proxy_role/overlay/Linux/usr/local/bin/proxy_hourly.bash

#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-

PREFIX=/usr/local
ROLE=proxy
DEBUG=1

# The idea here is to run ansible_local.bash --tags daily
# and then use this to do the parsing and throwing errors based on the output.
# This was the ansible run can be free from erroring and this can be
# run repeatedly anytime outside of ansible to deal with the issues raised.
# It is also run at the end of ansible_local.bash --tags daily to raise the issues.

prog=$( basename $0 .bash )
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[ -f /usr/local/etc/testforge/testforge.bash ] && \
    .  /usr/local/etc/testforge/testforge.bash >/dev/null

. /usr/local/bin/proxy_export.bash
PL=/usr/local/bin/proxy_ping_lib.bash
. $PL
PL=
PLL=/usr/local/bin/proxy_libvirt_lib.bash
. $PLL
PLL=
DEBUG=1

declare -a BOX_NBD_OVERLAY_EXTERNAL
# fill this in with the ansible hosts.yml
BOX_NBD_OVERLAY_EXTERNALS=(
    /o/var/local/src/play_tox/hosts.yml
    /o/data/TestForge/src/ansible/hosts.yml
    )
[ -z "$USER" ] && USER=$(id -un )
MYID=$( id -u )
[ $MYID -eq 0 ] || { ERROR $prog must be run as root $MYID ;  exit 1 ; }

# . $PREFIX/src/var_local_src.bash
which ansifilter >/dev/null 2>&1  && ansifilter=ansifilter || ansifilter=cat

[ -d /dev/virtio-ports ] && ONE_GUEST=1 || ONE_GUEST=0

ly=hourly
errs=0
warns=0

elt=proxy
LOG_DIR=/usr/local/tmp
ELOG=$LOG_DIR/E${prog}_${ly}$$.log
WLOG=$LOG_DIR/W${prog}_${ly}$$.log
OUT=$LOG_DIR/O${prog}_${ly}$$.log

export PATH=$PATH:/usr/local/bin
[ -n "$BASE_SRC_ANSIBLE" ] || BASE_SRC_ANSIBLE=/g/TestForge/src/ansible
[ -z "$MODE" ] && MODE=$( $PL proxy_ping_mode )
[ -n "$DEBUG" ] && echo >&2 DEBUG: $prog $ly MODE=$MODE 0=$0 "$#" "$@"
[ -z "$MODE" ] && exit 2

[ ! -d $LOG_DIR/ ] && mkdir -p $LOG_DIR && chmod 1777 $LOG_DIR
find $LOG_DIR/*${prog}_${ly}*.log -ctime +2 -delete

elt=proxy_export
DBUG elt=$elt
. /usr/local/bin/$elt.bash || exit 2
DBUG http_proxy=$http_proxy
DBUG https_proxy=$https_proxy
DBUG socks_proxy=$socks_proxy

IP=`ifconfig|grep -A1 'eth\|wlan'|grep inet|sed -e 's/.*inet //' -e 's/ .*//'`
DBUG external=$IP
GW=`ip route | grep ^def | sed -e 's/.*via //' -e 's/ .*//'`
DBUG gw=$GW

grep -q "^wlan[1-9][ 	]00000000" /proc/net/route && ZERO_CONNECTED=0 || ZERO_CONNECTED=1
if [ $ZERO_CONNECTED == 0 ] ; then
    /usr/local/bin/proxy_ping_test.bash $MODE 2>&1| grep ERROR: | tee $ELOG
    [ -s $ELOG ] || INFO /usr/local/bin/proxy_ping_test.bash $MODE
fi

elt=/etc/ssl/certs
DBUG elt=$elt
if [ -d  /etc/ssl/certs/ ] ; then
    find -L /etc/ssl/certs/ -type l | tee -a $ELOG
    find -L /etc/ssl/certs/ -type l -delete
else
    WARN /etc/ssl/certs/ missing
fi

elt=route
DBUG elt=$elt
# ubuntu / devuan oddball
route | grep -q 'lo$' || \
   ip route add 127.0.0.0/8 dev lo scope host

