blob: 5eb721437278b0a0b56ae920ce8e421734695adb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
---
- hosts: vfw-sink
gather_facts: no
remote_user: ubuntu
vars:
time_measure: 30
tasks:
- name: Install grepcidr
apt:
name: grepcidr
become: yes
- include_vars: "{{ ConfigFileName }}"
- debug: var="trafficpresence"
failed_when: "'trafficpresence' is not defined"
- name: Get fw interface
shell: |
IP_PPNET=$(cat /etc/network/interfaces |grep address | awk '{print $2}' | grepcidr -f /opt/config/protected_private_net_cidr.txt)
cat /etc/network/interfaces | grep $IP_PPNET -B1 | grep iface | awk '{print $2}'
register: fw_ppnet_iface
- name: Traffic check if trafficpresence is TRUE
when: trafficpresence == true
block:
- name: Traffic check if trafficpresence is TRUE
raw: |
#!/bin/bash
COL=$(netstat -i|grep lo |awk '{print NF}')
if [ $COL -eq 11 ] ; then NCOL=7
elif [ $COL -eq 12 ] ; then NCOL=8
else echo "bad NETSTAT version"
fi
TXOK_INITIAL=$(netstat -i | fgrep "{{ fw_ppnet_iface.stdout }}" | awk -v col=$NCOL '{print $col}')
sleep 0.1
for i in {1..{{ time_measure }}}
do
TXOK_CURRENT=$(netstat -i | fgrep "{{ fw_ppnet_iface.stdout }}" | awk -v col=$NCOL '{print $col}')
if [ $TXOK_CURRENT -gt $TXOK_INITIAL ] ; then
echo 'traffic present'
break
fi
sleep 1
echo $TXOK_CURRENT
done
if [ $TXOK_CURRENT -eq $TXOK_INITIAL ] ; then
echo 'traffic absent'
exit 1
fi
register: traffic_check
ignore_errors: yes
- debug:
msg: 'traffic absent {{ traffic_check.stdout_lines }} '
when: traffic_check.rc == 1
failed_when: traffic_check.rc == 1
- debug:
msg: 'traffic present {{ traffic_check.stdout_lines }} '
when: traffic_check.rc == 0
- name: Traffic check if trafficpresence is FALSE
when: trafficpresence == false
block:
- name: Traffic check trafficpresence is FALSE
raw: |
#!/bin/bash
COL=$(netstat -i|grep lo |awk '{print NF}')
if [ $COL -eq 11 ] ; then NCOL=7
elif [ $COL -eq 12 ] ; then NCOL=8
else echo "bad NETSTAT version"
fi
for i in {1..{{ time_measure }}}
do
TXOK_INITIAL=$(netstat -i | fgrep "{{ fw_ppnet_iface.stdout }}" | awk -v col=$NCOL '{print $col}')
sleep 1
TXOK_CURRENT=$(netstat -i | fgrep "{{ fw_ppnet_iface.stdout }}" | awk -v col=$NCOL '{print $col}')
if [ $TXOK_CURRENT -eq $TXOK_INITIAL ] ; then
echo 'traffic absent'
break
fi
done
if [ $TXOK_CURRENT -gt $TXOK_INITIAL ] ; then
echo 'traffic present'
exit 1
fi
register: traffic_check
ignore_errors: yes
- debug:
msg: 'traffic absent {{ traffic_check.stdout_lines }} '
when: traffic_check.rc == 0
- debug:
msg: 'traffic present {{ traffic_check.stdout_lines }} '
when: traffic_check.rc == 1
failed_when: traffic_check.rc == 1
|
