#!/bin/sh
#
-# Copyright © 2015 Apple Inc.
+# Copyright © 2015-2017 Apple Inc.
#
# get-network-info
#
process_opts () {
for i in $ARGS
- do
- case "$i"
- in
- -s)
- COLLECT_SENSITIVE_INFO="Y"
- shift;;
- -c)
- COLLECT_CONFIGURATION_FILES="Y"
- shift;;
- --)
- shift;;
- *)
- REQUESTED_OUTDIR="${i}"
- shift;;
- esac
- done
+ do
+ case "$i" in
+ -c)
+ COLLECT_CONFIGURATION_FILES="Y"
+ shift
+ ;;
+ -n)
+ COLLECT_NDF_INFO="Y"
+ shift
+ ;;
+ -P)
+ COLLECT_PCAP="N"
+ shift
+ ;;
+ -s)
+ COLLECT_SENSITIVE_INFO="Y"
+ shift
+ ;;
+ --)
+ shift
+ ;;
+ *)
+ REQUESTED_OUTDIR="${i}"
+ shift
+ ;;
+ esac
+ done
}
# note: the daemons dump to syslog so you need to wait a bit before
# capturing the logs.
-collect_state_dump () {
-
- ${PRIV} /usr/bin/killall -INFO networkd 2>/dev/null
-
- sleep 1 &
-}
-
collect_state_dump_sensitive () {
${PRIV} /usr/bin/killall -INFO mDNSResponder 2>/dev/null
echo "#" >> netstat.txt
/usr/sbin/netstat -s >> netstat.txt 2>&1
+ echo "#" >> netstat.txt
+ echo "# netstat -rs" >> netstat.txt
+ echo "#" >> netstat.txt
+ /usr/sbin/netstat -rs >> netstat.txt 2>&1
+
echo "#" >> netstat.txt
echo "# netstat -mmm" >> netstat.txt
echo "#" >> netstat.txt
}
+#
+# ndp
+#
run_ndp () {
if [ ! -x /usr/sbin/ndp ]; then
}
+#
+# arp
+#
run_arp () {
if [ ! -x /usr/sbin/arp ]; then
for if in ${IF_LIST}
do
case ${if} in
- lo* ) ;;
- *)
+ lo* )
+ ;;
+ *)
echo "#" >> ipconfig-info.txt
echo "# INTERFACE ${if}" >> ipconfig-info.txt
echo "#" >> ipconfig-info.txt
}
+#
+# skywalk configuration and statistics
+#
+run_skywalk () {
+
+ if [ ! -x /usr/sbin/skywalkctl ]; then
+ return
+ fi
+
+ echo "#" > skywalk.txt
+ echo "# skywalkctl list-providers -D" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl list-providers -D >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl channel-stats" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl channel-stats >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -a -n" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -a -n >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -s" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -s >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat -s --global" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat -s --global >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --netif" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --netif >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flowswitch" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flowswitch >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flow-adv" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flow-adv >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netstat --flow-owner" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netstat --flow-owner >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl netns -a" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl netns -a >> skywalk.txt 2>&1
+
+ echo "#" >> skywalk.txt
+ echo "# skywalkctl memory" >> skywalk.txt
+ echo "#" >> skywalk.txt
+ /usr/sbin/skywalkctl memory >> skywalk.txt 2>&1
+
+}
+
+#
+# skywalk configuration and statistics
+#
+run_nettop () {
+
+ if [ ! -x /usr/bin/nettop ]; then
+ return
+ fi
+
+ echo "#" > nettop.txt
+ echo "# nettop -U -l 1" >> nettop.txt
+ echo "#" >> nettop.txt
+ /usr/bin/nettop -U -l 1 >> nettop.txt 2>&1
+
+}
+
#
# Network preferences
#
/Library/Preferences/com.apple.networkextension.plist \
/Library/Preferences/com.apple.networkextension.control.plist \
/Library/Preferences/com.apple.networkextension.necp.plist \
+ /Library/Preferences/com.apple.networkextension.cache.plist \
/Library/Preferences/SystemConfiguration/com.apple.nat.plist \
/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist \
/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist \
fi
}
+#
+# VPN
+#
collect_vpn_logs () {
for f in \
done
}
+#
+# Policy
+#
+run_neutil () {
+
+ if [ ! -x /usr/local/bin/neutil ]; then
+ return
+ fi
+
+ (
+ echo "#" > necp.txt
+ echo "# neutil policy dump" >> necp.txt
+ echo "#" >> necp.txt
+ /usr/local/bin/neutil policy dump >> necp.txt 2>&1
+
+ echo "#" > network-agents.txt
+ echo "# neutil agent dump" >> network-agents.txt
+ echo "#" >> network-agents.txt
+ /usr/local/bin/neutil agent dump >> network-agents.txt 2>&1
+ ) &
+}
+
+#
+# Path
+#
+run_network_test () {
+
+ if [ ! -x /usr/local/bin/network_test ]; then
+ return
+ fi
+
+ /usr/local/bin/network_test path_watcher > nw_path.txt 2>&1
+
+}
+
#
# Network, DNS, Proxy, Reachability, Cache information
#
echo "#" >> reachability-info.txt
/usr/sbin/scutil -d -v -r 0.0.0.0 >> reachability-info.txt 2>&1
- ${PRIV} /usr/sbin/scutil -p --snapshot
- if [ -f /var/tmp/configd-store.plist ]; then
- cat /var/tmp/configd-store.plist > configd-store.plist 2>&1
- fi
- if [ -f /var/tmp/configd-pattern.plist ]; then
- cat /var/tmp/configd-pattern.plist > configd-pattern.plist 2>&1
- fi
- if [ -f /var/tmp/configd-session.plist ]; then
- cat /var/tmp/configd-session.plist > configd-session.plist 2>&1
- fi
- if [ -f /var/tmp/configd-state ]; then
- cat /var/tmp/configd-state > configd-state 2>&1
- fi
+ echo "#" >> reachability-info.txt
+ echo '# scutil -d -v -r 169.254.0.0' >> reachability-info.txt
+ echo "#" >> reachability-info.txt
+ /usr/sbin/scutil -d -v -r 169.254.0.0 >> reachability-info.txt 2>&1
+
+ echo "#" > nc-info.txt
+ echo '# scutil --nc list' >> nc-info.txt
+ echo "#" >> nc-info.txt
+ /usr/sbin/scutil --nc list >> nc-info.txt 2>&1
+
+ /usr/sbin/scutil -p --snapshot SCDynamicStore.plist 2>&1
}
+#
+# route
+#
run_route () {
if [ ! -x /sbin/route ]; then
}
+#
+# dig
+#
run_dig () {
if [ ! -x /usr/bin/dig -o ! -f /etc/resolv.conf ]; then
}
#
-# Host name
+# hostname
#
run_hostname () {
}
+#
+# lsof
+#
+run_lsof () {
+
+ if [ ! -x /usr/sbin/lsof ]; then
+ return
+ fi
+
+ ${PRIV} /usr/sbin/lsof -i -n -O -P -T q > lsof.txt 2>&1 &
+ LSOF_PID=$!