if [ "$MODE" = whonix -o "$MODE" = tor -o "$MODE" = selektor  ] ; then
    NS=127.0.0.1
elif [ "$MODE" = nat -o "$MODE" = vda -o "$MODE" = ws  ] ; then
    NS=10.0.2.2
else
    NS=
fi
if [ -n "$NS" ] ; then
    elt=/etc/resolv.conf
    DBUG elt=$elt
    a=`grep nameserver /etc/resolv.conf | grep -v "nameserver $IP" | wc -l`
    if [ $? -eq 0 -a -n "$a" -a "$a" -gt 0 ] ; then
	/usr/local/bin/base_wall.bash "CRIT: $prog /etc/resolv.conf" `grep nameserver /etc/resolv.conf`
	echo "nameserver $IP" > /etc/resolv.conf
    fi
fi

if [ "$MODE" = whonix -o "$MODE" = tor -o "$MODE" = selektor  ] ; then
    # 10.24.216.64
    elt=/etc/hosts
    DBUG elt=$elt
    if [ -n "$IP" ] ; then
	grep -q " external" /etc/hosts && \
	    sed -e "s/.* external/$IP external/" -i /etc/hosts  || \
		echo "$IP external" >>  /etc/hosts
	for file in "${BOX_NBD_OVERLAY_EXTERNALS[@]}" ; do
	    [ -f $file ] || continue
	    grep -q "BOX_NBD_OVERLAY_EXTERNAL.*" $file && continue
	    sed -i -e "s/BOX_NBD_OVERLAY_EXTERNAL:.*/BOX_NBD_OVERLAY_EXTERNAL: \"$IP\"/" $file
	done
    fi
    
    elt=/etc/firewall.conf
    DBUG elt=$elt
    [ -f /etc/firewall.conf ] || {
	ERROR $prog NO FIREWALL /etc/firewall.conf | tee -a $ELOG | \
	    xargs /usr/local/bin/base_wall.bash
    }
    
    elt=iptables
    DBUG elt=$elt
    $PL proxy_iptables_save >$OUT 2>&1
    if [ $? -ne 0 ] || ! grep -q DROP $OUT ; then
	ERROR $prog NO FIREWALL - DROP `cat $OUT` | tee -a $ELOG
	/usr/local/bin/base_wall.bash ERROR $prog NO FIREWALL - DROP
	#?	    /usr/local/bin/proxy_firewall_restore_iptable.bash /etc/firewall.conf
    fi
    
elif [ "$MODE" = nat -o "$MODE" = vda -o "$MODE" = ws  ] && [ $ONE_GUEST -eq 1 ]; then
    elt=/etc/resolv.conf
    DBUG elt=$elt
    if [ $? -eq 0 -a -n "$GW" ] ; then
	if ! grep  -q "$GW" /etc/resolv.conf ; then
	    /usr/local/bin/base_wall.bash "CRIT: $GW not in /etc/resolv.conf"
	    echo "nameserver $GW" >> /etc/resolv.conf
	fi

	$PL proxy_ping_firewall_check  || \
	    /usr/local/bin/base_wall.bash $prog 'CRIT: proxy_ping_firewall_check' retval=$?
    fi
fi

if [ $ONE_GUEST -eq 0 ] ; then
    
    if [ "$MODE" = whonix ] ; then
	BOX_WHONIX_PROXY_HOST=$( /usr/local/bin/testforge_get_inventory.bash BOX_WHONIX_PROXY_HOST )
	if [ -n "$BOX_WHONIX_PROXY_HOST" ] && \
	       which virsh 2>/dev/null >/dev/null && \
	       virsh list | grep -q "$BOX_WHONIX_PROXY_HOST" ; then
	    # sh proxy_whonix_host_tor.bash whonix
	    /usr/local/sbin/proxy_whonix_host.bash proxy_whonix_host_add_block >>$OUT 2>>$ELOG
	fi
	$PLL proxy_libvirt_test >$OUT 2>&1
	retval=$?
	[ $retval -gt 1 ] && \
	    ERROR $prog proxy_libvirt_test retval=$retval | tee -a $ELOG
    fi

    wlan7=`ifconfig|grep ^wlan|tail -1| sed -e 's/:.*//'`
    if [ -n "$wlan7" ] ; then
	grep -q $wlan7 /etc/firewall.conf  || {
	    ERROR $prog NO $wlan7 in /etc/firewall.conf | tee -a $ELOG | \
		xargs /usr/local/bin/base_wall.bash
	    /usr/local/bin/firewall.bash
	}
    fi

