[apple/configd.git] / get-mobility-info

#!/bin/sh
# Copyright (c) 2004-2009 Apple Inc.
#
# get-mobility-info
#
# Collect system & network configuration information.
#

PATH=/bin:/usr/bin:/sbin:/usr/sbin

PRIV=""
if [ ${EUID} -ne 0 ]; then
	PRIV="sudo"
fi

OUT="mobility-info-`date +'%m.%d.%Y.%H%M%S'`"
OUTDIR="/var/tmp"
if [ -d ~/Desktop ]; then
	OUTDIR=~/Desktop
elif [ "`readlink /tmp`" = "private/var/tmp" ]; then
	OUTDIR=/Library/Logs/CrashReporter/SystemConfiguration
	mkdir -p ${OUTDIR}
fi

umask 077

WORKDIR=`mktemp -d -q "/tmp/${OUT}"`
if [ $? -ne 0 ]; then
	echo "Could not create snapshot directory"
	exit 1
fi

GZ_EXT=""
GZ_OPT=""
if [ -x /usr/bin/gzip ]; then
	GZ_EXT=".gz"
	GZ_OPT="-z"
fi

ARCHIVE=`mktemp -q "${OUTDIR}/${OUT}.tar${GZ_EXT}"`
if [ $? -ne 0 ]; then
	echo "Could not create snapshot archive"
	rm -rf "${WORKDIR}"
	exit 1
fi

cd "${WORKDIR}"

#
# processes
#
ps axlww						> ps			2>&1

#
# network interface configuration
#
ifconfig -a -b						> ifconfig		2>&1

#
# network route configuration
#
netstat -n -r -a -l					> netstat		2>&1

#
# DHCP configuration
#
for if in `ifconfig -l`
do
	case ${if} in
	lo* )	;;
	en* )	ipconfig getpacket ${if}		> ipconfig-${if}	2>&1
		;;
	esac
done

#
# AirPort info
#
if [ -x /System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport ]; then
	/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport --getinfo	\
							> airport		2>&1
fi

#
# OS info
#
if [ -e /System/Library/CoreServices/SystemVersion.plist ]; then
	cat /System/Library/CoreServices/SystemVersion.plist	\
							> SystemVersion.plist	2>&1
fi
if [ -e /System/Library/CoreServices/ServerVersion.plist ]; then
	cat /System/Library/CoreServices/ServerVersion.plist	\
							> ServerVersion.plist	2>&1
fi

#
# IOKit info
#
ioreg -i -l -w 0					>  ioreg		2>&1
ioreg -i -l -p IODeviceTree -w 0			>> ioreg		2>&1

#
# Host name
#
hostname						> hostname		2>&1

#
# Host configuration
#
hostinfo						> hostinfo		2>&1
if [ -e /etc/hostconfig ]; then
	cat /etc/hostconfig				> etc.hostconfig	2>&1
fi

#
# DNS configuration
#
scutil --dns						> dns-configuration	2>&1
if [ -e /etc/resolv.conf ]; then
	cat /etc/resolv.conf				> etc.resolv.conf	2>&1
fi
if [ -e /var/run/resolv.conf ]; then
	cat /var/run/resolv.conf			> var.run.resolv.conf	2>&1
fi

#
# Proxy configuration
#
scutil --proxy						> proxy-configuration	2>&1

#
# System / network preferences
#
for f in										\
	/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist		\
	/Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist	\
	/Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist	\
	/Library/Preferences/SystemConfiguration/com.apple.nat.plist			\
	/Library/Preferences/SystemConfiguration/com.apple.network.identification.plist	\
	/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist		\
	/Library/Preferences/SystemConfiguration/com.apple.wifi.plist			\
	/Library/Preferences/SystemConfiguration/preferences.plist			\
	/Library/Preferences/com.apple.alf.plist					\
	/Library/Preferences/com.apple.sharing.firewall.plist				\

do
	if [ -e "${f}" ]; then
		b="`basename ${f}`"
		cat "${f}"				> "${b}"		2>&1
	fi
done

#
# configd's cache
#
${PRIV} scutil -p <<_END_OF_INPUT
open
snapshot
quit
_END_OF_INPUT
if [ -f /var/tmp/configd-store.xml ]; then
	cat /var/tmp/configd-store.xml			> configd-store.xml	2>&1
fi
if [ -f /var/tmp/configd-pattern.xml ]; then
	cat /var/tmp/configd-pattern.xml		> configd-pattern.xml	2>&1
fi
if [ -f /var/tmp/configd-session.xml ]; then
	cat /var/tmp/configd-session.xml		> configd-session.xml	2>&1
fi
if [ -f /var/tmp/configd-state ]; then
	cat /var/tmp/configd-state			> configd-state		2>&1
fi

#
# network reachability
#
scutil -d -v -r www.apple.com				> reachability-info	2>&1
if [ -x /usr/bin/dig -a -f /etc/resolv.conf ]; then
	/usr/bin/dig -t any -c any www.apple.com	> dig-results		2>/dev/null
fi

#
# mounted filesystems
#
mount							> mounted-filesystems	2>&1

#
# mDNSResponder info
#
if [ -f /var/run/mDNSResponder.pid ]; then
	${PRIV} kill -INFO `cat /var/run/mDNSResponder.pid`
fi

