From 673b8d914f45220fae781fe39500d6b645856cfb Mon Sep 17 00:00:00 2001 From: SechPoint Date: Thu, 12 Mar 2026 09:17:43 +0000 Subject: [PATCH] update --- pre-deployment-test.sh | 89 +++++++++++++++++------------------------- 1 file changed, 36 insertions(+), 53 deletions(-) diff --git a/pre-deployment-test.sh b/pre-deployment-test.sh index 4fb61dc..4abe51c 100644 --- a/pre-deployment-test.sh +++ b/pre-deployment-test.sh @@ -2,72 +2,55 @@ # --- Styling --- YELLOW='\033[1;33m' +GREEN='\033[0;32m' +RED='\033[0;31m' NC='\033[0m' -echo -e "${YELLOW}=== Wallarm Pre-Deployment Diagnostic ===${NC}" +echo -e "${YELLOW}=== Wallarm Pre-Deployment Connectivity Test ===${NC}" -# --- THIS IS THE INTERACTIVE PART --- -# The '-p' flag stands for 'prompt' -read -p "Enter the Application Server IP or Hostname: " APP_HOST -read -p "Enter the Application Server Port (e.g., 80 or 8080): " APP_PORT +# --- INTERACTIVE INPUT (FORCED TO TTY) --- +read -p "Enter Application Server IP [127.0.0.1]: " APP_HOST /dev/null; then - echo -e "${GREEN}[PASS]${NC} Sudo is active/passwordless." -else - echo -e "${RED}[FAIL]${NC} Sudo requires a password or user is not in sudoers." - echo " Please ensure 'su -' or passwordless sudo is configured." -fi - -# Detect OS and install basics -if [ -f /etc/debian_version ]; then - sudo apt-get update -y && sudo apt-get install -y nano curl wget git netcat-openbsd -elif [ -f /etc/redhat-release ]; then - sudo yum makecache && sudo yum install -y nano curl wget git nc -fi - -# 3. Check Required Tools -echo -e "\n${YELLOW}[2/4] Verifying Installed Tools...${NC}" -for tool in nano curl wget git nc; do - if command -v $tool &> /dev/null; then - echo -e "${GREEN}[PASS]${NC} $tool is installed." +# Function to test IP/Port +test_connection() { + local target=$1 + local description=$2 + # Using timeout to prevent hanging on bank firewalls + if timeout 3 bash -c "cat < /dev/null > /dev/tcp/$target/443" 2>/dev/null; then + echo -e "${GREEN}[PASS]${NC} $description ($target)" else - echo -e "${RED}[FAIL]${NC} $tool failed to install." - fi -done - -# 4. Check Wallarm Cloud Connectivity -echo -e "\n${YELLOW}[3/4] Checking Wallarm Cloud Connections...${NC}" -check_conn() { - curl -Is --connect-timeout 5 "$1" | head -n 1 | grep -q "200\|301\|302\|404\|401" - if [ $? -eq 0 ]; then - echo -e "${GREEN}[PASS]${NC} Reachable: $1" - else - echo -e "${RED}[FAIL]${NC} UNREACHABLE: $1" + echo -e "${RED}[FAIL]${NC} $description ($target) - BLOCKED" fi } -check_conn "https://api.wallarm.com" # US Cloud -check_conn "https://api.wallarm.eu" # EU Cloud +# --- EU ENDPOINTS --- +echo "--- EU Cloud ---" +test_connection "34.160.38.183" "node-data1.eu1" +test_connection "34.144.227.90" "node-data0.eu1" +test_connection "34.90.110.226" "api.wallarm.com" -# 5. Check Backend Application Connectivity -echo -e "\n${YELLOW}[4/4] Checking Backend App Connectivity...${NC}" -if nc -zv -w 5 "$APP_HOST" "$APP_PORT" 2>&1 | grep -q "succeeded\|open"; then - echo -e "${GREEN}[PASS]${NC} Connection to $APP_HOST:$APP_PORT successful." +# --- US ENDPOINTS --- +echo -e "\n--- US Cloud ---" +test_connection "34.96.64.17" "node-data0.us1" +test_connection "34.110.183.149" "node-data1.us1" +test_connection "35.235.66.155" "us1.api.wallarm.com" +test_connection "34.102.90.100" "Extra US-1" +test_connection "34.94.156.115" "Extra US-2" +test_connection "35.235.115.105" "Extra US-3" + +echo -e "\n${YELLOW}[2/3] Testing Internal App Connectivity...${NC}" +if timeout 3 bash -c "cat < /dev/null > /dev/tcp/$APP_HOST/$APP_PORT" 2>/dev/null; then + echo -e "${GREEN}[PASS]${NC} Reached App at $APP_HOST:$APP_PORT" else - echo -e "${RED}[FAIL]${NC} CANNOT REACH $APP_HOST on port $APP_PORT." + echo -e "${RED}[FAIL]${NC} Cannot reach $APP_HOST on port $APP_PORT" fi echo -e "\n${YELLOW}-------------------------------------------------------" -echo -e "PRE-DEPLOYMENT-TEST COMPLETE. PLEASE TAKE A SCREENSHOT OF THIS OUTPUT." +echo -e "SCREENSHOT THIS RESULT AND SEND TO SECHPOINT SUPPORT" echo -e "-------------------------------------------------------${NC}" \ No newline at end of file