drldcsta/netcap.sh

## netcap.sh
#!/bin/bash
######################################################
# Program:      netCap.sh
# Date Created: 7 July 010
# Description:  Starts a TCP dump of the management network and the USRM's or the management network and the proxy.
# Date Updated: 1 June 01
#               |_Complete Rewrite
#               |_Added check if running on primary machine
#               |_Added crateion of pid files for use in cleanup
#               |_Added ability to be run from cron for simple hourly zips
#	        18 June 01
#	        |_Removed isPrime check. Script now runs regardless of if machine is primary.
#	        05 Aug 013
#	        |_Rewritten to so that one single script can be used on all managers
#	        13 Aug 013
#	        |_Added a boolean variable so that this script can also be used on the proxy
#		|_Renamed to netCap from usrmNetcap to reflect the change
# Developers:   Darrell D (Support Engineer)
#	        Stefan  P (Support Engineer)
######################################################


usrmIPS=(
   "17.16.13.36|par.usrm.36"
   "17.16.13.39|par.usrm.39"
   "17.16.13.18|par.usrm.18"
   "17.16.13.1|liw.usrm.1"
   "17.16.13.15|liw.usrm.15"
   "17.16.13.9|liw.usrm.9"
   "17.16.13.4|wst.usrm.4"
   "17.16.13.1|nj.usrm.1"
   "17.16.13.4|nj.usrm.4"
   "17.16.151.48|nj.usrm.48"
   "17.16.151.54|nj.usrm.54"
   "17.16.13.39|ct.usrm.39"
   "17.16.13.18|bk.usrm.18"
   "17.16.13.1|lix.usrm.1"
   "17.16.13.15|lix.usrm.15"
   "17.16.13.9|lix.usrm.9"
   "17.16.13.1|nj.usrm.1"
   "17.16.13.4|nj.usrm.4"
   "17.16.151.48|nj.usrm.48"
   "17.16.151.54|nj.usrm.54"
   "17.16.13.1|lix3.usrm.1"
   "17.16.13.15|lix3.usrm.15"
   "17.16.13.9|lix3.usrm.9"
   "17.16.13.1|nj3.usrm.1"
   "17.16.13.4|nj3.usrm.4"
   "17.16.151.48|nj3.usrm.48"
   "17.16.151.54|nj3.usrm.54"
)

mgmtIPS=(
   "10.48.19.4|par"
   "10.48.19.5|par"
   "10.48.19.6|par"
   "10.48.19.9|liw"
   "10.48.19.10|liw"
   "10.48.19.11|liw"
   "10.48.19.19|wst"
   "10.48.19.0|wst"
   "10.48.19.1|wst"
   "10.48.19.4|nj"
   "10.48.19.5|nj"
   "10.48.19.6|nj"
   "10.48.19.9|ct"
   "10.48.19.30|ct"
   "10.48.19.31|ct"
   "10.48.19.89|bk"
   "10.48.19.90|bk"
   "10.48.19.91|bk"
   "10.48.19.94|lix"
   "10.48.19.95|lix"
   "10.48.19.96|lix"
   "10.48.19.99|nj"
   "10.48.19.100|nj"
   "10.48.19.101|nj"
   "10.48.59.9|lix3"
   "10.48.59.10|lix3"
   "10.48.59.11|lix3"
   "10.48.59.14|nj3"
   "10.48.59.15|nj3"
   "10.48.59.16|nj3"
)

case $HOSTNAME in
   mgmt0[1,])
      srmIndex=( 0 1  )
      ;;
   liwmgmt0[1,])
      srmIndex=( 3 4 5 )
      ;;
   wstmgmt0[1,])
      srmIndex=( 6 )
      ;;
   njmgmt0[1,])
      srmIndex=( 7 8 9 10 )
      ;;
   ctmgmt0[1,])
      srmIndex=( 11 )
      ;;
   bkmgmt0[1,])
      srmIndex=( 1 )
      ;;
   lixmgmt0[1,])
      srmIndex=( 13 14 15 )
      ;;
   njmgmt0[1,])
      srmIndex=( 16 17 18 19 )
      ;;
   lix3mgmt0[1,])
      srmIndex=( 0 1  )
      ;;
   nj3mgmt0[1,])
      srmIndex=( 3 4 5 6 )
      ;;
   proxy0[1,])
      isProxy=true
      ;;
esac