    [ -f /var/log/privoxy/logfile ] && \
	grep -i fatal /var/log/privoxy/logfile | tee -a $ELOG && \
	ERROR Fatal in /var/log/privoxy/logfile |tee -a $ELOG

    if grep -q "^wlan[1-9][ 	]00000000" /proc/net/route ; then
	$PL proxy_ping_gw_check || {
	    ERROR  proxy_ping_gw_check | tee -a $ELOG
	}
	$PL proxy_ping_dnsmasq_check && \
	    ERROR  proxy_ping_dnsmasq_check || {
	    ERROR  proxy_ping_dnsmasq_check | tee -a $ELOG
	}
	$PL proxy_ping_firewall_check && \
	    INFO proxy_ping_firewall_check  || {
	    ERROR proxy_ping_firewall_check | tee -a $ELOG
	}

	$PL proxy_test_dirmngr $OUT && \
	    INFO proxy_test_dirmngr $retval | tee -a $ELOG || {
		retval=$?
		ERROR proxy_test_dirmngr $retval | tee -a $ELOG
	}

	if dmesg | grep --text -A 1 'martian' ; then
	    dmesg | grep --text -A 1 'martian' | \
		xargs echo WARN: martians | tee -a $ELOG
            dmesg | grep --text -A 1 'martian' | \
		sed -e 's/DST=.*//' -e 's/.*martian_//' -e 's/ OUT=.*SRC=/ /' | tee -a $ELOG
	else
	    INFO proxy_test_dirmngr no martians
	fi

	PROXY_WLAN=$( $PL proxy_get_if )
	[ -n "$PROXY_WLAN" -a -f /etc/wicd/wireless-settings.conf ] && \
	    ps ax | grep -q wpa_supplicant && \
	    grep -A 1 bad$ /etc/wicd/wireless-settings.conf | \
		grep bssid | sed -e 's/.*= //' | \
		while read elt ; do \
	            wpa_cli -i "$PROXY_WLAN" blacklist $elt
		done

    fi
fi

# [ -s $OUT ] && grep WARN: $OUT | tee -a $ELOG

if [ -s $ELOG ] ; then
    errs=$( wc -l $ELOG | cut -f 1 -d ' ' )
    if [ $? -eq 0 -a $errs -ne 0 ] ; then
	ERROR $prog $errs $ly $prog errors in $ELOG
	cat $ELOG
	exit $errs
      fi
fi

[ -f $WLOG ] && warns=`wc -l $WLOG | cut -f 1 -d ' '`
[ $? -eq 0 -a $warns -ne 0 ] && \
  WARN "$warns $ly $prog warnings in $WLOG"

[ $errs -eq 0 ] && \
  [ $warns -eq 0 ] && \
  INFO  "$prog No $ly errors in $HARDEN_LOG_DIR"

exit 0
first 2024-01-06 01:57:28 +00:00			`#!/bin/bash`
			`# -- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix --`

			`PREFIX=/usr/local`
			`ROLE=proxy`
			`DEBUG=1`

			`# The idea here is to run ansible_local.bash --tags daily`
			`# and then use this to do the parsing and throwing errors based on the output.`
			`# This was the ansible run can be free from erroring and this can be`
			`# run repeatedly anytime outside of ansible to deal with the issues raised.`
			`# It is also run at the end of ansible_local.bash --tags daily to raise the issues.`

			`prog=$( basename $0 .bash )`
			`PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin`
			`[ -f /usr/local/etc/testforge/testforge.bash ] && \`
			`. /usr/local/etc/testforge/testforge.bash >/dev/null`

bash 2024-01-09 15:35:38 +00:00			`. /usr/local/bin/proxy_export.bash`
first 2024-01-06 01:57:28 +00:00			`PL=/usr/local/bin/proxy_ping_lib.bash`
			`. $PL`
			`PL=`
bash 2024-01-09 15:35:38 +00:00			`PLL=/usr/local/bin/proxy_libvirt_lib.bash`
			`. $PLL`
			`PLL=`
			`DEBUG=1`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`declare -a BOX_NBD_OVERLAY_EXTERNAL`
			`# fill this in with the ansible hosts.yml`
			`BOX_NBD_OVERLAY_EXTERNALS=(`
			`/o/var/local/src/play_tox/hosts.yml`
			`/o/data/TestForge/src/ansible/hosts.yml`
			`)`
first 2024-01-06 01:57:28 +00:00			`[ -z "$USER" ] && USER=$(id -un )`
			`MYID=$( id -u )`
			`[ $MYID -eq 0 ] \|\| { ERROR $prog must be run as root $MYID ; exit 1 ; }`

