forked from tuya-cloudcutter/tuya-cloudcutter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsafety_checks.sh
executable file
·76 lines (72 loc) · 2.32 KB
/
safety_checks.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#!/bin/bash
check_port () {
protocol="$1"
port="$2"
reason="$3"
echo -n "Checking ${protocol^^} port $port... "
process_pid=$(sudo ss -lnp -A "$protocol" "sport = :$port" | grep -Po "(?<=pid=)(\d+)" | head -n1)
if [ -n "$process_pid" ]; then
process_name=$(ps -p "$process_pid" -o comm=)
echo "Occupied by $process_name with PID $process_pid."
echo "Port $port is needed to $reason"
read -p "Do you wish to terminate $process_name? [y/N] " -n 1 -r
echo
if [[ "$REPLY" =~ ^[Ss]$ ]]; then
echo "Skipping..."
return
fi
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Aborting due to occupied port"
exit 1
else
service=$(ps -p "$process_pid" -o unit= | grep .service | grep -Ev ^user)
if [ -n "$service" ]; then
echo "Attempting to stop $service"
sudo systemctl stop "$service"
else
echo "Attempting to terminate $process_name"
sudo kill "$process_pid"
if ! sudo timeout 10 tail --pid="$process_pid" -f /dev/null; then
echo "$process_name is still running after 10 seconds, sending SIGKILL"
sudo kill -9 "$process_pid"
sudo tail --pid="$process_pid" -f /dev/null
fi
fi
sleep 1
fi
else
echo "Available."
fi
}
check_firewall () {
if sudo systemctl stop firewalld.service &>/dev/null; then
echo "Attempting to stop firewalld.service"
echo "When done, enable with: ${bold}sudo systemctl start firewalld.service${normal}"
fi
if command -v ufw >/dev/null && sudo ufw status | grep -qw active; then
sudo ufw disable
echo "When done, enable with: ${bold}sudo ufw enable${normal}"
fi
}
check_blacklist () {
if [ -e /etc/modprobe.d/blacklist-rtl8192cu.conf ]; then
echo "Detected /etc/modprobe.d/blacklist-rtl8192cu.conf"
echo "This has been known to cause kernel panic in hostapd"
echo "See https://github.com/ct-Open-Source/tuya-convert/issues/373"
read -p "Do you wish to remove this file? [y/N] " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
sudo rm /etc/modprobe.d/blacklist-rtl8192cu.conf
fi
fi
}
check_port udp 53 "resolve DNS queries"
check_port udp 67 "offer DHCP leases"
check_port tcp 80 "answer HTTP requests"
check_port tcp 443 "answer HTTPS requests"
#check_port udp 6666 "detect unencrypted Tuya firmware"
#check_port udp 6667 "detect encrypted Tuya firmware"
check_port tcp 1883 "run MQTT"
check_port tcp 8886 "run MQTTS"
check_firewall
check_blacklist