#Directory to place captures in
capDir="/tmp/$(/bin/date "+%d.%b")"
#Brief description of capture type for use in file names
capType=()
if "$isProxy"; then
   for (( i=0; i < ${#mgmtIPS[@]}; i++ )); do
      capType[$i]=${mgmtIPS[$i]##*|}
   done
else
   for (( i=0; i < ${#usrmIPS[@]}; i++ )); do
      capType[$i]=${usrmIPS[$i]##*|}
   done
fi
#Function to zip old pcaps and remove the original file
zipPcap ()
{
    /bin/gzip -c $1 > $1.gz && rm $1 &
}
#Function to go through .pid files and clean up any running captures started by this script
#Relies of .pid files being in the following format:
#First line is pid of capture
#Second line is absolute path to where pcap is stored
#Contains logic to ignore any pcap started by this instance of the netCap script
cleanOldDumps ()
{
   /usr/bin/find /var/run -name "${capType[$1]}.netcap.*.pid" | while read pidFile;do
      if [[ ! "${pidFile}" =~ "${$}" ]];then
         /bin/kill $(head -1 ${pidFile})
         zipPcap $(tail -1  ${pidFile})
         rm  ${pidFile}
      fi
   done
}
#Function that actually kicks of capture and creates .pid file
doWork ()
{
   if "$isProxy"; then
      PCAPFILE="${capDir}/${capType[$1]}.${HOSTNAME}.$(/bin/date "+%H.%M.%h.%d").pcap"
      /usr/sbin/tcpdump -i eth0 -s 0 "(host ${mgmtIPS[$1]%%|*} or host ${mgmtIPS[$(($1+1))]%%|*} or host ${mgmtIPS[$(($1+))]%%|*})" and "(port 599)" -w $PCAPFILE > /dev/null  >&1 &
   else
      PCAPFILE="${capDir}/${capType[$1]}.${HOSTNAME}.$(/bin/date "+%H.%M.%h.%d").pcap"
      /usr/sbin/tcpdump -i eth0 -s 0 "(host ${usrmIPS[$1]%%|*})" -w $PCAPFILE > /dev/null  >&1 &
   fi
   dumpPid=$!
   echo "${dumpPid}" >> /var/run/${capType[$1]}.netcap.${$}.pid
   echo "${PCAPFILE}" >> /var/run/${capType[$1]}.netcap.${$}.pid
}
#function to create a new directory with today's date to drop pcaps in
mkCapDir ()
{
  if [[ ! -d ${capDir} ]];then
    /bin/mkdir ${capDir}
  fi
}

if "$isProxy"; then
   for (( i=0; i<${#mgmtIPS[@]}; i+=3 )); do
      mkCapDir
      doWork ${i}
      cleanOldDumps ${i}
   done
else
   for index in ${srmIndex[@]}; do
      mkCapDir
      doWork ${index}
      cleanOldDumps ${index}
   done
fi
	#!/bin/bash
	######################################################
	# Program: netCap.sh
	# Date Created: 7 July 010
	# Description: Starts a TCP dump of the management network and the USRM's or the management network and the proxy.
	# Date Updated: 1 June 01
	# \|_Complete Rewrite
	# \|_Added check if running on primary machine
	# \|_Added crateion of pid files for use in cleanup
	# \|_Added ability to be run from cron for simple hourly zips
	# 18 June 01
	# \|_Removed isPrime check. Script now runs regardless of if machine is primary.
	# 05 Aug 013
	# \|_Rewritten to so that one single script can be used on all managers
	# 13 Aug 013
	# \|_Added a boolean variable so that this script can also be used on the proxy
	# \|_Renamed to netCap from usrmNetcap to reflect the change
	# Developers: Darrell D (Support Engineer)
	# Stefan P (Support Engineer)
	######################################################


	usrmIPS=(
	"17.16.13.36\|par.usrm.36"
	"17.16.13.39\|par.usrm.39"
	"17.16.13.18\|par.usrm.18"
	"17.16.13.1\|liw.usrm.1"
	"17.16.13.15\|liw.usrm.15"
	"17.16.13.9\|liw.usrm.9"
	"17.16.13.4\|wst.usrm.4"
	"17.16.13.1\|nj.usrm.1"
	"17.16.13.4\|nj.usrm.4"
	"17.16.151.48\|nj.usrm.48"
	"17.16.151.54\|nj.usrm.54"
	"17.16.13.39\|ct.usrm.39"
	"17.16.13.18\|bk.usrm.18"
	"17.16.13.1\|lix.usrm.1"
	"17.16.13.15\|lix.usrm.15"
	"17.16.13.9\|lix.usrm.9"
	"17.16.13.1\|nj.usrm.1"
	"17.16.13.4\|nj.usrm.4"
	"17.16.151.48\|nj.usrm.48"
	"17.16.151.54\|nj.usrm.54"
	"17.16.13.1\|lix3.usrm.1"
	"17.16.13.15\|lix3.usrm.15"
	"17.16.13.9\|lix3.usrm.9"
	"17.16.13.1\|nj3.usrm.1"
	"17.16.13.4\|nj3.usrm.4"
	"17.16.151.48\|nj3.usrm.48"
	"17.16.151.54\|nj3.usrm.54"
	)

