#! /bin/sh
# dump assorted information of use in debugging
# Copyright (C) 1998, 1999  Henry Spencer.
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# RCSID $Id: barf,v 1.61 2002/02/28 22:07:45 henry Exp $

KERNSRC=${KERNSRC-/usr/src/linux}
LOGS=${LOGS-/var/log}
me="ipsec barf"

# message patterns that start relevant parts of logs
fstart='Starting FreeS.WAN'
pstart='Starting Pluto subsystem'

case "$1" in
--help)		echo "Usage: ipsec barf" ; exit 0	;;
--version)	echo "$me $IPSEC_VERSION" ; exit 0	;;
esac

# make sure output is in English
unset LANG LANGUAGE LC_ALL LC_MESSAGES

# log-location guesser, results in $findlog_file and $findlog_startline
# Fine point:  startline is the *last* line containing "string", or
# failing that, the *first* line containing "fallbackstring".
findlog() {		# findlog string fallbackstring possiblefile ...
	s="$1"
	shift
	t="$1"
	shift
	# try the suggested files first
	for f in $*
	do
		if test -r $LOGS/$f -a ! -d $LOGS/$f && egrep -q "$s" $LOGS/$f
		then
			# aha, this one has it
			findlog_file=$LOGS/$f
			findlog_startline=`egrep -n "$s" $LOGS/$f |
				sed -n '$s/:.*//p'`
			return 0
		fi
	done
	for f in $*
	do
		if test -r $LOGS/$f -a ! -d $LOGS/$f && egrep -q "$t" $LOGS/$f
		then
			# aha, this one has it
			findlog_file=$LOGS/$f
			findlog_startline=`egrep -n "$t" $LOGS/$f |
				sed -n '1s/:.*//p'`
			return 0
		fi
	done
	# nope, resort to a search, newest first, of uncompressed logs
	for f in `ls -t $LOGS | egrep -v '\.(gz|Z)$'`
	do
		if test -r $LOGS/$f -a ! -d $LOGS/$f && egrep -q "$s" $LOGS/$f
		then
			# found it
			findlog_file=$LOGS/$f
			findlog_startline=`egrep -n "$s" $LOGS/$f |
				sed -n '$s/:.*//p'`
			return 0
		fi
	done
	for f in `ls -t $LOGS | egrep -v '\.(gz|Z)$'`
	do
		if test -r $LOGS/$f -a ! -d $LOGS/$f && egrep -q "$t" $LOGS/$f
		then
			# found it
			findlog_file=$LOGS/$f
			findlog_startline=`egrep -n "$t" $LOGS/$f |
				sed -n '1s/:.*//p'`
			return 0
		fi
	done
	echo "$0: unable to find $LOGS/$1 or local equivalent" >&2
	findlog_file=/dev/null
	findlog_startline=1		# arbitrary
}

# try to guess where logs are
findlog "$fstart" "klips" messages syslog
klog=$findlog_file
kline=$findlog_startline
findlog "$pstart" "Pluto" secure auth.log debug
plog=$findlog_file
pline=$findlog_startline

# /lib/modules examiner
modulegoo() {
	set +x
	for d in `ls /lib/modules`
	do
		if test -d /lib/modules/$d
		then
			f=/lib/modules/$d/$1
			if test -f $f
			then
				nm -g $f | egrep "$2"
			else
				echo
			fi | sed "s;^;$d: ;"
		fi
	done
	set -x
}

