diff options
Diffstat (limited to 'scripts/listen-check')
| -rwxr-xr-x | scripts/listen-check | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/scripts/listen-check b/scripts/listen-check new file mode 100755 index 0000000..45fe716 --- /dev/null +++ b/scripts/listen-check @@ -0,0 +1,37 @@ +#!/bin/sh +# +# Check that the host only listens on ports that are acceptable. + +set -e + +ports() +{ + netstat -nlap | + awk ' + $6 == "LISTEN" { + n = split($7, a, /\//) + printf "%-10s %-20s %-20s %s\n", $1, $4, $5, a[2] + }' +} + + +case "$1" in + list) + ports + ;; + report) + temp="$(mktemp)" + ports > "$temp" + if diff -u /etc/listen-check.ok "$temp" + then + rm -f "$temp" + else + rm -f "$temp" + exit 1 + fi + ;; + *) + echo "EEeek. Usage, man!" 1>&2 + exit 1 + ;; +esac |