#!/usr/bin/env bash set -euo pipefail SITE="${1:-${NETPROBE_SITE:-}}" DURATION="${NETPROBE_DURATION:-5m}" IFACE="${NETPROBE_IFACE:-}" BASE="https://l2.penwin.cloud" TOKEN="${NETPROBE_TOKEN:-}" OUTDIR="${NETPROBE_OUT:-/tmp/netprobe-$(date -u +%Y%m%dT%H%M%SZ)}" NO_RUN="${NETPROBE_NO_RUN:-}" if [ -z "$SITE" ] && [ -z "$NO_RUN" ]; then echo "usage: $0 (or set NETPROBE_SITE, or NETPROBE_NO_RUN=1 to just install)" exit 2 fi OS="$(uname -s | tr '[:upper:]' '[:lower:]')" ARCH="$(uname -m)" case "$ARCH" in x86_64|amd64) ARCH=amd64 ;; aarch64|arm64) ARCH=arm64 ;; *) echo "unsupported arch: $ARCH"; exit 3 ;; esac need_sudo() { [ "$(id -u)" != "0" ] && echo sudo; } SUDO="$(need_sudo)" BIN_DIR="/usr/local/bin" BIN="${BIN_DIR}/netprobe" if [ ! -w "$BIN_DIR" ] && [ -z "$SUDO" ]; then BIN_DIR="$HOME/.local/bin"; BIN="${BIN_DIR}/netprobe"; mkdir -p "$BIN_DIR"; fi install_deps_linux() { if command -v apt-get >/dev/null 2>&1; then $SUDO apt-get update -qq && $SUDO apt-get install -y libpcap0.8 elif command -v dnf >/dev/null 2>&1; then $SUDO dnf install -y libpcap elif command -v yum >/dev/null 2>&1; then $SUDO yum install -y libpcap elif command -v apk >/dev/null 2>&1; then $SUDO apk add --no-cache libpcap else echo "warning: no known package manager — make sure libpcap is installed" fi } install_from_source() { local workdir workdir="$(mktemp -d)" echo "[*] building from source in $workdir" curl -fsSL "${BASE}/install/netprobe-src.tar.gz" | tar -xz -C "$workdir" (cd "$workdir" && go build -o "$workdir/netprobe" ./cmd/netprobe) if [ -w "$BIN_DIR" ]; then mv "$workdir/netprobe" "$BIN" else $SUDO mv "$workdir/netprobe" "$BIN" fi rm -rf "$workdir" } case "$OS" in linux) ASSET="netprobe-${OS}-${ARCH}" echo "[*] fetching ${ASSET}" if curl -fsSL -o /tmp/netprobe.new "${BASE}/install/${ASSET}"; then chmod +x /tmp/netprobe.new if [ -w "$BIN_DIR" ]; then mv /tmp/netprobe.new "$BIN"; else $SUDO mv /tmp/netprobe.new "$BIN"; fi else echo "[!] prebuilt ${ASSET} not available — falling back to source build" command -v go >/dev/null || { echo "install Go first: https://go.dev/dl/"; exit 4; } command -v gcc >/dev/null || { echo "install build tools (apt install build-essential) first"; exit 4; } install_deps_linux install_from_source fi install_deps_linux $SUDO setcap cap_net_raw+eip "$BIN" 2>/dev/null || echo "[!] setcap failed — will run with sudo" ;; darwin) command -v go >/dev/null || { echo "install Go first: brew install go (or https://go.dev/dl/)"; exit 4; } command -v brew >/dev/null && brew list libpcap >/dev/null 2>&1 || true install_from_source echo "[*] on macOS netprobe must be run with sudo (BPF devices require root by default)" ;; *) echo "unsupported OS: $OS"; exit 5 ;; esac echo "[*] installed at: $BIN" "$BIN" --version if [ -n "$NO_RUN" ]; then echo "[*] NETPROBE_NO_RUN set — skipping capture." exit 0 fi if [ -z "$IFACE" ]; then if [ "$OS" = "darwin" ]; then IFACE="$(route get default 2>/dev/null | awk '/interface:/ {print $2}')" [ -z "$IFACE" ] && IFACE=en0 else IFACE="$(ip -o route get 1.1.1.1 2>/dev/null | awk '{for(i=1;i<=NF;i++)if($i=="dev")print $(i+1)}')" [ -z "$IFACE" ] && IFACE="$(ip -o link show up | awk -F': ' '$2 !~ /^(lo|docker|veth|br-|virbr)/ {print $2; exit}')" fi fi echo "[*] iface=$IFACE site=$SITE duration=$DURATION out=$OUTDIR" mkdir -p "$OUTDIR" RUN="$BIN" if [ "$OS" = "darwin" ] || ! getcap "$BIN" 2>/dev/null | grep -q cap_net_raw; then RUN="$SUDO $BIN" fi $RUN discover --iface "$IFACE" --duration "$DURATION" --site "$SITE" --output "$OUTDIR" --promisc=false echo "[*] uploading to ${BASE}" UPLOAD_ARGS=(upload --input "$OUTDIR" --server "$BASE" --site "$SITE") [ -n "$TOKEN" ] && UPLOAD_ARGS+=(--token "$TOKEN") "$BIN" "${UPLOAD_ARGS[@]}" echo "[*] done — results at $OUTDIR and uploaded to $BASE"