Commit 8bb30efe authored by root's avatar root

initial commit

parent 570937e0
Pipeline #31 canceled with stages
#!/bin/bash
FFVERSION=3.9
### Default config ###
PK=0 # 0 = Use SSHPASS; 1 = Use private key
COMPRESSOR="lzop -1" # The default compressor. When in doubt, use this.
VERIFY=1 # Do a rsync after the copy to sync files that changed and ensure integrity
RESUME=1 # Default to resuming the transfer.
PORT=65432 # The default port for file transfers.
BLOCKSIZE=65536 # TAR Record size, Socat block size, and other things that should be synced.
BUF=16777216 # Send and Receive buffer
ENCRYPTOR=cat # Change to "openssl enc -e" to encrypt the connection
DECRYPTOR=cat # Change to "openssl enc -d" to encrypt the connection
LIMIT=0 # Limit bandwidth usage to $LIMIT bytes
TRANSPORT=tcp # Hey, try UDP or SCTP if you want.
### End config ###
WORK=`mktemp -p /tmp -d filefox.XXXXXXXXX`
export PK COMPRESSOR ENCRYPTOR DECRYPTOR VERIFY RESUME BLOCKSIZE TRANSPORT BUF PORT WORK
remote () {
if [ "$PK" = "0" ] || [ "$PK" = "" ]; then
echo "sshpass -e ssh -E $WORK/log $USERHOST"
else
echo "ssh -E $WORK/log $USERHOST"
fi
}
bool () {
if [ "$1" = "0" ] || [ "$1" = "" ]; then
if [ "$3" = "" ]; then echo "False"; else echo "$3"; fi
else
if [ "$2" = "" ]; then echo "True"; else echo "$2"; fi
fi
}
halp () {
echo "$(basename $0): The fastest way to get from here to there."
echo "Version $FFVERSION (C) 2018-$(date +%Y) Alynna Trypnotk; GPL3"
cat << EOF
Syntax:
filefox [options] <user@host> <local-dir> <remote-dir>
Options:
-n; --new Start transfer fresh without finding out what files exist in the destination.
Best for starting a new transfer.
-r; --resume (DEFAULT) Scan the destination for the existence of files and skip them.
WARNING: does not compare times, file sizes, or file integrity.
-v; --verify (DEFAULT) Check the copy with rsync after doing the copy. This occurs at the
end and is a good compromise between filefox's speed and rsync's reliability.
-v0; --no-verify Skip rsync verification check after copy.
-y; --encrypt Pipe through OpenSSL encryption (Slower)
-y0; --no-encrypt (DEFAULT) Do not encrypt (Fast)
--compressor="<prog>" Uses a different compressor than the default "lzop -1".
-c="<prog>" This can be any stream based compressor on your system that uses the -d option
to specify decompression.
-k; --privatekey Do not ask for an SSH password at the beginning, assume private key present.
-w; --password (DEFAULT) Ask for an ssh password and attempt to use it via SSHPASS.
-q; --prerequisites Install prerequisite programs. Works on debian based systems. For other
EOF
echo " -t=<port> Connect using different transport protocol, such as SCTP or UDP"
echo " --transport=<tport> Default transport: $TRANSPORT"
echo " -p=<port> Connect on different port"
echo " --port=<port> Default port: $PORT"
echo " -l=<bytespec> Limit bandwidth to <bytes>, K M G T can be used"
echo " --limit=<bytespec> Default limit: $LIMIT"
echo " -s=<blocksize> Set blocksize of TAR records and socat transfer size"
echo " --blocksize=<port> Default blocksize: $BLOCKSIZE"
echo " -b=<bufsize> Total TCP buffer size"
