#!/bin/sh # File : chk_vscan.sh # By : Maarten.deBoer@Atos.net, 160504 # Subject : Script to check FSOD-design setting #FSoD Virus-scanning Options #Default configuration options per vFiler: #. vscan options timeout: 10 sec #. vscan options abort_timeout: 50 sec #. vscan options mandatory_scan off #. vscan options use_host_scanners off #. vscan options client_msgbox off #. #. options cifs.smb2.client.enable off #. options cifs.smb2.enable on #. options cifs.smb2.signing.required off #. #Op AV server must be configured that only SMB1 will be used (registry setting). # #(0.2) : Add --imi / SDM #(0.3) : Mod "use_host_scanners" & LOG + CI PGM="`basename $0|cut -d\. -f1`" VER="0.3" TMP="/tmp/${PGM}.$$" LOG="${HOME}/log/${PGM}.log" FILERS="${HOME}/etc/filers" SSH="/usr/bin/ssh -n" HOSTNAME="`hostname|cut -d\. -f1`" MAILTO="maarten.deboer@atos.net" DATI="`date +%Y-%m-%d_%H-%M`" ASC="/tmp/FSOD-vscan-check_${DATI}.asc" FILTER="[?]*" CUSTCODE="[?]*" MAIL="" MONSTR="`date +%b`" IMI="" SDMMAIL="ESBIncident.it-solutions@atos.net" SDMMSG="${TMP}.sdmmsg" SDMTYPE="Incident" SDMTEXT="${TMP}.sdmtext" SDMSEV="4" SDMGROUP="NL.Storage.FSOD" SDMUSER="nldsm01" SDMREPLYTO="fsod@atos.net" #SDMTYPE="Query" #SDMUSER="nl19471" #SDMREPLYTO="maarten.deboer@atos.net" #--------------------------------------------------------------------------# # Functions # #--------------------------------------------------------------------------# CREATE_SDM_TICKET() # CREATE_SDM_TICKET "${FILER}" "${SDMTYPE}" "${SDMTEXT}" "${SDMSEV}" # $1=Filer(CI), $2=SDMTYPE, $3=SDM-text $4=SEV { echo "@REQUESTTYPE: ${2}" > ${SDMMSG} echo "@REQUESTAREA: NL.Storage.StorageOnDemand" >> ${SDMMSG} echo "@SEVERITY: ${4}" >> ${SDMMSG} echo "@CI: ${1}" >> ${SDMMSG} echo "@ORGANISATION: AtosOrigin.Netherlands" >> ${SDMMSG} echo "@GROUP: ${SDMGROUP}" >> ${SDMMSG} echo "@REPLYTO: ${SDMREPLYTO}" >> ${SDMMSG} echo "@PROXYUSER: ${SDMUSER}" >> ${SDMMSG} cat ${3} >> ${SDMMSG} echo "[@${HOSTNAME}:${PGM} v${VER}]" >> ${SDMMSG} echo "@ENDOFSDMMESSAGE" >> ${SDMMSG} cat ${SDMMSG} | mailx -s "${SDMUSER}: ${PGM} ${2} at ${1}." ${SDMMAIL} # cat ${SDMMSG} echo "`date` ${PGM}: Mailed to SDM-IMI with CI=${1} (to ${SDMMAIL})"|tee -a ${LOG} } USAGE() { echo "Usage: ${PGM} []" echo " Version: ${VERSION}" echo " options :" echo " -c : Custromer code (${CUSTCODE})" echo " -e : Etc/filers (${FILERS})" echo " -f : Filter filername (${FILTER})" echo " -h | --help : this help" echo " -i | --imi : send alert (to SDM) via IMI(mail)" echo " -l : send messagesLog per vfiler" echo " -m | --mail : do send mail" echo " -V : Version" echo " -x : set -x" echo " --mailto : change MAILTO address & do send mail (${MAILTO})" } # Check options while [ $# -gt 0 ] do case $1 in -c) CUSTCODE=${2}; shift ;; -e) FILERS=${2}; shift ;; -f) FILTER=${2}; shift ;; -h | --help) USAGE; exit 1 ;; -i | --imi) IMI=1;; -m | --mail) MAIL=1 ;; -V) echo "${PGM}: v${VER}"; exit 3 ;; --mailto) MAILTO=$2; MAIL=1; shift ;; -x) set -x ;; *) echo "Option $1 not known."; USAGE; exit 1 ;; esac shift done echo "${PGM} v${VER}" echo "CSV = ${CSV}" echo "CUSTCODE = ${CUSTCODE}" echo "FILERS = ${FILERS}" echo "FILTER = ${FILTER}" echo "HOSTNAME = ${HOSTNAME}" echo "MAILTO = ${MAILTO}" echo "IMI=${IMI}" echo "SDMMAIL=${SDMMAIL}" echo "SDMUSER=${SDMUSER}" echo "SDMMSG=${SDMMSG}" echo "SDMREPLYTO=${SDMREPLYTO}" echo "SDMTYPE=${SDMTYPE}" echo "SDMTEXT=${SDMTEXT}" echo "SDMSEV=${SDMSEV}" echo "SDMGROUP=${SDMGROUP}" touch ${TMP} ${LOG} ${ASC} ${TMP}.mail ${SDMMSG} ${SDMTEXT} echo "`date` ${PGM} v${VER} started."