-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathenshrd_steamuser_check
executable file
·138 lines (126 loc) · 5.45 KB
/
enshrd_steamuser_check
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#!/bin/bash
# Grab newest Connection logs since last check
# get User STEAM ID, convert to User Name
# and send telegram alert
#
### v0.4 - Added connected user list to get the info outside the script
### v0.3 - Added logged in and auth failed
### v0.2 - Added method to get online username
### v0.1 - POC
#
## Crontab every minute :
# */1 * * * * /usr/local/sbin/enshrd_steamuser_check
#
# telegram-alert sample script can be found here :
# https://raw.githubusercontent.com/zephxs/ncat-ipset-honeypot/master/telegram-send
### VARS
_GAMEDIR="/home/enshrouded/enshroudedserver" # Enshrrouded game directory
_ENSHRD_LOGFILE="${_GAMEDIR}/logs/enshrouded_server.log" # Enshrouded server log file
_WKGDIR="/home/enshrouded/enshrd-monitor" # Monitoring folder used by script set
_CONNECTED_USERS="${_WKGDIR}/connected-users" # List of Currently Connected Users
_LOCKFILE="/tmp/enshrd_chk.lock"
_LOG_FILE="${_WKGDIR}/user-connection.log"
# [Optional] Steam API key for steamID to Username
_APIKEY="" # Will use https://steamid.io if empty
# [Optional] Enable Telegram-alert with 'true'
_TELEGRAM_ALERT="false" # 'telegram-send' script must be in PATH
### PRE
_LOGTHIS(){
local _LEVEL="$1"
local _MESSAGE="$2"
local _TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')
printf "[${_TIMESTAMP}] [${_LEVEL}] ${_MESSAGE}\n" >>$_LOG_FILE
}
# Checks
[ -d "$_WKGDIR" ] || mkdir -p ${_WKGDIR}
[ -f "$_ENSHRD_LOGFILE" ] || { _LOGTHIS FAIL "Enshrouded Server Logfile not found.."; exit 1; }
[ -f "${_WKGDIR}/last_check" ] || touch "${_WKGDIR}/last_check"
# Block script if already in run
if [ -e "$_LOCKFILE" ]; then
_PID=$(cat ${_LOCKFILE})
ps -p $_PID -o pid= >/dev/null 2>&1
if [ $? -eq 0 ]; then
_LOGTHIS FAIL "Process is already running.."
exit
fi
fi
echo $$ >$_LOCKFILE
trap 'rm -f "$_LOCKFILE"' EXIT
_EXITR(){
# copy current log for next compare and remove found connection events
cp -f "$_ENSHRD_LOGFILE" ${_WKGDIR}/last_check
>${_WKGDIR}/log_news
rm -f "${_LOCKFILE}"
exit
}
# Get new lines from current log file
_GET_LOGDIFF(){
diff ${_WKGDIR}/last_check $_ENSHRD_LOGFILE | grep "^>" >${_WKGDIR}/log_news
}
_EXTERNAL_ID(){
# Identify User who tries to login using steam API or online service
_STEAMSRC=$(grep -B4 ${_NEWHANDLER} ${_WKGDIR}/log_news | awk -F"'" '/ authenticated by steam/ {print $(NF-1)}')
if [ -z "$_STEAMAPIKEY" ]; then
_STEAMUSER=$(curl -f -s https://steamid.io/lookup/$_STEAMSRC | grep -A1 ' <dt class="key">name</dt>' | awk -F'>|<' '/value/ {print $(NF-2)}')
else
_STEAMUSER=$(curl -s "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPIKEY&steamids=$_STEAMSRC" |jq .response.players.[].personaname |tr -d
'"')
fi
[ -z "$_STEAMUSER" ] && _STEAMUSER="NotFound"
}
### MAIN
_GET_LOGDIFF
# exit if no new logs found
if [ ! -s "${_WKGDIR}/log_news" ]; then
# and if service is down, empty connected user list before exit
if [ "$(sudo systemctl is-active enshrd.service)" != "active" ]; then
>$_CONNECTED_USERS
fi
_EXITR
fi
# If New Client login detected parse new logs
if grep '\[online\] Client' ${_WKGDIR}/log_news | grep -q 'authenticated by steam'; then
# wait a bit for if the connection just occurs
sleep 10 && _GET_LOGDIFF
# Get New Player Handler or exit
_NEWUSERIDS=($(awk '/Remote player added. Player handle/ {print $NF}' ${_WKGDIR}/log_news))
[ -z "${_NEWUSERIDS[*]}" ] && _EXITR || _LOGTHIS INFO "New ID(s) detected = ${_NEWUSERIDS[@]}"
for _NEWHANDLER in "${_NEWUSERIDS[@]}"; do
# If User login and out in the same minute !
if grep -q 'Remove Entity for Player' ${_WKGDIR}/log_news; then
_REMOVEDPLAYER=($(awk '/Remove Entity for Player/ {print $NF}' ${_WKGDIR}/log_news |tr -d "'"))
for _REMOVEDUSER in ${_REMOVEDPLAYER[@]}; do
_LOGTHIS INFO "User Login and Logout = $_REMOVEDPLAYER"
grep -q "$_REMOVEDUSER" $_CONNECTED_USERS && sed -i "/$_REMOVEDUSER/d" $_CONNECTED_USERS
done
[ "$_TELEGRAM_ALERT" = true ] && telegram-send -c alarm "Enshrouded Server
# User Login and Logout = ${_REMOVEDPLAYER[@]}"
# If User Auth fail
elif grep -A15 ${_NEWHANDLER} ${_WKGDIR}/log_news | grep -q "Remove player from session. Not found in online game info." ; then
_EXTERNAL_ID
_LOGTHIS WARN "Failed connection attempt = $_STEAMUSER"
[ "$_TELEGRAM_ALERT" = true ] && telegram-send -c alarm "Enshrouded Server
# FAILED User Auth = $_STEAMUSER"
# else considered successfull login
else
_EXTERNAL_ID
_LOGTHIS INFO "User Connected = $_STEAMUSER $_NEWHANDLER"
[ "$_TELEGRAM_ALERT" = true ] && telegram-send -c alarm "Enshrouded Server
# User Connected = $_STEAMUSER"
grep -q "$_STEAMUSER" $_CONNECTED_USERS || echo "$_STEAMUSER $_NEWHANDLER" >>$_CONNECTED_USERS
fi
done
fi
# Now try to find removed player
if grep -q ' Remove player from session. Not found in online game info. Player Handle' ${_WKGDIR}/log_news; then
_REMOVEDHANDLES=($(awk '/ Player removed. Player handle/ {print $NF}' ${_WKGDIR}/log_news |tr -d "'"))
for _REMOVEDHANDLE in ${_REMOVEDHANDLES[@]}; do
_REMOVEDUSER=$(grep "$_REMOVEDHANDLE" ${_CONNECTED_USERS} |awk '{print $1}')
_LOGTHIS INFO "User Logout = $_REMOVEDUSER"
grep -q "$_REMOVEDUSER" $_CONNECTED_USERS && sed -i "/$_REMOVEDUSER/d" $_CONNECTED_USERS
[ "$_TELEGRAM_ALERT" = true ] && telegram-send -c alarm "Enshrouded Server
# User Logout = ${_REMOVEDUSER}"
done
fi
### POST
_EXITR