echo " --buffer=<bufsize> Default buffer size: $BUF"
}
install-deps () {
# Install dependencies if necessary
if [ "$(which nc)" = "" ]; then apt -y install netcat-openbsd; fi
if [ "$(which pv)" = "" ]; then apt -y install pv; fi
if [ "$(which sshpass)" = "" ]; then apt -y install sshpass; fi
if [ "$(which lzop)" = "" ]; then apt -y install lzop; fi
if [ "$(which ssh)" = "" ]; then apt -y install ssh; fi
if [ "$(which rsync)" = "" ]; then apt -y install rsync; fi
}
loop-through-opts () {
for i in "$@"; do
case $i in
-n|-r0|-n1|--new)
RESUME=0
shift
;;
-r|-r1|-n0|--resume)
RESUME=1
shift
;;
-v|-v1|--verify)
VERIFY=1
shift
;;
-v0|--no-verify)
VERIFY=0
shift
;;
-c=*|--compressor=*)
COMPRESSOR="${i#*=}"
shift
;;
-y|-y1|--encrypt)
ENCRYPTOR="openssl enc -e"
DECRYPTOR="openssl enc -d"
shift
;;
-y0|--no-encrypt)
ENCRYPTOR="cat"
DECRYPTOR="cat"
shift
;;
-h|--help)
halp
exit 1
shift
;;
-k|--privatekey)
PK=1
shift
;;
-w|--password)
PK=0
shift
;;
-q|--prerequisites)
install-deps
exit 1
shift
;;
-l=*|--limit=*)
LIMIT=${i#*=}
shift
;;
-p=*|--port=*)
PORT=${i#*=}
shift
;;
-b=*|--buffer=*)
BUF=${i#*=}
shift
;;
-s=*|--blocksize=*)
BLOCKSIZE=${i#*=}
shift
;;
-t=*|--transport=*)
TRANSPORT=${i#*=}
shift
;;
*)
if [ "$USERHOST" = "" ]; then USERHOST=$i; shift;
elif [ "$SRC" = "" ]; then SRC=$i; shift;
elif [ "$DST" = "" ]; then DST=$i; shift;
else (echo "!!! There seems to be an issue with your Options." >&2); shift; exit 2
fi
;;
esac
done
export PK COMPRESSOR ENCRYPTOR DECRYPTOR VERIFY RESUME BLOCKSIZE TRANSPORT BUF PORT WORK
}
exclusion-list () {
if [ "$RESUME" = "0" ]; then
echo ">>> Starting new transfer."
touch $WORK/exclude-list
else
echo ">>> Getting files already transferred ..."
$(remote) "find $DST -type f -printf \"%P\n\"" | pv -w100 -l -F "[%t]: Remote files found [%b]; Transfer Rate: C:%r a:%a %p" > $WORK/exclude-list
fi
}
finish-up () {
sleep 2
$(remote) "pkill -TERM -f $WORK" >/dev/null 2>&1
$(remote) "if [ .$WORK. != .. ]; then rm --preserve-root $WORK/*; rmdir $WORK; fi"
if [ "$WORK" != "" ]; then rm --preserve-root $WORK/*; rmdir $WORK; fi
pkill -TERM -f "$WORK" >/dev/null 2>&1
unset SSHPASS PK COMPRESSOR ENCRYPTOR DECRYPTOR VERIFY RESUME BLOCKSIZE TRANSPORT BUF PORT WORK RC
}
datapipe-local () {
E=`echo -n -e "\033[81G"`
B=`echo -n -e "\033[1G"`
mkfifo $WORK/crypt.layer $WORK/compress.layer $WORK/archive.layer
tar -C $SRC -X $WORK/exclude-list --ignore-failed-read --posix -p --record-size=$BLOCKSIZE --numeric-owner -c ./ | \
pv -B$BUF -C -w80 -bF "[%t]: C:%r A:%a [%b] DATA >%p> LINE " >> $WORK/archive.layer &
cat $WORK/archive.layer | $COMPRESSOR >> $WORK/compress.layer &
cat $WORK/compress.layer | $ENCRYPTOR >> $WORK/crypt.layer &
cat $WORK/crypt.layer | pv -B$BUF -C -L$LIMIT -w60 -bF "${E}[%b] C:%r A:%a${B}" | \
socat -u -t1 -T0 -b$BLOCKSIZE - $TRANSPORT:$(echo $USERHOST | cut -d@ -f2):$PORT,rcvbuf=$BUF,sndbuf=$BUF,nonblock=1,keepalive
}
datapipe-remote () {
$(remote) \
"mkdir -p $WORK; \
mkfifo $WORK/crypt.layer $WORK/compress.layer $WORK/archive.layer; \
(socat -lp$WORK -u -t1 -T0 ${TRANSPORT/-connect/}-listen:$PORT,rcvbuf=$BUF,sndbuf=$BUF - >> $WORK/crypt.layer &); \