|tee -a ${LOG} for FILER in `cat ${FILERS}|grep -v \^#|grep ${FILTER}` do echo "${FILER} ..." ${SSH} ${FILER} vfiler status|grep running|grep -v vfiler0|awk '{print $1}'|grep ${CUSTCODE}|while read VFILER do echo "${FILER}/${VFILER} ..." ${SSH} ${FILER} vfiler run ${VFILER} vscan > ${TMP}.2 ABLED="`grep 'Virus scanning is' ${TMP}.2|awk '{print $4}'`" ${SSH} ${FILER} vfiler run ${VFILER} vscan options > ${TMP}.3 TO="`grep 'vscan options timeout' ${TMP}.3|cut -d\: -f2|awk '{print $1}'`" ABORT="`grep 'vscan options abort_timeout' ${TMP}.3|cut -d\: -f2|awk '{print $1}'`" MANDSCAN="`grep 'vscan options mandatory_scan' ${TMP}.3|awk '{print $4}'`" HOSTSCAN="`grep 'vscan options use_host_scanners' ${TMP}.3|awk '{print $4}'`" CMB="`grep 'vscan options client_msgbox' ${TMP}.3|awk '{print $4}'`" # Get vfiler options cifs.smb2 SMB2CE="`${SSH} ${FILER} vfiler run -q ${VFILER} options cifs.smb2.client.enable|awk '{print $2}'`" SMB2E="`${SSH} ${FILER} vfiler run -q ${VFILER} options cifs.smb2.enable|awk '{print $2}'`" SMB2SR="`${SSH} ${FILER} vfiler run -q ${VFILER} options cifs.smb2.signing.required|awk '{print $2}'`" RPCFD="`${SSH} ${FILER} vfiler run -q ${VFILER} options cifs.rpcfd_timeout|awk '{print $2}'`" if [ "${ABLED}" = "enabled." ]; then echo "${FILER}/${VFILER}: VSCAN ${ABLED} ..." if [ "${TO}" != "10" ]; then echo "${FILER}/${VFILER}: VSCAN options timeout <> 10 sec. (${TO}) "|tee -a ${TMP} fi if [ "${ABORT}" != "50" ]; then echo "${FILER}/${VFILER}: VSCAN options abort_timeout <> 50 sec. (${ABORT}) "|tee -a ${TMP} fi if [ "${MANDSCAN}" != "off" ]; then echo "${FILER}/${VFILER}: VSCAN options mandatory_scan <> off. (${MANDSCAN}) "|tee -a ${TMP} fi if [ "${HOSTSCAN}" != "off" ]; then echo "${FILER}/${VFILER}: VSCAN options use_host_scanners <> off. (${HOSTSCAN}) "|tee -a ${TMP} fi if [ "${CMB}" != "off" ]; then echo "${FILER}/${VFILER}: VSCAN options client_msgbox <> off. (${CMB}) "|tee -a ${TMP} fi if [ "${SMB2CE}" != "off" ]; then echo "${FILER}/${VFILER}: VFILER options cifs.smb2.client.enable <> off. (${SMB2CE}) "|tee -a ${TMP} fi if [ "${SMB2E}" != "on" ]; then echo "${FILER}/${VFILER}: VFILER options cifs.smb2.enable <> on. (${SMB2E}) "|tee -a ${TMP} fi if [ "${SMB2SR}" != "off" ]; then echo "${FILER}/${VFILER}: VFILER options cifs.smb2.signing.required <> off. (${SMB2SR}) "|tee -a ${TMP} fi else # enabled. if [ "${ABORT}" = "50" ] && [ "${MANDSCAN}" != "off" ]; then echo "${FILER}/${VFILER}: VSCAN ${ABLED}"|tee -a ${TMP} echo " VSCAN options abort_timeout 50 sec (is modified and OK) BUT mandatory_scan <> off (NOT ok when VSCAN enabled) "|tee -a ${TMP} fi fi # enabled. done # VFILER # When IMI, send 1 msg / Filer, CI if [ ${IMI} ]; then if [ -s ${TMP} ]; then # If size > 0 cp ${TMP} ${SDMTEXT} CREATE_SDM_TICKET "${FILER}" "${SDMTYPE}" "${SDMTEXT}" "${SDMSEV}" cp /dev/null ${TMP} fi fi # IMI done # for FILER if [ -s ${TMP} ] && [ ${MAIL} ]; then echo "# ${PGM} v${VER}" >> ${TMP}.mail echo "# `date` @${HOSTNAME}" >> ${TMP}.mail echo "# CSV = ${CSV}" >> ${TMP}.mail echo "# CUSTCODE = ${CUSTCODE}" >> ${TMP}.mail echo "# FILERS = ${FILERS}" >> ${TMP}.mail echo "# FILTER = ${FILTER}" >> ${TMP}.mail echo "# MAILTO = ${MAILTO}" >> ${TMP}.mail echo "# Values:" >> ${TMP}.mail cat << !EOF >> ${TMP}.mail # vscan options timeout: 10 sec # vscan options abort_timeout: 50 sec # vscan options mandatory_scan off # vscan options use_host_scanners off # vscan options client_msgbox off # # options cifs.smb2.client.enable off # options cifs.smb2.enable on # options cifs.smb2.signing.required off !EOF cp ${TMP} ${ASC} echo "" >> ${ASC} cat ${TMP}.mail >> ${ASC} cat ${TMP}.mail|mailx -a ${ASC} -s ":${HOSTNAME}: Vscan check [${PGM} v${VER}]" ${MAILTO} echo "`date` ${PGM} v${VER} mailed to ${MAILTO}."|tee -a ${LOG} fi # -s ${TMP} rm ${TMP} ${ASC} ${TMP}.mail ${SDMMSG} ${SDMTEXT} echo "`date` ${PGM} v${VER} finished."|tee -a ${LOG} exit 0