=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== mason-1.0.0/mason-8.html-226-<PRE> mason-1.0.0/mason-8.html:227:ps axf | grep "^ *`fuser port_number/proto | awk '{print $2}'` " mason-1.0.0/mason-8.html-228-</PRE> ############################################## mason-1.0.0/mason.sgml-1491-<code> mason-1.0.0/mason.sgml:1492:ps axf | grep "^ *`fuser port_number/proto | awk '{print $2}'` " mason-1.0.0/mason.sgml-1493-</code> ############################################## mason-1.0.0/mason.txt-1886- ___________________________________________________________________ mason-1.0.0/mason.txt:1887: ps axf | grep "^ *`fuser port_number/proto | awk '{print $2}'` " mason-1.0.0/mason.txt-1888- ___________________________________________________________________ ############################################## mason-1.0.0/regression-test-85-echo ---------- Exit with a fanfare ---------- mason-1.0.0/regression-test:86:echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $MASONVER mason-1.0.0/regression-test-87-if [ -d /usr/src/mason-work ]; then mason-1.0.0/regression-test-88- date >>/usr/src/mason-work/regression-log mason-1.0.0/regression-test:89: echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $MASONVER >>/usr/src/mason-work/regression-log mason-1.0.0/regression-test-90-fi ############################################## mason-1.0.0/saveips-18-#FIXME - add to Makefile and install scripts... mason-1.0.0/saveips:19:for ONEIF in `ifconfig | grep 'Link encap' | awk '{print $1}'` ; do mason-1.0.0/saveips:20: NEWIP=`ifconfig $ONEIF | awk '/inet addr/{print substr($2,6)}'` mason-1.0.0/saveips:21: if [ -n "$NEWIP" ] && [ -z "`cat /var/lib/mason/$ONEIF-ips | grep ^$NEWIP\$`" ]; then mason-1.0.0/saveips-22- echo $NEWIP >>/var/lib/mason/$ONEIF-ips ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-151- if [ "$DYNIFMODE" != "SPECIFICIP" ]; then echo -n "$CMNT $CMNT" ; fi mason-1.0.0/debian/patches/pre-3.0.patch:152:- echo "export ${ONEIF}ADDR=\"\`ifconfig $ONEIF 2>/dev/null | awk '/inet addr/{print substr($2,6)}'\`$SINGLEMACHSPEC\" ${CMNT} ${CMNT}Use this if you want to match a single address on $ONEIF." mason-1.0.0/debian/patches/pre-3.0.patch:153:+ echo "export ${ONEIF}ADDR=\"\`LC_ALL=C ifconfig $ONEIF 2>/dev/null | awk '/inet addr/{print substr(\$2,6)}'\`$SINGLEMACHSPEC\" ${CMNT} ${CMNT}Use this if you want to match a single address on $ONEIF." mason-1.0.0/debian/patches/pre-3.0.patch-154- if [ "$DYNIFMODE" != "SMALLESTRANGE" ]; then echo -n "$CMNT $CMNT" ; fi ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-164-+ eval $EDITOR $TMPFILE <&10 mason-1.0.0/debian/patches/pre-3.0.patch:165: CURRLINE=`cat $TMPFILE` mason-1.0.0/debian/patches/pre-3.0.patch-166- rm -f $TMPFILE || : ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-180-+ echo "Told to stop another instance of $0 ..." mason-1.0.0/debian/patches/pre-3.0.patch:181:+ kill -9 `ps aux | grep mason | egrep -v "(grep mason|$$)" | awk '{ print $2 }'` mason-1.0.0/debian/patches/pre-3.0.patch-182-+ if [ "$$"x != "`/bin/pidof -x /usr/bin/mason-gui-text`"x ]; then ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-224-+ else mason-1.0.0/debian/patches/pre-3.0.patch:225:+ if [ -z "` find $PACKETLOGFILE -cmin -60`" ]; then mason-1.0.0/debian/patches/pre-3.0.patch-226-+ echo "Warning: No messages was written to the syslog file $PACKETLOGFILE" ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-494- #REMOVEME mason-1.0.0/debian/patches/pre-3.0.patch:495: #if [ `$SUDO $IPCHAINSBIN -L -n | grep "^Chain $CHAINNAME" | wc -l` -gt 0 ]; then mason-1.0.0/debian/patches/pre-3.0.patch-496-- if $SUDO $IPCHAINSBIN -L $CHAINNAME >/dev/null 2>/dev/null ; then #If chain exists ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-533-@@ -2313,7 +2322,9 @@ sortrulefile () { mason-1.0.0/debian/patches/pre-3.0.patch:534: for SECTION in `seqfunc 0 $FILECOUNT` ; do mason-1.0.0/debian/patches/pre-3.0.patch-535- if [ -f "$ONEFILE.$SECTION" ]; then mason-1.0.0/debian/patches/pre-3.0.patch:536: if [ `grep '#\^' $ONEFILE.$SECTION | wc -l` -gt 0 ]; then mason-1.0.0/debian/patches/pre-3.0.patch-537-- sort -t '^' +1 -n -r $ONEFILE.$SECTION >>$ONEFILE.new || logfail $LINENO masonlib: YYYY 0120 ############################################## mason-1.0.0/debian/patches/pre-3.0.patch-583-+ do mason-1.0.0/debian/patches/pre-3.0.patch:584:+ CHAINS=`$IPTABLESBIN -L -n -t $TABLE | fgrep Chain | awk '{ print $2; }'` mason-1.0.0/debian/patches/pre-3.0.patch-585-+ for CHAIN in $CHAINS ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-148- if [ "$DYNIFMODE" != "SPECIFICIP" ]; then echo -n "$CMNT $CMNT" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason:149: echo "export ${ONEIF}ADDR=\"\`ifconfig $ONEIF 2>/dev/null | awk '/inet addr/{print substr($2,6)}'\`$SINGLEMACHSPEC\" ${CMNT} ${CMNT}Use this if you want to match a single address on $ONEIF." mason-1.0.0/.pc/pre-3.0.patch/mason-150- if [ "$DYNIFMODE" != "SMALLESTRANGE" ]; then echo -n "$CMNT $CMNT" ; fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-152- echo "export ${ONEIF}ADDR=\"$(encompassingnetworkof $(cat ${MASONDIR}${ONEIF}-ips | sort | uniq) || logfail $LINENO return encompassing network for $ONEIF)\" ${CMNT} ${CMNT}Use this if you want to match all addresses seen so far on $ONEIF." mason-1.0.0/.pc/pre-3.0.patch/mason:153: eval ${ONEIF}ADDR=`ipof $ONEIF` || logfail $LINENO Set $ONEIF into environment mason-1.0.0/.pc/pre-3.0.patch/mason-154-done ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-224- INFORMAT="ipfwadm-log" mason-1.0.0/.pc/pre-3.0.patch/mason:225: case $J7 in #Formerly [ "`echo $J7 | cut -b 1-3`" = "fw-" ] mason-1.0.0/.pc/pre-3.0.patch/mason-226- fw-out|fw-in|fw-fwd) ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-233- IF="$J9" mason-1.0.0/.pc/pre-3.0.patch/mason:234: PROTO=`echo $J10 | tr A-Z a-z` mason-1.0.0/.pc/pre-3.0.patch/mason-235- SRC="$J11" ; DEST="$J12" #SRC and DEST are only temporary variables for ipfwadm and ipchains formats to split into SRCIP and SRCPORT in a mo. ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-253- elif [ "$J5" = "kernel:" ]; then #Load variables from possible iptables log entry mason-1.0.0/.pc/pre-3.0.patch/mason:254: case $J6 in #Formerly [ "`echo $J6 | cut -b 1-4`" = "SRC=" ] mason-1.0.0/.pc/pre-3.0.patch/mason-255- IN=*|SRC=*) #FIXME - it seems reasonably likely that J6 might be something other than SRC= in some circumstances. ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-261- DST=*) DESTIP=${ONEFIELD##*=} ;; mason-1.0.0/.pc/pre-3.0.patch/mason:262: PROTO=*) PROTO=`echo ${ONEFIELD##*=} | tr A-Z a-z` ;; mason-1.0.0/.pc/pre-3.0.patch/mason-263- SPT=*) SRCPORT=${ONEFIELD##*=} ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-474- #Umm, this is what I think I need... *smile* mason-1.0.0/.pc/pre-3.0.patch/mason:475: eval ${ONEIF}ADDR=`ipof $ONEIF || logfail $LINENO Mason: YYYY 0005` mason-1.0.0/.pc/pre-3.0.patch/mason-476- done ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-484- IPCONV="HOST" mason-1.0.0/.pc/pre-3.0.patch/mason:485: SRCHOST=`generalizeip $SRCIP` mason-1.0.0/.pc/pre-3.0.patch/mason:486: DESTHOST=`generalizeip $DESTIP` mason-1.0.0/.pc/pre-3.0.patch/mason-487- IPCONV="$HOLDIPCONV" ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-506- done mason-1.0.0/.pc/pre-3.0.patch/mason:507: SRCHOST=`generalizeip $SRCIP` mason-1.0.0/.pc/pre-3.0.patch/mason-508- IPCONV="$HOLDIPCONV" ; HOSTLOOKUP="$HOLDHOSTLOOKUP" ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-524- done mason-1.0.0/.pc/pre-3.0.patch/mason:525: DESTHOST=`generalizeip $DESTIP` mason-1.0.0/.pc/pre-3.0.patch/mason-526- IPCONV="$HOLDIPCONV" ; HOSTLOOKUP="$HOLDHOSTLOOKUP" ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-568- if isdigits "$SRCPORT"; then mason-1.0.0/.pc/pre-3.0.patch/mason:569: SRCSERVICE=`generalportrange "$SRCPORT"` ; SRCCOMMENT="GENERALIZED TCP RESPONSE - place last" mason-1.0.0/.pc/pre-3.0.patch/mason-570- fi mason-1.0.0/.pc/pre-3.0.patch/mason-571- if isdigits "$DESTPORT"; then mason-1.0.0/.pc/pre-3.0.patch/mason:572: DESTSERVICE=`generalportrange "$DESTPORT"` ; DESTCOMMENT="GENERALIZED TCP RESPONSE - place last" mason-1.0.0/.pc/pre-3.0.patch/mason-573- fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-582- elif [ -n "$SRCSERVICE" ]; then # Source port is a server port. mason-1.0.0/.pc/pre-3.0.patch/mason:583: DESTPORT=`clientportrange "$DESTPORT" "$SRCPORT" "$PROTO" "$ACK"` mason-1.0.0/.pc/pre-3.0.patch/mason-584- settos "$SRCPORT" "$SRCSERVICE" "$PROTO" ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-586- elif [ -n "$DESTSERVICE" ]; then # Dest port is a server port. mason-1.0.0/.pc/pre-3.0.patch/mason:587: SRCPORT=`clientportrange "$SRCPORT" "$DESTPORT" "$PROTO" "$ACK"` mason-1.0.0/.pc/pre-3.0.patch/mason-588- settos "$DESTPORT" "$DESTSERVICE" "$PROTO" ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-590- else # Neither source nor dest is a server port. mason-1.0.0/.pc/pre-3.0.patch/mason:591: #COMMENT2="$CMNT$CMNT S=`nameof $SRCIP`:$SRCPORT D=`nameof $DESTIP`:$DESTPORT" mason-1.0.0/.pc/pre-3.0.patch/mason-592-#FIXME - put in case to test for null, */0, local IP, otherwise display mason-1.0.0/.pc/pre-3.0.patch/mason-593- COMMENT2="$CMNT$CMNT" mason-1.0.0/.pc/pre-3.0.patch/mason:594: if [ -n "$SRCIP" ]; then COMMENT2="$COMMENT2 S=`nameof $SRCIP`" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason-595- if [ -n "$SRCPORT" ]; then COMMENT2="$COMMENT2:$SRCPORT" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason:596: if [ -n "$DESTIP" ]; then COMMENT2="$COMMENT2 D=`nameof $DESTIP`" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason-597- if [ -n "$DESTPORT" ]; then COMMENT2="$COMMENT2:$DESTPORT" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason-598- ORIGSRCPORT=$SRCPORT mason-1.0.0/.pc/pre-3.0.patch/mason:599: SRCPORT=`clientportrange "$SRCPORT" "$DESTPORT" "$PROTO" "$ACK"` mason-1.0.0/.pc/pre-3.0.patch/mason:600: DESTPORT=`clientportrange "$DESTPORT" "$ORIGSRCPORT" "$PROTO" "$ACK"` mason-1.0.0/.pc/pre-3.0.patch/mason-601- unset ORIGSRCPORT ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-606- if [ "$SRCHOST" = "0/0" ]; then mason-1.0.0/.pc/pre-3.0.patch/mason:607: HOLDIPCONV="$IPCONV" ; IPCONV="HOST" ; SRCHOST=`generalizeip $SRCIP` ; IPCONV="$HOLDIPCONV" mason-1.0.0/.pc/pre-3.0.patch/mason-608- fi mason-1.0.0/.pc/pre-3.0.patch/mason-609- if [ "$DESTHOST" = "0/0" ]; then mason-1.0.0/.pc/pre-3.0.patch/mason:610: HOLDIPCONV="$IPCONV" ; IPCONV="HOST" ; DESTHOST=`generalizeip $DESTIP` ; IPCONV="$HOLDIPCONV" mason-1.0.0/.pc/pre-3.0.patch/mason-611- fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-618- COMMENT="$COMMENT ($DIRLETTER)" mason-1.0.0/.pc/pre-3.0.patch/mason:619: SRCCISCOPORTSPEC="`port2ciscoport $SRCPORT $PROTO`" mason-1.0.0/.pc/pre-3.0.patch/mason:620: DESTCISCOPORTSPEC="`port2ciscoport $DESTPORT $PROTO`" mason-1.0.0/.pc/pre-3.0.patch/mason-621- fi #not ipchains-lv ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-627- COMMENT="$CMNT $PROTO ($DIRLETTER)" mason-1.0.0/.pc/pre-3.0.patch/mason:628: #COMMENT2="$CMNT$CMNT S=`nameof $SRCIP` D=`nameof $DESTIP`" mason-1.0.0/.pc/pre-3.0.patch/mason-629- COMMENT2="$CMNT$CMNT" mason-1.0.0/.pc/pre-3.0.patch/mason-630-#FIXME - put in case to test for null, */0, otherwise display mason-1.0.0/.pc/pre-3.0.patch/mason:631: if [ -n "$SRCIP" ]; then COMMENT2="$COMMENT2 S=`nameof $SRCIP`" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason:632: if [ -n "$DESTIP" ]; then COMMENT2="$COMMENT2 D=`nameof $DESTIP`" ; fi mason-1.0.0/.pc/pre-3.0.patch/mason-633- fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-650- case "$ECHOCOMMAND" in mason-1.0.0/.pc/pre-3.0.patch/mason:651: #CURRENT=`awk "BEGIN {printf \"%x %0.0s %-12s %s x \n\", 57005, \"$AA$BB\", \"aaa\", \"cheeky\"}"` mason-1.0.0/.pc/pre-3.0.patch/mason-652- ipchains) ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-751- */0|*/0.0.0.0) SRCSPEC=" -s 0.0.0.0/0.0.0.0" ;; mason-1.0.0/.pc/pre-3.0.patch/mason:752: *) SRCSPEC=" -s ${SRCHOST%%/*}/`bits2mask ${SRCHOST##*/}`" ;; mason-1.0.0/.pc/pre-3.0.patch/mason-753- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-760- */0|*/0.0.0.0) DESTSPEC=" -d 0.0.0.0/0.0.0.0" ;; mason-1.0.0/.pc/pre-3.0.patch/mason:761: *) DESTSPEC=" -d ${DESTHOST%%/*}/`bits2mask ${DESTHOST##*/}`" ;; mason-1.0.0/.pc/pre-3.0.patch/mason-762- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-767- esac mason-1.0.0/.pc/pre-3.0.patch/mason:768: PROTONUMBER=`grep -i "^$PROTO[[:space:]]" /etc/protocols | awk '{print $2}' || logfail $LINENO Mason: YYYY 0008` #Head -1? mason-1.0.0/.pc/pre-3.0.patch/mason-769- if [ -z "$PROTONUMBER" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-838- tr3) CISCOIF="To3" ;; mason-1.0.0/.pc/pre-3.0.patch/mason:839: *) CISCOIF="`echo "$IF" | sed -e 's/^eth/E/' -e 's/^ppp/S/' -e 's/^tr/To/'`" ;; mason-1.0.0/.pc/pre-3.0.patch/mason-840- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-860- #Yank mark values before comparing mason-1.0.0/.pc/pre-3.0.patch/mason:861: case `echo $CURRENT | sed -e 's/ -m [0-9][0-9]* //'` in mason-1.0.0/.pc/pre-3.0.patch/mason-862- $LAST1|$LAST2|$LAST3|$LAST4|$LAST5|$LAST6|$LAST7|$LAST8) ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-939- LAST8=$LAST7 ; LAST7=$LAST6 ; LAST6=$LAST5 ; LAST5=$LAST4 mason-1.0.0/.pc/pre-3.0.patch/mason:940: LAST4=$LAST3 ; LAST3=$LAST2 ; LAST2=$LAST1 ; LAST1=`echo $CURRENT | sed -e 's/ -m [0-9][0-9]* //' || logfail $LINENO Mason: YYYY 0017` ;; mason-1.0.0/.pc/pre-3.0.patch/mason-941- esac #Check that current isn't equal to one of the previous 8 rules. ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-decide-179- $EDITOR $TMPFILE <&10 mason-1.0.0/.pc/pre-3.0.patch/mason-decide:180: CURRLINE=`cat $TMPFILE` mason-1.0.0/.pc/pre-3.0.patch/mason-decide-181- rm -f $TMPFILE || : ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-decide-273- echo $ENH Waiting for new rule, press ${KEY}Ctrl-C${NORM} to abort... mason-1.0.0/.pc/pre-3.0.patch/mason-decide:274: if [ "`echo $INLINE | sed -e 's/#.*//' -e 's/ //g'`" != "`echo $CURRLINE | sed -e 's/#.*//' -e 's/ //g'`" ]; then #If changed, remove old line and install new mason-1.0.0/.pc/pre-3.0.patch/mason-decide-275- echo -n Rule changed, removing old rule... ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-55- if [ -f "$MASONPIDFILE" ]; then mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:56: for ONEPID in `cat $MASONPIDFILE` ; do mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-57- if type -path ps >/dev/null 2>/dev/null && type -path grep >/dev/null 2>/dev/null ; then mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:58: if [ -n "`ps ax | grep "^[[:space:]]*$ONEPID[[:space:]]" | grep mason`" ]; then mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-59- #wrap Killing background $ONEPID >/dev/stderr ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-166- ( tail -q -f --lines=0 $PACKETLOGFILE $KILLFILES | $MASONEXE >>$NEWRULEFILE ) & #nohup just before tail removed #SUDO on tail? mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:167: MASONTAILPID="$MASONTAILPID `ps axf | grep -v grep | grep -A 1 '^[[:space:]]*$![[:space:]]' | tail -1 | awk '{print $1}' || logfail $LINENO mason-gui-text: YYYY 0001`" mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-168- #I am open to ideas on better ways to figure out the pid of the tail command. Anyone? Bueller? mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:169: MASONPID="$MASONPID `ps axf | grep -v grep | grep -A 2 '^[[:space:]]*$![[:space:]]' | tail -1 | awk '{print $1}' || logfail $LINENO mason-gui-text: YYYY 0002`" mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-170- #FIXME - display this first so as not to mix output? ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-195- showstate 'Mason-gui-text: Ending the learning process' mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:196: if [ -n "`cat $NEWRULEFILE | sed -e 's/#.*//' | grep -v '^[[:space:]]*$' | grep -v '^export' || :`" ]; then #formerly YYYY 0003 mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-197- wrap You still have unmerged rules in $NEWRULEFILE. Would you like to process them now? ${KEY}Y${NORM}/${KEY}N${NORM}? ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-274- read MERGEID || : mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:275: wrap There are `grep "$MERGEID" $NEWRULEFILE | wc -l` rules with that ID, and `grep -v "$MERGEID" $NEWRULEFILE | wc -l` lines without it, `cat $NEWRULEFILE | wc -l` total. mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-276- if echo "Do you want to continue ({KEY}Y${NORM}/${KEY}N${NORM})" ; askYN ; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-349- showstate 'Mason-gui-text: Exiting' mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text:350: if [ -n "`cat $NEWRULEFILE | sed -e 's/#.*//' | grep -v '^[[:space:]]*$' | grep -v '^export' || :`" ]; then #formerly YYYY 0018 mason-1.0.0/.pc/pre-3.0.patch/mason-gui-text-351- echo -n $ENH You may still have unmerged rules in $NEWRULEFILE. Would you like to process these now? ${KEY}Y${NORM}/${KEY}N${NORM} ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-59- #FIXME - $* instead of $1? mason-1.0.0/.pc/pre-3.0.patch/masonlib:60: for ONEMARK in `grep ' -m ' $1 | sed -e 's/.* -m \([^ ]*\) .*/\1/' || logfail $LINENO masonlib: 0001 grep ' -m ' $1 pipe sed -e 's/.* -m \([^ ]*\) .*/\1/'` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-61- case $ONEMARK in ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-70- ADDCOUNTSCRIPT="$ADDCOUNTSCRIPT -e s/[[:space:]]*$//" #Erase any trailing spaces mason-1.0.0/.pc/pre-3.0.patch/masonlib:71: for ONECOUNT in `sed -e 's@ 0x@/0x@' $PACKETCOUNTFILE | grep '/0x'` ; do #packetcount/markvalue pairs mason-1.0.0/.pc/pre-3.0.patch/masonlib-72- if [ "$HEXMARKS" = "YES" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-82- for ONEFILE in $* ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib:83: DUPMARKS=`grep '[[:space:]]-m[[:space:]]' $ONEFILE | sed -e 's/^.*[[:space:]]-m[[:space:]]*\([x0-9]*\).*$/\1/' | uniq -d || logfail $LINENO masonlib: YYYY 0002` mason-1.0.0/.pc/pre-3.0.patch/masonlib-84- if [ -n "$DUPMARKS" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-168- case $2 in mason-1.0.0/.pc/pre-3.0.patch/masonlib:169: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-170- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-204-#OK, this is overkill, just use the "trap on 6 that follows mason-1.0.0/.pc/pre-3.0.patch/masonlib:205:# trap 'logger SIGIOT' `kill -l | grep '\W6)' | sed -e 's/.*\W6)//' | awk '{print $1}'` mason-1.0.0/.pc/pre-3.0.patch/masonlib-206- trap 'logger SIGIOT' 6 ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-380- mason-1.0.0/.pc/pre-3.0.patch/masonlib:381: DEFROUTEIFS=`/sbin/route -n | grep '^0\.0\.0\.0[ \t]' | awk '{print $8}' | sort | uniq || logfail $LINENO masonlib: YYYY 0017` mason-1.0.0/.pc/pre-3.0.patch/masonlib-382- INCOMINGINTERFACES=${INCOMINGINTERFACES:-$DEFROUTEIFS} ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-614- case $ONENET in #convert /m netmasks over to /n.n.n.n mason-1.0.0/.pc/pre-3.0.patch/masonlib:615: */[0-9]|*/[1-2][0-9]|*/3[0-2]) ONENET="${ONENET%%/*}/`bits2mask ${ONENET##*/}`" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-616- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-618- RUNTIME.NETWORKS) mason-1.0.0/.pc/pre-3.0.patch/masonlib:619: for RUNTIMENET in `route -n | grep -v '^127\.' | grep -v '^0\.0\.0\.0' | grep '^[0-9]' | awk '{print $1 "/" $3}' || logfail $LINENO masonlib: YYYY 0019` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-620- case $RUNTIMENET in mason-1.0.0/.pc/pre-3.0.patch/masonlib-621- */255.255.255.255|*/255.255.255.254|*/255.255.255.252|*/0.0.0.0) : ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:622: *) NETWORKS="$NETWORKS ${RUNTIMENET%%/*}-`broadcastof ${RUNTIMENET%%/*} ${RUNTIMENET##*/}`/${RUNTIMENET##*/}" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-623- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-626- *-*/*) NETWORKS="$NETWORKS $ONENET" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:627: */*) NETWORKS="$NETWORKS ${ONENET%%/*}-`broadcastof ${ONENET%%/*} ${ONENET##*/}`/${ONENET##*/}" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-628- 0|0.*) NETWORKS="$NETWORKS 0.0.0.0-0.255.255.255/255.0.0.0" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-629- 127|127.