	mgmtIPS=(
	"10.48.19.4\|par"
	"10.48.19.5\|par"
	"10.48.19.6\|par"
	"10.48.19.9\|liw"
	"10.48.19.10\|liw"
	"10.48.19.11\|liw"
	"10.48.19.19\|wst"
	"10.48.19.0\|wst"
	"10.48.19.1\|wst"
	"10.48.19.4\|nj"
	"10.48.19.5\|nj"
	"10.48.19.6\|nj"
	"10.48.19.9\|ct"
	"10.48.19.30\|ct"
	"10.48.19.31\|ct"
	"10.48.19.89\|bk"
	"10.48.19.90\|bk"
	"10.48.19.91\|bk"
	"10.48.19.94\|lix"
	"10.48.19.95\|lix"
	"10.48.19.96\|lix"
	"10.48.19.99\|nj"
	"10.48.19.100\|nj"
	"10.48.19.101\|nj"
	"10.48.59.9\|lix3"
	"10.48.59.10\|lix3"
	"10.48.59.11\|lix3"
	"10.48.59.14\|nj3"
	"10.48.59.15\|nj3"
	"10.48.59.16\|nj3"
	)

	case $HOSTNAME in
	mgmt0[1,])
	srmIndex=( 0 1 )
	;;
	liwmgmt0[1,])
	srmIndex=( 3 4 5 )
	;;
	wstmgmt0[1,])
	srmIndex=( 6 )
	;;
	njmgmt0[1,])
	srmIndex=( 7 8 9 10 )
	;;
	ctmgmt0[1,])
	srmIndex=( 11 )
	;;
	bkmgmt0[1,])
	srmIndex=( 1 )
	;;
	lixmgmt0[1,])
	srmIndex=( 13 14 15 )
	;;
	njmgmt0[1,])
	srmIndex=( 16 17 18 19 )
	;;
	lix3mgmt0[1,])
	srmIndex=( 0 1 )
	;;
	nj3mgmt0[1,])
	srmIndex=( 3 4 5 6 )
	;;
	proxy0[1,])
	isProxy=true
	;;
	esac

	#Directory to place captures in
	capDir="/tmp/$(/bin/date "+%d.%b")"
	#Brief description of capture type for use in file names
	capType=()
	if "$isProxy"; then
	for (( i=0; i < ${#mgmtIPS[@]}; i++ )); do
	capType[$i]=${mgmtIPS[$i]##*\|}
	done
	else
	for (( i=0; i < ${#usrmIPS[@]}; i++ )); do
	capType[$i]=${usrmIPS[$i]##*\|}
	done
	fi
	#Function to zip old pcaps and remove the original file
	zipPcap ()
	{
	/bin/gzip -c $1 > $1.gz && rm $1 &
	}
	#Function to go through .pid files and clean up any running captures started by this script
	#Relies of .pid files being in the following format:
	#First line is pid of capture
	#Second line is absolute path to where pcap is stored
	#Contains logic to ignore any pcap started by this instance of the netCap script
	cleanOldDumps ()
	{
	/usr/bin/find /var/run -name "${capType[$1]}.netcap.*.pid" \| while read pidFile;do
	if [[ ! "${pidFile}" =~ "${$}" ]];then
	/bin/kill $(head -1 ${pidFile})
	zipPcap $(tail -1 ${pidFile})
	rm ${pidFile}
	fi
	done
	}
	#Function that actually kicks of capture and creates .pid file
	doWork ()
	{
	if "$isProxy"; then
	PCAPFILE="${capDir}/${capType[$1]}.${HOSTNAME}.$(/bin/date "+%H.%M.%h.%d").pcap"
	/usr/sbin/tcpdump -i eth0 -s 0 "(host ${mgmtIPS[$1]%%\|} or host ${mgmtIPS[$(($1+1))]%%\|} or host ${mgmtIPS[$(($1+))]%%\|*})" and "(port 599)" -w $PCAPFILE > /dev/null >&1 &
	else
	PCAPFILE="${capDir}/${capType[$1]}.${HOSTNAME}.$(/bin/date "+%H.%M.%h.%d").pcap"
	/usr/sbin/tcpdump -i eth0 -s 0 "(host ${usrmIPS[$1]%%\|*})" -w $PCAPFILE > /dev/null >&1 &
	fi
	dumpPid=$!
	echo "${dumpPid}" >> /var/run/${capType[$1]}.netcap.${$}.pid
	echo "${PCAPFILE}" >> /var/run/${capType[$1]}.netcap.${$}.pid
	}
	#function to create a new directory with today's date to drop pcaps in
	mkCapDir ()
	{
	if [[ ! -d ${capDir} ]];then
	/bin/mkdir ${capDir}
	fi
	}

	if "$isProxy"; then
	for (( i=0; i<${#mgmtIPS[@]}; i+=3 )); do
	mkCapDir
	doWork ${i}
	cleanOldDumps ${i}
	done
	else
	for index in ${srmIndex[@]}; do
	mkCapDir
	doWork ${index}
	cleanOldDumps ${index}
	done
	fi