mirror of
https://github.com/optim-enterprises-bv/nDPId.git
synced 2025-10-28 17:02:24 +00:00
287 lines
8.7 KiB
Bash
287 lines
8.7 KiB
Bash
#!/bin/sh /etc/rc.common
|
|
|
|
START=99
|
|
STOP=80
|
|
|
|
USE_PROCD=1
|
|
|
|
NDPID_SUFFIX="-testing"
|
|
NDPISRVD_NAME="nDPIsrvd${NDPID_SUFFIX}"
|
|
NDPISRVD_BIN="/usr/bin/${NDPISRVD_NAME}"
|
|
NDPISRVD_ANALYSED_NAME="nDPIsrvd${NDPID_SUFFIX}-analysed"
|
|
NDPISRVD_ANALYSED_BIN="/usr/bin/${NDPISRVD_ANALYSED_NAME}"
|
|
NDPISRVD_CAPTURED_NAME="nDPIsrvd${NDPID_SUFFIX}-captured"
|
|
NDPISRVD_CAPTURED_BIN="/usr/bin/${NDPISRVD_CAPTURED_NAME}"
|
|
NDPID_NAME="nDPId${NDPID_SUFFIX}"
|
|
NDPID_BIN="/usr/sbin/${NDPID_NAME}"
|
|
DISTRIBUTOR_SOCKET="/var/run/${NDPID_NAME}/nDPIsrvd-distributor.sock"
|
|
|
|
print_arg_bool() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local aux
|
|
|
|
config_get_bool aux "$cfg" "$var" '0'
|
|
if [ $aux -ne 0 ]; then
|
|
printf ' %s' "$opt"
|
|
fi
|
|
}
|
|
|
|
print_arg_str() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local aux
|
|
|
|
config_get aux "$cfg" "$var"
|
|
if [ ! -z "$aux" ]; then
|
|
printf ' %s' "$opt$aux"
|
|
fi
|
|
}
|
|
|
|
start_ndpid_instance() {
|
|
local cfg=$1
|
|
local aux
|
|
local args
|
|
local netif
|
|
local sink
|
|
|
|
config_get_bool aux "$cfg" 'enabled' '0'
|
|
if [ "$aux" -eq 0 ]; then
|
|
return 1
|
|
fi
|
|
|
|
# General
|
|
config_get_bool netif "$cfg" 'interface'
|
|
if [ -z "$netif" ]; then
|
|
netif='default'
|
|
fi
|
|
|
|
config_get sink "$cfg" 'udp_connect'
|
|
if [ -z "$sink" ]; then
|
|
sink="/var/run/${NDPID_NAME}/nDPIsrvd-collector.sock"
|
|
fi
|
|
|
|
args="$(print_arg_str "$cfg" 'interface' '-i')"
|
|
args="$args$(print_arg_bool "$cfg" 'use_pfring' '-r')"
|
|
args="$args$(print_arg_bool "$cfg" 'internal_only' '-I')"
|
|
args="$args$(print_arg_bool "$cfg" 'external_only' '-E')"
|
|
args="$args$(print_arg_str "$cfg" 'bpf_filter' '-B')"
|
|
args="$args$(print_arg_bool "$cfg" 'use_poll' '-e')"
|
|
args="$args$(print_arg_str "$cfg" 'proto_file' '-P')"
|
|
args="$args$(print_arg_str "$cfg" 'cat_file' '-C')"
|
|
args="$args$(print_arg_str "$cfg" 'ja4_file' '-J')"
|
|
args="$args$(print_arg_str "$cfg" 'ssl_file' '-S')"
|
|
args="$args$(print_arg_str "$cfg" 'alias' '-a')"
|
|
args="$args$(print_arg_bool "$cfg" 'analysis' '-A')"
|
|
args="$args$(print_arg_bool "$cfg" 'compression' '-z')"
|
|
|
|
# Tuning
|
|
args="$args$(print_arg_str "$cfg" 'max_flows_per_thread' '-omax-flows-per-thread=')"
|
|
args="$args$(print_arg_str "$cfg" 'max_idle_flows_per_thread' '-omax-idle-flows-per-thread=')"
|
|
args="$args$(print_arg_str "$cfg" 'max_reader_threads' '-omax-reader-threads=')"
|
|
args="$args$(print_arg_str "$cfg" 'daemon_status_interval' '-odaemon-status-interval=')"
|
|
args="$args$(print_arg_str "$cfg" 'compression_scan_interval' '-ocompression-scan-interval=')"
|
|
args="$args$(print_arg_str "$cfg" 'compression_flow_inactivity' '-ocompression-flow-inactivity=')"
|
|
args="$args$(print_arg_str "$cfg" 'flow_scan_interval' '-oflow-scan-interval=')"
|
|
args="$args$(print_arg_str "$cfg" 'generic_max_idle_time' '-ogeneric-max-idle-time=')"
|
|
args="$args$(print_arg_str "$cfg" 'icmp_max_idle_time' '-oicmp-max-idle-time=')"
|
|
args="$args$(print_arg_str "$cfg" 'udp_max_idle_time' '-oudp-max-idle-time=')"
|
|
