diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index ea1e409b..6768a8ea 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -13,206 +13,243 @@ set -o pipefail ######## GLOBAL VARS ######## +VARSFILE="/etc/pihole/setupVars.conf" DEBUG_LOG="/var/log/pihole_debug.log" DNSMASQFILE="/etc/dnsmasq.conf" -PIHOLECONFFILE="/etc/dnsmasq.d/01-pihole.conf" +DNSMASQCONFFILE="/etc/dnsmasq.d/01-pihole.conf" LIGHTTPDFILE="/etc/lighttpd/lighttpd.conf" LIGHTTPDERRFILE="/var/log/lighttpd/error.log" GRAVITYFILE="/etc/pihole/gravity.list" -HOSTSFILE="/etc/hosts" WHITELISTFILE="/etc/pihole/whitelist.txt" BLACKLISTFILE="/etc/pihole/blacklist.txt" -ADLISTSFILE="/etc/pihole/adlists.list" +ADLISTFILE="/etc/pihole/adlists.list" PIHOLELOG="/var/log/pihole.log" WHITELISTMATCHES="/tmp/whitelistmatches.list" +IPV6_READY=false + # Header info and introduction cat << EOM ::: Beginning Pi-hole debug at $(date)! -::: This debugging process will collect information from your running configuration, -::: and optionally upload the generated log to a unique and random directory on -::: Termbin.com. NOTE: All log files auto-delete after 1 month and you are the only -::: person who is given the unique URL. Please consider where you post this link. ::: +::: This process collects information from your Pi-hole, and optionally uploads +::: it to a unique and random directory on tricorder.pi-hole.net. +::: +::: NOTE: All log files auto-delete after 24 hours and ONLY the Pi-hole developers +::: can access your data via the given token. We have taken these extra steps to +::: secure your data and will work to further reduce any personal information gathered. +::: +::: Please read and note any issues, and follow any directions advised during this process. EOM # Ensure the file exists, create if not, clear if exists. -if [ ! -f "${DEBUG_LOG}" ]; then - touch ${DEBUG_LOG} - chmod 644 ${DEBUG_LOG} - chown "$USER":root ${DEBUG_LOG} -else - truncate -s 0 ${DEBUG_LOG} -fi +truncate --size=0 "${DEBUG_LOG}" +chmod 644 ${DEBUG_LOG} +chown "$USER":pihole ${DEBUG_LOG} + +source ${VARSFILE} ### Private functions exist here ### log_write() { - echo "${1}" >> "${DEBUG_LOG}" + echo "${1}" >> "${DEBUG_LOG}" } +log_echo() { + case ${1} in + -n) + echo -n "::: ${2}" + log_write "${2}" + ;; + -r) + echo "::: ${2}" + log_write "${2}" + ;; + -l) + echo "${2}" + log_write "${2}" + ;; + *) + echo "::: ${1}" + log_write "${1}" + esac +} + +header_write() { + log_echo "" + log_echo "${1}" + log_write "" +} + +file_parse() { + while read -r line; do + if [ ! -z "${line}" ]; then + [[ "${line}" =~ ^#.*$ || ! "${line}" ]] && continue + log_write "${line}" + fi + done < "${1}" + log_write "" +} + +block_parse() { + log_write "${1}" +} + +lsof_parse() { + local user + local process + + user=$(echo ${1} | cut -f 3 -d ' ' | cut -c 2-) + process=$(echo ${1} | cut -f 2 -d ' ' | cut -c 2-) + [[ ${2} -eq ${process} ]] \ + && echo "::: Correctly configured." \ + || log_echo "::: Failure: Incorrectly configured daemon." + + log_write "Found user ${user} with process ${process}" +} + + version_check() { - log_write "############################################################" - log_write "########## Installed Versions ##########" - log_write "############################################################" + header_write "Detecting Installed Package Versions:" - echo "::: Detecting Pi-hole installed versions." - pi_hole_ver="$(cd /etc/.pihole/ && git describe --tags --abbrev=0)" \ - && log_write "Pi-hole Version: $pi_hole_ver" || log_write "Pi-hole git repository not