#
# system log, kernel.log, early boot log messages
#
if [ -x /usr/bin/syslog ]; then
	${PRIV} syslog | tail -n 25000					> syslog
	if [ -d /var/log/DiagnosticMessages ]; then
		${PRIV} syslog	-d /var/log/DiagnosticMessages	\
				-F raw				\
				-T local			\
			| tail -n 25000					> DiagnosticMessages
	fi
else
	if [ -f /var/log/system.log ]; then
		${PRIV} tail -n 25000 /var/log/system.log		> system.log
	fi
	if [ -f /var/log/kernel.log ]; then
		${PRIV} tail -n 25000 /var/log/kernel.log		> kernel.log
	fi
fi
${PRIV} dmesg								> dmesg

#
# IPConfiguration log
#
if [ -f /var/log/com.apple.IPConfiguration.bootp ]; then
	${PRIV} tail -n 2000 /var/log/com.apple.IPConfiguration.bootp	\
							> com.apple.IPConfiguration.bootp
fi

#
# ppp log file(s)
#
scutil <<_END_OF_INPUT				\
| awk -F' *: *'					\
    '						\
     /Logfile : / {				\
       if (index($2, "/") == 1) { print $2 }	\
       else { print "/var/log/ppp/" $2 }	\
     }						\
     END {					\
       print "/tmp/pppotcp.log"			\
     }						\
    '						\
| sort -u					\
| while read logFile
open
show Setup:/Network/Service/[^/]+/PPP pattern
quit
_END_OF_INPUT
do
	if [ -f "${logFile}" ]; then
		b="`basename ${logFile}`"
		cat "${logFile}"			> "${b}"		2>&1
	fi
done

#
# application firewall log
#
if [ -f /var/log/appfirewall.log ]; then
	${PRIV} tail -n 2000 /var/log/appfirewall.log	> appfirewall.log
fi

#
# kernel extensions statistic
#
if   [ -x /usr/sbin/kextstat ]; then
	kextstat					> kextstat		2>&1
elif [ -x /usr/sbin/kmodstat ]; then
	kmodstat					> kmodstat		2>&1
fi

#
# network statistics
#
echo "#"						>  network-statistics
echo "# arp -n -a"					>> network-statistics
echo "#"						>> network-statistics
arp -n -a						>> network-statistics	2>&1

echo "#"						>> network-statistics
echo "# netstat -n -a -A"				>> network-statistics
echo "#"						>> network-statistics
netstat -n -a -A					>> network-statistics	2>&1

if [ -x /usr/sbin/lsof ]; then
	echo "#"					>> network-statistics
	echo "# lsof -i -n -P"				>> network-statistics
	echo "#"					>> network-statistics
	${PRIV} lsof -i -n -P				>> network-statistics	2>&1
fi

echo "#"						>> network-statistics
echo "# netstat -s"					>> network-statistics
echo "#"						>> network-statistics
netstat -s						>> network-statistics	2>&1

echo "#"						>> network-statistics
echo "# netstat -mmm"					>> network-statistics
echo "#"						>> network-statistics
netstat -mmm						>> network-statistics	2>&1

echo "#"						>> network-statistics
echo "# netstat -i -n -d"				>> network-statistics
echo "#"						>> network-statistics
netstat -i -n -d					>> network-statistics	2>&1

if [ -x /sbin/ipfw ]; then
	echo "#"					>> network-statistics
	echo "# ipfw -at show"				>> network-statistics
	echo "#"					>> network-statistics
	ipfw -at show					>> network-statistics	2>&1
fi

if [ -x /usr/sbin/appletalk ]; then
	echo "#"					>> network-statistics
	echo "# appletalk -s"				>> network-statistics
	echo "#"					>> network-statistics
	appletalk -s					>> network-statistics	2>&1
fi

#
# system usage statistics
#
echo "#"						>  system-statistics
echo "# uptime"						>> system-statistics
echo "#"						>> system-statistics
uptime							>> system-statistics	2>&1

echo "#"						>> system-statistics
echo "# sysctl -a"					>> system-statistics
echo "#"						>> system-statistics
sysctl -a						>> system-statistics	2>&1

echo "#"						>> system-statistics
echo "# zprint"						>> system-statistics
echo "#"						>> system-statistics
zprint							>> system-statistics	2>&1

echo "#"						>> system-statistics
echo "# top -l5 -s2"					>> system-statistics
echo "#"						>> system-statistics
echo ""
echo "Please wait, collecting statistics"
echo ""
top -s 2 -l 5						>> system-statistics	2>&1

#
# DirectoryService info
#
if [ -x /usr/bin/dscacheutil ]; then
	echo "#"					>  ds-info
	echo "# dscacheutil -configuration"		>> ds-info
	echo "#"					>> ds-info
	dscacheutil -configuration			>> ds-info		2>&1

	echo "#"					>> ds-info
	echo "# dscacheutil -statistics"		>> ds-info
	echo "#"					>> ds-info
	dscacheutil -statistics				>> ds-info		2>&1

	echo "#"					>> ds-info
	echo "# dscacheutil -cachedump -entries"	>> ds-info
	echo "#"					>> ds-info
	dscacheutil -cachedump -entries			>> ds-info		2>&1
fi