			`# . $PREFIX/src/var_local_src.bash`
			`which ansifilter >/dev/null 2>&1 && ansifilter=ansifilter \|\| ansifilter=cat`

			`[ -d /dev/virtio-ports ] && ONE_GUEST=1 \|\| ONE_GUEST=0`

			`ly=hourly`
			`errs=0`
			`warns=0`

			`elt=proxy`
			`LOG_DIR=/usr/local/tmp`
			`ELOG=$LOG_DIR/E${prog}_${ly}$$.log`
			`WLOG=$LOG_DIR/W${prog}_${ly}$$.log`
			`OUT=$LOG_DIR/O${prog}_${ly}$$.log`

			`export PATH=$PATH:/usr/local/bin`
bash 2024-01-09 15:35:38 +00:00			`[ -n "$BASE_SRC_ANSIBLE" ] \|\| BASE_SRC_ANSIBLE=/g/TestForge/src/ansible`
first 2024-01-06 01:57:28 +00:00			`[ -z "$MODE" ] && MODE=$( $PL proxy_ping_mode )`
			`[ -n "$DEBUG" ] && echo >&2 DEBUG: $prog $ly MODE=$MODE 0=$0 "$#" "$@"`
			`[ -z "$MODE" ] && exit 2`

bash 2024-01-09 15:35:38 +00:00			`[ ! -d $LOG_DIR/ ] && mkdir -p $LOG_DIR && chmod 1777 $LOG_DIR`
			`find $LOG_DIR/${prog}_${ly}.log -ctime +2 -delete`

			`elt=proxy_export`
			`DBUG elt=$elt`
			`. /usr/local/bin/$elt.bash \|\| exit 2`
			`DBUG http_proxy=$http_proxy`
			`DBUG https_proxy=$https_proxy`
			`DBUG socks_proxy=$socks_proxy`

			IP=`ifconfig\|grep -A1 'eth\\|wlan'\|grep inet\|sed -e 's/.inet //' -e 's/ .//'`
			`DBUG external=$IP`
			GW=`ip route \| grep ^def \| sed -e 's/.via //' -e 's/ .//'`
			`DBUG gw=$GW`

			`grep -q "^wlan[1-9][ ]00000000" /proc/net/route && ZERO_CONNECTED=0 \|\| ZERO_CONNECTED=1`
			`if [ $ZERO_CONNECTED == 0 ] ; then`
			`/usr/local/bin/proxy_ping_test.bash $MODE 2>&1\| grep ERROR: \| tee $ELOG`
			`[ -s $ELOG ] \|\| INFO /usr/local/bin/proxy_ping_test.bash $MODE`
			`fi`

			`elt=/etc/ssl/certs`
			`DBUG elt=$elt`
			`if [ -d /etc/ssl/certs/ ] ; then`
			`find -L /etc/ssl/certs/ -type l \| tee -a $ELOG`
			`find -L /etc/ssl/certs/ -type l -delete`
			`else`
			`WARN /etc/ssl/certs/ missing`
			`fi`

			`elt=route`
			`DBUG elt=$elt`
first 2024-01-06 01:57:28 +00:00			`# ubuntu / devuan oddball`
			`route \| grep -q 'lo$' \|\| \`
			`ip route add 127.0.0.0/8 dev lo scope host`

