summaryrefslogtreecommitdiff
path: root/functions/tech-support
blob: 667747f8e3aaf6bcb80cbaea04ff364ca3ffc2fb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
# implement "show tech-support"
# usage: tech-support [ save [ <filename> ] ]
# usage: tech-support [ save-uncompressed [ <filename> ] ] 
# NOTE: this file is sourced, NOT executed

function header {
    echo
    echo ----------------
    echo "$*"
    echo ----------------
}

# by default send to stdout
OUT=1
FLAG=0
REMOTE=0
DEFAULT_PATH=/opt/vyatta/etc/config/support
DEFAULT_GROUP=users

do_rotate ()
{
  local count=`ls -t $DEFAULT_PATH/*.tech-support.* 2>/dev/null |wc -l`
  if (( count >= 10 )); then
    local dfile=`ls -t $DEFAULT_PATH/*.tech-support.* 2>/dev/null |tail -1`
    rm -f $dfile >&/dev/null \
      && echo "Removed old tech-support output file '$dfile'"
  fi
}

HOSTNAME=`hostname`
CURTIME=`date +%F-%H%M%S`
   if [ "$1" == "save-uncompressed" ]; then
    FLAG="1"
   elif [ "$1" == "save" ]; then
    FLAG="0"
   fi

 if [ "$1" == "save" ] || [ "$1" == "save-uncompressed" ]; then
  # "save" or save-uncompressed is specified. save output to file.
  if [ -n "$2" ]; then
   if [[ "$2" =~ scp:///* ]]; then  
     OUT="$HOSTNAME.tech-support.$CURTIME"
     REMOTE="1" 
   elif [[ "$2" =~ ftp:///* ]]; then 
     OUT="$HOSTNAME.tech-support.$CURTIME"
     REMOTE="1"
   else
      #file to be save locally
     OUT="$2.$HOSTNAME.tech-support.$CURTIME"
   fi
  else
     OUT="$HOSTNAME.tech-support.$CURTIME"
  fi
  
if [[ $OUT != /* ]]; then
    # it's not absolute path. save in default path.
    mkdir -p $DEFAULT_PATH >& /dev/null
    chgrp $DEFAULT_GROUP $DEFAULT_PATH >& /dev/null
    chmod 775 $DEFAULT_PATH >& /dev/null
    OUT="$DEFAULT_PATH/$OUT"
    do_rotate
  fi
  if ! touch $OUT >& /dev/null; then
    echo "Cannot create tech-support file '$OUT'"
    exit 1
  fi
  if [ $REMOTE != "1" ]; then   
   echo "Saving output to $OUT ..."
  fi
fi

(
export PATH=/sbin:/usr/sbin:$PATH

header Show Tech-Support  
header CONFIGURATION 


header Vyatta Version and Package Changes
show version all

header Configuration File 
cat /opt/vyatta/etc/config/config.boot

header Running configuration
show configuration

header Package Repository Configuration File 
cat /etc/apt/sources.list

header User Startup Scripts 
cat /etc/rc.local


header INTERFACES


header Interfaces
show interfaces

header Ethernet

header Interface statistics
ip -s link show

for eth in $(cd /sys/class/net; echo eth*)
do header "Physical Interface statistics for $eth"
   sudo ethtool -S $eth
done

for eth in $(cd /sys/class/net; echo eth*)
do header "Physical Interface Details for $eth"
   show interfaces ethernet $eth physical 
done

header Physical Interface Offload Settings and Capabilities
sudo ethtool -K
 
header "ARP Table (Total entries)"
show arp

header Number of incomplete entries in ARP table
show arp | grep incomplete | wc -l  
header Serial

header "WAN Interface Hardware Information (wanrouter hwprobe)" 
is_sangoma='lspci -n -d '1923:*''
is_adsl='lspci -n -d '14bc:*''
if [ -z "$is_sangoma" -a -z "$is_adsl" ]; then

 sudo wanrouter hwprobe

header "WAN Interface Software Version (wanrouter version)"
wanrouter version

header "WAN Interface Debugging Information (wanrouter debug)" 
wanrouter debug

header "WAN Interface Connection Status Information (wanrouter summary)" 
wanrouter summary