#
# IPsec configuration
#
echo "#"						>  ipsec
echo "# setkey -D"					>> ipsec
echo "#"						>> ipsec
${PRIV} setkey -D					\
| perl -nle '
	if (/^(\s+[AE]:\s+\S+\s+)"?(.*)"?\s*$/) {
		chop($sha1=`echo "$2" | openssl sha1`);
		printf "%s[SHA-1:%s]\n", $1, $sha1;
	} else {
		printf "%s\n", $_;
	}
'							>> ipsec

echo ""							>> ipsec
echo "#"						>> ipsec
echo "# setkey -Pp -D"					>> ipsec
echo "#"						>> ipsec
${PRIV} setkey -Pp -D					>> ipsec

for CF in /var/run/racoon/*.conf
do
	if [ ! -r "${CF}" ]; then
		continue
	fi

	echo ""						>> ipsec
	echo "#"					>> ipsec
	echo "# ${CF}"					>> ipsec
	echo "#"					>> ipsec
	${PRIV} cat ${CF}				\
	| perl -nle '
		if (/^(\s+shared_secret\s+use\s+)"?([^\s;"]+)"?(.*)/) {
			chop($sha1=`echo "$2" | openssl sha1`);
			printf "%s[SHA-1:%s]%s\n", $1, $sha1, $3;
		} else {
			printf "%s\n", $_;
		}
	'						>> ipsec
done

#
# Kerberos configuration
#
if [ -x /usr/bin/klist ]; then
	echo "#"					>  kerberos
	echo "# klist -e -c -A -f -a -n"		>> kerberos
	echo "#"					>> kerberos
	${PRIV} klist -e -c -A -f -a -n			>> kerberos	2>&1

	echo "#"					>> kerberos
	echo "# klist -e -k -t -K"			>> kerberos
	echo "#"					>> kerberos
	${PRIV} klist -e -k -t -K			>> kerberos	2>&1
fi

#
# BTMM configuration
#
DIG()
{
	/usr/bin/dig @pm-members.mac.com -y "${DOMAIN}:${TSIG}" +short "${1}" "${2}" 2>/dev/null
}

scutil <<_END_OF_INPUT					\
| sed -n 's@.* : *\(.*\.members\.mac\.com\)$@\1@p'	\
| sort							\
| while read DOMAIN
open
show Setup:/Network/BackToMyMac
quit
_END_OF_INPUT
do
	echo ""							>> btmm
	echo "${DOMAIN}"					>> btmm

	# lookup TSIG in base64 format
	TSIG=`								\
		${PRIV} security find-generic-password			\
			-s dns:${DOMAIN}				\
			-g /Library/Keychains/System.keychain 2>&1	\
		| grep "^password: "					\
		| cut -d '"' -f 2					\
		| cut -d '\' -f 1					\
	     `
	if [ -z "$TSIG" ]; then
		echo "  No TSIG in system keychain."		>> btmm
		continue
	fi
	if [ `echo "$TSIG" | wc -l` -ne 1 ] ; then
		echo "  More than one TSIG in system keychain."	>> btmm
		continue
	fi

	KEYHASH="[SHA-1:`echo ${TSIG} | openssl sha1`]"
	echo ""							>> btmm
	echo "  KEY: ${KEYHASH}"				>> btmm

	for TYPE in			\
		_afpovertcp._tcp	\
		_airport._tcp		\
		_adisk._tcp		\
		_http._tcp		\
		_rfb._tcp		\
		_smb._tcp		\
		_ssh._tcp
	do
		DIG "${TYPE}.${DOMAIN}" ptr	\
		| while read -r REG
		do
			echo ""					>> btmm
			/bin/echo "  ${REG}"			>> btmm
			echo ""					>> btmm

			INF_Q=`/bin/echo "${REG}" | sed -e "s/${TYPE}/_device-info._tcp/"`
			INF=`DIG "${INF_Q}" txt`
			echo "    INF: ${INF}"			>> btmm

			SRV=`DIG ${REG} srv`
			SRV1=`/bin/echo "${SRV}" | head -1`
			echo "    SRV: ${SRV1}"			>> btmm
			SRV2=`/bin/echo "${SRV}" | tail +2`
			if [ -n "${SRV2}" ]; then
				SRV="${SRV1}"
				/bin/echo "${SRV2}"		\
				| sed -e 's/^/  *****: /'	>> btmm
			fi

			TXT=`DIG ${REG} txt`
			TXT1=`/bin/echo "${TXT}" | head -1`
			echo "    TXT: ${TXT1}"			>> btmm
			TXT2=`/bin/echo "${TXT}" | tail +2`
			if [ -n "${TXT2}" ]; then
				/bin/echo "${TXT2}"		\
				| sed -e 's/^/  *****: /'	>> btmm
			fi

			HOST=`/bin/echo "${SRV}" | cut -d ' ' -f 4-`
			if [ -n "${HOST}" ]; then
			V4=`DIG ${HOST} a`
				V6=`DIG ${HOST} aaaa`
				KRB=`DIG _kerberos.${HOST} txt`
				TUN=`DIG _autotunnel._udp.${HOST} srv`
			else
				V4=""
				V6=""
				KRB=""
				TUN=""
			fi
			if [ -n "${V4}" ]; then
				echo "     v4: ${V4}"		>> btmm
			fi
			if [ -n "${V6}" ]; then
				echo "     v6: ${V6}"		>> btmm
			fi
			echo "    KRB: ${KRB}"			>> btmm
			echo "    TUN: ${TUN}"			>> btmm
			if [ -n "${TUN}" ]; then
			HOST=`/bin/echo "${TUN}" | cut -d ' ' -f 4-`
				if [ -n "${HOST}" ]; then
			V4=`DIG ${HOST} a`
					V6=`DIG ${HOST} aaaa`
				fi
			if [ -n "${V4}" ]; then
				echo "     v4: ${V4}"		>> btmm
			fi
			if [ -n "${V6}" ]; then
				echo "     v6: ${V6}"		>> btmm
			fi
			fi
		done
	done
done

#
# collect crash reports
#
for daemon in				\
		bootpd			\
		configd			\
		eapolclient		\
		mDNSResponder		\
		mDNSResponderHelper	\
		pppd			\
		racoon			\
		socketfilterfw		\
		SCHelper		\
		SCMonitor		\

do
	/bin/ls -1	/Library/Logs/CrashReporter/${daemon}_*.crash		\
			/Library/Logs/DiagnosticReports/${daemon}/*.crash	\
			2>/dev/null						\
	| while read log
	do
		b="`basename ${log}`"
		${PRIV} cat "${log}"			> "${b}"		2>&1
	done
done

#
# collect everything into a single archive
#
cd "${WORKDIR}/.."
pax -w ${GZ_OPT} -f "${ARCHIVE}" "${OUT}"
rm -rf "${WORKDIR}"

if [ ${UID} -eq 0 ]; then
	if [ -n "${SUDO_UID}" -a -n "${SUDO_GID}" ]; then
		if [ ${UID} -ne ${SUDO_UID} ]; then
			chown ${SUDO_UID}:${SUDO_GID} "${ARCHIVE}"
		fi
	fi
fi

echo "Network data collected to \"${ARCHIVE}\""