args="$args$(print_arg_str "$cfg" 'tcp_max_idle_time' '-otcp-max-idle-time=')"
|
|
args="$args$(print_arg_str "$cfg" 'tcp_max_post_end_flow_time' '-otcp-max-post-end-flow-time=')"
|
|
args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_send' '-omax-packets-per-flow-to-send=')"
|
|
args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_process' '-omax-packets-per-flow-to-process=')"
|
|
args="$args$(print_arg_str "$cfg" 'max_packets_per_flow_to_analyse' '-omax-packets-per-flow-to-analyse=')"
|
|
args="$args$(print_arg_str "$cfg" 'error_event_threshold_n' '-oerror-event-threshold-n=')"
|
|
args="$args$(print_arg_str "$cfg" 'error_event_threshold_time' '-oerror-event-threshold-time=')"
|
|
|
|
procd_open_instance
|
|
procd_set_param command ${NDPID_BIN}
|
|
procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPId-${netif}.pid"
|
|
procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPId-${netif}.pid" -c"${sink}" $args
|
|
|
|
config_get_bool aux "$cfg" 'respawn' '0'
|
|
[ "$aux" = 1 ] && procd_set_param respawn
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
validate_ndpid_section() {
|
|
uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
|
|
'enabled:bool:0' \
|
|
'respawn:bool:0' \
|
|
'interface:string' \
|
|
'internal_only:bool:0' \
|
|
'external_only:bool:0' \
|
|
'bpf_filter:string' \
|
|
'udp_connect:string' \
|
|
'proto_file:string' \
|
|
'cat_file:string' \
|
|
'ja4_file:string' \
|
|
'ssl_file:string' \
|
|
'alias:string' \
|
|
'analysis:bool:0' \
|
|
'compression:bool:0' \
|
|
'max_flows_per_thread:uinteger' \
|
|
'max_idle_flows_per_thread:uinteger' \
|
|
'max_reader_threads:uinteger' \
|
|
'daemon_status_interval:uinteger' \
|
|
'compression_scan_interval:uinteger' \
|
|
'compression_flow_inactivity:uinteger' \
|
|
'flow_scan_interval:uinteger' \
|
|
'generic_max_idle_time:uinteger' \
|
|
'icmp_max_idle_time:uinteger' \
|
|
'udp_max_idle_time:uinteger' \
|
|
'tcp_max_idle_time:uinteger' \
|
|
'tcp_max_post_end_flow_time:uinteger' \
|
|
'max_packets_per_flow_to_send:uinteger' \
|
|
'max_packets_per_flow_to_process:uinteger' \
|
|
'max_packets_per_flow_to_analyse:uinteger' \
|
|
'error_event_threshold_n:uinteger' \
|
|
'error_event_threshold_time:uinteger'
|
|
}
|
|
|
|
start_ndpisrvd_instance() {
|
|
local cfg=$1
|
|
local aux
|
|
local args
|
|
local collector_sock
|
|
|
|
config_get_bool aux "$cfg" 'enabled' '0'
|
|
if [ "$aux" -eq 0 ]; then
|
|
return 1
|
|
fi
|
|
|
|
collector_sock="/var/run/${NDPID_NAME}/nDPIsrvd-collector.sock"
|
|
|
|
args="$(print_arg_str "$cfg" 'tcp_listen' '-S')"
|
|
args="$args$(print_arg_str "$cfg" 'max_remotes' '-m')"
|
|
args="$args$(print_arg_str "$cfg" 'max_buffered_json_lines' '-C')"
|
|
|
|
procd_open_instance
|
|
procd_set_param command ${NDPISRVD_BIN}
|
|
procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd.pid"
|
|
procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd.pid" -c"${collector_sock}" -s"${DISTRIBUTOR_SOCKET}" $args
|
|
|
|
config_get_bool aux "$cfg" 'respawn' '0'
|
|
[ "$aux" = 1 ] && procd_set_param respawn
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
validate_ndpisrvd_section() {
|
|
uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
|
|
'enabled:bool:0' \
|
|
'respawn:bool:0' \
|
|
'tcp_listen:string' \
|
|
'max_remotes:uinteger' \
|
|
'max_buffered_json_lines:uinteger'