# advanced shell deviousness to get dividers into output
_________________________() {
	$2	# something to do nothing and not echo anything
}

exec 2>&1		# stderr on stdout, so errors go into main output

hostname ; date
set -x
_________________________ version
ipsec --version
_________________________ proc/version
cat /proc/version
_________________________ proc/net/ipsec_eroute
sort +3 /proc/net/ipsec_eroute
_________________________ proc/net/ipsec_spi
cat /proc/net/ipsec_spi
_________________________ proc/net/ipsec_spigrp
cat /proc/net/ipsec_spigrp
_________________________ netstart-rn
netstat -nr
_________________________ proc/net/ipsec_tncfg
cat /proc/net/ipsec_tncfg
_________________________ proc/net/pf_key
cat /proc/net/pf_key
_________________________ proc/net/pf_key-star
( cd /proc/net ; egrep '^' pf_key_* )
_________________________ proc/sys/net/ipsec-star
( cd /proc/sys/net/ipsec ; egrep '^' * )
_________________________ ipsec/status
ipsec auto --status
_________________________ ifconfig-a
ifconfig -a
_________________________ ipsec/directory
ipsec --directory
_________________________ hostname/fqdn
hostname --fqdn
_________________________ hostname/ipaddress
hostname --ip-address
_________________________ uptime
uptime
_________________________ ps
# -i ppid picks up the header
ps alxw | egrep -i 'ppid|pluto|ipsec|klips'
_________________________ ipsec/showdefaults
ipsec showdefaults
_________________________ ipsec/conf
ipsec _include /etc/ipsec.conf | ipsec _keycensor
_________________________ ipsec/secrets
ipsec _include /etc/ipsec.secrets | ipsec _secretcensor
_________________________ ipsec/ls-dir
ls -l ${IPSEC_DIR-/usr/local/lib/ipsec}
_________________________ ipsec/updowns
for f in `ls ${IPSEC_DIR-/usr/local/lib/ipsec} | egrep updown`
do
	cat ${IPSEC_DIR-/usr/local/lib/ipsec}/$f
done
_________________________ proc/net/dev
cat /proc/net/dev
_________________________ proc/net/route
cat /proc/net/route
_________________________ proc/sys/net/ipv4/ip_forward
cat /proc/sys/net/ipv4/ip_forward
_________________________ proc/sys/net/ipv4/conf/star-rp_filter
( cd /proc/sys/net/ipv4/conf ; egrep '^' */rp_filter )
_________________________ uname-a
uname -a
_________________________ redhat-release
if test -r /etc/redhat-release
then
	cat /etc/redhat-release
fi
_________________________ proc/net/ipsec_version
cat /proc/net/ipsec_version
_________________________ iptables/list
iptables -L -v -n
_________________________ ipchains/list
ipchains -L -v -n
_________________________ ipfwadm/forward
ipfwadm -F -l -n -e
_________________________ ipfwadm/input
ipfwadm -I -l -n -e
_________________________ ipfwadm/output
ipfwadm -O -l -n -e
_________________________ iptables/nat
iptables -t nat -L -v -n
_________________________ ipchains/masq
ipchains -M -L -v -n
_________________________ ipfwadm/masq
ipfwadm -M -l -n -e
_________________________ iptables/mangle
iptables -t mangle -L -v -n
_________________________ proc/modules
cat /proc/modules
_________________________ proc/meminfo
cat /proc/meminfo
_________________________ dev/ipsec-ls
ls -l /dev/ipsec*
_________________________ proc/net/ipsec-ls
ls -l /proc/net/ipsec_*
_________________________ usr/src/linux/.config
if test -f $KERNSRC/.config
then
	egrep 'IP|NETLINK' $KERNSRC/.config
fi
_________________________ etc/syslog.conf
cat /etc/syslog.conf
_________________________ lib/modules-ls
ls -ltr /lib/modules
_________________________ proc/ksyms-netif_rx
egrep netif_rx /proc/ksyms
_________________________ lib/modules-netif_rx
modulegoo kernel/net/ipv4/ipip.o netif_rx
_________________________ kern.debug
if test -f $LOGS/kern.debug
then
	tail -100 $LOGS/kern.debug
fi
_________________________ klog
sed -n $kline,'$'p $klog |
	egrep -i 'ipsec|klips|pluto' |
	case "$1" in
	--short)	tail -500	;;
	*)		cat		;;
	esac
_________________________ plog
sed -n $pline,'$'p $plog |
	egrep -i 'pluto' |
	case "$1" in
	--short)	tail -500	;;
	*)		cat		;;
	esac
_________________________ date
date