detected." - admin_ver="$(cd /var/www/html/admin && git describe --tags --abbrev=0)" \ - && log_write "WebUI Version: $admin_ver" || log_write "Pi-hole Admin Pages git repository not detected." + local error_found + error_found=0 - echo "::: Writing lighttpd version to logfile." - light_ver="$(lighttpd -v |& head -n1)" && log_write "${light_ver}" || log_write "lighttpd not installed." - - echo "::: Writing PHP version to logfile." - php_ver="$(php -v |& head -n1)" && log_write "${php_ver}" || log_write "PHP not installed." + local pi_hole_ver="$(cd /etc/.pihole/ && git describe --tags --abbrev=0)" \ + && log_echo -r "Pi-hole: $pi_hole_ver" || (log_echo "Pi-hole git repository not detected." && error_found=1) + local admin_ver="$(cd /var/www/html/admin && git describe --tags --abbrev=0)" \ + && log_echo -r "WebUI: $admin_ver" || (log_echo "Pi-hole Admin Pages git repository not detected." && error_found=1) + local light_ver="$(lighttpd -v |& head -n1 | cut -d " " -f1)" \ + && log_echo -r "${light_ver}" || (log_echo "lighttpd not installed." && error_found=1) + local php_ver="$(php -v |& head -n1)" \ + && log_echo -r "${php_ver}" || (log_echo "PHP not installed." && error_found=1) + return "${error_found}" } files_check() { - log_write "############################################################" - log_write "########## Files Check ##########" - log_write "############################################################" + #Check non-zero length existence of ${1} + header_write "Detecting existence of ${1}:" + local search_file="${1}" + if [[ -s ${search_file} ]]; then + echo "::: File exists" + file_parse "${search_file}" + return 0 + else + log_echo "${1} not found!" + return 1 + fi + echo ":::" +} - #Check existence of setupVars.conf, and source it to get configured network interface for later use in script. - echo -n "::: Detecting existence setupVars.conf..." - setupVars=/etc/pihole/setupVars.conf - if [[ -f ${setupVars} ]];then - echo " found!" - log_write "/etc/pihole/setupVars.conf exists! Contents:" - while read -r line; do - if [ ! -z "${line}" ]; then - [[ "${line}" =~ ^#.*$ ]] && continue - log_write "${line}" - fi - done < "${setupVars}" - log_write "" - - . "${setupVars}" - if [[ -n "${piholeInterface}" ]]; then - # prepend % to the beginning of piholeInterface for later use - piholeInterface="%${piholeInterface}" - fi - else - echo " NOT FOUND!" - log_write "/etc/pihole/setupVars.conf not found!" - fi +source_file() { + local file_found=$(files_check "${1}") \ + && (source "${1}" &> /dev/null && echo "${file_found} and was successfully sourced") \ + || log_echo -l "${file_found} and could not be sourced" } distro_check() { - log_write "############################################################" - log_write "######## Installed OS Distribution #########" - log_write "############################################################" - - echo "::: Checking installed OS Distribution release." - TMP=$(cat /etc/*release || echo "Failed to find release") - - echo "::: Writing OS Distribution release to logfile." - log_write "${TMP}" - log_write "" + local soft_fail + header_write "Detecting installed OS Distribution" + soft_fail=0 + local distro="$(cat /etc/*release)" && block_parse "${distro}" || (log_echo "Distribution details not found." && soft_fail=1) + return "${soft_fail}" } +processor_check() { + header_write "Checking processor variety" + log_write $(uname -m) && return 0 || return 1 +} + +ipv6_check() { + # Check if system is IPv6 enabled, for use in other functions + if [[ $IPv6_address ]]; then + ls /proc/net/if_inet6 &>/dev/null && IPV6_READY=true + return 0 + else + return 1 + fi +} + + ip_check() { - log_write "############################################################" - log_write "######## IP Address Information #########" - log_write "############################################################" + header_write "IP Address Information" + # Get the current interface for Internet traffic - echo "::: Writing local IPs to logfile" - IPADDR="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet") print $(i+1) }')" - log_write "${IPADDR}" + # Check if IPv6 enabled + local IPv6_interface + local IPv4_interface + ipv6_check && IPv6_interface=${piholeInterface:-$(ip -6 r | grep default | cut -d ' ' -f 5)} + # If declared in setupVars.conf use it, otherwise defer to default + # http://stackoverflow.com/questions/2013547/assigning-default-values-to-shell-variables-with-a-single-command-in-bash + IPv4_interface=${piholeInterface:-$(ip r | grep default | cut -d ' ' -f 5)} - IP6ADDR="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet6") print $(i+1) }')" \ - && log_write "${IP6ADDR}" || log_write "No IPv6 addresses found." - log_write "" - echo "::: Locating default gateway and checking connectivity" - GATEWAY=$(ip r | grep default | cut -d ' ' -f 3) + if [[ IPV6_READY ]]; then + local IPv6_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet6") print $(i+1) }')" \ + && (log_write "${IPv6_addr_list}" && echo "::: IPv6 addresses located") \ + || log_echo "No IPv6 addresses found." + + local IPv6_def_gateway=$(ip -6 r | grep default | cut -d ' ' -f 3) + if [[ $? = 0 ]] && [[ -n ${IPv6_def_gateway} ]]; then + echo -n "::: Pinging default IPv6 gateway: " + local IPv6_def_gateway_check="$(ping6 -q -W 3 -c 3 -n "${IPv6_def_gateway}" -I "${IPv6_interface}"| tail -n3)" \ + && echo "Gateway Responded." \ + || echo "Gateway did not respond." + block_parse "${IPv6_def_gateway_check}" + + echo -n "::: Pinging Internet via IPv6: " + local IPv6_inet_check=$(ping6 -q -W 3 -c 3 -n 2001:4860:4860::8888 -I "${IPv6_interface}"| tail -n3) \ + && echo "Query responded." \ + || echo "Query did not respond." + block_parse "${IPv6_inet_check}" + else + log_echo="No IPv6 Gateway Detected" + fi + +local IPv4_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet") print $(i+1) }')" \ + && (block_parse "${IPv4_addr_list}" && echo "::: IPv4 addresses located")\ + || log_echo "No IPv4 addresses found." + + local IPv4_def_gateway=$(ip r | grep default | cut -d ' ' -f 3) if [[ $? = 0 ]]; then - echo "::: Pinging default IPv4 gateway..." - GATEWAY_CHECK=$(ping -q -w 3 -c 3 -n "${GATEWAY}" | tail -n3) - if [[ $? = 0 ]]; then - log_write "IPv4 Gateway check:" - else - log_write "IPv4 Gateway check failed:" - fi - log_write "${GATEWAY_CHECK}" - log_write "" + echo -n "::: Pinging default IPv4 gateway: " + local IPv4_def_gateway_check="$(ping -q -w 3 -c 3 -n "${IPv4_def_gateway}" -I "${IPv4_interface}" | tail -n3)" \ + && echo "Gateway responded." \ + || echo "Gateway did not respond." + block_parse "${IPv4_def_gateway_check}" - echo "::: Pinging Internet via IPv4..." - INET_CHECK=$(ping -q -w 5 -c 3 -n 8.8.8.8 | tail -n3) - if [[ $? = 0 ]]; then - log_write "IPv4 Internet check:" - else - log_write "IPv4 Internet check failed:" - fi - log_write "${INET_CHECK}" - log_write "" + echo -n "::: Pinging Internet via IPv4: " + local IPv4_inet_check="$(ping -q -w 5 -c 3 -n 8.8.8.8 -I "${IPv4_interface}" | tail -n3)" \ + && echo "Query responded." \ + || echo "Query did not respond." + block_parse "${IPv4_inet_check}" fi - GATEWAY6=$(ip -6 r | grep default | cut -d ' ' -f 3) - if [[ $? = 0 ]]; then - echo "::: Pinging default IPv6 gateway..." - GATEWAY6_CHECK=$(ping6 -q -w 3 -c 3 -n "${GATEWAY6}""${piholeInterface}" | tail -n3) - if [[ $? = 0 ]]; then - log_write "IPv6 Gateway check:" - else - log_write "IPv6 Gateway check failed:" - fi - - echo "::: Pinging Internet via IPv6..." - GATEWAY6_CHECK=$(ping6 -q -w 3 -c 3 -n 2001:4860:4860::8888"${piholeInterface}" | tail -n3) - if [[ $? = 0 ]]; then - log_write "IPv6 Internet check:" - else - log_write "IPv6 Internet check failed:" - fi - - else - GATEWAY_CHECK="No IPv6 Gateway Detected" - fi - log_write "${GATEWAY_CHECK}" - - - log_write "" + fi } -hostnameCheck() { - log_write "############################################################" - log_write "######## Hostname Information #########" - log_write "############################################################" +port_check() { + local lsof_value - echo "::: Writing locally configured hostnames to logfile" - # Write the hostname output to compare against entries in /etc/hosts, which is logged next - log_write "This Pi-hole is: $(hostname)" - - echo "::: Writing hosts file to debug log..." - log_write "### Hosts ###" - - if [ -e "${HOSTSFILE}" ]; then - cat "${HOSTSFILE}" >> ${DEBUG_LOG} - log_write "" - else - log_write "No hosts file found!" - printf ":::\tNo hosts file found!\n" - fi + lsof_value=$(lsof -i ${1}:${2} -FcL | tr '\n' ' ') \ + && lsof_parse "${lsof_value}" "${3}" \ + || log_echo "Failure: IPv${1} Port not in use" } -portCheck() { - log_write "############################################################" - log_write "######## Open Port Information #########" - log_write "############################################################" +daemon_check() { + # Check for daemon ${1} on port ${2} + header_write "Daemon Process Information" - echo "::: Detecting local server port 80 and 53 processes." + echo "::: Checking ${2} port for ${1} listener." - lsof -i :80 >> ${DEBUG_LOG} - lsof -i :53 >> ${DEBUG_LOG} - log_write "" + if [[ ${IPV6_READY} ]]; then + port_check 6 "${2}" "${1}" + fi + lsof_value=$(lsof -i 4:${2} -FcL | tr '\n' ' ') \ + port_check 4 "${2}" "${1}" } testResolver() { - log_write "############################################################" - log_write "############ Resolver Functions Check ############" - log_write "############################################################" - + header_write "Resolver Functions Check" # Find a blocked url that has not been whitelisted. TESTURL="doubleclick.com" @@ -253,31 +290,19 @@ testResolver() { log_write "Pi-hole dnsmasq specific records lookups" log_write "Cache Size:" dig +short chaos txt cachesize.bind >> ${DEBUG_LOG} - log_write "Insertions count:" - dig +short chaos txt insertions.bind >> ${DEBUG_LOG} - log_write "Evictions count:" - dig +short chaos txt evictions.bind >> ${DEBUG_LOG} - log_write "Misses count:" - dig +short chaos txt misses.bind >> ${DEBUG_LOG} - log_write "Hits count:" - dig +short chaos txt hits.bind >> ${DEBUG_LOG} - log_write "Auth count:" - dig +short chaos txt auth.bind >> ${DEBUG_LOG} log_write "Upstream Servers:" dig +short chaos txt servers.bind >> ${DEBUG_LOG} log_write "" } checkProcesses() { - log_write "#######################################" - log_write "########### Processes Check ###########" - log_write "#######################################" - log_write ":::" - echo "::: Logging status of lighttpd and dnsmasq..." + header_write "Processes Check" + + echo "::: Logging status of lighttpd and