1
340	fi
341	if [ -e /etc/resolver ]; then
342	tar -c -H /etc/resolver > etc-resolver.tar 2>/dev/null
343	fi
344	}
345
346	collect_vpn_logs () {
347
348	for f in \
349	/var/log/vpnd.log \
350	/var/log/racoon.log \
351
352	do
353	if [ -e "${f}" ]; then
354	b="`basename ${f}`"
355	${PRIV} cat "${f}" > "${b}".txt 2>&1
356	fi
357	done
358	}
359
360	#
361	# Network, DNS, Proxy, Reachability, Cache information
362	#
363	run_scutil () {
364
365	if [ ! -x /usr/sbin/scutil ]; then
366	return
367	fi
368
369	echo "#" > network-information.txt
370	echo "# scutil -d -v --nwi" >> network-information.txt
371	echo "#" >> network-information.txt
372	/usr/sbin/scutil -d -v --nwi >> network-information.txt 2>&1
373	for if in ${IF_LIST}
374	do
375	echo "" >> network-information.txt
376	echo "#" >> network-information.txt
377	echo "# scutil --nwi ${if}" >> network-information.txt
378	echo "#" >> network-information.txt
379	scutil --nwi ${if} >> network-information.txt 2>&1
380	done
381
382	echo "#" > dns-configuration.txt
383	echo "# scutil -d -v --dns" >> dns-configuration.txt
384	echo "#" >> dns-configuration.txt
385	/usr/sbin/scutil -d -v --dns >> dns-configuration.txt 2>&1
386
387	echo "#" > proxy-configuration.txt
388	echo "# scutil -d -v --proxy" >> proxy-configuration.txt
389	echo "#" >> proxy-configuration.txt
390	/usr/sbin/scutil -d -v --proxy >> proxy-configuration.txt 2>&1
391
392	echo "#" > reachability-info.txt
393	echo '# scutil -d -v -r www.apple.com' >> reachability-info.txt
394	echo "#" >> reachability-info.txt
395	/usr/sbin/scutil -d -v -r www.apple.com >> reachability-info.txt 2>&1
396
397	echo "#" >> reachability-info.txt
398	echo '# scutil -d -v -r 0.0.0.0' >> reachability-info.txt
399	echo "#" >> reachability-info.txt
400	/usr/sbin/scutil -d -v -r 0.0.0.0 >> reachability-info.txt 2>&1
401
402	${PRIV} /usr/sbin/scutil -p --snapshot
403	if [ -f /var/tmp/configd-store.plist ]; then
404	cat /var/tmp/configd-store.plist > configd-store.plist 2>&1
405	fi
406	if [ -f /var/tmp/configd-pattern.plist ]; then
407	cat /var/tmp/configd-pattern.plist > configd-pattern.plist 2>&1
408	fi
409	if [ -f /var/tmp/configd-session.plist ]; then
410	cat /var/tmp/configd-session.plist > configd-session.plist 2>&1
411	fi
412	if [ -f /var/tmp/configd-state ]; then
413	cat /var/tmp/configd-state > configd-state 2>&1
414	fi
415
416	}
417
418	run_route () {
419
420	if [ ! -x /sbin/route ]; then
421	return
422	fi
423
424	echo "#" > route-info.txt
425	echo '# route -n -v get www.apple.com' >> route-info.txt
426	echo "#" >> route-info.txt
427	/sbin/route -n -v get www.apple.com >> route-info.txt 2>&1
428
429	echo "#" >> route-info.txt
430	echo '# route -n -v get 0.0.0.0' >> route-info.txt
431	echo "#" >> route-info.txt
432	/sbin/route -n -v get 0.0.0.0 >> route-info.txt 2>&1
433
434	}
435
436	run_dig () {
437
438	if [ ! -x /usr/bin/dig -o ! -f /etc/resolv.conf ]; then
439	return
440	fi
441
442	echo "#" > dig-info.txt
443	echo '# dig -t any -c any www.apple.com' >> dig-info.txt
444	echo "#" >> dig-info.txt
445	/usr/bin/dig +time=2 -t any -c any www.apple.com >> dig-info.txt 2>/dev/null
446
447	}
448
449	#
450	# Host name
451	#
452	run_hostname () {
453
454	if [ ! -x /bin/hostname ]; then
455	return
456	fi
457
458	/bin/hostname > hostname.txt 2>&1
459
460	}
461
462	collect_sensitive_info () {
463	collect_state_dump_sensitive
464	run_ndp
465	run_arp
466	}
467
468	collect_info () {
469	collect_state_dump
470
471	if [ "${COLLECT_SENSITIVE_INFO}" == "Y" ]; then
472	collect_sensitive_info
473	fi
474
475	run_scutil
476	run_dig
477	run_ifconfig
478	run_netstat
479	run_ipconfig
480	run_setkey
481	collect_vpn_logs
482	run_route
483	run_hostname
484
485	if [ "${COLLECT_CONFIGURATION_FILES}" == "Y" ]; then
486	collect_configuration_files
487	fi
488	}
489
490	# __COMMAND_ROUTINES_END__
491
492	# __HELPER_ROUTINES_BEGIN__
493
494	usage () {
495
496	echo "Usage: get-network-info [-s] [-c] <info-directory>"
497	echo " -s collects sensitive information (ARP/NDP/mDNS cache)"
498	echo " -c collects system configuration files"
499	echo " <info-directory> path to directory where all the information will be collected"
500
501	}
502
503	is_outdir_valid () {
504
505	if [ ! -d ${REQUESTED_OUTDIR} ] \|\|
506	[ "${REQUESTED_OUTDIR}" = "" ]; then
507	usage
508	exit 1
509	fi
510
511	if [ ! -w ${REQUESTED_OUTDIR} ]; then
512	echo "${REQUESTED_OUTDIR} is write-protected"
513	exit 1
514	fi
515	}
516
517	#
518	# Collect most used command output to be used later
519	#
520	optimize () {
521
522	if [ ! -x /sbin/ifconfig ]; then
523	return
524	fi
525
526	IF_LIST=`/sbin/ifconfig -l`
527
528	}
529
530	init_globals () {
531	REQUESTED_OUTDIR=""
532	COLLECT_SENSITIVE_INFO=""
533	COLLECT_CONFIGURATION_FILES=""
534	}
535
536	# __HELPER_ROUTINES_END__
537
538	#
539	# __MAIN__
540	#
541	ARGS=`getopt sc $*`
542	if [ $? != 0 ]; then
543	usage
544	exit 1
545	fi
546
547	init_globals
548	process_opts
549	is_outdir_valid
550	setup
551	optimize
552	collect_info
553	wait
554
555	#TO-DO: Add packet trace
556
557	exit 0