|
|
}
|
|
|
|
start_ndpisrvd_analysed_instance() {
|
|
local cfg="$1"
|
|
local csv_dir
|
|
|
|
config_get_bool aux "$cfg" 'enabled' '0'
|
|
if [ "$aux" -eq 0 ]; then
|
|
return 1
|
|
fi
|
|
|
|
config_get aux "$cfg" 'csv_dir'
|
|
if [ -z "$aux" ]; then
|
|
return 1
|
|
fi
|
|
mkdir -p "$aux"
|
|
chown ndpi:ndpi "$aux"
|
|
|
|
csv_dir="$(print_arg_str "$cfg" 'csv_dir' '')"
|
|
csv_dir="-o${csv_dir}/nDPId-analyse.csv"
|
|
|
|
procd_open_instance
|
|
procd_set_param command ${NDPISRVD_ANALYSED_BIN}
|
|
procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd-analysed.pid"
|
|
procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd-analysed.pid" -s"${DISTRIBUTOR_SOCKET}" ${csv_dir}
|
|
|
|
config_get_bool aux "$cfg" 'respawn' '0'
|
|
[ "$aux" = 1 ] && procd_set_param respawn
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
validate_ndpisrvd_analysed_section() {
|
|
uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
|
|
'enabled:bool:0' \
|
|
'respawn:bool:0' \
|
|
'csv_dir:string'
|
|
}
|
|
|
|
start_ndpisrvd_captured_instance() {
|
|
local cfg="$1"
|
|
local args
|
|
local risk_args
|
|
|
|
config_get_bool aux "$cfg" 'enabled' '0'
|
|
if [ "$aux" -eq 0 ]; then
|
|
return 1
|
|
fi
|
|
|
|
config_get aux "$cfg" 'datadir'
|
|
if [ -z "$aux" ]; then
|
|
return 1
|
|
fi
|
|
mkdir -p "$aux"
|
|
chown ndpi:ndpi "$aux"
|
|
|
|
handle_capture_risks() {
|
|
local risk=" -R$1"
|
|
printf '%s' "$risk"
|
|
}
|
|
risk_args="$(config_list_foreach "$cfg" capture_risk handle_capture_risks)"
|
|
|
|
args="$(print_arg_str "$cfg" 'pcap_rotation' '-r')"
|
|
args="$args$(print_arg_str "$cfg" 'datadir' '-D')"
|
|
args="$args$(print_arg_bool "$cfg" 'capture_guessed' '-G')"
|
|
args="$args$(print_arg_bool "$cfg" 'capture_undetected' '-U')"
|
|
args="$args$(print_arg_bool "$cfg" 'capture_midstream' '-M')"
|
|
args="$args$(print_arg_bool "$cfg" 'ignore_empty_l4' '-E')"
|
|
|
|
procd_open_instance
|
|
procd_set_param command ${NDPISRVD_CAPTURED_BIN}
|
|
procd_set_param pidfile "/var/run/${NDPID_NAME}/nDPIsrvd-captured.pid"
|
|
procd_append_param command -undpi -gndpi -p"/var/run/${NDPID_NAME}/nDPIsrvd-captured.pid" -s"${DISTRIBUTOR_SOCKET}" $args ${risk_args}
|
|
|
|
config_get_bool aux "$cfg" 'respawn' '0'
|
|
[ "$aux" = 1 ] && procd_set_param respawn
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
validate_ndpisrvd_captured_section() {
|
|
uci_load_validate ${NDPID_NAME} nDPId "$1" "$2" \
|
|
'enabled:bool:0' \
|
|
'respawn:bool:0' \
|
|
'pcap_rotation:uinteger' \
|
|
'datadir:string' \
|
|
'capture_guessed:bool:1' \
|
|
'capture_undetected:bool:1' \
|
|
'capture_midstream:bool:1' \
|
|
'ignore_empty_l4:bool:1' \
|
|
'capture_risk:list(string)'
|
|
}
|
|
|
|
start_service() {
|
|
config_load ${NDPID_NAME}
|
|
|
|
user_exists ndpi 6543 || user_add ndpi 6543
|
|
group_exists ndpi 6543 || group_add ndpi 6543
|
|
|
|
mkdir -p "/var/run/${NDPID_NAME}"
|
|
chown ndpi:ndpi "/var/run/${NDPID_NAME}"
|
|
|
|
config_foreach validate_ndpisrvd_section nDPIsrvd start_ndpisrvd_instance
|
|
config_foreach validate_ndpisrvd_analysed_section nDPIsrvd-analysed start_ndpisrvd_analysed_instance
|
|
config_foreach validate_ndpisrvd_captured_section nDPIsrvd-captured start_ndpisrvd_captured_instance
|
|
config_foreach validate_ndpid_section nDPId start_ndpid_instance
|
|
}
|