*) NETWORKS="$NETWORKS 127.0.0.0-127.255.255.255/255.0.0.0" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:630: *) ROUTEMASK=`route -n | grep "^$ONENET[[:space:]]" | awk '{print $3}' | uniq || logfail $LINENO masonlib: YYYY 0020` mason-1.0.0/.pc/pre-3.0.patch/masonlib:631: if [ `echo "$ROUTEMASK" | wc -l` -eq 1 ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:632: NETWORKS="$NETWORKS $ONENET-`broadcastof $ONENET $ROUTEMASK`/$ROUTEMASK" mason-1.0.0/.pc/pre-3.0.patch/masonlib-633- else ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-639- if [ -z "$NETWORKS" ]; then #load the NETWORKS variable with all non-trivial networks in the routing table. mason-1.0.0/.pc/pre-3.0.patch/masonlib:640: for RUNTIMENET in `route -n | grep -v '^127\.' | grep -v '^0\.0\.0\.0' | grep '^[0-9]' | awk '{print $1 "/" $3}' || logfail $LINENO masonlib: YYYY 0021` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-641- case $RUNTIMENET in mason-1.0.0/.pc/pre-3.0.patch/masonlib-642- */255.255.255.255|*/255.255.255.254|*/255.255.255.252|*/0.0.0.0) : ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:643: *) NETWORKS="$NETWORKS ${RUNTIMENET%%/*}-`broadcastof ${RUNTIMENET%%/*} ${RUNTIMENET##*/}`/${RUNTIMENET##*/}" ;; #network-broadcast/netmask mason-1.0.0/.pc/pre-3.0.patch/masonlib-644- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-663- if [ -n "$MINMARK" ] && [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:664: MINMARK=$[ $MINMARK ] #Or should we use `echo $MINMARK | tr -d -c '[0-9]\n'` ? mason-1.0.0/.pc/pre-3.0.patch/masonlib-665- for ONEMARK in `ipchains -L -n -x -v | cut -b 66-75 - | grep '0x' || :` ; do #Formerly YYYY 0022 ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-670- CKPTCHECKCONF=" checkconf: Remove dups" ; #ckpt $CKPTCHECKCONF mason-1.0.0/.pc/pre-3.0.patch/masonlib:671: if [ -n "$SSP" ]; then SSP=`echo "$SSP" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0023` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:672: if [ -n "$SCP" ]; then SCP=`echo "$SCP" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0024` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:673: if [ -n "$BLOCKEDHOSTS" ]; then BLOCKEDHOSTS=`echo "$BLOCKEDHOSTS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0025` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:674: if [ -n "$DYNIF" ]; then DYNIF=`echo "$DYNIF" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0026` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:675: if [ -n "$NOINCOMING" ]; then NOINCOMING=`echo "$NOINCOMING" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0027` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:676: if [ -n "$NOOUTGOING" ]; then NOOUTGOING=`echo "$NOOUTGOING" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0028` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:677: if [ -n "$POISONPROTOCOLS" ]; then POISONPROTOCOLS=`echo "$POISONPROTOCOLS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0029` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib-678- #We can't dedupe this because we need the most specific nets first; a "sort" may destroy this order. mason-1.0.0/.pc/pre-3.0.patch/masonlib:679: #if [ -n "$NETWORKS" ]; then NETWORKS=`echo "$NETWORKS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0030` ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib-680- ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-745- #Now add in the main 4 bin/sbin path elements if missing. mason-1.0.0/.pc/pre-3.0.patch/masonlib:746: for ONEPATH in `set | grep '^PATH=' | sed -e 's/^PATH=/ /' -e 's/:/ /g' || logfail $LINENO masonlib: YYYY 0031` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-747- if [ "$ONEPATH" = "/bin" ]; then BINOK="YES" ; fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-764- #Keep track of all IP's in use every time this is run. mason-1.0.0/.pc/pre-3.0.patch/masonlib:765: for ONEIF in `ifconfig | grep 'Link encap' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0032` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib:766: NEWIP=`ipof $ONEIF || logfail $LINENO masonlib: YYYY 0033` mason-1.0.0/.pc/pre-3.0.patch/masonlib-767- if [ ! -f $MASONDIR$ONEIF-ips ]; then touch $MASONDIR$ONEIF-ips ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:768: if [ -z "`cat $MASONDIR$ONEIF-ips | grep ^$NEWIP\$`" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-769- if [ -z "$MASONDIR" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-787- if [ -n "$NOLOGSUFFIX" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:788: for ONECHAIN in `chainnameof input` `chainnameof output` `chainnameof forward` ; do #Was `$IPCHAINSBIN -L -n | grep '^Chain ' | awk '{print $2}'` mason-1.0.0/.pc/pre-3.0.patch/masonlib-789- #case $ONECHAIN in ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1089- case $DOCOMMAND in mason-1.0.0/.pc/pre-3.0.patch/masonlib:1090: [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) $IPFWADMBIN `chainnameof $2` -f || logfail $LINENO masonlib: YYYY 0138 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1091: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -F `chainnameof $2` || logfail $LINENO masonlib: YYYY 0139 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1092: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -F `chainnameof $2` || logfail $LINENO masonlib: YYYY 0140 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1093- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1097- [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) : ;; #Not possible mason-1.0.0/.pc/pre-3.0.patch/masonlib:1098: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -N `chainnameof $2` || logfail $LINENO masonlib: YYYY 0141 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1099: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -N `chainnameof $2` || logfail $LINENO masonlib: YYYY 0142 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1100- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1103- case $DOCOMMAND in mason-1.0.0/.pc/pre-3.0.patch/masonlib:1104: [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) $IPFWADMBIN `chainnameof $2` -p $CHAINTARGET || logfail $LINENO masonlib: YYYY 0143 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1105: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -P `chainnameof $2` $CHAINTARGET || logfail $LINENO masonlib: YYYY 0144 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1106: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -P `chainnameof $2` $CHAINTARGET || logfail $LINENO masonlib: YYYY 0145 ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1107- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1118- if [ -n "$3$4" ]; then BUILDRULE="$BUILDRULE -W $3$4" ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:1119: BUILDRULE="$BUILDRULE `chainnameof $2`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-1120- if [ -n "$5" ]; then BUILDRULE="$BUILDRULE -P $5" ; fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1135- case $1 in mason-1.0.0/.pc/pre-3.0.patch/masonlib:1136: [Aa]*) BUILDRULE="$IPCHAINSBIN -A `chainnameof $2`" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1137: [Ii]*) BUILDRULE="$IPCHAINSBIN -I `chainnameof $2` 1" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1138: [Dd]*) BUILDRULE="$IPCHAINSBIN -D `chainnameof $2`" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1139- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1160- case $1 in mason-1.0.0/.pc/pre-3.0.patch/masonlib:1161: [Aa]*) BUILDRULE="$IPTABLESBIN -A `chainnameof $2`" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1162: [Ii]*) BUILDRULE="$IPTABLESBIN -I `chainnameof $2` 1" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1163: [Dd]*) BUILDRULE="$IPTABLESBIN -D `chainnameof $2`" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1164- esac ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1212- #REMOVEME mason-1.0.0/.pc/pre-3.0.patch/masonlib:1213: #FLUSHEDPOLICY=`echo $FLUSHEDPOLICY | tr a-z A-Z || logfail $LINENO masonlib: 0037 echo $FLUSHEDPOLICY pipe tr a-z A-Z` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1214- #$IPCHAINSBIN -P output $FLUSHEDPOLICY || logfail $LINENO masonlib: 0038 $IPCHAINSBIN -P output $FLUSHEDPOLICY ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1219- #$IPCHAINSBIN -F input || logfail $LINENO masonlib: 0043 $IPCHAINSBIN -F input mason-1.0.0/.pc/pre-3.0.patch/masonlib:1220: #FLUSHEDPOLICY=`echo $FLUSHEDPOLICY | tr A-Z a-z || logfail $LINENO masonlib: 0046 echo $FLUSHEDPOLICY pipe tr A-Z a-z` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1221- #$IPFWADMBIN -O -p $FLUSHEDPOLICY || logfail $LINENO masonlib: 0047 $IPFWADMBIN -O -p $FLUSHEDPOLICY ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1255- if [ -n "$1" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1256: CHAINNAME="`chainnameof $1`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-1257- if [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-1258- #REMOVEME mason-1.0.0/.pc/pre-3.0.patch/masonlib:1259: #if [ `$SUDO $IPCHAINSBIN -L -n | grep "^Chain $CHAINNAME" | wc -l` -gt 0 ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-1260- if $SUDO $IPCHAINSBIN -L $CHAINNAME >/dev/null 2>/dev/null ; then #If chain exists ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1307- */*) GIRETVAL="$1" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib:1308: 22[4-9].*|23[0-9].*) GIRETVAL="`nameof $1`$SINGLEMACHSPEC" ;; #Multicast IP's should be left unique mason-1.0.0/.pc/pre-3.0.patch/masonlib-1309- *) ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1322- HOST) mason-1.0.0/.pc/pre-3.0.patch/masonlib:1323: GIRETVAL="`nameof $1`$SINGLEMACHSPEC" ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1324- NETWORK) ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1337- if [ "$1" = "$ONELOCALIP" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1338: GIRETVAL="`nameof $1`$SINGLEMACHSPEC" mason-1.0.0/.pc/pre-3.0.patch/masonlib-1339- ISASSIGNED="YES" ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1345- if [ "$ISASSIGNED" = "NO" ] && isnumericip $1 ; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1346: #for ONENET in `cat $NETCACHE` ; do #Use NETWORKS now... mason-1.0.0/.pc/pre-3.0.patch/masonlib-1347- for ONENET in $NETWORKS ; do ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1355- if [ "$ECHOCOMMAND" = "cisco" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1356: GIRETVAL="`nameof $ONENET` `mask2cisco $NETMASK`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-1357- else mason-1.0.0/.pc/pre-3.0.patch/masonlib:1358: GIRETVAL="`nameof $ONENET`/`mask2bits $NETMASK`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-1359- fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1404- echo -n "Load IPs, networks and nameservers..." >/dev/stderr #set ALLIPS and ALLBCS (broadcasts) mason-1.0.0/.pc/pre-3.0.patch/masonlib:1405: ALLIPS="`ifconfig | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0056` \ mason-1.0.0/.pc/pre-3.0.patch/masonlib:1406: `route -n | grep '^[0-9\.]* *[0-9\.]