dnsmasq..." PROCESSES=( lighttpd dnsmasq ) for i in "${PROCESSES[@]}"; do log_write "" - log_write -n "${i}" + log_write "${i}" log_write " processes status:" systemctl -l status "${i}" >> "${DEBUG_LOG}" done @@ -285,145 +310,51 @@ checkProcesses() { } debugLighttpd() { - log_write "::: Writing lighttpd to debug log..." - log_write "#######################################" - log_write "############ lighttpd.conf ############" - log_write "#######################################" - if [ -e "${LIGHTTPDFILE}" ]; then - while read -r line; do - if [ ! -z "${line}" ]; then - [[ "${line}" =~ ^#.*$ ]] && continue - log_write "${line}" - fi - done < "${LIGHTTPDFILE}" - log_write "" - else - log_write "No lighttpd.conf file found!" - printf ":::\tNo lighttpd.conf file found\n" - fi - - if [ -e "${LIGHTTPDERRFILE}" ]; then - log_write "#######################################" - log_write "######### lighttpd error.log ##########" - log_write "#######################################" - cat "${LIGHTTPDERRFILE}" >> ${DEBUG_LOG} - else - log_write "No lighttpd error.log file found!" - printf ":::\tNo lighttpd error.log file found\n" - fi - log_write "" + echo "::: Checking for necessary lighttpd files." + files_check "${LIGHTTPDFILE}" + files_check "${LIGHTTPDERRFILE}" + echo ":::" } ### END FUNCTIONS ### -version_check -files_check -distro_check +# Gather version of required packages / repositories +version_check || echo "REQUIRED FILES MISSING" +# Check for newer setupVars storage file +source_file "/etc/pihole/setupVars.conf" +# Gather information about the running distribution +distro_check || echo "Distro Check soft fail" +# Gather processor type +processor_check || echo "Processor Check soft fail" + ip_check -hostnameCheck -portCheck + +daemon_check lighttpd http +daemon_check dnsmasq domain checkProcesses testResolver debugLighttpd -echo "::: Writing dnsmasq.conf to debug log..." -log_write "#######################################" -log_write "############### Dnsmasq ###############" -log_write "#######################################" -if [ -e "${DNSMASQFILE}" ]; then - #cat $DNSMASQFILE >> $DEBUG_LOG - while read -r line; do - if [ ! -z "${line}" ]; then - [[ "${line}" =~ ^#.*$ ]] && continue - log_write "${line}" - fi - done < "${DNSMASQFILE}" - log_write "" -else - log_write "No dnsmasq.conf file found!" - printf ":::\tNo dnsmasq.conf file found!\n" -fi - -echo "::: Writing 01-pihole.conf to debug log..." -log_write "#######################################" -log_write "########### 01-pihole.conf ############" -log_write "#######################################" -if [ -e "${PIHOLECONFFILE}" ]; then - while read -r line; do - if [ ! -z "${line}" ]; then - [[ "${line}" =~ ^#.*$ ]] && continue - log_write "${line}" - fi - done < "${PIHOLECONFFILE}" - log_write -else - log_write "No 01-pihole.conf file found!" - printf ":::\tNo 01-pihole.conf file found\n" -fi - -echo "::: Writing size of gravity.list to debug log..." -log_write "#######################################" -log_write "############ gravity.list #############" -log_write "#######################################" -if [ -e "${GRAVITYFILE}" ]; then - wc -l "${GRAVITYFILE}" >> ${DEBUG_LOG} - log_write "" -else - log_write "No gravity.list file found!" - printf ":::\tNo gravity.list file found\n" -fi +files_check "${DNSMASQFILE}" +files_check "${DNSMASQCONFFILE}" +files_check "${WHITELISTFILE}" +files_check "${BLACKLISTFILE}" +files_check "${ADLISTFILE}" -### Pi-hole application specific logging ### -echo "::: Writing whitelist to debug log..." -log_write "#######################################" -log_write "############## Whitelist ##############" -log_write "#######################################" -if [ -e "${WHITELISTFILE}" ]; then - cat "${WHITELISTFILE}" >> ${DEBUG_LOG} - log_write -else - log_write "No whitelist.txt file found!" - printf ":::\tNo whitelist.txt file found!