header "WAN Interface Information Summary (wanrouter status)" 
wanrouter status

header "WAN Interface Driver Information (wanrouter modules)"
wanrouter modules

if [ -e /etc/wanpipe/wanrouter.rc ]; then
   header "WAN Interface Startup Script (/etc/wanpipe/wanrouter.rc)" 
   cat /etc/wanpipe/wanrouter.rc
fi

header WAN Interfaces
wanifs=( /sys/class/net/wan* )
wanifs=`echo -n ${wanifs[@]##*/}`

echo "wanifs are $wanifs"

for ifname in $wanifs ; do
    header "wanpipemon -i $ifname -c sc"
    sudo wanpipemon -i $ifname -c sc

    header "wanpipemon -i $ifname -c so"
    sudo wanpipemon -i $ifname -c so

    header "wanpipemon -i $ifname -c xcv"
    sudo wanpipemon -i $ifname -c xcv

    header "wanpipemon -i $ifname -c xru"
    sudo wanpipemon -i $ifname -c xru

    header "wanpipemon -i $ifname -c xm"
    sudo wanpipemon -i $ifname -c xm

    header "wanpipemon -i $ifname -c xl"
    sudo wanpipemon -i $ifname -c xl

    header "wanpipemon -i $ifname -c Ta"
    sudo wanpipemon -i $ifname -c Ta
done

for i in /etc/wanpipe/wanpipe*.conf ; do
    if [ -e $i ]; then
       header $i
       cat $i
    fi
done

header "WAN Interface Configuration Log (wanrouter conflog)"
wanrouter conflog

else
echo "Wanpipe not configured"
fi

header ROUTING


function show_route_limit ()
{
   NUM=$(show $1 route $2 | wc -l)
   # subtract 3 lines of header
   [ $NUM -gt 3 ] &&  NUM=$[$NUM - 3]
   OUTPUT=$(echo show $1 route $2 \(total $NUM\))
   CMD="show $1 route $2"
   if [ $3 -eq 0 ]
   then
      header $OUTPUT
      vtysh -c "$CMD"
   else
      header "$OUTPUT- limit $3"
      vtysh -c "$CMD" | head -n $3
   fi
}

#
# show all connected/static, limit the output others and include a total
#
show_route_limit ip connected 0
show_route_limit ip static    0
show_route_limit ip rip  500
show_route_limit ip ospf 500
show_route_limit ip bgp  500
show_route_limit ip ''   500

show_route_limit ipv6 connected 0
show_route_limit ipv6 static    0
show_route_limit ipv6 ripng 500
show_route_limit ipv6 ospf6 500
show_route_limit ipv6 bgp   500
show_route_limit ipv6 ''    500


header IPTABLES 


header Filter Chain Details 
sudo /sbin/iptables -L -vn

header Nat Chain Details 
sudo /sbin/iptables -t nat -L -vn

header Mangle Chain Details 
sudo /sbin/iptables -t mangle -L -vn

header Raw Chain Details 
sudo /sbin/iptables -t raw -L -vn


header SYSTEM


header Current Time
date
 
header Installed Packages
dpkg -l

header Loaded Modules
cat /proc/modules

header CPU

header Installed CPU/s 
cat /proc/cpuinfo

header Cumulative CPU Time Used by Running Processes
top -n1 -b -S

header Hardware Interrupt Counters
cat /proc/interrupts
 
header Load Average
cat /proc/loadavg

header Running Processes
ps -ef

header Memory

header Installed Memory 
cat /proc/meminfo

header Memory Usage
free

header Storage

header Devices
cat /proc/devices

header Partitions
cat /proc/partitions

disks=`cat /proc/partitions | awk '{ if ($4!="name") { print $4 } }' | egrep -v "[0-9]$" | egrep -v "^$"`

for disk in $disks; do
    header "Partitioning for disk $disk"
    fdisk -l /dev/$disk
done

header Mounts
cat /proc/mounts

header Diskstats
cat /proc/diskstats

header Hard Drive Usage 
df -h -x squashfs

header General System

header Boot Messages 
cat /var/log/dmesg

header "Recent Kernel messages (dmesg)"
dmesg

header PCI Info
sudo lspci -vvx

header System Info
${vyatta_bindir}/vyatta-show-dmi

header GRUB Command line
cat /proc/cmdline

header Open Ports 
sudo lsof -P -n -i

header System Startup Files 
ls -l /etc/rc?.d

header Bash History
#cat $HOME/.bash_history
for path in /opt/vyatta/config/active/system/login/user/* ; do 
   user=$(basename $path); 
   header "Bash History for $user"; 
   case $user in 
      root) file="/root/.bash_history";;
      *) file="/home/$user/.bash_history";; 
   esac; 
cat .bash_history | gawk '/^#[0-9]*/ {t = substr($0,2); next} {print strftime("%FT%T%z", t) " " $0}' | sort -u
done

