cschantz
9ff7308de0
Created comprehensive cleanup tool to remove all server-specific data before transferring toolkit to another server. NEW FILE: - modules/maintenance/cleanup-toolkit-data.sh * Removes IP reputation database (/var/lib/server-toolkit/) * Cleans all temporary analysis files (/tmp/*bot*, *500-tracker*, etc.) * Removes generated reports * Clears cache and session data * Optional log file removal * Shows summary of items removed and space freed * Safety confirmation required before cleanup UPDATED: - launcher.sh * Added cleanup script to Backup & Recovery menu (option 9) * Placed in "Data Management" section * Clearly marked with trash icon to indicate destructive operation PURPOSE: This ensures the IP reputation database and other server-specific data are not transferred when moving the toolkit between servers. Each server should build its own IP reputation database based on its own traffic and attack patterns. USE CASES: ✓ Moving toolkit to different server ✓ Starting fresh analysis ✓ Removing server-specific data before sharing toolkit ✓ Regular maintenance/cleanup WHAT GETS CLEANED: - /var/lib/server-toolkit/ip-reputation/ (IP reputation database) - /tmp/bot_analysis_* (bot analyzer temp files) - /tmp/500-tracker-* (error tracker temp files) - /tmp/live-monitor-* (live monitoring temp files) - /tmp/*_report_*.txt (generated reports) - /var/cache/server-toolkit/ (cached data) - Session/lock files - Optional: execution logs 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
244 lines
7.2 KiB
Bash
Executable File
244 lines
7.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
################################################################################
|
|
# Server Toolkit Data Cleanup
|
|
################################################################################
|
|
# Purpose: Remove all toolkit-generated data (for wiping before system transfer)
|
|
# Use Case: When moving toolkit to another server or fresh start
|
|
#
|
|
# What gets cleaned:
|
|
# - IP reputation database
|
|
# - Temporary analysis files
|
|
# - Cached data
|
|
# - Generated reports
|
|
# - Session data
|
|
################################################################################
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
|
|
source "$SCRIPT_DIR/lib/common-functions.sh"
|
|
|
|
# Require root
|
|
if [ "$EUID" -ne 0 ]; then
|
|
print_error "This script must be run as root"
|
|
exit 1
|
|
fi
|
|
|
|
print_banner "Server Toolkit Data Cleanup"
|
|
|
|
echo ""
|
|
echo -e "${YELLOW}${BOLD}⚠️ WARNING ⚠️${NC}"
|
|
echo ""
|
|
echo "This will remove ALL data collected by the Server Toolkit:"
|
|
echo ""
|
|
echo " • IP reputation database (/var/lib/server-toolkit/)"
|
|
echo " • Temporary analysis files (/tmp/)"
|
|
echo " • Generated reports"
|
|
echo " • Cached data"
|
|
echo " • Session files"
|
|
echo ""
|
|
echo -e "${RED}This action CANNOT be undone!${NC}"
|
|
echo ""
|
|
echo "Use this when:"
|
|
echo " ✓ Moving toolkit to a different server"
|
|
echo " ✓ Starting fresh analysis"
|
|
echo " ✓ Removing server-specific data before sharing"
|
|
echo ""
|
|
echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}"
|
|
echo ""
|
|
read -p "Type 'yes' to confirm cleanup: " confirm
|
|
|
|
if [ "$confirm" != "yes" ]; then
|
|
echo ""
|
|
print_error "Cleanup cancelled"
|
|
exit 0
|
|
fi
|
|
|
|
echo ""
|
|
echo "Starting cleanup..."
