ncp-diag: Fix port check for dual stack lite

author: Victor-ray <12261439+ZendaiOwl@users.noreply.github.com> 2022-08-21 15:24:46 +0300
committer: GitHub <noreply@github.com> 2022-08-21 15:24:46 +0300
commit: 220c55528fc6871665b66f9512cf18c78746927a (patch)
tree: 7058a7c151efb1e1aa265721b8f4e2793d69253d /bin/ncp-diag
parent: 1669bdeacee7ca5a68d36cd0d39cdb246c7aa924 (diff)
1 files changed, 56 insertions, 18 deletions
diff --git a/bin/ncp-diag b/bin/ncp-diag
index af841efa..0d64a30f 100644
--- a/bin/ncp-diag
+++ b/bin/ncp-diag
@@ -62,29 +62,67 @@ echo "HPB service|$( ncc notify_push:self-test &>/dev/null && echo up || echo do
 echo "Postfix service|$( pgrep -fc postfix &>/dev/null && echo up || echo down )"
 
 # WAN
-echo "internet check|$( ping -W 2 -w 1 -q github.com &>/dev/null && echo ok || echo no )"
+echo "Internet check|$( ping -W 2 -w 1 -q github.com &>/dev/null && echo ok || echo no )"
 
 function is_port_open()
 {
-  local port=$1
-  local public_ip
-  public_ip="$(curl -m4 -4 https://icanhazip.com 2>/dev/null)" || { echo "closed"; return 1; }
-  if [[ "${public_ip}" == "" ]]; then
-    public_ip="$(curl -m4 -6 https://icanhazip.com 2>/dev/null)" || { echo "closed"; return 1; }
+  local port_url tmp_file token ipv4_portcheck_args ipv6_portcheck_args
+  tmp_file=$(mktemp)
+  trap 'rm -rf ${tmp_file}' EXIT ERR SIGINT SIGQUIT SIGABRT SIGTERM SIGHUP
+
+  local port="${1?}"
+  local publicIPv4="${2}"
+  local publicIPv6="${3}"
+
+  readonly port_url="https://portchecker.co"
+
+  if [[ -z "$publicIPv4" ]] && [[ -z "$publicIPv6" ]]
+  then
+    echo -n "Error - IPv4 & IPv6: [N/A] Couldn't get public IP."
+    return 1
   fi
-  local tmp_file=$(mktemp)
-  local token=$(wget -T2 -t1 -qO- --keep-session-cookies --save-cookies $tmp_file https://portchecker.co | grep -oP "_csrf\" value=\"\K.*\"")
 
-  if [[ "${token}" != "" ]]; then
-    wget -T2 -t1 -qO- --load-cookies $tmp_file https://portchecker.co/check --post-data "target_ip=${public_ip}&port=${port}&_csrf=${token::-1}" \
-    | grep -q '<span class="green">open</span>' && { echo "open"; return 1; }
+  token=$(wget -T2 -t1 -qO- --keep-session-cookies --save-cookies "${tmp_file}" "${port_url}" | grep -oP "_csrf\" value=\"\K.*\"" )
+  readonly ipv4_portcheck_args=(-T2 -t1 -qO- --load-cookies "${tmp_file}" "${port_url}/check" --post-data "target_ip=${publicIPv4}&port=${port}&_csrf=${token::-1}")
+  readonly ipv6_portcheck_args=(-T2 -t1 -qO- --load-cookies "${tmp_file}" "${port_url}/check" --post-data "target_ip=${publicIPv6}&port=${port}&_csrf=${token::-1}")
+
+  [[ -n "${token}" ]] || {
+    echo -n "Error - Couldn't obtain a token for port check"
+    return 1
+  }
+
+  local ipv4_port_access=False
+  local ipv6_port_access=False
+  [[ -n "$publicIPv4" ]] && \
+    grep -q '<span class="green">open</span>' <(wget "${ipv4_portcheck_args[@]}") && \
+    ipv4_port_access=True
+  [[ -n "$publicIPv6" ]] && \
+    grep -q '<span class="green">open</span>' <(wget "${ipv6_portcheck_args[@]}") && \
+    ipv6_port_access=True
+
+  local result=""
+  if [[ "${ipv4_port_access}" == True ]] || [[ "${ipv6_port_access}" == True ]]
+  then
+    result="open ("
+  else
+    result="closed"
   fi
-  rm $tmp_file
-  echo "closed"
+
+  [[ "${ipv4_port_access}" == True ]] && result="${result}ipv4)"
+
+  [[ "${ipv6_port_access}" == True ]] && result="${result/)/ \& }ipv6)"
+
+  echo -n "$result"
+
 }
 
-echo "port check 80|$( is_port_open 80 )"
-echo "port check 443|$( is_port_open 443 )"
+publicIPv4=$(curl -s -m4 -4 "https://icanhazip.com" 2>/dev/null) || unset publicIPv4
+echo "public IPv4|${publicIPv4:-"not found"}"
+publicIPv6=$(curl -s -m4 -6 "https://icanhazip.com" 2>/dev/null) || unset publicIPv6
+echo "public IPv6|${publicIPv6:-"not found"}"
+
+echo "Port check 80|$( is_port_open 80 "$publicIPv4" "$publicIPv6" )"
+echo "Port check 443|$( is_port_open 443 "$publicIPv4" "$publicIPv6" )"
 
 # LAN
 IFACE=$( ip r | grep "default via" | awk '{ print $5 }' | head -1 )
@@ -92,8 +130,8 @@ GW=$(    ip r | grep "default via" | awk '{ print $3 }' | head -1 )
 IP="$(get_ip)"
 
 echo "IP|$IP"
-echo "gateway|$GW"
-echo "interface|$IFACE"
+echo "Gateway|$GW"
+echo "Interface|$IFACE"
 
 # Certificates
 CERTS="$( grep "SSLCertificateFile */etc/letsencrypt/live/" /etc/apache2/sites-available/nextcloud.conf \
@@ -105,7 +143,7 @@ RESOLV="$( ping -c1 -w1 "$CERTS" 2>/dev/null | head -1 | grep -oP '\d{1,3}(.\d{1
 echo "NAT loopback|$( [[ "$RESOLV" == "$IP" ]] && echo yes || echo no )"
 
 # Other
-echo "uptime|$( uptime | cut -f1 -d',' | awk '{ $1=""; $2=""; print }' | tr -d "  " )"
+echo "Uptime|$( uptime | cut -f1 -d',' | awk '{ $1=""; $2=""; print }' | tr -d "  " )"
 # Get kernel version
 
 # License
author	Victor-ray <12261439+ZendaiOwl@users.noreply.github.com>	2022-08-21 15:24:46 +0300
committer	GitHub <noreply@github.com>	2022-08-21 15:24:46 +0300
commit	220c55528fc6871665b66f9512cf18c78746927a (patch)
tree	7058a7c151efb1e1aa265721b8f4e2793d69253d /bin/ncp-diag
parent	1669bdeacee7ca5a68d36cd0d39cdb246c7aa924 (diff)