#
# if requested, generate a crash report
#
if [ "${OUTDIR}" = "/Library/Logs/CrashReporter/SystemConfiguration" -a "${1}" = "CRASH" ]; then
	kill -ABRT $$
fi
Commit	Line	Data
dbf6a266	1	#!/bin/sh
a40a14f8	2	# Copyright (c) 2004-2009 Apple Inc.
edebe297	3	#
dbf6a266 A	4	# get-mobility-info
	5	#
	6	# Collect system & network configuration information.
	7	#
	8
dbf6a266 A	9	PATH=/bin:/usr/bin:/sbin:/usr/sbin
	10
	11	PRIV=""
	12	if [ ${EUID} -ne 0 ]; then
	13	PRIV="sudo"
	14	fi
	15
edebe297 A	16	OUT="mobility-info-`date +'%m.%d.%Y.%H%M%S'`"
	17	OUTDIR="/var/tmp"
	18	if [ -d ~/Desktop ]; then
	19	OUTDIR=~/Desktop
a40a14f8 A	20	elif [ "`readlink /tmp`" = "private/var/tmp" ]; then
	21	OUTDIR=/Library/Logs/CrashReporter/SystemConfiguration
	22	mkdir -p ${OUTDIR}
edebe297 A	23	fi
	24
	25	umask 077
	26
	27	WORKDIR=`mktemp -d -q "/tmp/${OUT}"`
	28	if [ $? -ne 0 ]; then
	29	echo "Could not create snapshot directory"
	30	exit 1
	31	fi
	32
a40a14f8 A	33	GZ_EXT=""
	34	GZ_OPT=""
	35	if [ -x /usr/bin/gzip ]; then
	36	GZ_EXT=".gz"
	37	GZ_OPT="-z"
	38	fi
	39
	40	ARCHIVE=`mktemp -q "${OUTDIR}/${OUT}.tar${GZ_EXT}"`
edebe297 A	41	if [ $? -ne 0 ]; then
	42	echo "Could not create snapshot archive"
	43	rm -rf "${WORKDIR}"
	44	exit 1
	45	fi
	46
	47	cd "${WORKDIR}"
dbf6a266 A	48
	49	#
	50	# processes
	51	#
edebe297	52	ps axlww > ps 2>&1
dbf6a266 A	53
	54	#
	55	# network interface configuration
	56	#
edebe297	57	ifconfig -a -b > ifconfig 2>&1
dbf6a266 A	58
	59	#
	60	# network route configuration
	61	#
edebe297	62	netstat -n -r -a -l > netstat 2>&1
dbf6a266 A	63
	64	#
	65	# DHCP configuration
	66	#
	67	for if in `ifconfig -l`
	68	do
	69	case ${if} in
	70	lo* ) ;;
edebe297	71	en* ) ipconfig getpacket ${if} > ipconfig-${if} 2>&1
dbf6a266 A	72	;;
	73	esac
	74	done
	75
edebe297 A	76	#
	77	# AirPort info
	78	#
	79	if [ -x /System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport ]; then
	80	/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport --getinfo \
	81	> airport 2>&1
	82	fi
	83
dbf6a266 A	84	#
	85	# OS info
	86	#
	87	if [ -e /System/Library/CoreServices/SystemVersion.plist ]; then
	88	cat /System/Library/CoreServices/SystemVersion.plist \
edebe297	89	> SystemVersion.plist 2>&1
dbf6a266 A	90	fi
	91	if [ -e /System/Library/CoreServices/ServerVersion.plist ]; then
	92	cat /System/Library/CoreServices/ServerVersion.plist \
edebe297	93	> ServerVersion.plist 2>&1
dbf6a266 A	94	fi
	95
	96	#
	97	# IOKit info
	98	#
a40a14f8 A	99	ioreg -i -l -w 0 > ioreg 2>&1
a40a14f8 A	100	ioreg -i -l -p IODeviceTree -w 0 >> ioreg 2>&1
edebe297 A	101
	102	#
	103	# Host name
	104	#
	105	hostname > hostname 2>&1
dbf6a266 A	106
	107	#
	108	# Host configuration
	109	#
edebe297	110	hostinfo > hostinfo 2>&1
dbf6a266	111	if [ -e /etc/hostconfig ]; then
edebe297	112	cat /etc/hostconfig > etc.hostconfig 2>&1
dbf6a266 A	113	fi
	114
	115	#
	116	# DNS configuration
	117	#
edebe297	118	scutil --dns > dns-configuration 2>&1
dbf6a266	119	if [ -e /etc/resolv.conf ]; then
edebe297	120	cat /etc/resolv.conf > etc.resolv.conf 2>&1
dbf6a266 A	121	fi
dbf6a266 A	122	if [ -e /var/run/resolv.conf ]; then
edebe297	123	cat /var/run/resolv.conf > var.run.resolv.conf 2>&1
dbf6a266 A	124	fi
	125
	126	#
edebe297	127	# Proxy configuration
dbf6a266	128	#
edebe297	129	scutil --proxy > proxy-configuration 2>&1
dbf6a266 A	130
	131	#
	132	# System / network preferences
	133	#
	134	for f in \
	135	/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist \
	136	/Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist \
	137	/Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist \
	138	/Library/Preferences/SystemConfiguration/com.apple.nat.plist \
edebe297 A	139	/Library/Preferences/SystemConfiguration/com.apple.network.identification.plist \
edebe297 A	140	/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist \
a40a14f8	141	/Library/Preferences/SystemConfiguration/com.apple.wifi.plist \
dbf6a266	142	/Library/Preferences/SystemConfiguration/preferences.plist \
a40a14f8	143	/Library/Preferences/com.apple.alf.plist \
