简化 shell 脚本中的文件比较

问题描述 投票:0回答:1

我在 OPNSense 中运行此 shell,以检查任何与表不匹配的新 DHCP 版本并发送警报电子邮件。然而,这段代码非常消耗CPU。我可能会尝试列出给定时间段的变化,并进行比较。

大家还有什么更好的想法吗?

#!/usr/local/bin/bash

# Define the location of the static DHCP release file
STATIC_DHCP_FILE="/var/dhcpd/etc/dhcpd.conf"

# Define the location of the new DHCP release file
NEW_DHCP_FILE="/var/log/dhcpd/latest.log"

# Define the subject of the email
SUBJECT="New DHCP Release Detected"

# Define the last line of the file
LAST_LINE=$(tail -n 1 "$NEW_DHCP_FILE")

# Create last line file
touch /tmp/last_match

while true; do
    # Check if the file has changed
    if ! cmp -s /tmp/last_match "$NEW_DHCP_FILE"; then # Use cmp instead of diff
        LAST_LINE=$(tail -n 1 "$NEW_DHCP_FILE")
        DHCP_MODE=$(echo "$LAST_LINE" | awk '{print $9}')
        if [ "$DHCP_MODE" == "DHCPOFFER" ]; then
            IP=$(echo "$LAST_LINE" | awk '{print $11}')
            MAC=$(echo "$LAST_LINE" | awk '{print $13}')
            ETH=$(echo "$LAST_LINE" | awk '{print $15}')
            if  ! grep -qi "$MAC" "$STATIC_DHCP_FILE"; then
        # Run the nmap command and store the output in a variable
        OUTPUT=$(nmap -sP "$IP")
        # Extract the hostname from the output using grep and cut
        HOSTNAME=$(echo "$OUTPUT" | grep -m 1 "Nmap scan report for" | cut -d " " -f 5)
                echo "$LAST_LINE" > /tmp/last_match
                BODY=`printf "A new DHCP release has been detected for an unknown device. The details are as follows:\n\nOn $(date)\nIP Address: $IP\nMAC Address: $MAC\nHostname: $HOSTNAME\n"`
                echo -e "$BODY"
                sleep 3
                python3 /root/sendmail.py -s "$SUBJECT" -a "$BODY"
            fi
        fi
    fi
done
shell freebsd opnsense
1个回答
0
投票

只需要一次时,请勿多次拨打

awk

更重要的是,不要忙等待/轮询。当新数据到达时就读取它。

例如:

static_dhcp_file=/var/dhcpd/etc/dhcpd.conf
new_dhcp_file=/var/log/dhcpd/latest.log

subject="New DHCP Release Detected"

tail -f -n1 "$new_dhcp_file" |
while read _ _ _ _ _ _ _ _ mode _ ip _ mac _ eth _; do 
    if [ $mode = DHCP_OFFER ] && ! grep -qi $mac "$static_dhcp_file"; then
        host=$(nmap -sP $ip | awk '/Nmap scan report for/ { print $5; exit }'
        body=$(printf "A new DHCP release has been detected for an unknown device. The details are as follows:\n\nOn $(date)\nIP Address: ${ip}\nMAC Address: ${mac}\nHostname: ${host}\n")
        echo "$body"
        sleep 3
        python3 /root/sendmail.py -s "$subject" -a "$body"
    fi
done
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.