mirror of
https://github.com/unraid/webgui.git
synced 2026-04-25 03:39:23 -05:00
diagnostics: anonymize IP addresses
This commit is contained in:
bergware
@@ -97,6 +97,13 @@ function anonymize($text, $select) {
|
||||
return dirname($text)."/$name.cfg";
|
||||
}
|
||||
}
|
||||
function maskIP($file) {
|
||||
// anonymize public IPv4 addresses
|
||||
$rfc1918 = "(127|10|172\.1[6-9]|172\.2[0-9]|172\.3[0-1]|192\.168)((\.[0-9]{1,3}){2,3}([/\" .]|$))";
|
||||
run("sed -ri 's/([\"\[ ])${rfc1918}/\\1@@@\\2\\3/g; s/([\"\[ ]([0-9]{1,3}\.){3})[0-9]{1,3}([/\" .]|$)/\\1XXX\\3/g; s/@@@//g' ".escapeshellarg($file)." 2>/dev/null");
|
||||
// anonymize full IPv6 addresses
|
||||
run("sed -ri 's/([\"\[ ]([0-9a-f]{1,4}:){4})(([0-9a-f]{1,4}:){3}|:)[0-9a-f]{1,4}([/\" .]|$)/\\1XXXX:XXXX:XXXX:XXXX\\5/g' ".escapeshellarg($file)." 2>/dev/null");
|
||||
}
|
||||
function prefix($key) {
|
||||
return preg_replace('/\d+$/','',$key);
|
||||
}
|
||||
@@ -367,7 +374,7 @@ run("ps -auxf --sort=-pcpu 2>/dev/null|todos >".escapeshellarg("/$diag/system/ps
|
||||
run("lsof -Pni 2>/dev/null|todos >".escapeshellarg("/$diag/system/lsof.txt"));
|
||||
run("lsmod|sort 2>/dev/null|todos >".escapeshellarg("/$diag/system/lsmod.txt"));
|
||||
run("df -h 2>/dev/null|todos >".escapeshellarg("/$diag/system/df.txt"));
|
||||
run("ifconfig -a -s 2>/dev/null|grep -Po '^(eth|bond)[0-9]+'", $ports);
|
||||
run("ip -br a|awk '/^(eth|bond)[0-9]+ /{print \$1}'|sort",$ports);
|
||||
run("dmidecode -qt2|awk -F: '/^\tManufacturer:/{m=\$2};/^\tProduct Name:/{p=\$2} END{print m\" -\"p}' 2>/dev/null|todos >".escapeshellarg("/$diag/system/motherboard.txt"));
|
||||
run("dmidecode -qt0 2>/dev/null|todos >>".escapeshellarg("/$diag/system/motherboard.txt"));
|
||||
run("cat /proc/meminfo 2>/dev/null|todos >".escapeshellarg("/$diag/system/meminfo.txt"));
|
||||
@@ -380,7 +387,8 @@ foreach ($ports as $port) {
|
||||
run("ethtool -i ".escapeshellarg($port)." 2>/dev/null|todos >>".escapeshellarg("/$diag/system/ethtool.txt"));
|
||||
file_put_contents("/$diag/system/ethtool.txt", "--------------------------------\r\n", FILE_APPEND);
|
||||
}
|
||||
run("ifconfig -a 2>/dev/null|todos >".escapeshellarg("/$diag/system/ifconfig.txt"));
|
||||
run("ip -br a|todos >".escapeshellarg("/$diag/system/ifconfig.txt"));
|
||||
if (!$all) maskIP("/$diag/system/ifconfig.txt");
|
||||
|
||||
// create system information (suppress errors)
|
||||
run("find /sys/kernel/iommu_groups/ -type l 2>/dev/null|sort -V|todos >".escapeshellarg("/$diag/system/iommu_groups.txt"));
|
||||
@@ -397,16 +405,19 @@ run("cp /boot/config/*.{cfg,conf,dat} ".escapeshellarg("/$diag/config")." 2>/dev
|
||||
run("cp /boot/config/go ".escapeshellarg("/$diag/config/go.txt")." 2>/dev/null");
|
||||
|
||||
// anonymize go file
|
||||
if (!$all)
|
||||
if (!$all) {
|
||||
run("sed -i -e '/password/c ***line removed***' -e '/user/c ***line removed***' -e '/pass/c ***line removed***' ".escapeshellarg("/$diag/config/go.txt"));
|
||||
|
||||
}
|
||||
// anonymize configuration files
|
||||
if (!$all)
|
||||
if (!$all) {
|
||||
run("sed -ri 's/^((disk|flash)(Read|Write)List.*=\")[^\"]+/\\1.../' ".escapeshellarg("/$diag/config/*.cfg")." 2>/dev/null");
|
||||
|
||||
// anonymize IP addresses
|
||||
maskIP("/$diag/config/network.cfg");
|
||||
}
|
||||
// include listening interfaces
|
||||
run("$docroot/webGui/scripts/show_interfaces ip|tr -d ' '|tr '#' ' '|tr ',' '\n' >".escapeshellarg("/$diag/config/listen.txt"));
|
||||
run("$docroot/webGui/scripts/error_interfaces|sed 's/<i.*i>//' >>".escapeshellarg("/$diag/config/listen.txt"));
|
||||
if (!$all) maskIP("/$diag/config/listen.txt");
|
||||
|
||||
// copy share information (anonymize if applicable)
|
||||
$files = glob("/boot/config/shares/*.cfg");
|
||||
@@ -581,6 +592,7 @@ foreach (glob("/var/log/syslog*") as $file) {
|
||||
run("grep -Po 'file: \K[^\"\\x27]+' ".escapeshellarg("$log.txt")." 2>/dev/null|sort|uniq", $titles);
|
||||
run("sed -ri 's|\b\S+@\S+\.\S+\b|email@removed.com|;s|\b(username\|password)([=:])\S+\b|\\1\\2xxx|;s|(GUID: \S)\S+(\S) |\\1..\\2 |;s|(moving \"\S\|\"/mnt/user/\S).*(\S)\"|\\1..\\2\"|' ".escapeshellarg("$log.txt"));
|
||||
run("sed -ri 's|(server: ).+(\.(my)?unraid\.net(:[0-9]+)?,)|\\1hash\\2|;s|(host: \").+(\.(my)?unraid\.net(:[0-9]+)?\")|\\1hash\\2|;s|(referrer: \"https?://).+(\.(my)?unraid\.net)|\\1hash\\2|' ".escapeshellarg("$log.txt"));
|
||||
maskIP("$log.txt");
|
||||
foreach ($titles as $mover) {
|
||||
if (!$mover) continue;
|
||||
$title = "/{$mover[0]}..".substr($mover,-1)."/...";
|
||||
@@ -604,6 +616,7 @@ $dhcplog = "/var/log/dhcplog";
|
||||
if (file_exists($dhcplog)) {
|
||||
$log = "/$diag/logs/dhcplog.txt";
|
||||
run("todos <$dhcplog >".escapeshellarg($log));
|
||||
if (!$all) maskIP($log);
|
||||
}
|
||||
|
||||
// copy graphql-api.log
|
||||
|
||||
Reference in New Issue
Block a user