dbf6a266 A	144	/Library/Preferences/com.apple.sharing.firewall.plist \
	145
	146	do
edebe297 A	147	if [ -e "${f}" ]; then
	148	b="`basename ${f}`"
	149	cat "${f}" > "${b}" 2>&1
dbf6a266 A	150	fi
	151	done
	152
	153	#
	154	# configd's cache
	155	#
	156	${PRIV} scutil -p <<_END_OF_INPUT
	157	open
	158	snapshot
	159	quit
	160	_END_OF_INPUT
	161	if [ -f /var/tmp/configd-store.xml ]; then
edebe297	162	cat /var/tmp/configd-store.xml > configd-store.xml 2>&1
dbf6a266 A	163	fi
dbf6a266 A	164	if [ -f /var/tmp/configd-pattern.xml ]; then
edebe297	165	cat /var/tmp/configd-pattern.xml > configd-pattern.xml 2>&1
dbf6a266 A	166	fi
dbf6a266 A	167	if [ -f /var/tmp/configd-session.xml ]; then
edebe297 A	168	cat /var/tmp/configd-session.xml > configd-session.xml 2>&1
	169	fi
	170	if [ -f /var/tmp/configd-state ]; then
	171	cat /var/tmp/configd-state > configd-state 2>&1
dbf6a266 A	172	fi
	173
	174	#
	175	# network reachability
	176	#
edebe297	177	scutil -d -v -r www.apple.com > reachability-info 2>&1
a40a14f8 A	178	if [ -x /usr/bin/dig -a -f /etc/resolv.conf ]; then
a40a14f8 A	179	/usr/bin/dig -t any -c any www.apple.com > dig-results 2>/dev/null
dbf6a266 A	180	fi
	181
	182	#
	183	# mounted filesystems
	184	#
edebe297	185	mount > mounted-filesystems 2>&1
dbf6a266 A	186
dbf6a266 A	187	#
edebe297	188	# mDNSResponder info
dbf6a266	189	#
edebe297 A	190	if [ -f /var/run/mDNSResponder.pid ]; then
	191	${PRIV} kill -INFO `cat /var/run/mDNSResponder.pid`
	192	fi
dbf6a266 A	193
dbf6a266 A	194	#
a40a14f8 A	195	# system log, kernel.log, early boot log messages
	196	#
	197	if [ -x /usr/bin/syslog ]; then
	198	${PRIV} syslog \| tail -n 25000 > syslog
	199	if [ -d /var/log/DiagnosticMessages ]; then
	200	${PRIV} syslog -d /var/log/DiagnosticMessages \
	201	-F raw \
	202	-T local \
	203	\| tail -n 25000 > DiagnosticMessages
	204	fi
	205	else
	206	if [ -f /var/log/system.log ]; then
	207	${PRIV} tail -n 25000 /var/log/system.log > system.log
	208	fi
	209	if [ -f /var/log/kernel.log ]; then
	210	${PRIV} tail -n 25000 /var/log/kernel.log > kernel.log
	211	fi
	212	fi
	213	${PRIV} dmesg > dmesg
	214
	215	#
	216	# IPConfiguration log
dbf6a266	217	#
a40a14f8 A	218	if [ -f /var/log/com.apple.IPConfiguration.bootp ]; then
	219	${PRIV} tail -n 2000 /var/log/com.apple.IPConfiguration.bootp \
	220	> com.apple.IPConfiguration.bootp
	221	fi
edebe297 A	222
	223	#
	224	# ppp log file(s)
	225	#
	226	scutil <<_END_OF_INPUT \
	227	\| awk -F' : ' \
	228	' \
	229	/Logfile : / { \
	230	if (index($2, "/") == 1) { print $2 } \
	231	else { print "/var/log/ppp/" $2 } \
	232	} \
	233	END { \
	234	print "/tmp/pppotcp.log" \
	235	} \
	236	' \
	237	\| sort -u \
	238	\| while read logFile
	239	open
	240	show Setup:/Network/Service/[^/]+/PPP pattern
	241	quit
	242	_END_OF_INPUT
	243	do
	244	if [ -f "${logFile}" ]; then
	245	b="`basename ${logFile}`"
	246	cat "${logFile}" > "${b}" 2>&1
a40a14f8	247	fi
edebe297 A	248	done
	249
	250	#
	251	# application firewall log
	252	#
	253	if [ -f /var/log/appfirewall.log ]; then
	254	${PRIV} tail -n 2000 /var/log/appfirewall.log > appfirewall.log
dbf6a266 A	255	fi
	256
	257	#
	258	# kernel extensions statistic
	259	#
edebe297 A	260	if [ -x /usr/sbin/kextstat ]; then
	261	kextstat > kextstat 2>&1
	262	elif [ -x /usr/sbin/kmodstat ]; then
	263	kmodstat > kmodstat 2>&1
dbf6a266 A	264	fi
	265
	266	#
	267	# network statistics
	268	#
edebe297	269	echo "#" > network-statistics
a40a14f8	270	echo "# arp -n -a" >> network-statistics
edebe297	271	echo "#" >> network-statistics
a40a14f8	272	arp -n -a >> network-statistics 2>&1
edebe297 A	273
edebe297 A	274	echo "#" >> network-statistics
a40a14f8	275	echo "# netstat -n -a -A" >> network-statistics
edebe297	276	echo "#" >> network-statistics
a40a14f8 A	277	netstat -n -a -A >> network-statistics 2>&1
	278
	279	if [ -x /usr/sbin/lsof ]; then
	280	echo "#" >> network-statistics
	281	echo "# lsof -i -n -P" >> network-statistics
	282	echo "#" >> network-statistics
	283	${PRIV} lsof -i -n -P >> network-statistics 2>&1
	284	fi
edebe297 A	285
	286	echo "#" >> network-statistics