(cat $WORK/crypt.layer | $DECRYPTOR >> $WORK/compress.layer &); \
(cat $WORK/compress.layer | $COMPRESSOR -d >> $WORK/archive.layer &); \
cat $WORK/archive.layer | tar --posix -p --numeric-owner -C $DST/ -xv 2>&1" &
}
# Main Screen Turn On.
loop-through-opts $@; if [ "$?" = "1" ]; then exit 0; fi
echo ">>>>>> Filefox $FFVERSION (C) 2018 Alynna Trypnotk, GPL3"
echo ">>> From $SRC to $USERHOST:$PORT::$DST over $TRANSPORT"
echo ">>> Transfer options: RESUME=$(bool $RESUME); VERIFY=$(bool $VERIFY); AUTH=$(bool $PK 'Private key' 'SSH Password')"
echo ">>> Pipe options: COMPRESSOR=$COMPRESSOR; ENCRYPTOR=$(bool $([[ .${ENCRYPTOR}. = .cat. ]] && echo 0 || echo 1) $ENCRYPTOR 'None')"
echo ">>> Socket options: BLOCKSIZE=$BLOCKSIZE; BUFSIZE=$BUF; SPEEDLIMIT=$LIMIT"
read -p ">>>>>> Press a key to continue, Ctrl-C to abort, or wait 5 seconds" -t 5 -n 1
if [ "$PK" = "0" ] || [ "$PK" = "" ]; then
if [ "$SSHPASS" = "" ]; then
echo ""
read -s -p ">>> SSH Password authentication selected, please enter password: " SSHPASS
fi
export SSHPASS
echo ""
fi
$(remote) "mkdir -p $DST"; export RC=$?
if [ $RC -gt 0 ]; then echo "!!! SSH setup failed returncode $RC. Aborted."; finish-up; exit 1; fi
exclusion-list
# Note you are responsible for ensuring that the remote side has any compresor other than lzop
$(remote) 'if [ "$(which lzop)" = "" ]; then apt -y install lzop; fi' 2>&1
$(remote) 'if [ "$(which socat)" = "" ]; then apt -y install socat; fi' 2>&1
echo ">>> Begin transfer ..."
datapipe-remote
sleep 1
datapipe-local
if [ "$VERIFY" = "1" ]; then
echo ">>> Begin transfer verification check ..."
if [ "$PK" = "0" ] || [ "$PK" = "" ]; then
rsync -avu --progress --rsh="sshpass -e ssh" $SRC/ $USERHOST:$DST/
else
rsync -avu --progress --rsh=ssh $SRC/ $USERHOST:$DST/
fi
fi
finish-up
echo ">>> Transfur complete."
#!/bin/bash
if [ "$1" = "" ]; then
echo "$(basename $0): Execute a command for each zone from the root zone (NOT WITHIN ZONE)."
echo "Syntax: [ZONES=\"<zonelist>\"] $(basename $0) [[-]_/regex/all] [command to execute]"
echo "Use @Z to specify the currently processing zone."
echo " _ = just core zones, -_ = not core zones"
echo "Example: $(basename $0) _ echo @Z"
exit 254
fi
if [ "$ZONES" = "" ]; then
if [ "$1" = "_" ]; then
ZONES=`lxc-ls '\_.*'`
elif [ "$1" = "-@" ]; then
ZONES=`lxc-ls '^[^\_].*'`
elif [ "$1" = "all" ]; then
ZONES=`lxc-ls`
else
ZONES=`lxc-ls "^${1}$"`
fi
shift
fi
if [ "$ZONES" = "" ]; then
echo "$(basename $0): No zones match."
exit 1
fi
for ZONE in $ZONES; do
echo -n "$ZONE: "
bash -c "${*//@Z/$ZONE}"
done
echo
\ No newline at end of file
#!/bin/bash
EXEMPT=`echo "$SOCAT_PEERADDR" | grep '10\.0\.' | wc -l`
echo -n "$SOCAT_PEERADDR: "
if [ $EXEMPT -eq 0 ]; then
echo "YOU HAVE BEEN B&"
iptables -I HONEYPOT -t filter -s $SOCAT_PEERADDR -j DROP
else
echo Exempted due to local: iptables -A INPUT -t filter -s $SOCAT_PEERADDR -j DROP
fi
#!/bin/bash
EXPIRE=`iptables -L HONEYPOT -n -t filter | grep DROP | wc -l`
if [ $EXPIRE -lt 32 ]; then exit 0; fi
iptables -D HONEYPOT $EXPIRE
#!/bin/bash
if [ "$1" = "" ]; then
echo "$(basename $0): Execute a command within the specified zones (Attaches to each zone first)."
echo "Syntax: [ZONES=\"<zonelist>\"] $(basename $0) [[-]_/regex/all] [command to execute]"
echo " _ = just core zones, -_ = not core zones"
echo "Example: $(basename $0) _ cat /etc/hostname"
exit 254
fi
if [ "$ZONES" = "" ]; then
if [ "$1" = "_" ]; then
ZONES=`lxc-ls '\_.*'`
elif [ "$1" = "-#" ]; then
ZONES=`lxc-ls '^[^\_].*'`
elif [ "$1" = "all" ]; then
ZONES=`lxc-ls`
else
ZONES=`lxc-ls "^${1}$"`
fi
shift
fi
if [ "$ZONES" = "" ]; then
echo "$(basename $0): No zones match."
