Node安全检查
公司内部的使用的inode进行的网络验证,但是mac经常安全检查不通过,然后过了几分钟就断连了。很头大。
我偶然发现如果连接网络成功之后,直接杀掉Inode进程,不影响网络。
那么就很简单了,直接写一个脚本,来运行inode,并自动清理掉进程。然后定时运行脚本,检测网络是否联通,异常重新执行脚本即可。
实践
代码很简单,不做过多解析,如果想要修改直接丢给 GPT 提需求即可。
#!/bin/bash
# 定义一些变量来使脚本更容易维护和修改
service_path="/Applications/iNodeClient"
authen_service_name="AuthenMngService"
inode_monitor_name="iNodeMon"
# 带时间戳的echo函数
techo() {
echo -e "$(date '+%Y-%m-%d %H:%M:%S') $@"
}
# 检查网络连通性
check_network_connectivity() {
techo "🔍 检查网络连通性..."
# 检查DNS解析和网络连通性
if ! ping -c 1 -t 5 www.baidu.com &>/dev/null; then
techo "❌ 网络连接失败,无法访问百度"
return 1
fi
# 检查网关连通性
gateway=$(netstat -nr | grep default | grep en0 | awk '{print $2}')
if [ -n "$gateway" ]; then
if ! ping -c 1 -t 5 $gateway &>/dev/null; then
techo "❌ 网关 $gateway 无法访问"
return 1
fi
else
techo "❌ 无法获取网关地址"
return 1
fi
techo "✅ 网络连通性检查通过"
return 0
}
# 等待网络恢复
wait_for_network() {
local timeout=30 # 30秒超时
local start_time=$(date +%s)
techo "⏳ 等待网络恢复..."
while true; do
if ping -c 1 -t 5 www.baidu.com &>/dev/null; then
techo "✅ 网络已恢复"
return 0
fi
local current_time=$(date +%s)
if ((current_time - start_time > timeout)); then
techo "❌ 等待网络恢复超时"
return 1
fi
techo "⏳ 等待网络恢复... ($((timeout - (current_time - start_time)))秒后超时)"
sleep 2
done
}
clear_proxy() {
while read -r line; do
sname=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $2}')
sdev=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $4}')
#echo "Current service: $sname, $sdev, $currentservice"
if [ -n "$sdev" ]; then
ifout="$(ifconfig "$sdev" 2>/dev/null)"
echo "$ifout" | grep 'status: active' >/dev/null 2>&1
rc="$?"
if [ "$rc" -eq 0 ]; then
currentservice="$sname"
# may have multiple active devices, so echo it here
# echo "$currentservice"
fi
fi
done <<<"$(networksetup -listnetworkserviceorder | grep 'Hardware Port')"
if [ -z "$currentservice" ]; then
echo >&2 "Could not find current service"
exit 1
fi
networksetup -setwebproxystate $currentservice off #关闭Web HTTP代理
networksetup -setsecurewebproxystate $currentservice off #关闭Web HTTPS代理
networksetup -setsocksfirewallproxystate $currentservice off #关闭SOCKS代理
}
stop_service() {
IfExist=$(ps -Ac -o command | grep -x iNodeMon)
if [ "$IfExist" != "" ]; then
/Applications/iNodeClient/iNodeMon -k
Sec=0
while [ 1 ]; do
IfExist=$(ps -Ac -o command | grep -x iNodeMon)
if [ "$IfExist" != "" ]; then
sleep 1
Sec=$(expr $Sec + 1)
if [ "$Sec" -gt 10 ]; then
killall -9 iNodeMon
fi
else
break
fi
done
fi
IfExist=$(ps -Ac -o command | grep -x AuthenMngService)
if [ "$IfExist" != "" ]; then
/Applications/iNodeClient/AuthenMngService -k
Sec=0
while [ 1 ]; do
IfExist=$(ps -Ac -o command | grep -x AuthenMngService)
if [ "$IfExist" != "" ]; then
sleep 1
Sec=$(expr $Sec + 1)
if [ "$Sec" -gt 10 ]; then
killall -9 AuthenMngService
fi
else
break
fi
done
else
echo "AuthenMngService not running"
fi
}
check_process_killed() {
local process_name="$1"
local isNone=$(pgrep -f "${process_name}")
# Check if the process is running before the loop
if [[ -z "$isNone" ]]; then
techo "${process_name}进程没有运行."
return
fi
techo "⚠️ 杀死进程:${process_name}..."
pkill -f "${process_name}"
local attempt=0
local max_attempts=3
# Wait for the process to stop
until [[ -z "$isNone" || attempt -ge max_attempts ]]; do
techo "等待进程"${process_name}" 关闭... (尝试次数: $((attempt + 1))/$max_attempts)"
sleep 2
isNone=$(pgrep -f "${process_name}")
((attempt++))
done
if [[ -n "$isNone" ]]; then
techo "🤔 进程"${process_name}" 无法终止. 再次重试..."
pkill -f "${process_name}"
attempt=0 # Reset attempt counter
# Try to wait again
until [[ -z "$isNone" || attempt -ge max_attempts ]]; do
techo "等待进程"${process_name}" 关闭... (尝试次数: $((attempt + 1))/$max_attempts)"
sleep 2
isNone=$(pgrep -f "${process_name}")
((attempt++))
done
fi
if [[ -z "$isNone" ]]; then
techo "👾 进程${process_name}已终止."
else
techo "🔴 多次尝试后无法关闭进程:${process_name}."
exit 1
fi
}
# 检查进程是否运行
check_process_running() {
local process_name="$1"
if ps -Ac -o command | grep -q "^${process_name}$"; then
return 0
else
return 1
fi
}
# 等待进程启动,并设置超时时间
wait_for_process() {
local process_name="$1"
local max_retries=3 # 最大重试次数
local timeout=10 # 超时时间(秒)
local retry_count=0
local start_time=$(date +%s)
techo "等待服务 ${process_name} 启动..."
while true; do
if pgrep -f "${process_name}" >/dev/null; then
# 检查进程是否真的在运行
if ps -p $(pgrep -f "${process_name}") >/dev/null 2>&1; then
techo "服务 ${process_name} 已成功启动"
return 0
fi
fi
local current_time=$(date +%s)
if ((current_time - start_time > timeout)); then
retry_count=$((retry_count + 1))
if [ $retry_count -ge $max_retries ]; then
techo "错误:服务 ${process_name} 启动失败,已达到最大重试次数"
return 1
fi
techo "服务 ${process_name} 启动超时,正在进行第 ${retry_count} 次重试..."
start_service "${process_name}"
start_time=$(date +%s)
fi
sleep 2
done
}
start_service() {
local service_name="$1"
local step="$2"
techo "${step} 启动服务${service_name}"
"${service_path}/${service_name}" &>/dev/null &
# 等待服务启动
wait_for_process "${service_name}"
}
# 重新连接网络服务函数
reconnect() {
techo "1️⃣ 检查网络状态"
if check_network_connectivity; then
techo "✅ 网络状态正常,无需重连"
return 0
fi
techo "🔄 开始重连流程..."
techo "2️⃣ 关闭并删除相关进程"
stop_service
techo "3️⃣ 二次检查"
# 关闭并删除相关进程
check_process_killed ${authen_service_name}
check_process_killed ${inode_monitor_name}
# 启动服务
start_service "${authen_service_name}" "4️⃣ "
start_service "${inode_monitor_name}" "5️⃣ "
# 等待网络恢复
if wait_for_network; then
techo "✅ 网络连接成功"
else
techo "❌ 网络连接失败,请检查网络设置"
exit 1
fi
}
reconnect