header Login History 
last -ix

header Recent Log Messages 
tail -n 250 /var/log/messages

header Entitlement
show entitlement

header NTP
show ntp

header Zebra
show zebra


###
# End of Core section
###


header BGP 
perl /opt/vyatta/bin/node-exists.pl bgp protocols 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header BGP Summary
show ip bgp summary
header BGP Neighbors
show ip bgp neighbors
header BGP Debugging Information 
show debugging bgp 
else
echo "BGP is not configured"
fi

header CLUSTERING
perl /opt/vyatta/bin/node-exists.pl cluster
ret_val=$?
if [ $ret_val -eq 0 ]; then
header Cluster Status
show cluster status
else
echo "Clustering is not configured"
fi

header DHCP Server 
perl /opt/vyatta/bin/node-exists.pl dhcp-server service 
ret_val=$?
if [ $ret_val -eq 0 ]; then 
header DHCP Leases
show dhcp leases
header DHCP Statistics
show dhcp statistics
else
echo "DHCP server is not configured"
fi

header DHCP Client 
header DHCP Client Leases 
is_dhcp=`show dhcp client leases | wc -l` 
if [ -z is_dhcp ]; then 
echo "DHCP client is not configured"
else 
show dhcp client leases
fi


header DHCPV6 
perl /opt/vyatta/bin/node-exists.pl dhcpv6-server service
ret_val=$?
if [ $ret_val -eq 0 ]; then
header DHCPV6 Server Status
show dhcpv6 server status 
header DHCPV6 Server Leases
show dhcpv6 server leases
header DHCPV6 Relay-Agent
show dhcpv6 relay-agent
header DHCPV6 Client Leases
show dhcpv6 client leases 
else
echo "DHCPV6 Server is not configured"
fi


header DNS 
perl /opt/vyatta/bin/node-exists.pl dns service
ret_val=$?
if [ $ret_val -eq 0 ]; then
header DNS Dynamic Status
show dns dynamic status
header DNS Forwarding Statistics
show dns forwarding statistics
header DNS Forwarding Nameservers  
show dns forwarding nameservers
else
echo "DNS is not configured"
fi


header FIREWALL 
perl /opt/vyatta/bin/node-exists.pl firewall
ret_val=$?
if [ $ret_val -eq 0 ]; then
header Firewall Group
show firewall group
header Firewall Detail
show firewall detail
header Firewall Statistics
show firewall statistics 
else
echo "Firewall is not configured"
fi

header IPS
perl /opt/vyatta/bin/node-exists.pl content-inspection
ret_val=$?
if [ $ret_val -eq 0 ]; then
header IPS log
show ips log
header IPS Update-Log
show ips update-log
else
echo "IPS is not configured"
fi

header IPSec
perl /opt/vyatta/bin/node-exists.pl ipsec vpn
ret_val=$?
if [ $ret_val -eq 0 ]; then
header IPSec Status
show vpn ipsec status
header IPSec sa
show vpn ipsec sa
header IPSec sa Detail
show vpn ipsec sa detail
header IPSec sa Statistics
show vpn ipsec sa statistics
 
header /etc/ipsec.conf
cat /etc/ipsec.conf

if [ -r /etc/ipsec.secrets ]; then
    header /etc/ipsec.secrets
    cat /etc/ipsec.secrets
fi
else
echo "IPSec is not configured"
fi

header NAT
perl /opt/vyatta/bin/node-exists.pl nat service
ret_val=$?
if [ $ret_val -eq 0 ]; then
header NAT Rules
show nat rules
header NAT Statistics
show nat statistics
header NAT Translations Detail
show nat translations detail
else
echo "NAT is not configured"
fi


header NETFLOW
perl /opt/vyatta/bin/node-exists.pl netflow system flow-accounting 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header NetFlow Accounting
show flow-accounting 
else
echo "Netflow is not configured"
fi

