X-Git-Url: https://git.saurik.com/apple/configd.git/blobdiff_plain/9de8ab86392ba34369adc6be0bfc21bad9b7caa2..1ef45fa40afc16a8d224b7438ecefbd7c8b4fbfe:/get-network-info diff --git a/get-network-info b/get-network-info index 4e23eb0..b2ba85d 100755 --- a/get-network-info +++ b/get-network-info @@ -1,7 +1,7 @@ #!/bin/sh # -# Copyright © 2015 Apple Inc. +# Copyright © 2015-2017 Apple Inc. # # get-network-info # @@ -15,22 +15,33 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin process_opts () { for i in $ARGS - do - case "$i" - in - -s) - COLLECT_SENSITIVE_INFO="Y" - shift;; - -c) - COLLECT_CONFIGURATION_FILES="Y" - shift;; - --) - shift;; - *) - REQUESTED_OUTDIR="${i}" - shift;; - esac - done + do + case "$i" in + -c) + COLLECT_CONFIGURATION_FILES="Y" + shift + ;; + -n) + COLLECT_NDF_INFO="Y" + shift + ;; + -P) + COLLECT_PCAP="N" + shift + ;; + -s) + COLLECT_SENSITIVE_INFO="Y" + shift + ;; + --) + shift + ;; + *) + REQUESTED_OUTDIR="${i}" + shift + ;; + esac + done } @@ -61,13 +72,6 @@ setup () { # note: the daemons dump to syslog so you need to wait a bit before # capturing the logs. -collect_state_dump () { - - ${PRIV} /usr/bin/killall -INFO networkd 2>/dev/null - - sleep 1 & -} - collect_state_dump_sensitive () { ${PRIV} /usr/bin/killall -INFO mDNSResponder 2>/dev/null @@ -116,6 +120,11 @@ run_netstat () { echo "#" >> netstat.txt /usr/sbin/netstat -s >> netstat.txt 2>&1 + echo "#" >> netstat.txt + echo "# netstat -rs" >> netstat.txt + echo "#" >> netstat.txt + /usr/sbin/netstat -rs >> netstat.txt 2>&1 + echo "#" >> netstat.txt echo "# netstat -mmm" >> netstat.txt echo "#" >> netstat.txt @@ -169,6 +178,9 @@ run_netstat () { } +# +# ndp +# run_ndp () { if [ ! -x /usr/sbin/ndp ]; then @@ -202,6 +214,9 @@ run_ndp () { } +# +# arp +# run_arp () { if [ ! -x /usr/sbin/arp ]; then @@ -227,8 +242,9 @@ run_ipconfig () { for if in ${IF_LIST} do case ${if} in - lo* ) ;; - *) + lo* ) + ;; + *) echo "#" >> ipconfig-info.txt echo "# INTERFACE ${if}" >> ipconfig-info.txt echo "#" >> ipconfig-info.txt @@ -309,6 +325,88 @@ run_setkey () { } +# +# skywalk configuration and statistics +# +run_skywalk () { + + if [ ! -x /usr/sbin/skywalkctl ]; then + return + fi + + echo "#" > skywalk.txt + echo "# skywalkctl list-providers -D" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl list-providers -D >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl channel-stats" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl channel-stats >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat -a -n" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat -a -n >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat -s" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat -s >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat -s --global" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat -s --global >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat --netif" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat --netif >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat --flowswitch" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat --flowswitch >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat --flow-adv" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat --flow-adv >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netstat --flow-owner" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netstat --flow-owner >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl netns -a" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl netns -a >> skywalk.txt 2>&1 + + echo "#" >> skywalk.txt + echo "# skywalkctl memory" >> skywalk.txt + echo "#" >> skywalk.txt + /usr/sbin/skywalkctl memory >> skywalk.txt 2>&1 + +} + +# +# skywalk configuration and statistics +# +run_nettop () { + + if [ ! -x /usr/bin/nettop ]; then + return + fi + + echo "#" > nettop.txt + echo "# nettop -U -l 1" >> nettop.txt + echo "#" >> nettop.txt + /usr/bin/nettop -U -l 1 >> nettop.txt 2>&1 + +} + # # Network preferences # @@ -318,6 +416,7 @@ collect_configuration_files () { /Library/Preferences/com.apple.networkextension.plist \ /Library/Preferences/com.apple.networkextension.control.plist \ /Library/Preferences/com.apple.networkextension.necp.plist \ + /Library/Preferences/com.apple.networkextension.cache.plist \ /Library/Preferences/SystemConfiguration/com.apple.nat.plist \ /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist \ /Library/Preferences/SystemConfiguration/com.apple.smb.server.plist \ @@ -343,6 +442,9 @@ collect_configuration_files () { fi } +# +# VPN +# collect_vpn_logs () { for f in \ @@ -357,6 +459,41 @@ collect_vpn_logs () { done } +# +# Policy +# +run_neutil () { + + if [ ! -x /usr/local/bin/neutil ]; then + return + fi + + ( + echo "#" > necp.txt + echo "# neutil policy dump" >> necp.txt + echo "#" >> necp.txt + /usr/local/bin/neutil policy dump >> necp.txt 2>&1 + + echo "#" > network-agents.txt + echo "# neutil agent dump" >> network-agents.txt + echo "#" >> network-agents.txt + /usr/local/bin/neutil agent dump >> network-agents.txt 2>&1 + ) & +} + +# +# Path +# +run_network_test () { + + if [ ! -x /usr/local/bin/network_test ]; then + return + fi + + /usr/local/bin/network_test path_watcher > nw_path.txt 2>&1 + +} + # # Network, DNS, Proxy, Reachability, Cache information # @@ -399,22 +536,23 @@ run_scutil () { echo "#" >> reachability-info.txt /usr/sbin/scutil -d -v -r 0.0.0.0 >> reachability-info.txt 2>&1 - ${PRIV} /usr/sbin/scutil -p --snapshot - if [ -f /var/tmp/configd-store.plist ]; then - cat /var/tmp/configd-store.plist > configd-store.plist 2>&1 - fi - if [ -f /var/tmp/configd-pattern.plist ]; then - cat /var/tmp/configd-pattern.plist > configd-pattern.plist 2>&1 - fi - if [ -f /var/tmp/configd-session.plist ]; then - cat /var/tmp/configd-session.plist > configd-session.plist 2>&1 - fi - if [ -f /var/tmp/configd-state ]; then - cat /var/tmp/configd-state > configd-state 2>&1 - fi + echo "#" >> reachability-info.txt + echo '# scutil -d -v -r 169.254.0.0' >> reachability-info.txt + echo "#" >> reachability-info.txt + /usr/sbin/scutil -d -v -r 169.254.0.0 >> reachability-info.txt 2>&1 + + echo "#" > nc-info.txt + echo '# scutil --nc list' >> nc-info.txt + echo "#" >> nc-info.txt + /usr/sbin/scutil --nc list >> nc-info.txt 2>&1 + + /usr/sbin/scutil -p --snapshot SCDynamicStore.plist 2>&1 } +# +# route +# run_route () { if [ ! -x /sbin/route ]; then @@ -433,6 +571,9 @@ run_route () { } +# +# dig +# run_dig () { if [ ! -x /usr/bin/dig -o ! -f /etc/resolv.conf ]; then @@ -447,7 +588,7 @@ run_dig () { } # -# Host name +# hostname # run_hostname () { @@ -459,14 +600,83 @@ run_hostname () { } +# +# lsof +# +run_lsof () { + + if [ ! -x /usr/sbin/lsof ]; then + return + fi + + ${PRIV} /usr/sbin/lsof -i -n -O -P -T q > lsof.txt 2>&1 & + LSOF_PID=$! + # start a watchdog for lsof + ( + WAIT_TIME=5 + while [ $WAIT_TIME -gt 0 ] + do + ${PRIV} kill -0 ${LSOF_PID} 2>/dev/null + if [ $? -eq 0 ]; then + # lsof is [still] gathering data... + sleep 1 + WAIT_TIME=$((WAIT_TIME - 1)) + continue + fi + + # lsof completed gathering data + break + done + + if [ $WAIT_TIME -eq 0 ]; then + # lsof timed out + ${PRIV} kill ${LSOF_PID} 2>/dev/null + fi + ) & + +} + +start_pcap() { + # + # collect a packet capture if netdiagnose is available + # + if [ -x /usr/local/bin/netdiagnose ]; then + trap stop_pcap SIGINT + /usr/local/bin/netdiagnose -p "${REQUESTED_OUTDIR}" start sysdiagpcap 2>&1 1>/dev/null + PCAP_STARTED=1 + fi +} + +stop_pcap () { + if [ ${PCAP_STARTED} -ne 0 ]; then + trap '' SIGINT + /usr/local/bin/netdiagnose stop sysdiagpcap 2>&1 1>/dev/null + fi +} + +collect_ndf_info () { + run_lsof +} + collect_sensitive_info () { + + if [ "${COLLECT_PCAP}" == "Y" ]; then + start_pcap + fi + collect_state_dump_sensitive run_ndp run_arp + run_neutil + run_nettop + run_network_test } collect_info () { - collect_state_dump + + if [ "${COLLECT_NDF_INFO}" == "Y" ]; then + collect_ndf_info + fi if [ "${COLLECT_SENSITIVE_INFO}" == "Y" ]; then collect_sensitive_info @@ -478,6 +688,7 @@ collect_info () { run_netstat run_ipconfig run_setkey + run_skywalk collect_vpn_logs run_route run_hostname @@ -485,6 +696,8 @@ collect_info () { if [ "${COLLECT_CONFIGURATION_FILES}" == "Y" ]; then collect_configuration_files fi + + stop_pcap } # __COMMAND_ROUTINES_END__ @@ -493,21 +706,27 @@ collect_info () { usage () { - echo "Usage: get-network-info [-s] [-c] " - echo " -s collects sensitive information (ARP/NDP/mDNS cache)" + echo "Usage: get-network-info [-c] [-n] [-s] " echo " -c collects system configuration files" + echo " -n collects NDF information (lsof)" + echo " -P do not collect a packet capture" + echo " -s collects sensitive information (ARP/NDP/mDNS cache)" echo " path to directory where all the information will be collected" } is_outdir_valid () { - if [ ! -d ${REQUESTED_OUTDIR} ] || - [ "${REQUESTED_OUTDIR}" = "" ]; then + if [ "${REQUESTED_OUTDIR}" = "" ]; then usage exit 1 fi + if [ ! -d ${REQUESTED_OUTDIR} ]; then + echo "${REQUESTED_OUTDIR} does not exist" + exit 1 + fi + if [ ! -w ${REQUESTED_OUTDIR} ]; then echo "${REQUESTED_OUTDIR} is write-protected" exit 1 @@ -531,6 +750,9 @@ init_globals () { REQUESTED_OUTDIR="" COLLECT_SENSITIVE_INFO="" COLLECT_CONFIGURATION_FILES="" + COLLECT_PCAP="Y" + PCAP_STARTED=0 + } # __HELPER_ROUTINES_END__ @@ -538,7 +760,7 @@ init_globals () { # # __MAIN__ # -ARGS=`getopt sc $*` +ARGS=`getopt cnPs $*` if [ $? != 0 ]; then usage exit 1 @@ -552,6 +774,4 @@ optimize collect_info wait -#TO-DO: Add packet trace - exit 0