exit 1
fi
for j in $ZONES; do
echo -ne "\033]0;$j\007$j: "
lxc-attach -n $j -- bash -c "cd ~; ${*}"
done
echo
#!/bin/bash
if [ "$2" = "" ]; then
echo "Syntax: [ZONES=\"<zonelist>\"] $(basename $0) <zone> <regex/[-]_/all> <filename>"
echo " _ = just core zones. <filename> is relative to the given <zone>"
echo " Example: $(basename $0) _u1604 _ /etc/network/interfaces"
exit 1
fi
ZONE=$1
shift
if [ "$ZONES" = "" ]; then
if [ "$1" = "_" ]; then
ZONES=`lxc-ls '\_.*'`
elif [ "$1" = "-@" ]; then
ZONES=`lxc-ls '^[^\_].*'`
elif [ "$1" = "all" ]; then
ZONES=`lxc-ls`
else
ZONES=`lxc-ls "^${1}$"`
fi
shift
fi
if [ "$ZONES" = "" ]; then
echo "$(basename $0): No zones match."
exit 1
fi
if [ "$1" = "" ]; then
echo "$(basename $0): Not found source file or directory."
exit 0
fi
for j in $ZONES; do
if [ ! $j = $ZONE ]; then
echo -n "$j: "
cp -av "/zone/$ZONE/rootfs/$1" "/zone/$j/rootfs/$1"
fi
done
#!/bin/bash
if [ "$1" == "" ]; then
echo "$(basename $0): Lamers go in, they don't come out."
echo "Syntax: $(basename $0) <ipv4/ipv6 network address/range"
else
echo "$1" >> /etc/rtbl
/etc/startup-sequence/021.botblocker
iptables -L -n -t filter | grep "$1"
fi
#!/bin/bash
ZONE=$1
shift
lxc-attach -n $ZONE -- bash -c "${*}"
\ No newline at end of file
#!/bin/bash
OPTDIR=""
if [ "$1" = "" ]; then
echo $(basename $0): My wrapper around LXC
echo "Usage: $(basename $0) <command> <zone> <args>"
elif [ "$1" = "restart" ]; then
lxc-stop -n $2 ${@:3}
lxc-start -n $2 ${@:3}
elif [ "$1" = "create" ] || [ "$1" = "destroy" ]; then
OPTDIR=$2
if [ "$1" = "create" ]; then
lxc-$1 -n $2 -B zfs ${@:3}
else
lxc-$1 -n $2 ${@:3}
fi
if [ "$1" = "create" ]; then
echo "lxc.mount.entry = /opt/zone/$2 opt none bind,create=dir 0 0" >> /zone/$2/config
echo "lxc.mount.entry = /opt/share share none bind,create=dir 0 0" >> /zone/$2/config
fi
zfs mount -a
elif [ "$1" = "copy" ] || [ "$1" = "clone" ]; then
OPTDIR=$3
lxc-copy -n $2 -N $3 -p /zone/$3 -B zfs ${@:4}
sed -i "s/$2/$3/" /zone/$3/config
zfs mount -a
elif [ "$1" = "startauto" ]; then
if [ "$3" = "" ]; then echo "$(basename $0): Nope." ; exit 1; fi
if [ `cat /zone/$2/config | grep "lxc\.start\.auto" | wc -l` = 0 ]; then
echo "lxc.start.auto = $3" >> /zone/$2/config
else
sed -i "/lxc\.start\.auto/c\lxc.start.auto = $3" /zone/$2/config
fi
elif [ "$1" = "ls" ]; then
lxc-ls ${@:2}
elif [ -x /usr/bin/lxc-$1 ]; then
lxc-$1 -n $2 ${@:3}
else
lxc $1 ${@:2}
fi
if [ ! "$OPTDIR" = "" ]; then
case $1 in
create|copy|clone)
echo "Creating the Optional Zone /opt/zone/$OPTDIR"
mkdir -p /opt/zone/$OPTDIR
;;
destroy)
if [ -d /opt/zone/$OPTDIR ]; then
echo -n "Destroy the Optional Zone too? Type YES to confirm: "
read X
if [ "$X" = "YES" ]; then
rm -rf /opt/zone/$OPTDIR
echo "Done."
fi
fi
;;
*)
true
esac
fi
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment