blob: 45fe71610ca9d17fb27281b6847c4ab9cf63b92f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
#!/bin/sh
#
# Check that the host only listens on ports that are acceptable.
set -e
ports()
{
netstat -nlap |
awk '
$6 == "LISTEN" {
n = split($7, a, /\//)
printf "%-10s %-20s %-20s %s\n", $1, $4, $5, a[2]
}'
}
case "$1" in
list)
ports
;;
report)
temp="$(mktemp)"
ports > "$temp"
if diff -u /etc/listen-check.ok "$temp"
then
rm -f "$temp"
else
rm -f "$temp"
exit 1
fi
;;
*)
echo "EEeek. Usage, man!" 1>&2
exit 1
;;
esac
|