* *255\.255\.255\.255' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0057`" mason-1.0.0/.pc/pre-3.0.patch/masonlib:1407: ALLBCS=`ifconfig | grep 'Bcast' | sed -e 's/.*Bcast://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0058` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1408-#FIXME: ALLBCS includes net addresses too? ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1410-#FIXME - if netcache and the current netlist (below) are identical, briefly warn then delete netcache. mason-1.0.0/.pc/pre-3.0.patch/masonlib:1411: if [ -n "$NETCACHE" ] && [ -n "`grep -v '^$' $NETCACHE || logfail $LINENO masonlib: YYYY 0059`" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-1412- wrap ${WARN}WARNING! The $NETCACHE file is no longer used by Mason. Please transfer all values from this file to the NETWORKS variable in $MASONCONF.${NORM} >/dev/stderr ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1416- CKPTLOADCONF=" loadconf: about to load dnsservers" ; #ckpt $CKPTLOADCONF mason-1.0.0/.pc/pre-3.0.patch/masonlib:1417: DNSSERVERS=`grep '^nameserver' /etc/resolv.conf | awk '{print $2}' || logfail $LINENO masonlib: YYYY 0060` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1418- ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1469- #The () subshell below is the equivalent of: "tail --lines=1 | awk '{print $2}'" mason-1.0.0/.pc/pre-3.0.patch/masonlib:1470: ONEHOSTNAME=`egrep "^$NAMEOFINPUT[^0-9]" /etc/hosts | ( while read F1 F2 FREST ; do LLF2=$F2 ; done ; if [ -n "$LLF2" ]; then echo $LLF2 ; fi ) || logfail $LINENO masonlib: YYYY 0061` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1471- if [ -n "$ONEHOSTNAME" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1487- if host -t ptr $NAMEOFINPUT >/dev/null 2>/dev/null ; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1488: ONEHOSTNAME=`host -t ptr $NAMEOFINPUT 2>/dev/null | grep 'domain name pointer' | head --lines=1 | sed -e 's/.* //' || logfail $LINENO masonlib: YYYY 0062` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1489- #do double reverse, see if same as input ip, only _then_ assign. mason-1.0.0/.pc/pre-3.0.patch/masonlib-1490- #I specifically removed the head --lines=1 because I don't want to provide a round-robin name. mason-1.0.0/.pc/pre-3.0.patch/masonlib:1491: ONEIPADDR=`host -t a $ONEHOSTNAME 2>/dev/null | grep 'has address' | sed -e 's/.* //' || logfail $LINENO masonlib: YYYY 0133` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1492- if [ -n "$ONEHOSTNAME" ] && [ "$NAMEOFINPUT" = "$ONEIPADDR" ] && [ "$ONEHOSTNAME" != "read-rfc1918-for-details.iana.net" ]; then #Grrr... ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1521- case $2 in mason-1.0.0/.pc/pre-3.0.patch/masonlib:1522: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/.pc/pre-3.0.patch/masonlib-1523- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1756- *) mason-1.0.0/.pc/pre-3.0.patch/masonlib:1757: PROTONAME=`grep "^[a-zA-Z]*\W*$1 *" /etc/protocols | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0063` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1758- if [ -n "$PROTONAME" ]; then PROTO=$PROTONAME ; else PROTO=$1 ; fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1865- #if [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1866: # DEFAULTPOLICY=`echo $DEFAULTPOLICY | tr a-z A-Z || logfail $LINENO masonlib: YYYY 0065` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1867- # if [ "$LOGBLOCKS" = "-o" ]; then LOGBLOCKS="-l" ; fi mason-1.0.0/.pc/pre-3.0.patch/masonlib-1868- #elif [ -f /proc/net/ip_input ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:1869: # DEFAULTPOLICY=`echo $DEFAULTPOLICY | tr A-Z a-z || logfail $LINENO masonlib: YYYY 0095` mason-1.0.0/.pc/pre-3.0.patch/masonlib-1870- # if [ "$LOGBLOCKS" = "-l" ]; then LOGBLOCKS="-o" ; fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1878- if [ "`cat /proc/sys/net/ipv4/ip_forward`" = "0" ] && \ mason-1.0.0/.pc/pre-3.0.patch/masonlib:1879: [ `ifconfig | cut -b 1-10 | grep -v ':' | grep -v '^lo' | grep -v '^ *$' | wc -l` -ge 2 ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-1880- wrap ${WARN}Please note that forwarding is disabled in the kernel. If this machine is expected to be a router, this should be fixed.${NORM} >/dev/stderr ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-1930- ##Loop through loips as ok input on lo mason-1.0.0/.pc/pre-3.0.patch/masonlib:1931: #for ONELOCALIP in `ifconfig | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0074` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-1932- # $IPCHAINSBIN -I input -s ${ONELOCALIP} -i lo -j ACCEPT $LOGBLOCKS || logfail $LINENO masonlib: YYYY 0075 ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2108- #The () subshell below is the equivalent of: "head -n 1 | awk '{print $1}'`" mason-1.0.0/.pc/pre-3.0.patch/masonlib:2109: SERVICE="`grep "[[:space:]]$1/$2" $SERVICES | ( if read F1 FREST ; then echo $F1 ; fi ) || logfail $LINENO masonlib: YYYY 0114`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-2110- #Mason will not be manipulating /etc/services. mason-1.0.0/.pc/pre-3.0.patch/masonlib:2111: #SERVICELINE="`grep "[[:space:]]$1/$2" $SERVICES | head -n 1 || logfail $LINENO masonlib: YYYY 0115`" mason-1.0.0/.pc/pre-3.0.patch/masonlib:2112: #if [ `grep "[[:space:]]$1/$2" /etc/services | wc -l` -eq 0 ]; then #Merge line from additional services files to /etc/services if necessary mason-1.0.0/.pc/pre-3.0.patch/masonlib-2113- # if [ -n "$SERVICELINE" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2144- CKPTSERVERPORTRANGE=" serverportrange: isdigits $READABLEPORT $PARTIALCOMMENT" ; #ckpt $CKPTSERVERPORTRANGE mason-1.0.0/.pc/pre-3.0.patch/masonlib:2145: elif [ -n "`grep -E $1 /etc/services || logfail $LINENO masonlib: YYYY 0116`" ]; then # $1 is already converted to text and a server port mason-1.0.0/.pc/pre-3.0.patch/masonlib-2146- #FIXME - is the above check all that is needed? ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2300- while read ONELINE ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib:2301: NEWRULETAG="`ruletag $ONELINE`" mason-1.0.0/.pc/pre-3.0.patch/masonlib-2302- if [ "$NEWRULETAG" != "$LASTRULETAG" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2312- rm -f $ONEFILE.new || logfail $LINENO masonlib: YYYY 0119 mason-1.0.0/.pc/pre-3.0.patch/masonlib:2313: for SECTION in `seqfunc 0 $FILECOUNT` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-2314- if [ -f "$ONEFILE.$SECTION" ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib:2315: if [ `grep '#\^' $ONEFILE.$SECTION | wc -l` -gt 0 ]; then mason-1.0.0/.pc/pre-3.0.patch/masonlib-2316- sort -t '^' +1 -n -r $ONEFILE.$SECTION >>$ONEFILE.new || logfail $LINENO masonlib: YYYY 0120 ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2390- CKPTUPDATECOUNTS=" updatecounts: sum packetcountfile" ; #ckpt $CKPTUPDATECOUNTS mason-1.0.0/.pc/pre-3.0.patch/masonlib:2391: for ONECOUNT in `awk '{print $1}' $PACKETCOUNTFILE || logfail $LINENO masonlib: YYYY 0129` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-2392- CURRENTCOUNT=$[ $CURRENTCOUNT + $ONECOUNT ] ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2396- CKPTUPDATECOUNTS=" updatecounts: sum running firewall" ; #ckpt $CKPTUPDATECOUNTS mason-1.0.0/.pc/pre-3.0.patch/masonlib:2397: for ONECOUNT in `ipchains -L -n -x -v | cut -b 1-9,66-75 - | grep '0x' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0130` ; do mason-1.0.0/.pc/pre-3.0.patch/masonlib-2398- NEWCOUNT=$[ $NEWCOUNT + $ONECOUNT ] ############################################## mason-1.0.0/.pc/pre-3.0.patch/masonlib-2404- fi mason-1.0.0/.pc/pre-3.0.patch/masonlib:2405: DUPMARKS=`ipchains -L -n -x -v | cut -b 1-9,66-75 - | grep '0x' | awk '{print $2}' | sort | uniq -d || logfail $LINENO masonlib: YYYY 0132` mason-1.0.0/.pc/pre-3.0.patch/masonlib-2406- if [ -n "$DUPMARKS" ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-231- echo -n addline... mason-1.0.0/.pc/pre-3.0.patch/samlib:232: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/.pc/pre-3.0.patch/samlib-233- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-237- addline $REGRESSTESTFILE "A line of text" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:238: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-239-"A line of text" \ ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-241- addline $REGRESSTESTFILE "A new line of text" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:242: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-243-"A line of text ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-362- case $2 in mason-1.0.0/.pc/pre-3.0.patch/samlib:363: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/.pc/pre-3.0.patch/samlib-364- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-414- cat "$TMPFILE" | grep -v "$2" | $SUDO dd of="$1" 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:415: printf "%1s%-2s%-40s%-50s\n" '-' "$[ `$SUDO cat "$TMPFILE" | wc -l` - `$SUDO cat "$1" | wc -l` ]" "$1" "$2" mason-1.0.0/.pc/pre-3.0.patch/samlib:416: #Was: echo -n "Removing \"$2\" from $1; " ; echo $[ `$SUDO cat "$TMPFILE" | wc -l` - `$SUDO cat "$1" | wc -l` ] lines removed. mason-1.0.0/.pc/pre-3.0.patch/samlib-417- $SUDO rm -f "$TMPFILE" ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-427- echo -n delline... mason-1.0.0/.pc/pre-3.0.patch/samlib:428: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/.pc/pre-3.0.patch/samlib-429- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-438- delline $REGRESSTESTFILE "Line 4" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:439: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-440-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-445- delline $REGRESSTESTFILE "Isnt in the file" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:446: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-447-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-452- delline $REGRESSTESTFILE "3" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:453: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-454-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-458- delline $REGRESSTESTFILE "Line 1" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:459: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-460-"Line 2 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-463- delline $REGRESSTESTFILE "Line 5" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:464: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-465-"Line 2" \ ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-876- case $2 in mason-1.0.0/.pc/pre-3.0.patch/samlib:877: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/.pc/pre-3.0.patch/samlib-878- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-909- #FIXME - handle, or get networkof/broadcastof to handle, '0' as the network mason-1.0.0/.pc/pre-3.0.patch/samlib:910: N1NET=`networkof ${1%%/*} ${1##*/}` ; N1BROAD=`broadcastof ${1%%/*} ${1##*/}` mason-1.0.0/.pc/pre-3.0.patch/samlib:911: N2NET=`networkof ${2%%/*} ${2##*/}` ; N2BROAD=`broadcastof ${2%%/*} ${2##*/}` mason-1.0.0/.pc/pre-3.0.patch/samlib-912- ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-939-# Please hand in only straight IP's; to include a network in the calculation, mason-1.0.0/.pc/pre-3.0.patch/samlib:940:# hand in both: `networkof $NET $NETMASK` `broadcastof $NET $NETMASK` mason-1.0.0/.pc/pre-3.0.patch/samlib-941-#------------------------------------------------------------------------- ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-985- ENONUMBITS=$[ $ENONUMBITS - 1 ] mason-1.0.0/.pc/pre-3.0.patch/samlib:986: ENONETMASK=`bits2mask $ENONUMBITS` mason-1.0.0/.pc/pre-3.0.patch/samlib:987: ENONETWORK=`networkof $MINIP $ENONETMASK` mason-1.0.0/.pc/pre-3.0.patch/samlib:988: ENOBROADCAST=`broadcastof $MINIP $ENONETMASK` mason-1.0.0/.pc/pre-3.0.patch/samlib-989- done ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1122- echo -n substline... mason-1.0.0/.pc/pre-3.0.patch/samlib:1123: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/.pc/pre-3.0.patch/samlib-1124- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1133- substline $REGRESSTESTFILE "2" "goobers" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1134: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1135-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1141- substline $REGRESSTESTFILE "Isnt in the file" "ggg" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1142: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1143-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1149- substline $REGRESSTESTFILE "Line 3" "replacement line" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1150: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1151-"Line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1157- substline $REGRESSTESTFILE "Line 1" "new line 1">/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1158: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1159-"new line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1165- substline $REGRESSTESTFILE "Line " "circle " >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1166: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1167-"new line 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1173- substline $REGRESSTESTFILE "e" "qq" >/dev/null 2>/dev/null mason-1.0.0/.pc/pre-3.0.patch/samlib:1174: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/.pc/pre-3.0.patch/samlib-1175-"nqqw linqq 1 ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1200- if [ -n "$LINELENGTH" ]; then mason-1.0.0/.pc/pre-3.0.patch/samlib:1201: LINELENGTH_INT=$[ $LINELENGTH - `echo -n "$WRAPHEADER" | wc -c` ] mason-1.0.0/.pc/pre-3.0.patch/samlib-1202- else mason-1.0.0/.pc/pre-3.0.patch/samlib:1203: LINELENGTH_INT=$[ 72 - `echo -n "$WRAPHEADER" | wc -c` ] mason-1.0.0/.pc/pre-3.0.patch/samlib-1204- fi ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1264- echo ---------- Exit with a fanfare ---------- mason-1.0.0/.pc/pre-3.0.patch/samlib:1265: echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $SAMVER mason-1.0.0/.pc/pre-3.0.patch/samlib-1266- ############################################## mason-1.0.0/.pc/pre-3.0.patch/samlib-1268- date >>/usr/src/sam-work/regression-log mason-1.0.0/.pc/pre-3.0.patch/samlib:1269: echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $SAMVER >>/usr/src/sam-work/regression-log mason-1.0.0/.pc/pre-3.0.patch/samlib-1270- fi ############################################## mason-1.0.0/mason-148- if [ "$DYNIFMODE" != "SPECIFICIP" ]; then echo -n "$CMNT $CMNT" ; fi mason-1.0.0/mason:149: echo "export ${ONEIF}ADDR=\"\`LC_ALL=C ifconfig $ONEIF 2>/dev/null | awk '/inet addr/{print substr(\$2,6)}'\`$SINGLEMACHSPEC\" ${CMNT} ${CMNT}Use this if you want to match a single address on $ONEIF." mason-1.0.0/mason-150- if [ "$DYNIFMODE" != "SMALLESTRANGE" ]; then echo -n "$CMNT $CMNT" ; fi ############################################## mason-1.0.0/mason-152- echo "export ${ONEIF}ADDR=\"$(encompassingnetworkof $(cat ${MASONDIR}${ONEIF}-ips | sort | uniq) || logfail $LINENO return encompassing network for $ONEIF)\" ${CMNT} ${CMNT}Use this if you want to match all addresses seen so far on $ONEIF." mason-1.0.0/mason:153: eval ${ONEIF}ADDR=`ipof $ONEIF` || logfail $LINENO Set $ONEIF into environment mason-1.0.0/mason-154-done ############################################## mason-1.0.0/mason-224- INFORMAT="ipfwadm-log" mason-1.0.0/mason:225: case $J7 in #Formerly [ "`echo $J7 | cut -b 1-3`" = "fw-" ] mason-1.0.0/mason-226- fw-out|fw-in|fw-fwd) ############################################## mason-1.0.0/mason-233- IF="$J9" mason-1.0.0/mason:234: PROTO=`echo $J10 | tr A-Z a-z` mason-1.0.0/mason-235- SRC="$J11" ; DEST="$J12" #SRC and DEST are only temporary variables for ipfwadm and ipchains formats to split into SRCIP and SRCPORT in a mo. ############################################## mason-1.0.0/mason-253- elif [ "$J5" = "kernel:" ]; then #Load variables from possible iptables log entry mason-1.0.0/mason:254: case $J6 in #Formerly [ "`echo $J6 | cut -b 1-4`" = "SRC=" ] mason-1.0.0/mason-255- IN=*|SRC=*) #FIXME - it seems reasonably likely that J6 might be something other than SRC= in some circumstances. ############################################## mason-1.0.0/mason-261- DST=*) DESTIP=${ONEFIELD##*=} ;; mason-1.0.0/mason:262: PROTO=*) PROTO=`echo ${ONEFIELD##*=} | tr A-Z a-z` ;; mason-1.0.0/mason-263- SPT=*) SRCPORT=${ONEFIELD##*=} ;; ############################################## mason-1.0.0/mason-474- #Umm, this is what I think I need... *smile* mason-1.0.0/mason:475: eval ${ONEIF}ADDR=`ipof $ONEIF || logfail $LINENO Mason: YYYY 0005` mason-1.0.0/mason-476- done ############################################## mason-1.0.0/mason-484- IPCONV="HOST" mason-1.0.0/mason:485: SRCHOST=`generalizeip $SRCIP` mason-1.0.0/mason:486: DESTHOST=`generalizeip $DESTIP` mason-1.0.0/mason-487- IPCONV="$HOLDIPCONV" ############################################## mason-1.0.0/mason-506- done mason-1.0.0/mason:507: SRCHOST=`generalizeip $SRCIP` mason-1.0.0/mason-508- IPCONV="$HOLDIPCONV" ; HOSTLOOKUP="$HOLDHOSTLOOKUP" ############################################## mason-1.0.0/mason-524- done mason-1.0.0/mason:525: DESTHOST=`generalizeip $DESTIP` mason-1.0.0/mason-526- IPCONV="$HOLDIPCONV" ; HOSTLOOKUP="$HOLDHOSTLOOKUP" ############################################## mason-1.0.0/mason-568- if isdigits "$SRCPORT"; then mason-1.0.0/mason:569: SRCSERVICE=`generalportrange "$SRCPORT"` ; SRCCOMMENT="GENERALIZED TCP RESPONSE - place last" mason-1.0.0/mason-570- fi mason-1.0.0/mason-571- if isdigits "$DESTPORT"; then mason-1.0.0/mason:572: DESTSERVICE=`generalportrange "$DESTPORT"` ; DESTCOMMENT="GENERALIZED TCP RESPONSE - place last" mason-1.0.0/mason-573- fi ############################################## mason-1.0.0/mason-582- elif [ -n "$SRCSERVICE" ]; then # Source port is a server port. mason-1.0.0/mason:583: DESTPORT=`clientportrange "$DESTPORT" "$SRCPORT" "$PROTO" "$ACK"` mason-1.0.0/mason-584- settos "$SRCPORT" "$SRCSERVICE" "$PROTO" ############################################## mason-1.0.0/mason-586- elif [ -n "$DESTSERVICE" ]; then # Dest port is a server port. mason-1.0.0/mason:587: SRCPORT=`clientportrange "$SRCPORT" "$DESTPORT" "$PROTO" "$ACK"` mason-1.0.0/mason-588- settos "$DESTPORT" "$DESTSERVICE" "$PROTO" ############################################## mason-1.0.0/mason-590- else # Neither source nor dest is a server port. mason-1.0.0/mason:591: #COMMENT2="$CMNT$CMNT S=`nameof $SRCIP`:$SRCPORT D=`nameof $DESTIP`:$DESTPORT" mason-1.0.0/mason-592-#FIXME - put in case to test for null, */0, local IP, otherwise display mason-1.0.0/mason-593- COMMENT2="$CMNT$CMNT" mason-1.0.0/mason:594: if [ -n "$SRCIP" ]; then COMMENT2="$COMMENT2 S=`nameof $SRCIP`" ; fi mason-1.0.0/mason-595- if [ -n "$SRCPORT" ]; then COMMENT2="$COMMENT2:$SRCPORT" ; fi mason-1.0.0/mason:596: if [ -n "$DESTIP" ]; then COMMENT2="$COMMENT2 D=`nameof $DESTIP`" ; fi mason-1.0.0/mason-597- if [ -n "$DESTPORT" ]; then COMMENT2="$COMMENT2:$DESTPORT" ; fi mason-1.0.0/mason-598- ORIGSRCPORT=$SRCPORT mason-1.0.0/mason:599: SRCPORT=`clientportrange "$SRCPORT" "$DESTPORT" "$PROTO" "$ACK"` mason-1.0.0/mason:600: DESTPORT=`clientportrange "$DESTPORT" "$ORIGSRCPORT" "$PROTO" "$ACK"` mason-1.0.0/mason-601- unset ORIGSRCPORT ############################################## mason-1.0.0/mason-606- if [ "$SRCHOST" = "0/0" ]; then mason-1.0.0/mason:607: HOLDIPCONV="$IPCONV" ; IPCONV="HOST" ; SRCHOST=`generalizeip $SRCIP` ; IPCONV="$HOLDIPCONV" mason-1.0.0/mason-608- fi mason-1.0.0/mason-609- if [ "$DESTHOST" = "0/0" ]; then mason-1.0.0/mason:610: HOLDIPCONV="$IPCONV" ; IPCONV="HOST" ; DESTHOST=`generalizeip $DESTIP` ; IPCONV="$HOLDIPCONV" mason-1.0.0/mason-611- fi ############################################## mason-1.0.0/mason-618- COMMENT="$COMMENT ($DIRLETTER)" mason-1.0.0/mason:619: SRCCISCOPORTSPEC="`port2ciscoport $SRCPORT $PROTO`" mason-1.0.0/mason:620: DESTCISCOPORTSPEC="`port2ciscoport $DESTPORT $PROTO`" mason-1.0.0/mason-621- fi #not ipchains-lv ############################################## mason-1.0.0/mason-627- COMMENT="$CMNT $PROTO ($DIRLETTER)" mason-1.0.0/mason:628: #COMMENT2="$CMNT$CMNT S=`nameof $SRCIP` D=`nameof $DESTIP`" mason-1.0.0/mason-629- COMMENT2="$CMNT$CMNT" mason-1.0.0/mason-630-#FIXME - put in case to test for null, */0, otherwise display mason-1.0.0/mason:631: if [ -n "$SRCIP" ]; then COMMENT2="$COMMENT2 S=`nameof $SRCIP`" ; fi mason-1.0.0/mason:632: if [ -n "$DESTIP" ]; then COMMENT2="$COMMENT2 D=`nameof $DESTIP`" ; fi mason-1.0.0/mason-633- fi ############################################## mason-1.0.0/mason-650- case "$ECHOCOMMAND" in mason-1.0.0/mason:651: #CURRENT=`awk "BEGIN {printf \"%x %0.0s %-12s %s x \n\", 57005, \"$AA$BB\", \"aaa\", \"cheeky\"}"` mason-1.0.0/mason-652- ipchains) ############################################## mason-1.0.0/mason-751- */0|*/0.0.0.0) SRCSPEC=" -s 0.0.0.0/0.0.0.0" ;; mason-1.0.0/mason:752: *) SRCSPEC=" -s ${SRCHOST%%/*}/`bits2mask ${SRCHOST##*/}`" ;; mason-1.0.0/mason-753- esac ############################################## mason-1.0.0/mason-760- */0|*/0.0.0.0) DESTSPEC=" -d 0.0.0.0/0.0.0.0" ;; mason-1.0.0/mason:761: *) DESTSPEC=" -d ${DESTHOST%%/*}/`bits2mask ${DESTHOST##*/}`" ;; mason-1.0.0/mason-762- esac ############################################## mason-1.0.0/mason-767- esac mason-1.0.0/mason:768: PROTONUMBER=`grep -i "^$PROTO[[:space:]]" /etc/protocols | awk '{print $2}' || logfail $LINENO Mason: YYYY 0008` #Head -1? mason-1.0.0/mason-769- if [ -z "$PROTONUMBER" ]; then ############################################## mason-1.0.0/mason-838- tr3) CISCOIF="To3" ;; mason-1.0.0/mason:839: *) CISCOIF="`echo "$IF" | sed -e 's/^eth/E/' -e 's/^ppp/S/' -e 's/^tr/To/'`" ;; mason-1.0.0/mason-840- esac ############################################## mason-1.0.0/mason-860- #Yank mark values before comparing mason-1.0.0/mason:861: case `echo $CURRENT | sed -e 's/ -m [0-9][0-9]* //'` in mason-1.0.0/mason-862- $LAST1|$LAST2|$LAST3|$LAST4|$LAST5|$LAST6|$LAST7|$LAST8) ############################################## mason-1.0.0/mason-939- LAST8=$LAST7 ; LAST7=$LAST6 ; LAST6=$LAST5 ; LAST5=$LAST4 mason-1.0.0/mason:940: LAST4=$LAST3 ; LAST3=$LAST2 ; LAST2=$LAST1 ; LAST1=`echo $CURRENT | sed -e 's/ -m [0-9][0-9]* //' || logfail $LINENO Mason: YYYY 0017` ;; mason-1.0.0/mason-941- esac #Check that current isn't equal to one of the previous 8 rules. ############################################## mason-1.0.0/mason-decide-179- eval $EDITOR $TMPFILE <&10 mason-1.0.0/mason-decide:180: CURRLINE=`cat $TMPFILE` mason-1.0.0/mason-decide-181- rm -f $TMPFILE || : ############################################## mason-1.0.0/mason-decide-273- echo $ENH Waiting for new rule, press ${KEY}Ctrl-C${NORM} to abort... mason-1.0.0/mason-decide:274: if [ "`echo $INLINE | sed -e 's/#.*//' -e 's/ //g'`" != "`echo $CURRLINE | sed -e 's/#.*//' -e 's/ //g'`" ]; then #If changed, remove old line and install new mason-1.0.0/mason-decide-275- echo -n Rule changed, removing old rule... ############################################## mason-1.0.0/mason-gui-text-13- echo "Told to stop another instance of $0 ..." mason-1.0.0/mason-gui-text:14: kill -9 `ps aux | grep mason | egrep -v "(grep mason|$$)" | awk '{ print $2 }'` mason-1.0.0/mason-gui-text-15- if [ "$$"x != "`/bin/pidof -x /usr/bin/mason-gui-text`"x ]; then ############################################## mason-1.0.0/mason-gui-text-74- if [ -f "$MASONPIDFILE" ]; then mason-1.0.0/mason-gui-text:75: for ONEPID in `cat $MASONPIDFILE` ; do mason-1.0.0/mason-gui-text-76- if type -path ps >/dev/null 2>/dev/null && type -path grep >/dev/null 2>/dev/null ; then mason-1.0.0/mason-gui-text:77: if [ -n "`ps ax | grep "^[[:space:]]*$ONEPID[[:space:]]" | grep mason`" ]; then mason-1.0.0/mason-gui-text-78- #wrap Killing background $ONEPID >/dev/stderr ############################################## mason-1.0.0/mason-gui-text-159- else mason-1.0.0/mason-gui-text:160: if [ -z "` find $PACKETLOGFILE -cmin -60`" ]; then mason-1.0.0/mason-gui-text-161- echo "Warning: No messages was written to the syslog file $PACKETLOGFILE" ############################################## mason-1.0.0/mason-gui-text-205- ( tail -q -f --lines=0 $PACKETLOGFILE $KILLFILES | $MASONEXE >>$NEWRULEFILE ) & #nohup just before tail removed #SUDO on tail? mason-1.0.0/mason-gui-text:206: MASONTAILPID="$MASONTAILPID `ps axf | grep -v grep | grep -A 1 '^[[:space:]]*$![[:space:]]' | tail -1 | awk '{print $1}' || logfail $LINENO mason-gui-text: YYYY 0001`" mason-1.0.0/mason-gui-text-207- #I am open to ideas on better ways to figure out the pid of the tail command. Anyone? Bueller? mason-1.0.0/mason-gui-text:208: MASONPID="$MASONPID `ps axf | grep -v grep | grep -A 2 '^[[:space:]]*$![[:space:]]' | tail -1 | awk '{print $1}' || logfail $LINENO mason-gui-text: YYYY 0002`" mason-1.0.0/mason-gui-text-209- #FIXME - display this first so as not to mix output? ############################################## mason-1.0.0/mason-gui-text-234- showstate 'Mason-gui-text: Ending the learning process' mason-1.0.0/mason-gui-text:235: if [ -n "`cat $NEWRULEFILE | sed -e 's/#.*//' | grep -v '^[[:space:]]*$' | grep -v '^export' || :`" ]; then #formerly YYYY 0003 mason-1.0.0/mason-gui-text-236- wrap You still have unmerged rules in $NEWRULEFILE. Would you like to process them now? ${KEY}Y${NORM}/${KEY}N${NORM}? ############################################## mason-1.0.0/mason-gui-text-313- read MERGEID || : mason-1.0.0/mason-gui-text:314: wrap There are `grep "$MERGEID" $NEWRULEFILE | wc -l` rules with that ID, and `grep -v "$MERGEID" $NEWRULEFILE | wc -l` lines without it, `cat $NEWRULEFILE | wc -l` total. mason-1.0.0/mason-gui-text-315- if echo "Do you want to continue ({KEY}Y${NORM}/${KEY}N${NORM})" ; askYN ; then ############################################## mason-1.0.0/mason-gui-text-388- showstate 'Mason-gui-text: Exiting' mason-1.0.0/mason-gui-text:389: if [ -n "`cat $NEWRULEFILE | sed -e 's/#.*//' | grep -v '^[[:space:]]*$' | grep -v '^export' || :`" ]; then #formerly YYYY 0018 mason-1.0.0/mason-gui-text-390- echo -n $ENH You may still have unmerged rules in $NEWRULEFILE. Would you like to process these now? ${KEY}Y${NORM}/${KEY}N${NORM} ############################################## mason-1.0.0/masonlib-59- #FIXME - $* instead of $1? mason-1.0.0/masonlib:60: for ONEMARK in `grep ' -m ' $1 | sed -e 's/.* -m \([^ ]*\) .*/\1/' || logfail $LINENO masonlib: 0001 grep ' -m ' $1 pipe sed -e 's/.* -m \([^ ]*\) .*/\1/'` ; do mason-1.0.0/masonlib-61- case $ONEMARK in ############################################## mason-1.0.0/masonlib-70- ADDCOUNTSCRIPT="$ADDCOUNTSCRIPT -e s/[[:space:]]*$//" #Erase any trailing spaces mason-1.0.0/masonlib:71: for ONECOUNT in `sed -e 's@ 0x@/0x@' $PACKETCOUNTFILE | grep '/0x'` ; do #packetcount/markvalue pairs mason-1.0.0/masonlib-72- if [ "$HEXMARKS" = "YES" ]; then ############################################## mason-1.0.0/masonlib-82- for ONEFILE in $* ; do mason-1.0.0/masonlib:83: DUPMARKS=`grep '[[:space:]]-m[[:space:]]' $ONEFILE | sed -e 's/^.*[[:space:]]-m[[:space:]]*\([x0-9]*\).*$/\1/' | uniq -d || logfail $LINENO masonlib: YYYY 0002` mason-1.0.0/masonlib-84- if [ -n "$DUPMARKS" ]; then ############################################## mason-1.0.0/masonlib-168- case $2 in mason-1.0.0/masonlib:169: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/masonlib-170- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/masonlib-204-#OK, this is overkill, just use the "trap on 6 that follows mason-1.0.0/masonlib:205:# trap 'logger SIGIOT' `kill -l | grep '\W6)' | sed -e 's/.*\W6)//' | awk '{print $1}'` mason-1.0.0/masonlib-206- trap 'logger SIGIOT' 6 ############################################## mason-1.0.0/masonlib-381- mason-1.0.0/masonlib:382: DEFROUTEIFS=`/sbin/route -n | grep '^0\.0\.0\.0[ \t]' | awk '{print $8}' | sort | uniq || logfail $LINENO masonlib: YYYY 0017` mason-1.0.0/masonlib-383- INCOMINGINTERFACES=${INCOMINGINTERFACES:-$DEFROUTEIFS} ############################################## mason-1.0.0/masonlib-615- case $ONENET in #convert /m netmasks over to /n.n.n.n mason-1.0.0/masonlib:616: */[0-9]|*/[1-2][0-9]|*/3[0-2]) ONENET="${ONENET%%/*}/`bits2mask ${ONENET##*/}`" ;; mason-1.0.0/masonlib-617- esac ############################################## mason-1.0.0/masonlib-619- RUNTIME.NETWORKS) mason-1.0.0/masonlib:620: for RUNTIMENET in `route -n | grep -v '^127\.' | grep -v '^0\.0\.0\.0' | grep '^[0-9]' | awk '{print $1 "/" $3}' || logfail $LINENO masonlib: YYYY 0019` ; do mason-1.0.0/masonlib-621- case $RUNTIMENET in mason-1.0.0/masonlib-622- */255.255.255.255|*/255.255.255.254|*/255.255.255.252|*/0.0.0.0) : ;; mason-1.0.0/masonlib:623: *) NETWORKS="$NETWORKS ${RUNTIMENET%%/*}-`broadcastof ${RUNTIMENET%%/*} ${RUNTIMENET##*/}`/${RUNTIMENET##*/}" ;; mason-1.0.0/masonlib-624- esac ############################################## mason-1.0.0/masonlib-627- *-*/*) NETWORKS="$NETWORKS $ONENET" ;; mason-1.0.0/masonlib:628: */*) NETWORKS="$NETWORKS ${ONENET%%/*}-`broadcastof ${ONENET%%/*} ${ONENET##*/}`/${ONENET##*/}" ;; mason-1.0.0/masonlib-629- 0|0.*) NETWORKS="$NETWORKS 0.0.0.0-0.255.255.255/255.0.0.0" ;; mason-1.0.0/masonlib-630- 127|127.*) NETWORKS="$NETWORKS 127.0.0.0-127.255.255.255/255.0.0.0" ;; mason-1.0.0/masonlib:631: *) ROUTEMASK=`route -n | grep "^$ONENET[[:space:]]" | awk '{print $3}' | uniq || logfail $LINENO masonlib: YYYY 0020` mason-1.0.0/masonlib:632: if [ `echo "$ROUTEMASK" | wc -l` -eq 1 ]; then mason-1.0.0/masonlib:633: NETWORKS="$NETWORKS $ONENET-`broadcastof $ONENET $ROUTEMASK`/$ROUTEMASK" mason-1.0.0/masonlib-634- else ############################################## mason-1.0.0/masonlib-640- if [ -z "$NETWORKS" ]; then #load the NETWORKS variable with all non-trivial networks in the routing table. mason-1.0.0/masonlib:641: for RUNTIMENET in `route -n | grep -v '^127\.' | grep -v '^0\.0\.0\.0' | grep '^[0-9]' | awk '{print $1 "/" $3}' || logfail $LINENO masonlib: YYYY 0021` ; do mason-1.0.0/masonlib-642- case $RUNTIMENET in mason-1.0.0/masonlib-643- */255.255.255.255|*/255.255.255.254|*/255.255.255.252|*/0.0.0.0) : ;; mason-1.0.0/masonlib:644: *) NETWORKS="$NETWORKS ${RUNTIMENET%%/*}-`broadcastof ${RUNTIMENET%%/*} ${RUNTIMENET##*/}`/${RUNTIMENET##*/}" ;; #network-broadcast/netmask mason-1.0.0/masonlib-645- esac ############################################## mason-1.0.0/masonlib-664- if [ -n "$MINMARK" ] && [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/masonlib:665: MINMARK=$[ $MINMARK ] #Or should we use `echo $MINMARK | tr -d -c '[0-9]\n'` ? mason-1.0.0/masonlib-666- for ONEMARK in `ipchains -L -n -x -v | cut -b 66-75 - | grep '0x' || :` ; do #Formerly YYYY 0022 ############################################## mason-1.0.0/masonlib-671- CKPTCHECKCONF=" checkconf: Remove dups" ; #ckpt $CKPTCHECKCONF mason-1.0.0/masonlib:672: if [ -n "$SSP" ]; then SSP=`echo "$SSP" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0023` ; fi mason-1.0.0/masonlib:673: if [ -n "$SCP" ]; then SCP=`echo "$SCP" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0024` ; fi mason-1.0.0/masonlib:674: if [ -n "$BLOCKEDHOSTS" ]; then BLOCKEDHOSTS=`echo "$BLOCKEDHOSTS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0025` ; fi mason-1.0.0/masonlib:675: if [ -n "$DYNIF" ]; then DYNIF=`echo "$DYNIF" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0026` ; fi mason-1.0.0/masonlib:676: if [ -n "$NOINCOMING" ]; then NOINCOMING=`echo "$NOINCOMING" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0027` ; fi mason-1.0.0/masonlib:677: if [ -n "$NOOUTGOING" ]; then NOOUTGOING=`echo "$NOOUTGOING" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0028` ; fi mason-1.0.0/masonlib:678: if [ -n "$POISONPROTOCOLS" ]; then POISONPROTOCOLS=`echo "$POISONPROTOCOLS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0029` ; fi mason-1.0.0/masonlib-679- #We can't dedupe this because we need the most specific nets first; a "sort" may destroy this order. mason-1.0.0/masonlib:680: #if [ -n "$NETWORKS" ]; then NETWORKS=`echo "$NETWORKS" | tr ' ' '\012' | sort | uniq || logfail $LINENO masonlib: YYYY 0030` ; fi mason-1.0.0/masonlib-681- ############################################## mason-1.0.0/masonlib-751- #Now add in the main 4 bin/sbin path elements if missing. mason-1.0.0/masonlib:752: for ONEPATH in `set | grep '^PATH=' | sed -e 's/^PATH=/ /' -e 's/:/ /g' || logfail $LINENO masonlib: YYYY 0031` ; do mason-1.0.0/masonlib-753- if [ "$ONEPATH" = "/bin" ]; then BINOK="YES" ; fi ############################################## mason-1.0.0/masonlib-770- #Keep track of all IP's in use every time this is run. mason-1.0.0/masonlib:771: for ONEIF in `ifconfig | grep 'Link encap' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0032` ; do mason-1.0.0/masonlib:772: NEWIP=`ipof $ONEIF || logfail $LINENO masonlib: YYYY 0033` mason-1.0.0/masonlib-773- if [ ! -f $MASONDIR$ONEIF-ips ]; then touch $MASONDIR$ONEIF-ips ; fi mason-1.0.0/masonlib:774: if [ -z "`cat $MASONDIR$ONEIF-ips | grep ^$NEWIP\$`" ]; then mason-1.0.0/masonlib-775- if [ -z "$MASONDIR" ]; then ############################################## mason-1.0.0/masonlib-793- if [ -n "$NOLOGSUFFIX" ]; then mason-1.0.0/masonlib:794: for ONECHAIN in `chainnameof input` `chainnameof output` `chainnameof forward` ; do #Was `$IPCHAINSBIN -L -n | grep '^Chain ' | awk '{print $2}'` mason-1.0.0/masonlib-795- #case $ONECHAIN in ############################################## mason-1.0.0/masonlib-1095- case $DOCOMMAND in mason-1.0.0/masonlib:1096: [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) $IPFWADMBIN `chainnameof $2` -f || logfail $LINENO masonlib: YYYY 0138 ;; mason-1.0.0/masonlib:1097: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -F `chainnameof $2` || logfail $LINENO masonlib: YYYY 0139 ;; mason-1.0.0/masonlib:1098: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -F `chainnameof $2` || logfail $LINENO masonlib: YYYY 0140 ;; mason-1.0.0/masonlib-1099- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/masonlib-1103- [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) : ;; #Not possible mason-1.0.0/masonlib:1104: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -N `chainnameof $2` || logfail $LINENO masonlib: YYYY 0141 ;; mason-1.0.0/masonlib:1105: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -N `chainnameof $2` || logfail $LINENO masonlib: YYYY 0142 ;; mason-1.0.0/masonlib-1106- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/masonlib-1109- case $DOCOMMAND in mason-1.0.0/masonlib:1110: [Ii][Pp][Ff][Ww][Aa][Dd][Mm]) $IPFWADMBIN `chainnameof $2` -p $CHAINTARGET || logfail $LINENO masonlib: YYYY 0143 ;; mason-1.0.0/masonlib:1111: [Ii][Pp][Cc][Hh][Aa][Ii][Nn][Ss]) $IPCHAINSBIN -P `chainnameof $2` $CHAINTARGET || logfail $LINENO masonlib: YYYY 0144 ;; mason-1.0.0/masonlib:1112: [Ii][Pp][Tt][Aa][Bb][Ll][Ee][Ss]) $IPTABLESBIN -P `chainnameof $2` $CHAINTARGET || logfail $LINENO masonlib: YYYY 0145 ;; mason-1.0.0/masonlib-1113- [Nn][Oo][Nn][Ee]) : ;; ############################################## mason-1.0.0/masonlib-1124- if [ -n "$3$4" ]; then BUILDRULE="$BUILDRULE -W $3$4" ; fi mason-1.0.0/masonlib:1125: BUILDRULE="$BUILDRULE `chainnameof $2`" mason-1.0.0/masonlib-1126- if [ -n "$5" ]; then BUILDRULE="$BUILDRULE -P $5" ; fi ############################################## mason-1.0.0/masonlib-1141- case $1 in mason-1.0.0/masonlib:1142: [Aa]*) BUILDRULE="$IPCHAINSBIN -A `chainnameof $2`" ;; mason-1.0.0/masonlib:1143: [Ii]*) BUILDRULE="$IPCHAINSBIN -I `chainnameof $2` 1" ;; mason-1.0.0/masonlib:1144: [Dd]*) BUILDRULE="$IPCHAINSBIN -D `chainnameof $2`" ;; mason-1.0.0/masonlib-1145- esac ############################################## mason-1.0.0/masonlib-1166- case $1 in mason-1.0.0/masonlib:1167: [Aa]*) BUILDRULE="$IPTABLESBIN -A `chainnameof $2`" ;; mason-1.0.0/masonlib:1168: [Ii]*) BUILDRULE="$IPTABLESBIN -I `chainnameof $2` 1" ;; mason-1.0.0/masonlib:1169: [Dd]*) BUILDRULE="$IPTABLESBIN -D `chainnameof $2`" ;; mason-1.0.0/masonlib-1170- esac ############################################## mason-1.0.0/masonlib-1217- #REMOVEME mason-1.0.0/masonlib:1218: #FLUSHEDPOLICY=`echo $FLUSHEDPOLICY | tr a-z A-Z || logfail $LINENO masonlib: 0037 echo $FLUSHEDPOLICY pipe tr a-z A-Z` mason-1.0.0/masonlib-1219- #$IPCHAINSBIN -P output $FLUSHEDPOLICY || logfail $LINENO masonlib: 0038 $IPCHAINSBIN -P output $FLUSHEDPOLICY ############################################## mason-1.0.0/masonlib-1224- #$IPCHAINSBIN -F input || logfail $LINENO masonlib: 0043 $IPCHAINSBIN -F input mason-1.0.0/masonlib:1225: #FLUSHEDPOLICY=`echo $FLUSHEDPOLICY | tr A-Z a-z || logfail $LINENO masonlib: 0046 echo $FLUSHEDPOLICY pipe tr A-Z a-z` mason-1.0.0/masonlib-1226- #$IPFWADMBIN -O -p $FLUSHEDPOLICY || logfail $LINENO masonlib: 0047 $IPFWADMBIN -O -p $FLUSHEDPOLICY ############################################## mason-1.0.0/masonlib-1260- if [ -n "$1" ]; then mason-1.0.0/masonlib:1261: CHAINNAME="`chainnameof $1`" mason-1.0.0/masonlib-1262- if [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/masonlib-1263- #REMOVEME mason-1.0.0/masonlib:1264: #if [ `$SUDO $IPCHAINSBIN -L -n | grep "^Chain $CHAINNAME" | wc -l` -gt 0 ]; then mason-1.0.0/masonlib-1265- # 2008-03-25 - Scheffczyk: Added the '-n' switch to the call of 'iptables -L' ############################################## mason-1.0.0/masonlib-1316- */*) GIRETVAL="$1" ;; mason-1.0.0/masonlib:1317: 22[4-9].*|23[0-9].*) GIRETVAL="`nameof $1`$SINGLEMACHSPEC" ;; #Multicast IP's should be left unique mason-1.0.0/masonlib-1318- *) ############################################## mason-1.0.0/masonlib-1331- HOST) mason-1.0.0/masonlib:1332: GIRETVAL="`nameof $1`$SINGLEMACHSPEC" ;; mason-1.0.0/masonlib-1333- NETWORK) ############################################## mason-1.0.0/masonlib-1346- if [ "$1" = "$ONELOCALIP" ]; then mason-1.0.0/masonlib:1347: GIRETVAL="`nameof $1`$SINGLEMACHSPEC" mason-1.0.0/masonlib-1348- ISASSIGNED="YES" ############################################## mason-1.0.0/masonlib-1354- if [ "$ISASSIGNED" = "NO" ] && isnumericip $1 ; then mason-1.0.0/masonlib:1355: #for ONENET in `cat $NETCACHE` ; do #Use NETWORKS now... mason-1.0.0/masonlib-1356- for ONENET in $NETWORKS ; do ############################################## mason-1.0.0/masonlib-1364- if [ "$ECHOCOMMAND" = "cisco" ]; then mason-1.0.0/masonlib:1365: GIRETVAL="`nameof $ONENET` `mask2cisco $NETMASK`" mason-1.0.0/masonlib-1366- else mason-1.0.0/masonlib:1367: GIRETVAL="`nameof $ONENET`/`mask2bits $NETMASK`" mason-1.0.0/masonlib-1368- fi ############################################## mason-1.0.0/masonlib-1413- echo -n "Load IPs, networks and nameservers..." >/dev/stderr #set ALLIPS and ALLBCS (broadcasts) mason-1.0.0/masonlib:1414: ALLIPS="`ifconfig | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0056` \ mason-1.0.0/masonlib:1415: `route -n | grep '^[0-9\.]* *[0-9\.]* *255\.255\.255\.255' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0057`" mason-1.0.0/masonlib:1416: ALLBCS=`ifconfig | grep 'Bcast' | sed -e 's/.*Bcast://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0058` mason-1.0.0/masonlib-1417-#FIXME: ALLBCS includes net addresses too? ############################################## mason-1.0.0/masonlib-1419-#FIXME - if netcache and the current netlist (below) are identical, briefly warn then delete netcache. mason-1.0.0/masonlib:1420: if [ -n "$NETCACHE" ] && [ -n "`grep -v '^$' $NETCACHE || logfail $LINENO masonlib: YYYY 0059`" ]; then mason-1.0.0/masonlib-1421- wrap ${WARN}WARNING! The $NETCACHE file is no longer used by Mason. Please transfer all values from this file to the NETWORKS variable in $MASONCONF.${NORM} >/dev/stderr ############################################## mason-1.0.0/masonlib-1425- CKPTLOADCONF=" loadconf: about to load dnsservers" ; #ckpt $CKPTLOADCONF mason-1.0.0/masonlib:1426: DNSSERVERS=`grep '^nameserver' /etc/resolv.conf | awk '{print $2}' || logfail $LINENO masonlib: YYYY 0060` mason-1.0.0/masonlib-1427- ############################################## mason-1.0.0/masonlib-1478- #The () subshell below is the equivalent of: "tail --lines=1 | awk '{print $2}'" mason-1.0.0/masonlib:1479: ONEHOSTNAME=`egrep "^$NAMEOFINPUT[^0-9]" /etc/hosts | ( while read F1 F2 FREST ; do LLF2=$F2 ; done ; if [ -n "$LLF2" ]; then echo $LLF2 ; fi ) || logfail $LINENO masonlib: YYYY 0061` mason-1.0.0/masonlib-1480- if [ -n "$ONEHOSTNAME" ]; then ############################################## mason-1.0.0/masonlib-1496- if host -t ptr $NAMEOFINPUT >/dev/null 2>/dev/null ; then mason-1.0.0/masonlib:1497: ONEHOSTNAME=`host -t ptr $NAMEOFINPUT 2>/dev/null | grep 'domain name pointer' | head --lines=1 | sed -e 's/.* //' || logfail $LINENO masonlib: YYYY 0062` mason-1.0.0/masonlib-1498- #do double reverse, see if same as input ip, only _then_ assign. mason-1.0.0/masonlib-1499- #I specifically removed the head --lines=1 because I don't want to provide a round-robin name. mason-1.0.0/masonlib:1500: ONEIPADDR=`host -t a $ONEHOSTNAME 2>/dev/null | grep 'has address' | sed -e 's/.* //' || logfail $LINENO masonlib: YYYY 0133` mason-1.0.0/masonlib-1501- if [ -n "$ONEHOSTNAME" ] && [ "$NAMEOFINPUT" = "$ONEIPADDR" ] && [ "$ONEHOSTNAME" != "read-rfc1918-for-details.iana.net" ]; then #Grrr... ############################################## mason-1.0.0/masonlib-1530- case $2 in mason-1.0.0/masonlib:1531: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/masonlib-1532- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/masonlib-1765- *) mason-1.0.0/masonlib:1766: PROTONAME=`grep "^[a-zA-Z]*\W*$1 *" /etc/protocols | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0063` mason-1.0.0/masonlib-1767- if [ -n "$PROTONAME" ]; then PROTO=$PROTONAME ; else PROTO=$1 ; fi ############################################## mason-1.0.0/masonlib-1874- #if [ -f /proc/net/ip_fwchains ]; then mason-1.0.0/masonlib:1875: # DEFAULTPOLICY=`echo $DEFAULTPOLICY | tr a-z A-Z || logfail $LINENO masonlib: YYYY 0065` mason-1.0.0/masonlib-1876- # if [ "$LOGBLOCKS" = "-o" ]; then LOGBLOCKS="-l" ; fi mason-1.0.0/masonlib-1877- #elif [ -f /proc/net/ip_input ]; then mason-1.0.0/masonlib:1878: # DEFAULTPOLICY=`echo $DEFAULTPOLICY | tr A-Z a-z || logfail $LINENO masonlib: YYYY 0095` mason-1.0.0/masonlib-1879- # if [ "$LOGBLOCKS" = "-l" ]; then LOGBLOCKS="-o" ; fi ############################################## mason-1.0.0/masonlib-1887- if [ "`cat /proc/sys/net/ipv4/ip_forward`" = "0" ] && \ mason-1.0.0/masonlib:1888: [ `ifconfig | cut -b 1-10 | grep -v ':' | grep -v '^lo' | grep -v '^ *$' | wc -l` -ge 2 ]; then mason-1.0.0/masonlib-1889- wrap ${WARN}Please note that forwarding is disabled in the kernel. If this machine is expected to be a router, this should be fixed.