	287	echo "# netstat -s" >> network-statistics
	288	echo "#" >> network-statistics
	289	netstat -s >> network-statistics 2>&1
	290
	291	echo "#" >> network-statistics
	292	echo "# netstat -mmm" >> network-statistics
	293	echo "#" >> network-statistics
	294	netstat -mmm >> network-statistics 2>&1
	295
	296	echo "#" >> network-statistics
	297	echo "# netstat -i -n -d" >> network-statistics
	298	echo "#" >> network-statistics
	299	netstat -i -n -d >> network-statistics 2>&1
	300
a40a14f8 A	301	if [ -x /sbin/ipfw ]; then
	302	echo "#" >> network-statistics
	303	echo "# ipfw -at show" >> network-statistics
	304	echo "#" >> network-statistics
	305	ipfw -at show >> network-statistics 2>&1
	306	fi
edebe297	307
a40a14f8 A	308	if [ -x /usr/sbin/appletalk ]; then
	309	echo "#" >> network-statistics
	310	echo "# appletalk -s" >> network-statistics
	311	echo "#" >> network-statistics
	312	appletalk -s >> network-statistics 2>&1
	313	fi
dbf6a266 A	314
	315	#
	316	# system usage statistics
	317	#
edebe297 A	318	echo "#" > system-statistics
	319	echo "# uptime" >> system-statistics
	320	echo "#" >> system-statistics
	321	uptime >> system-statistics 2>&1
	322
	323	echo "#" >> system-statistics
	324	echo "# sysctl -a" >> system-statistics
	325	echo "#" >> system-statistics
	326	sysctl -a >> system-statistics 2>&1
	327
	328	echo "#" >> system-statistics
	329	echo "# zprint" >> system-statistics
	330	echo "#" >> system-statistics
	331	zprint >> system-statistics 2>&1
	332
	333	echo "#" >> system-statistics
	334	echo "# top -l5 -s2" >> system-statistics
	335	echo "#" >> system-statistics
	336	echo ""
	337	echo "Please wait, collecting statistics"
	338	echo ""
	339	top -s 2 -l 5 >> system-statistics 2>&1
	340
	341	#
	342	# DirectoryService info
	343	#
	344	if [ -x /usr/bin/dscacheutil ]; then
	345	echo "#" > ds-info
	346	echo "# dscacheutil -configuration" >> ds-info
	347	echo "#" >> ds-info
	348	dscacheutil -configuration >> ds-info 2>&1
	349
	350	echo "#" >> ds-info
	351	echo "# dscacheutil -statistics" >> ds-info
	352	echo "#" >> ds-info
	353	dscacheutil -statistics >> ds-info 2>&1
	354
	355	echo "#" >> ds-info
	356	echo "# dscacheutil -cachedump -entries" >> ds-info
	357	echo "#" >> ds-info
	358	dscacheutil -cachedump -entries >> ds-info 2>&1
	359	fi
	360
	361	#
	362	# IPsec configuration
	363	#
	364	echo "#" > ipsec
	365	echo "# setkey -D" >> ipsec
	366	echo "#" >> ipsec
	367	${PRIV} setkey -D \
	368	\| perl -nle '
	369	if (/^(\s+[AE]:\s+\S+\s+)"?(.)"?\s$/) {
	370	chop($sha1=`echo "$2" \| openssl sha1`);
	371	printf "%s[SHA-1:%s]\n", $1, $sha1;
	372	} else {
	373	printf "%s\n", $_;
	374	}
	375	' >> ipsec
	376
	377	echo "" >> ipsec
	378	echo "#" >> ipsec
	379	echo "# setkey -Pp -D" >> ipsec
	380	echo "#" >> ipsec
	381	${PRIV} setkey -Pp -D >> ipsec
382
a40a14f8	383	for CF in /var/run/racoon/*.conf
edebe297	384	do
a40a14f8 A	385	if [ ! -r "${CF}" ]; then
	386	continue
	387	fi
	388
edebe297 A	389	echo "" >> ipsec
	390	echo "#" >> ipsec
	391	echo "# ${CF}" >> ipsec
	392	echo "#" >> ipsec
	393	${PRIV} cat ${CF} \
	394	\| perl -nle '
	395	if (/^(\s+shared_secret\s+use\s+)"?([^\s;"]+)"?(.*)/) {
	396	chop($sha1=`echo "$2" \| openssl sha1`);
	397	printf "%s[SHA-1:%s]%s\n", $1, $sha1, $3;
	398	} else {
	399	printf "%s\n", $_;
	400	}
	401	' >> ipsec
	402	done
	403
	404	#
	405	# Kerberos configuration
	406	#
a40a14f8 A	407	if [ -x /usr/bin/klist ]; then
	408	echo "#" > kerberos
	409	echo "# klist -e -c -A -f -a -n" >> kerberos
	410	echo "#" >> kerberos
	411	${PRIV} klist -e -c -A -f -a -n >> kerberos 2>&1
edebe297	412
a40a14f8 A	413	echo "#" >> kerberos
	414	echo "# klist -e -k -t -K" >> kerberos
	415	echo "#" >> kerberos
	416	${PRIV} klist -e -k -t -K >> kerberos 2>&1
	417	fi
edebe297 A	418
	419	#
	420	# BTMM configuration
	421	#
	422	DIG()
	423	{
a40a14f8	424	/usr/bin/dig @pm-members.mac.com -y "${DOMAIN}:${TSIG}" +short "${1}" "${2}" 2>/dev/null
edebe297 A	425	}
	426
	427	scutil <<_END_OF_INPUT \
	428	\| sed -n 's@.* : \(.\.members\.mac\.com\)$@\1@p' \
	429	\| sort \