bash 2024-01-09 15:35:38 +00:00			`if [ "$MODE" = whonix -o "$MODE" = tor -o "$MODE" = selektor ] ; then`
			`NS=127.0.0.1`
			`elif [ "$MODE" = nat -o "$MODE" = vda -o "$MODE" = ws ] ; then`
			`NS=10.0.2.2`
			`else`
			`NS=`
			`fi`
			`if [ -n "$NS" ] ; then`
			`elt=/etc/resolv.conf`
			`DBUG elt=$elt`
			a=`grep nameserver /etc/resolv.conf \| grep -v "nameserver $IP" \| wc -l`
			`if [ $? -eq 0 -a -n "$a" -a "$a" -gt 0 ] ; then`
			/usr/local/bin/base_wall.bash "CRIT: $prog /etc/resolv.conf" `grep nameserver /etc/resolv.conf`
			`echo "nameserver $IP" > /etc/resolv.conf`
			`fi`
			`fi`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`if [ "$MODE" = whonix -o "$MODE" = tor -o "$MODE" = selektor ] ; then`
first 2024-01-06 01:57:28 +00:00			`# 10.24.216.64`
bash 2024-01-09 15:35:38 +00:00			`elt=/etc/hosts`
			`DBUG elt=$elt`
first 2024-01-06 01:57:28 +00:00			`if [ -n "$IP" ] ; then`
bash 2024-01-09 15:35:38 +00:00			`grep -q " external" /etc/hosts && \`
first 2024-01-06 01:57:28 +00:00			`sed -e "s/.* external/$IP external/" -i /etc/hosts \|\| \`
bash 2024-01-09 15:35:38 +00:00			`echo "$IP external" >> /etc/hosts`
			`for file in "${BOX_NBD_OVERLAY_EXTERNALS[@]}" ; do`
			`[ -f $file ] \|\| continue`
			`grep -q "BOX_NBD_OVERLAY_EXTERNAL.*" $file && continue`
			`sed -i -e "s/BOX_NBD_OVERLAY_EXTERNAL:.*/BOX_NBD_OVERLAY_EXTERNAL: \"$IP\"/" $file`
			`done`
first 2024-01-06 01:57:28 +00:00			`fi`

bash 2024-01-09 15:35:38 +00:00			`elt=/etc/firewall.conf`
			`DBUG elt=$elt`
			`[ -f /etc/firewall.conf ] \|\| {`
			`ERROR $prog NO FIREWALL /etc/firewall.conf \| tee -a $ELOG \| \`
			`xargs /usr/local/bin/base_wall.bash`
			`}`

			`elt=iptables`
			`DBUG elt=$elt`
			`$PL proxy_iptables_save >$OUT 2>&1`
			`if [ $? -ne 0 ] \|\| ! grep -q DROP $OUT ; then`
			ERROR $prog NO FIREWALL - DROP `cat $OUT` \| tee -a $ELOG
			`/usr/local/bin/base_wall.bash ERROR $prog NO FIREWALL - DROP`
			`#? /usr/local/bin/proxy_firewall_restore_iptable.bash /etc/firewall.conf`
first 2024-01-06 01:57:28 +00:00			`fi`
bash 2024-01-09 15:35:38 +00:00
			`elif [ "$MODE" = nat -o "$MODE" = vda -o "$MODE" = ws ] && [ $ONE_GUEST -eq 1 ]; then`
			`elt=/etc/resolv.conf`
			`DBUG elt=$elt`
			`if [ $? -eq 0 -a -n "$GW" ] ; then`
			`if ! grep -q "$GW" /etc/resolv.conf ; then`
			`/usr/local/bin/base_wall.bash "CRIT: $GW not in /etc/resolv.conf"`
			`echo "nameserver $GW" >> /etc/resolv.conf`
			`fi`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`$PL proxy_ping_firewall_check \|\| \`
			`/usr/local/bin/base_wall.bash $prog 'CRIT: proxy_ping_firewall_check' retval=$?`
first 2024-01-06 01:57:28 +00:00			`fi`
bash 2024-01-09 15:35:38 +00:00			`fi`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`if [ $ONE_GUEST -eq 0 ] ; then`