\n" -fi - -echo "::: Writing blacklist to debug log..." -log_write "#######################################" -log_write "############## Blacklist ##############" -log_write "#######################################" -if [ -e "${BLACKLISTFILE}" ]; then - cat "${BLACKLISTFILE}" >> ${DEBUG_LOG} - log_write -else - log_write "No blacklist.txt file found!" - printf ":::\tNo blacklist.txt file found!\n" -fi - -echo "::: Writing adlists.list to debug log..." -log_write "#######################################" -log_write "############ adlists.list #############" -log_write "#######################################" -if [ -e "${ADLISTSFILE}" ]; then - while read -r line; do - if [ ! -z "${line}" ]; then - [[ "${line}" =~ ^#.*$ ]] && continue - log_write "${line}" - fi - done < "${ADLISTSFILE}" - log_write -else - log_write "No adlists.list file found... using adlists.default!" - printf ":::\tNo adlists.list file found... using adlists.default!\n" -fi +header_write "Analyzing gravity.list" + gravity_length=$(wc -l "${GRAVITYFILE}") \ + && log_write "${GRAVITYFILE} is ${gravity_length} lines long." \ + || log_echo "Warning: No gravity.list file found!" # Continuously append the pihole.log file to the pihole_debug.log file dumpPiHoleLog() { trap '{ echo -e "\n::: Finishing debug write from interrupt... Quitting!" ; exit 1; }' INT - echo -e "::: Writing current Pi-hole traffic to debug log...\n:::\tTry loading any/all sites that you are having trouble with now... \n:::\t(Press ctrl+C to finish)" - log_write "#######################################" - log_write "############# pihole.log ##############" - log_write "#######################################" + echo "::: " + echo "::: --= User Action Required =--" + echo -e "::: Try loading a site that you are having trouble with now from a client web browser.. \n:::\t(Press CTRL+C to finish logging.)" + header_write "pihole.log" if [ -e "${PIHOLELOG}" ]; then while true; do tail -f "${PIHOLELOG}" >> ${DEBUG_LOG} @@ -437,24 +368,26 @@ dumpPiHoleLog() { # Anything to be done after capturing of pihole.log terminates finalWork() { + local tricorder echo "::: Finshed debugging!" - echo "::: The debug log can be uploaded to Termbin.com for easier sharing." + echo "::: The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." read -r -p "::: Would you like to upload the log? [y/N] " response case ${response} in [yY][eE][sS]|[yY]) - TERMBIN=$(cat /var/log/pihole_debug.log | nc termbin.com 9999) + tricorder=$(cat /var/log/pihole_debug.log | nc tricorder.pi-hole.net 9999) ;; *) - echo "::: Log will NOT be uploaded to Termbin." + echo "::: Log will NOT be uploaded to tricorder." ;; esac - # Check if termbin.com is reachable. When it's not, point to local log instead - if [ -n "${TERMBIN}" ]; then - echo "::: Debug log can be found at : ${TERMBIN}" - else - echo "::: Debug log can be found at : /var/log/pihole_debug.log" + # Check if tricorder.pi-hole.net is reachable and provide token. + if [ -n "${tricorder}" ]; then + echo "::: Your debug token is : ${tricorder}" + echo "::: Please contact the Pi-hole team with your token to being assistance." + echo "::: Thank you." fi + echo "::: Debug log can be found at : /var/log/pihole_debug.log" } trap finalWork EXIT