${NORM} >/dev/stderr ############################################## mason-1.0.0/masonlib-1939- ##Loop through loips as ok input on lo mason-1.0.0/masonlib:1940: #for ONELOCALIP in `ifconfig | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//' || logfail $LINENO masonlib: YYYY 0074` ; do mason-1.0.0/masonlib-1941- # $IPCHAINSBIN -I input -s ${ONELOCALIP} -i lo -j ACCEPT $LOGBLOCKS || logfail $LINENO masonlib: YYYY 0075 ############################################## mason-1.0.0/masonlib-2117- #The () subshell below is the equivalent of: "head -n 1 | awk '{print $1}'`" mason-1.0.0/masonlib:2118: SERVICE="`grep "[[:space:]]$1/$2" $SERVICES | ( if read F1 FREST ; then echo $F1 ; fi ) || logfail $LINENO masonlib: YYYY 0114`" mason-1.0.0/masonlib-2119- #Mason will not be manipulating /etc/services. mason-1.0.0/masonlib:2120: #SERVICELINE="`grep "[[:space:]]$1/$2" $SERVICES | head -n 1 || logfail $LINENO masonlib: YYYY 0115`" mason-1.0.0/masonlib:2121: #if [ `grep "[[:space:]]$1/$2" /etc/services | wc -l` -eq 0 ]; then #Merge line from additional services files to /etc/services if necessary mason-1.0.0/masonlib-2122- # if [ -n "$SERVICELINE" ]; then ############################################## mason-1.0.0/masonlib-2153- CKPTSERVERPORTRANGE=" serverportrange: isdigits $READABLEPORT $PARTIALCOMMENT" ; #ckpt $CKPTSERVERPORTRANGE mason-1.0.0/masonlib:2154: elif [ -n "`grep -E $1 /etc/services || logfail $LINENO masonlib: YYYY 0116`" ]; then # $1 is already converted to text and a server port mason-1.0.0/masonlib-2155- #FIXME - is the above check all that is needed? ############################################## mason-1.0.0/masonlib-2309- while read ONELINE ; do mason-1.0.0/masonlib:2310: NEWRULETAG="`ruletag $ONELINE`" mason-1.0.0/masonlib-2311- if [ "$NEWRULETAG" != "$LASTRULETAG" ]; then ############################################## mason-1.0.0/masonlib-2321- rm -f $ONEFILE.new || logfail $LINENO masonlib: YYYY 0119 mason-1.0.0/masonlib:2322: for SECTION in `seqfunc 0 $FILECOUNT` ; do mason-1.0.0/masonlib-2323- if [ -f "$ONEFILE.$SECTION" ]; then mason-1.0.0/masonlib:2324: if [ `grep '#\^' $ONEFILE.$SECTION | wc -l` -gt 0 ]; then mason-1.0.0/masonlib-2325- # 2007-03-23 Scheffczyk ############################################## mason-1.0.0/masonlib-2403- CKPTUPDATECOUNTS=" updatecounts: sum packetcountfile" ; #ckpt $CKPTUPDATECOUNTS mason-1.0.0/masonlib:2404: for ONECOUNT in `awk '{print $1}' $PACKETCOUNTFILE || logfail $LINENO masonlib: YYYY 0129` ; do mason-1.0.0/masonlib-2405- CURRENTCOUNT=$[ $CURRENTCOUNT + $ONECOUNT ] ############################################## mason-1.0.0/masonlib-2409- CKPTUPDATECOUNTS=" updatecounts: sum running firewall" ; #ckpt $CKPTUPDATECOUNTS mason-1.0.0/masonlib:2410: for ONECOUNT in `ipchains -L -n -x -v | cut -b 1-9,66-75 - | grep '0x' | awk '{print $1}' || logfail $LINENO masonlib: YYYY 0130` ; do mason-1.0.0/masonlib-2411- NEWCOUNT=$[ $NEWCOUNT + $ONECOUNT ] ############################################## mason-1.0.0/masonlib-2417- fi mason-1.0.0/masonlib:2418: DUPMARKS=`ipchains -L -n -x -v | cut -b 1-9,66-75 - | grep '0x' | awk '{print $2}' | sort | uniq -d || logfail $LINENO masonlib: YYYY 0132` mason-1.0.0/masonlib-2419- if [ -n "$DUPMARKS" ]; then ############################################## mason-1.0.0/masonlib-2454- do mason-1.0.0/masonlib:2455: CHAINS=`$IPTABLESBIN -L -n -t $TABLE | fgrep Chain | awk '{ print $2; }'` mason-1.0.0/masonlib-2456- for CHAIN in $CHAINS ############################################## mason-1.0.0/samlib-231- echo -n addline... mason-1.0.0/samlib:232: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/samlib-233- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/samlib-237- addline $REGRESSTESTFILE "A line of text" >/dev/null 2>/dev/null mason-1.0.0/samlib:238: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-239-"A line of text" \ ############################################## mason-1.0.0/samlib-241- addline $REGRESSTESTFILE "A new line of text" >/dev/null 2>/dev/null mason-1.0.0/samlib:242: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-243-"A line of text ############################################## mason-1.0.0/samlib-362- case $2 in mason-1.0.0/samlib:363: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/samlib-364- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/samlib-414- cat "$TMPFILE" | grep -v "$2" | $SUDO dd of="$1" 2>/dev/null mason-1.0.0/samlib:415: printf "%1s%-2s%-40s%-50s\n" '-' "$[ `$SUDO cat "$TMPFILE" | wc -l` - `$SUDO cat "$1" | wc -l` ]" "$1" "$2" mason-1.0.0/samlib:416: #Was: echo -n "Removing \"$2\" from $1; " ; echo $[ `$SUDO cat "$TMPFILE" | wc -l` - `$SUDO cat "$1" | wc -l` ] lines removed. mason-1.0.0/samlib-417- $SUDO rm -f "$TMPFILE" ############################################## mason-1.0.0/samlib-427- echo -n delline... mason-1.0.0/samlib:428: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/samlib-429- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/samlib-438- delline $REGRESSTESTFILE "Line 4" >/dev/null 2>/dev/null mason-1.0.0/samlib:439: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-440-"Line 1 ############################################## mason-1.0.0/samlib-445- delline $REGRESSTESTFILE "Isnt in the file" >/dev/null 2>/dev/null mason-1.0.0/samlib:446: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-447-"Line 1 ############################################## mason-1.0.0/samlib-452- delline $REGRESSTESTFILE "3" >/dev/null 2>/dev/null mason-1.0.0/samlib:453: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-454-"Line 1 ############################################## mason-1.0.0/samlib-458- delline $REGRESSTESTFILE "Line 1" >/dev/null 2>/dev/null mason-1.0.0/samlib:459: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-460-"Line 2 ############################################## mason-1.0.0/samlib-463- delline $REGRESSTESTFILE "Line 5" >/dev/null 2>/dev/null mason-1.0.0/samlib:464: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-465-"Line 2" \ ############################################## mason-1.0.0/samlib-876- case $2 in mason-1.0.0/samlib:877: [0-9]|[1-2][0-9]|3[0-2]) SPLITIP=`bits2mask $2` ;; mason-1.0.0/samlib-878- *) SPLITIP=$2 ;; ############################################## mason-1.0.0/samlib-909- #FIXME - handle, or get networkof/broadcastof to handle, '0' as the network mason-1.0.0/samlib:910: N1NET=`networkof ${1%%/*} ${1##*/}` ; N1BROAD=`broadcastof ${1%%/*} ${1##*/}` mason-1.0.0/samlib:911: N2NET=`networkof ${2%%/*} ${2##*/}` ; N2BROAD=`broadcastof ${2%%/*} ${2##*/}` mason-1.0.0/samlib-912- ############################################## mason-1.0.0/samlib-939-# Please hand in only straight IP's; to include a network in the calculation, mason-1.0.0/samlib:940:# hand in both: `networkof $NET $NETMASK` `broadcastof $NET $NETMASK` mason-1.0.0/samlib-941-#------------------------------------------------------------------------- ############################################## mason-1.0.0/samlib-985- ENONUMBITS=$[ $ENONUMBITS - 1 ] mason-1.0.0/samlib:986: ENONETMASK=`bits2mask $ENONUMBITS` mason-1.0.0/samlib:987: ENONETWORK=`networkof $MINIP $ENONETMASK` mason-1.0.0/samlib:988: ENOBROADCAST=`broadcastof $MINIP $ENONETMASK` mason-1.0.0/samlib-989- done ############################################## mason-1.0.0/samlib-1122- echo -n substline... mason-1.0.0/samlib:1123: REGRESSTESTFILE=`mktemp -q /tmp/$1.XXXXXX` mason-1.0.0/samlib-1124- if [ $? -ne 0 ]; then ############################################## mason-1.0.0/samlib-1133- substline $REGRESSTESTFILE "2" "goobers" >/dev/null 2>/dev/null mason-1.0.0/samlib:1134: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1135-"Line 1 ############################################## mason-1.0.0/samlib-1141- substline $REGRESSTESTFILE "Isnt in the file" "ggg" >/dev/null 2>/dev/null mason-1.0.0/samlib:1142: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1143-"Line 1 ############################################## mason-1.0.0/samlib-1149- substline $REGRESSTESTFILE "Line 3" "replacement line" >/dev/null 2>/dev/null mason-1.0.0/samlib:1150: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1151-"Line 1 ############################################## mason-1.0.0/samlib-1157- substline $REGRESSTESTFILE "Line 1" "new line 1">/dev/null 2>/dev/null mason-1.0.0/samlib:1158: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1159-"new line 1 ############################################## mason-1.0.0/samlib-1165- substline $REGRESSTESTFILE "Line " "circle " >/dev/null 2>/dev/null mason-1.0.0/samlib:1166: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1167-"new line 1 ############################################## mason-1.0.0/samlib-1173- substline $REGRESSTESTFILE "e" "qq" >/dev/null 2>/dev/null mason-1.0.0/samlib:1174: if [ ! "`cat $REGRESSTESTFILE`" = \ mason-1.0.0/samlib-1175-"nqqw linqq 1 ############################################## mason-1.0.0/samlib-1200- if [ -n "$LINELENGTH" ]; then mason-1.0.0/samlib:1201: LINELENGTH_INT=$[ $LINELENGTH - `echo -n "$WRAPHEADER" | wc -c` ] mason-1.0.0/samlib-1202- else mason-1.0.0/samlib:1203: LINELENGTH_INT=$[ 72 - `echo -n "$WRAPHEADER" | wc -c` ] mason-1.0.0/samlib-1204- fi ############################################## mason-1.0.0/samlib-1264- echo ---------- Exit with a fanfare ---------- mason-1.0.0/samlib:1265: echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $SAMVER mason-1.0.0/samlib-1266- ############################################## mason-1.0.0/samlib-1268- date >>/usr/src/sam-work/regression-log mason-1.0.0/samlib:1269: echo `cat $0 | sed -e 's/#.*//' | grep 'error .* fi' | grep -v regression | wc -l` regression tests successful on $SAMVER >>/usr/src/sam-work/regression-log mason-1.0.0/samlib-1270- fi