first 2024-01-06 01:57:28 +00:00			`if [ "$MODE" = whonix ] ; then`
			`BOX_WHONIX_PROXY_HOST=$( /usr/local/bin/testforge_get_inventory.bash BOX_WHONIX_PROXY_HOST )`
			`if [ -n "$BOX_WHONIX_PROXY_HOST" ] && \`
			`which virsh 2>/dev/null >/dev/null && \`
			`virsh list \| grep -q "$BOX_WHONIX_PROXY_HOST" ; then`
			`# sh proxy_whonix_host_tor.bash whonix`
			`/usr/local/sbin/proxy_whonix_host.bash proxy_whonix_host_add_block >>$OUT 2>>$ELOG`
			`fi`
bash 2024-01-09 15:35:38 +00:00			`$PLL proxy_libvirt_test >$OUT 2>&1`
first 2024-01-06 01:57:28 +00:00			`retval=$?`
bash 2024-01-09 15:35:38 +00:00			`[ $retval -gt 1 ] && \`
			`ERROR $prog proxy_libvirt_test retval=$retval \| tee -a $ELOG`
			`fi`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			wlan7=`ifconfig\|grep ^wlan\|tail -1\| sed -e 's/:.*//'`
			`if [ -n "$wlan7" ] ; then`
first 2024-01-06 01:57:28 +00:00			`grep -q $wlan7 /etc/firewall.conf \|\| {`
			`ERROR $prog NO $wlan7 in /etc/firewall.conf \| tee -a $ELOG \| \`
			`xargs /usr/local/bin/base_wall.bash`
			`/usr/local/bin/firewall.bash`
			`}`
			`fi`

			`[ -f /var/log/privoxy/logfile ] && \`
bash 2024-01-09 15:35:38 +00:00			`grep -i fatal /var/log/privoxy/logfile \| tee -a $ELOG && \`
			`ERROR Fatal in /var/log/privoxy/logfile \|tee -a $ELOG`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`if grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; then`
			`$PL proxy_ping_gw_check \|\| {`
			`ERROR proxy_ping_gw_check \| tee -a $ELOG`
			`}`
			`$PL proxy_ping_dnsmasq_check && \`
			`ERROR proxy_ping_dnsmasq_check \|\| {`
			`ERROR proxy_ping_dnsmasq_check \| tee -a $ELOG`
			`}`
			`$PL proxy_ping_firewall_check && \`
			`INFO proxy_ping_firewall_check \|\| {`
			`ERROR proxy_ping_firewall_check \| tee -a $ELOG`
			`}`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`$PL proxy_test_dirmngr $OUT && \`
			`INFO proxy_test_dirmngr $retval \| tee -a $ELOG \|\| {`
			`retval=$?`
			`ERROR proxy_test_dirmngr $retval \| tee -a $ELOG`
			`}`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`if dmesg \| grep --text -A 1 'martian' ; then`
			`dmesg \| grep --text -A 1 'martian' \| \`
			`xargs echo WARN: martians \| tee -a $ELOG`
			`dmesg \| grep --text -A 1 'martian' \| \`
			`sed -e 's/DST=.//' -e 's/.martian_//' -e 's/ OUT=.*SRC=/ /' \| tee -a $ELOG`
			`else`
			`INFO proxy_test_dirmngr no martians`
			`fi`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`PROXY_WLAN=$( $PL proxy_get_if )`
			`[ -n "$PROXY_WLAN" -a -f /etc/wicd/wireless-settings.conf ] && \`
			`ps ax \| grep -q wpa_supplicant && \`
			`grep -A 1 bad$ /etc/wicd/wireless-settings.conf \| \`
			`grep bssid \| sed -e 's/.*= //' \| \`
			`while read elt ; do \`
			`wpa_cli -i "$PROXY_WLAN" blacklist $elt`
			`done`
first 2024-01-06 01:57:28 +00:00
bash 2024-01-09 15:35:38 +00:00			`fi`
first 2024-01-06 01:57:28 +00:00			`fi`

bash 2024-01-09 15:35:38 +00:00			`# [ -s $OUT ] && grep WARN: $OUT \| tee -a $ELOG`
first 2024-01-06 01:57:28 +00:00
			`if [ -s $ELOG ] ; then`
			`errs=$( wc -l $ELOG \| cut -f 1 -d ' ' )`
			`if [ $? -eq 0 -a $errs -ne 0 ] ; then`
			`ERROR $prog $errs $ly $prog errors in $ELOG`
			`cat $ELOG`
			`exit $errs`
			`fi`
			`fi`

			[ -f $WLOG ] && warns=`wc -l $WLOG \| cut -f 1 -d ' '`
			`[ $? -eq 0 -a $warns -ne 0 ] && \`
			`WARN "$warns $ly $prog warnings in $WLOG"`

			`[ $errs -eq 0 ] && \`
			`[ $warns -eq 0 ] && \`
			`INFO "$prog No $ly errors in $HARDEN_LOG_DIR"`

			`exit 0`