#!/bin/csh
# Written by Paul Peters of SAIC
############################################################################
# GNU GENERAL PUBLIC LICENSE - Version 2, June 1991
#
# Secure Remote Log Monitor (SRLM)
# A set of utility programs to selectively and securely retrieve log files
# from multiple clients to a central log server.
#
# Copyright (C) 2002 SAIC
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#############################################################################
switch($OSTYPE)
case linux*:
echo ""
echo "OS detected: Linux"
/sbin/ifconfig|grep eth0 -A1|grep -E "addr:[^ ]+ " -o|grep -E "[0-9\.]+" -o>IPaddr
breaksw
case FreeBSD*:
echo ""
echo "OS detected: FreeBSD"
/sbin/ifconfig|grep fxp0: -A1|grep -E "inet "|cut -f2 -d' '>IPaddr
breaksw
case solaris*:
echo ""
echo "OS detected: Solaris"
/usr/sbin/ifconfig -a|grep broadcast|cut -f2 -d' '>IPaddr
breaksw
default:
echo ""
echo "ERROR: unrecognized operating system"
endsw
echo "IP detected: "`cat IPaddr`
echo ""
set clientIP = `cat IPaddr`
rm -rf IPaddr
set configFilename="src/clientConfig.xml"
set logrotateDir="/usr/local/srlm/LogRotate/"
set keysDir="/usr/local/srlm/keys/client/"
set tempDir="/usr/local/srlm/temp/"
set serverKeyPath="/usr/local/srlm/keys/server/sRSAkey"
set sampleDir="/usr/local/srlm/sample/"
set CAkeysDir="/usr/local/srlm/keys/CA/"
if ($#argv != 1) then
echo "Please provide a valid Server IP address as the first command-line argument."
echo "'clientBuild X.X.X.X'"
else
#####################################################
# Producing a Default Log Rotate Configuration File
# in the directory /usr/local/srlm/LogRotate. If you would like
# to manually generate this file, See Example.lrc to
# produce the file. If you choose a different directory
# in which to place this file, please change the path
# found in the clientConfig.xml file as follows.
#
# change the line:
# /usr/local/srlm/LogRotate/x.x.x.x.lrc
# to:
# full path name of the .lrc file
#
# After making this change, you will need to copy the
# created file onto a directory on the server. See
# the 'serverBuild' script located in /LogMonitor/Server
# for details.
#####################################################
mkdir -p $logrotateDir
set lrcFullPath=$logrotateDir$clientIP".lrc"
echo "# logrotate configuration file for "$clientIP>$lrcFullPath
echo "">>$lrcFullPath
echo "copytruncate">>$lrcFullPath
echo "rotate 1">>$lrcFullPath
echo "">>$lrcFullPath
echo $sampleDir"sampleLogFile {">>$lrcFullPath
echo "}">>$lrcFullPath
echo "A Default Log Rotate Configuration File has been produced in"
echo "'"$lrcFullPath"'. Please record this directory as you"
echo "will need to copy this file to a directory on the server."
echo "Press Enter Key to Continue Setup"
while ( 1 )
set LINE = "$<"
if ( "$LINE" == "" ) then
break
endif
end
#####################################################
# Producing a Default Key Pair for the client.
# This will be done by compiling and running rsa_kgen.cpp.
# The keys will all be stored in a single directory
# on each instrumented system and the public key data
# will need to be transported to the server manually on disk
# if you wish to set up the key pair manually, you can
# compile and run rsa_kgen.cpp manually or determine
# a 2048 bit RSA key pair using another method. These
# keys must be placed in a directory on the client as
# well as the server. If the path in which you
# place the keys is not '/usr/local/srlm/keys/client/X.X.X.X.key',
# where X.X.X.X is the client's ip address
# change the clientConfig.xml file as follows:
#
# change the line:
# /usr/local/srlm/keys/client/X.X.X.X.key
# to:
# full path name of the key pair file
# See the 'serverBuild' script for more details on
# setting up the server keys.
#####################################################
cd src
set keysFullPath=$keysDir$clientIP".key"
make rsa_kgen
./rsa_kgen
cd ..
mkdir -p $keysDir
mv -f src/rsakey.priv $keysFullPath
mkdir -p $tempDir
mv -f src/rsakey.pub $tempDir$clientIP".key"
echo "A 2048 bit public key has been generated for this client at "
echo "'"$tempDir$clientIP".key'. Please record this path as you"
echo "will need to copy this data to a file on the server."
echo "Press Enter Key to Continue Setup"
while ( 1 )
set LINE = "$<"
if ( "$LINE" == "" ) then
break
endif
end
#####################################################
# Producing a Default Configuration File for this
# instrumented system. Running this script will overwrite
# the Example Config File named 'clientConfig.xml'. If
# you do not wish to overwrite this file, DO NOT RUN THIS
# SCRIPT. Rather, complete the rest of the client setup
# manually, then edit the configuration file by hand.
#####################################################
printf "\n">$configFilename
printf "\t\n">>$configFilename
printf "\t\t0\n">>$configFilename
printf "\t\t8084\n">>$configFilename
printf "\t\t"$keysFullPath"\n">>$configFilename
printf "\t\t"$lrcFullPath"\n">>$configFilename
printf "\t\n">>$configFilename
printf "\t\n">>$configFilename
printf "\t\t15\n">>$configFilename
printf "\t\t"$argv[1]"\n">>$configFilename
printf "\t\t5000\n">>$configFilename
printf "\t\n">>$configFilename
printf "\t"$serverKeyPath"\n">>$configFilename
printf "\tserver\n">>$configFilename
printf "\n">>$configFilename
#####################################################
# Add some sample data to /usr/local/srlm/sample/sampleLogFile
# If you manually set up your log rotate configuration file
# you should add some test data to the log you will
# initially monitor.
#####################################################
mkdir -p $sampleDir
set sampleFullPath=$sampleDir"sampleLogFile"
echo "SRLM">$sampleFullPath
echo "sample">>$sampleFullPath
echo "log">>$sampleFullPath
echo "data">>$sampleFullPath
##########################################
# Making Directories where keys will be
# stored
##########################################
mkdir -p $CAkeysDir
mkdir -p /usr/local/srlm/keys/server/
##########################################
# Notifying user that setup has completed.
##########################################
echo ""
echo "Instrumented System Setup has completed successfully."
endif