#!/bin/sh
#
-# Copyright © 2015, 2016 Apple Inc.
+# Copyright © 2015-2017 Apple Inc.
#
# get-network-info
#
COLLECT_NDF_INFO="Y"
shift
;;
+ -P)
+ COLLECT_PCAP="N"
+ shift
+ ;;
-s)
COLLECT_SENSITIVE_INFO="Y"
shift
}
+#
+# skywalk configuration and statistics
+#
+run_skywalk () {
+
+ if [ ! -x /usr/sbin/skywalkctl ]; then
+ return
+ fi
+
+ echo "#" > skywalk.txt
+ echo "# skywalkctl list-providers -D" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl list-providers -D >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl channel-stats" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl channel-stats >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -a -n" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -a -n >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -s" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -s >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -s --global" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -s --global >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --netif" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --netif >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flowswitch" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flowswitch >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flow-adv" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flow-adv >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flow-owner" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flow-owner >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netns -a" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netns -a >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl memory" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl memory >> skywalk.txt 2>&1
+
+}
+
+#
+# skywalk configuration and statistics
+#
+run_nettop () {
+
+ if [ ! -x /usr/bin/nettop ]; then
+ return
+ fi
+
+ echo "#" > nettop.txt
+ echo "# nettop -U -l 1" >> nettop.txt
+ echo "#" >> nettop.txt
+ /usr/bin/nettop -U -l 1 >> nettop.txt 2>&1
+
+}
+
#
# Network preferences
#
/Library/Preferences/com.apple.networkextension.plist \
/Library/Preferences/com.apple.networkextension.control.plist \
/Library/Preferences/com.apple.networkextension.necp.plist \
+ /Library/Preferences/com.apple.networkextension.cache.plist \
/Library/Preferences/SystemConfiguration/com.apple.nat.plist \
/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist \
/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist \
return
fi
- echo "#" > necp.txt
- echo "# neutil policy dump" >> necp.txt
- echo "#" >> necp.txt
- /usr/local/bin/neutil policy dump >> necp.txt 2>&1
-
- echo "#" > network-agents.txt
- echo "# neutil agent dump" >> network-agents.txt
- echo "#" >> network-agents.txt
- /usr/local/bin/neutil agent dump >> network-agents.txt 2>&1
-
+ (
+ echo "#" > necp.txt
+ echo "# neutil policy dump" >> necp.txt
+ echo "#" >> necp.txt
+ /usr/local/bin/neutil policy dump >> necp.txt 2>&1
+
+ echo "#" > network-agents.txt
+ echo "# neutil agent dump" >> network-agents.txt
+ echo "#" >> network-agents.txt
+ /usr/local/bin/neutil agent dump >> network-agents.txt 2>&1
+ ) &
}
#
echo "#" >> nc-info.txt
/usr/sbin/scutil --nc list >> nc-info.txt 2>&1
- ${PRIV} /usr/sbin/scutil -p --snapshot
- if [ -f /var/tmp/configd-store.plist ]; then
- cat /var/tmp/configd-store.plist > configd-store.plist 2>&1
- fi
- if [ -f /var/tmp/configd-pattern.plist ]; then
- cat /var/tmp/configd-pattern.plist > configd-pattern.plist 2>&1
- fi
- if [ -f /var/tmp/configd-session.plist ]; then
- cat /var/tmp/configd-session.plist > configd-session.plist 2>&1
- fi
- if [ -f /var/tmp/configd-state ]; then
- cat /var/tmp/configd-state > configd-state 2>&1
- fi
+ /usr/sbin/scutil -p --snapshot SCDynamicStore.plist 2>&1
}
}
+start_pcap() {
+ #
+ # collect a packet capture if netdiagnose is available
+ #
+ if [ -x /usr/local/bin/netdiagnose ]; then
+ trap stop_pcap SIGINT
+ /usr/local/bin/netdiagnose -p "${REQUESTED_OUTDIR}" start sysdiagpcap 2>&1 1>/dev/null
+ PCAP_STARTED=1
+ fi
+}
+
+stop_pcap () {
+ if [ ${PCAP_STARTED} -ne 0 ]; then
+ trap '' SIGINT
+ /usr/local/bin/netdiagnose stop sysdiagpcap 2>&1 1>/dev/null
+ fi
+}
+
collect_ndf_info () {
run_lsof
}
collect_sensitive_info () {
+
+ if [ "${COLLECT_PCAP}" == "Y" ]; then
+ start_pcap
+ fi
+
collect_state_dump_sensitive
run_ndp
run_arp
run_neutil
+ run_nettop
run_network_test
}
run_netstat
run_ipconfig
run_setkey
+ run_skywalk
collect_vpn_logs
run_route
run_hostname
if [ "${COLLECT_CONFIGURATION_FILES}" == "Y" ]; then
collect_configuration_files
fi
+
+ stop_pcap
}
# __COMMAND_ROUTINES_END__
echo "Usage: get-network-info [-c] [-n] [-s] <info-directory>"
echo " -c collects system configuration files"
echo " -n collects NDF information (lsof)"
+ echo " -P do not collect a packet capture"
echo " -s collects sensitive information (ARP/NDP/mDNS cache)"
echo " <info-directory> path to directory where all the information will be collected"
is_outdir_valid () {
- if [ ! -d ${REQUESTED_OUTDIR} ] ||
- [ "${REQUESTED_OUTDIR}" = "" ]; then
+ if [ "${REQUESTED_OUTDIR}" = "" ]; then
usage
exit 1
fi
+ if [ ! -d ${REQUESTED_OUTDIR} ]; then
+ echo "${REQUESTED_OUTDIR} does not exist"
+ exit 1
+ fi
+
if [ ! -w ${REQUESTED_OUTDIR} ]; then
echo "${REQUESTED_OUTDIR} is write-protected"
exit 1
REQUESTED_OUTDIR=""
COLLECT_SENSITIVE_INFO=""
COLLECT_CONFIGURATION_FILES=""
+ COLLECT_PCAP="Y"
+ PCAP_STARTED=0
+
}
# __HELPER_ROUTINES_END__
#
# __MAIN__
#
-ARGS=`getopt cns $*`
+ARGS=`getopt cnPs $*`
if [ $? != 0 ]; then
usage
exit 1
projects / apple / configd.git / blobdiff