header OPENVPN
perl /opt/vyatta/bin/node-exists.pl openvpn interfaces 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header OpenVPN Interfaces
show interfaces openvpn detail 
header OpenVPN Server Status
show openvpn server-status
else
echo "OpenVPN is not configured"
fi

header OSPF
perl /opt/vyatta/bin/node-exists.pl ospf protocols 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header OSPF Neighbor
show ip ospf neighbor
header OSPF Route
show ip ospf route
header OSPF Debugging Information
show debugging ospf 
else
echo "OSPF is not configured"
fi

header OSPFV3
perl /opt/vyatta/bin/node-exists.pl ospfv3 protocols
ret_val=$?
if [ $ret_val -eq 0 ]; then
header OSPFV3 Debugging Information
show debugging ospfv3
else
echo "OSPFV3 is not configured" 
fi

header Policy
perl /opt/vyatta/bin/node-exists.pl policy 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header IP Route Maps
show ip protocol 
header Route-Map
show route-map
#header IP Access Lists
#show ip access-lists
header IP Community List
show ip community-list 
else
echo "Policy is not configured"
fi
 
header QoS
perl /opt/vyatta/bin/node-exists.pl traffic-policy
ret_val=$?
if [ $ret_val -eq 0 ]; then
header Current Traffic Policies
show queueing
else
echo "QoS is not configured"
fi

header RIP
perl /opt/vyatta/bin/node-exists.pl rip protocols 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header IP RIP
show ip rip 
header RIP Status
show ip rip status
header RIP Debugging Information
show debugging RIP
else
echo "RIP is not configured"
fi

header RIPNG 
perl /opt/vyatta/bin/node-exists.pl ripng protocols 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header RIPNG Debugging Information
show debugging ripng
else
echo "RIPNG is not configured"
fi

header VPN-L2TP 
perl /opt/vyatta/bin/node-exists.pl l2tp vpn 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header VPN ike secrets
show vpn ike secrets
header VPN rsa-keys
show vpn ike rsa-keys  
header VPN ike sa
show vpn ike sa
header VPN ike Status
show vpn ike status
header VPN Remote-Access
show vpn remote-access

header VPN Debug Detail
show vpn debug detail
else
echo "VPN L2TP is not configured"
fi

header VPN-PPTP 
perl /opt/vyatta/bin/node-exists.pl pptp vpn 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header VPN Remote-Access
show vpn remote-access
else
echo "VPN PPTP is not configured"
fi

header VRRP
found=0
for eth in $(cd /sys/class/net; echo eth*)
do perl /opt/vyatta/bin/node-exists.pl vrrp interfaces ethernet $eth 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header \''show vrrp'\'
show vrrp
found=1
fi
done
if [ $found -eq 0 ]; then
echo "VRRP is not configured"
fi

header WAN LOAD BALANCING
perl /opt/vyatta/bin/node-exists.pl wan load-balancing 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header Wan Load Balance
show wan-load-balance 
header Wan Load Balance Status 
show wan-load-balance status
header Wan Load Balance Connection
show wan-load-balance connection
else
echo "Wan Load Balance is not configured"
fi

header "WEBPROXY/URL-FILTERING" 
perl /opt/vyatta/bin/node-exists.pl url-filtering service webproxy 
ret_val=$?
if [ $ret_val -eq 0 ]; then
header WebProxy Blacklist Categories
show webproxy blacklist categories
header WebProxy Blacklist Domains
show webproxy blacklist domains
header WebProxy Blacklist URLs
show webproxy blacklist urls
header WebProxy Blacklist Log 
show webproxy blacklist log summary
else
echo "Webproxy/URL-filtering is not configured"
fi
 
header "END OF TECH-SUPPORT FILE"
) 1>&$OUT 2>&1

if [ $OUT != "1" ]; then
  chgrp $DEFAULT_GROUP $OUT >& /dev/null
  chmod 664 $OUT >& /dev/null
  if [ $FLAG == "0" ]; then 
    gzip $OUT
    OUT=$OUT.gz 
    if [ $REMOTE != "1" ]; then 
    echo "File $OUT is the compressed file."
    fi 
  fi 
  
  if [ $REMOTE != "1" ]; then 
   echo "Done"
  fi
fi
if [ $REMOTE == "1" ]; then 
  perl /opt/vyatta/bin/vyatta-remote-copy.pl $2 $OUT $FLAG 
fi