Send email report
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
c1f43c954a
commit
a1abc2af58
GPG Key ID:
1DAF57F49F8E8F22
@ -4,8 +4,8 @@
|
|||||||
#
|
#
|
||||||
# Author: Georg Pfuetzenreuter <georg@lysergic.dev>
|
# Author: Georg Pfuetzenreuter <georg@lysergic.dev>
|
||||||
# Created: 02/11/2021
|
# Created: 02/11/2021
|
||||||
# Last edit: 05/12/2021
|
# Last edit: 07/12/2021
|
||||||
# Version: 2.0
|
# Version: 2.1
|
||||||
#
|
#
|
||||||
# This assumes .ssh/config being configured to ssh into your router with a user having write access to /tmp/* and $prodfile as well as having doas permissions for `pfctl -f $prodfile`.
|
# This assumes .ssh/config being configured to ssh into your router with a user having write access to /tmp/* and $prodfile as well as having doas permissions for `pfctl -f $prodfile`.
|
||||||
|
|
||||||
@ -21,7 +21,7 @@ gethostaddress () {
|
|||||||
}
|
}
|
||||||
|
|
||||||
init () {
|
init () {
|
||||||
#hostaddress=$(gethostaddress) ##we no longer parse ssh_config and rely on functioning DNS lookups
|
#hostaddress=$(gethostaddress)
|
||||||
hostaddress="$host"
|
hostaddress="$host"
|
||||||
if nc -z $hostaddress 22 2>/dev/null; then
|
if nc -z $hostaddress 22 2>/dev/null; then
|
||||||
workfile="/tmp/pf.conf.$host-$USER-$(date -u +%d%m%y-%H%M)"
|
workfile="/tmp/pf.conf.$host-$USER-$(date -u +%d%m%y-%H%M)"
|
||||||
@ -48,7 +48,8 @@ edit () {
|
|||||||
}
|
}
|
||||||
|
|
||||||
check () {
|
check () {
|
||||||
echo "$stagefile"
|
#echo "$stagefile"
|
||||||
|
render_diff
|
||||||
ssh -q $host pfctl -nf $stagefile
|
ssh -q $host pfctl -nf $stagefile
|
||||||
result="$?"
|
result="$?"
|
||||||
case $result in
|
case $result in
|
||||||
@ -65,12 +66,18 @@ render_diff () {
|
|||||||
$difftool "${diffargs[@]}" $localbackupfile $workfile
|
$difftool "${diffargs[@]}" $localbackupfile $workfile
|
||||||
}
|
}
|
||||||
|
|
||||||
|
send_report () {
|
||||||
|
maildiff=$(diff -u --color=never $localbackupfile $workfile)
|
||||||
|
echo -e "$USER deployed packet filter changes on $host at $(date):\n\n$maildiff" | mail -s "pf changes on $host by $USER" system@lysergic.dev
|
||||||
|
}
|
||||||
|
|
||||||
edit_ok () {
|
edit_ok () {
|
||||||
render_diff
|
echo "Syntax OK. Type YES to deploy changes, edit to edit, or anything else to abort."
|
||||||
echo "Syntax OK. Type YES to deploy changes or anything else to abort."
|
|
||||||
read choice
|
read choice
|
||||||
if [ "$choice" = "YES" ]; then
|
if [ "$choice" = "YES" ]; then
|
||||||
deploy
|
deploy
|
||||||
|
elif [ "$choice" = "edit" ]; then
|
||||||
|
edit
|
||||||
else
|
else
|
||||||
#rollback
|
#rollback
|
||||||
abort
|
abort
|
||||||
@ -117,6 +124,7 @@ deploy () {
|
|||||||
result="$?"
|
result="$?"
|
||||||
case $result in
|
case $result in
|
||||||
0 )
|
0 )
|
||||||
|
send_report
|
||||||
ssh -q $host "doas pfctl -f $prodfile && rm $stagefile"
|
ssh -q $host "doas pfctl -f $prodfile && rm $stagefile"
|
||||||
echo "OK."
|
echo "OK."
|
||||||
rm $workfile
|
rm $workfile
|
||||||
@ -138,3 +146,4 @@ else
|
|||||||
host="$1"
|
host="$1"
|
||||||
init
|
init
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user