|
|
echo ""
|
|
|
|
# Track what was cleaned
|
|
cleaned_count=0
|
|
cleaned_size=0
|
|
|
|
# Function to safely remove directory/file and track size
|
|
safe_remove() {
|
|
local path="$1"
|
|
local description="$2"
|
|
|
|
if [ -e "$path" ]; then
|
|
# Calculate size before removing
|
|
if [ -d "$path" ]; then
|
|
size=$(du -sb "$path" 2>/dev/null | awk '{print $1}' || echo "0")
|
|
else
|
|
size=$(stat -c%s "$path" 2>/dev/null || echo "0")
|
|
fi
|
|
|
|
# Remove
|
|
rm -rf "$path" 2>/dev/null
|
|
|
|
if [ $? -eq 0 ]; then
|
|
cleaned_size=$((cleaned_size + size))
|
|
((cleaned_count++))
|
|
echo -e " ${GREEN}✓${NC} Removed: $description"
|
|
return 0
|
|
else
|
|
echo -e " ${RED}✗${NC} Failed to remove: $description"
|
|
return 1
|
|
fi
|
|
else
|
|
echo -e " ${DIM}○${NC} Not found: $description (already clean)"
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
echo -e "${BOLD}IP Reputation Database:${NC}"
|
|
safe_remove "/var/lib/server-toolkit/ip-reputation" "IP reputation database"
|
|
safe_remove "/var/lib/server-toolkit" "Toolkit data directory"
|
|
echo ""
|
|
|
|
echo -e "${BOLD}Temporary Analysis Files:${NC}"
|
|
# Bot analyzer temp files
|
|
for pattern in /tmp/bot_analysis_* /tmp/*_bot_*.txt; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -f $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: Bot analysis temp files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
# 500 error tracker temp files
|
|
for pattern in /tmp/500-tracker-* /tmp/*500*.txt; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -rf $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: 500 error tracker temp files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
# Live monitoring temp files
|
|
for pattern in /tmp/live-monitor-* /tmp/*monitor*.tmp; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -rf $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: Live monitoring temp files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
# Error analyzer temp files
|
|
for pattern in /tmp/error_analysis_* /tmp/*error*.tmp; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -f $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: Error analyzer temp files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
# Generic toolkit temp files
|
|
for pattern in /tmp/toolkit_* /tmp/server-toolkit*; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -rf $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: Generic toolkit temp files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
|
|
echo -e "${BOLD}Generated Reports:${NC}"
|
|
# Look for common report locations
|
|
for pattern in /tmp/*_report_*.txt /tmp/*_analysis_*.txt /root/*toolkit*.txt /root/*_report*.txt; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
count=$(ls $pattern 2>/dev/null | wc -l)
|
|
rm -f $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: $count report file(s)"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
|
|
echo -e "${BOLD}Cache and Session Data:${NC}"
|
|
# Cached analysis data
|
|
if [ -d "/var/cache/server-toolkit" ]; then
|
|
safe_remove "/var/cache/server-toolkit" "Toolkit cache directory"
|
|
fi
|
|
|
|
# Session/lock files
|
|
for pattern in /var/run/server-toolkit* /var/lock/server-toolkit*; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
rm -f $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: Session/lock files"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
|
|
echo -e "${BOLD}Log Files (Optional):${NC}"
|
|
echo -n "Remove toolkit execution logs? (yes/no) [no]: "
|
|
read remove_logs
|
|
remove_logs="${remove_logs:-no}"
|
|
|
|
if [ "$remove_logs" = "yes" ]; then
|
|
for pattern in /var/log/server-toolkit*.log; do
|
|
if ls $pattern 2>/dev/null | grep -q .; then
|
|
count=$(ls $pattern 2>/dev/null | wc -l)
|
|
rm -f $pattern 2>/dev/null
|
|
echo -e " ${GREEN}✓${NC} Removed: $count log file(s)"
|
|
((cleaned_count++))
|
|
break
|
|
fi
|
|
done
|
|
else
|
|
echo -e " ${DIM}○${NC} Logs kept (skipped)"
|
|
fi
|
|
|
|
echo ""
|
|
echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}"
|
|
echo ""
|
|
|
|
# Convert size to human readable
|
|
if [ $cleaned_size -lt 1024 ]; then
|
|
size_human="${cleaned_size}B"
|
|
elif [ $cleaned_size -lt 1048576 ]; then
|
|
size_human="$((cleaned_size / 1024))KB"
|
|
elif [ $cleaned_size -lt 1073741824 ]; then
|
|
size_human="$((cleaned_size / 1048576))MB"
|
|
else
|
|
size_human="$((cleaned_size / 1073741824))GB"
|
|
fi
|
|
|
|
echo -e "${GREEN}${BOLD}✓ Cleanup Complete!${NC}"
|
|
echo ""
|
|
echo "Summary:"
|
|
echo " Items removed: $cleaned_count"
|
|
echo " Space freed: $size_human"
|
|
echo ""
|
|
echo "The toolkit is now clean and ready for:"
|
|
echo " • Transfer to another server"
|
|
echo " • Fresh analysis start"
|
|
echo " • Sharing without server-specific data"
|
|
echo ""
|
|
|
|
# Verify critical directories are gone
|
|
missing=0
|
|
[ -d "/var/lib/server-toolkit" ] && { echo -e "${YELLOW}Warning: /var/lib/server-toolkit still exists${NC}"; ((missing++)); }
|
|
[ -d "/tmp/live-monitor-current" ] && { echo -e "${YELLOW}Warning: /tmp/live-monitor-current still exists${NC}"; ((missing++)); }
|
|
|
|
if [ $missing -gt 0 ]; then
|
|
echo ""
|
|
echo -e "${YELLOW}Some directories could not be removed (may be in use)${NC}"
|
|
echo "Try stopping any running toolkit scripts and run cleanup again."
|
|
fi
|
|
|
|
echo ""
|
|
press_enter
|