	430	\| while read DOMAIN
	431	open
	432	show Setup:/Network/BackToMyMac
	433	quit
	434	_END_OF_INPUT
	435	do
	436	echo "" >> btmm
	437	echo "${DOMAIN}" >> btmm
	438
	439	# lookup TSIG in base64 format
	440	TSIG=` \
	441	${PRIV} security find-generic-password \
a40a14f8	442	-s dns:${DOMAIN} \
edebe297 A	443	-g /Library/Keychains/System.keychain 2>&1 \
	444	\| grep "^password: " \
	445	\| cut -d '"' -f 2 \
	446	\| cut -d '\' -f 1 \
	447	`
	448	if [ -z "$TSIG" ]; then
	449	echo " No TSIG in system keychain." >> btmm
	450	continue
	451	fi
	452	if [ `echo "$TSIG" \| wc -l` -ne 1 ] ; then
	453	echo " More than one TSIG in system keychain." >> btmm
	454	continue
	455	fi
	456
a40a14f8 A	457	KEYHASH="[SHA-1:`echo ${TSIG} \| openssl sha1`]"
	458	echo "" >> btmm
	459	echo " KEY: ${KEYHASH}" >> btmm
	460
edebe297 A	461	for TYPE in \
	462	_afpovertcp._tcp \
	463	_airport._tcp \
	464	_adisk._tcp \
a40a14f8	465	_http._tcp \
edebe297 A	466	_rfb._tcp \
	467	_smb._tcp \
	468	_ssh._tcp
	469	do
	470	DIG "${TYPE}.${DOMAIN}" ptr \
	471	\| while read -r REG
	472	do
	473	echo "" >> btmm
	474	/bin/echo " ${REG}" >> btmm
	475	echo "" >> btmm
	476
	477	INF_Q=`/bin/echo "${REG}" \| sed -e "s/${TYPE}/_device-info._tcp/"`
	478	INF=`DIG "${INF_Q}" txt`
	479	echo " INF: ${INF}" >> btmm
	480
	481	SRV=`DIG ${REG} srv`
	482	SRV1=`/bin/echo "${SRV}" \| head -1`
	483	echo " SRV: ${SRV1}" >> btmm
	484	SRV2=`/bin/echo "${SRV}" \| tail +2`
	485	if [ -n "${SRV2}" ]; then
	486	SRV="${SRV1}"
	487	/bin/echo "${SRV2}" \
	488	\| sed -e 's/^/ *****: /' >> btmm
	489	fi
	490
	491	TXT=`DIG ${REG} txt`
	492	TXT1=`/bin/echo "${TXT}" \| head -1`
	493	echo " TXT: ${TXT1}" >> btmm
	494	TXT2=`/bin/echo "${TXT}" \| tail +2`
	495	if [ -n "${TXT2}" ]; then
	496	/bin/echo "${TXT2}" \
	497	\| sed -e 's/^/ *****: /' >> btmm
	498	fi
	499
	500	HOST=`/bin/echo "${SRV}" \| cut -d ' ' -f 4-`
a40a14f8	501	if [ -n "${HOST}" ]; then
edebe297	502	V4=`DIG ${HOST} a`
a40a14f8 A	503	V6=`DIG ${HOST} aaaa`
	504	KRB=`DIG _kerberos.${HOST} txt`
	505	TUN=`DIG _autotunnel._udp.${HOST} srv`
	506	else
	507	V4=""
	508	V6=""
	509	KRB=""
	510	TUN=""
	511	fi
edebe297 A	512	if [ -n "${V4}" ]; then
	513	echo " v4: ${V4}" >> btmm
	514	fi
edebe297 A	515	if [ -n "${V6}" ]; then
	516	echo " v6: ${V6}" >> btmm
	517	fi
edebe297	518	echo " KRB: ${KRB}" >> btmm
edebe297	519	echo " TUN: ${TUN}" >> btmm
a40a14f8	520	if [ -n "${TUN}" ]; then
edebe297	521	HOST=`/bin/echo "${TUN}" \| cut -d ' ' -f 4-`
a40a14f8	522	if [ -n "${HOST}" ]; then
edebe297	523	V4=`DIG ${HOST} a`
a40a14f8 A	524	V6=`DIG ${HOST} aaaa`
a40a14f8 A	525	fi
edebe297 A	526	if [ -n "${V4}" ]; then
	527	echo " v4: ${V4}" >> btmm
	528	fi
edebe297 A	529	if [ -n "${V6}" ]; then
	530	echo " v6: ${V6}" >> btmm
	531	fi
a40a14f8	532	fi
edebe297 A	533	done
	534	done
	535	done
dbf6a266 A	536
	537	#
	538	# collect crash reports
	539	#
a40a14f8 A	540	for daemon in \
	541	bootpd \
	542	configd \
	543	eapolclient \
	544	mDNSResponder \
	545	mDNSResponderHelper \
	546	pppd \
	547	racoon \
	548	socketfilterfw \
	549	SCHelper \
	550	SCMonitor \
	551
dbf6a266	552	do
a40a14f8 A	553	/bin/ls -1 /Library/Logs/CrashReporter/${daemon}_*.crash \
	554	/Library/Logs/DiagnosticReports/${daemon}/*.crash \
	555	2>/dev/null \
edebe297 A	556	\| while read log
	557	do
	558	b="`basename ${log}`"
	559	${PRIV} cat "${log}" > "${b}" 2>&1
	560	done
dbf6a266 A	561	done
	562
	563	#
	564	# collect everything into a single archive
	565	#
edebe297	566	cd "${WORKDIR}/.."
a40a14f8	567	pax -w ${GZ_OPT} -f "${ARCHIVE}" "${OUT}"
edebe297 A	568	rm -rf "${WORKDIR}"
	569
	570	if [ ${UID} -eq 0 ]; then
	571	if [ -n "${SUDO_UID}" -a -n "${SUDO_GID}" ]; then
	572	if [ ${UID} -ne ${SUDO_UID} ]; then
	573	chown ${SUDO_UID}:${SUDO_GID} "${ARCHIVE}"
	574	fi
	575	fi
	576	fi
dbf6a266	577
edebe297	578	echo "Network data collected to \"${ARCHIVE}\""
a40a14f8 A	579
	580	#
	581	# if requested, generate a crash report
	582	#
	583	if [ "${OUTDIR}" = "/Library/Logs/CrashReporter/SystemConfiguration" -a "${1}" = "CRASH" ]; then
	584	kill -ABRT $$
	585	fi
	586