+ # start a watchdog for lsof
+ (
+ WAIT_TIME=5
+ while [ $WAIT_TIME -gt 0 ]
+ do
+ ${PRIV} kill -0 ${LSOF_PID} 2>/dev/null
+ if [ $? -eq 0 ]; then
+ # lsof is [still] gathering data...
+ sleep 1
+ WAIT_TIME=$((WAIT_TIME - 1))
+ continue
+ fi
+
+ # lsof completed gathering data
+ break
+ done
+
+ if [ $WAIT_TIME -eq 0 ]; then
+ # lsof timed out
+ ${PRIV} kill ${LSOF_PID} 2>/dev/null
+ fi
+ ) &
+
+}
+
+start_pcap() {
+ #
+ # collect a packet capture if netdiagnose is available
+ #
+ if [ -x /usr/local/bin/netdiagnose ]; then
+ trap stop_pcap SIGINT
+ /usr/local/bin/netdiagnose -p "${REQUESTED_OUTDIR}" start sysdiagpcap 2>&1 1>/dev/null
+ PCAP_STARTED=1
+ fi
+}
+
+stop_pcap () {
+ if [ ${PCAP_STARTED} -ne 0 ]; then
+ trap '' SIGINT
+ /usr/local/bin/netdiagnose stop sysdiagpcap 2>&1 1>/dev/null
+ fi
+}
+
+collect_ndf_info () {
+ run_lsof
+}
+
collect_sensitive_info () {
+
+ if [ "${COLLECT_PCAP}" == "Y" ]; then
+ start_pcap
+ fi
+
collect_state_dump_sensitive
run_ndp
run_arp
+ run_neutil
+ run_nettop
+ run_network_test
}
collect_info () {
- collect_state_dump
+
+ if [ "${COLLECT_NDF_INFO}" == "Y" ]; then
+ collect_ndf_info
+ fi
if [ "${COLLECT_SENSITIVE_INFO}" == "Y" ]; then
collect_sensitive_info
run_netstat
run_ipconfig
run_setkey
+ run_skywalk
collect_vpn_logs
run_route
run_hostname
if [ "${COLLECT_CONFIGURATION_FILES}" == "Y" ]; then
collect_configuration_files
fi
+
+ stop_pcap
}
# __COMMAND_ROUTINES_END__
usage () {
- echo "Usage: get-network-info [-s] [-c] <info-directory>"
- echo " -s collects sensitive information (ARP/NDP/mDNS cache)"
+ echo "Usage: get-network-info [-c] [-n] [-s] <info-directory>"
echo " -c collects system configuration files"
+ echo " -n collects NDF information (lsof)"
+ echo " -P do not collect a packet capture"
+ echo " -s collects sensitive information (ARP/NDP/mDNS cache)"
echo " <info-directory> path to directory where all the information will be collected"
}
is_outdir_valid () {
- if [ ! -d ${REQUESTED_OUTDIR} ] ||
- [ "${REQUESTED_OUTDIR}" = "" ]; then
+ if [ "${REQUESTED_OUTDIR}" = "" ]; then
usage
exit 1
fi
+ if [ ! -d ${REQUESTED_OUTDIR} ]; then
+ echo "${REQUESTED_OUTDIR} does not exist"
+ exit 1
+ fi
+
if [ ! -w ${REQUESTED_OUTDIR} ]; then
echo "${REQUESTED_OUTDIR} is write-protected"
exit 1
REQUESTED_OUTDIR=""
COLLECT_SENSITIVE_INFO=""
COLLECT_CONFIGURATION_FILES=""
+ COLLECT_PCAP="Y"
+ PCAP_STARTED=0
+
}
# __HELPER_ROUTINES_END__
#
# __MAIN__
#
-ARGS=`getopt sc $*`
+ARGS=`getopt cnPs $*`
if [ $? != 0 ]; then
usage
exit 1
collect_info
wait
-#TO-DO: Add packet trace
-
exit 0
projects / apple / configd.git / blobdiff