From 907d7df621e72ec4d87d4056dc021a7f589b4de0 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sun, 27 Nov 2011 12:48:42 +0000
Subject: Add listen-check

---
 debian/changelog     |  6 ++++++
 scripts/listen-check | 37 +++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)
 create mode 100755 scripts/listen-check

diff --git a/debian/changelog b/debian/changelog
index 69252ea..5002114 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+liw-automation (8.21) squeeze; urgency=low
+
+  * Add listen-check
+
+ -- Lars Wirzenius <liw@liw.fi>  Sun, 27 Nov 2011 12:48:36 +0000
+
 liw-automation (8.20) squeeze; urgency=low
 
   * Fix journal-note attachment feature.
diff --git a/scripts/listen-check b/scripts/listen-check
new file mode 100755
index 0000000..45fe716
--- /dev/null
+++ b/scripts/listen-check
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# Check that the host only listens on ports that are acceptable.
+
+set -e
+
+ports()
+{
+    netstat -nlap |
+    awk '
+        $6 == "LISTEN" {
+            n = split($7, a, /\//)
+            printf "%-10s %-20s %-20s %s\n", $1, $4, $5, a[2]
+        }'
+}
+
+
+case "$1" in
+    list)
+        ports
+        ;;
+    report)
+        temp="$(mktemp)"
+        ports > "$temp"
+        if diff -u /etc/listen-check.ok "$temp"
+        then
+            rm -f "$temp"
+        else
+            rm -f "$temp"
+            exit 1
+        fi
+        ;;
+    *)
+        echo "EEeek. Usage, man!" 1>&2
+        exit 1
+        ;;
+esac
-- 
cgit v1.2.1