#!/bin/bash
#
# For info or comments - bandries@novell.com
#
# When no server is given on command line, use default server

DEFAULT="nam.lab.ba"

echo ""
echo "-------------------------------------------"
echo "--- rdump: run tcpdump on remote server ---"
echo "-------------------------------------------"
echo ""

########## define server ##########

if test "$1" = ""; then
	SERVER=$DEFAULT
else
	SERVER=$1 
fi

########## configure authentication ##########

test -f ~/.ssh/id_rsa 2> /dev/null > /dev/null
if test "$?" = "1"; then
	echo "Key will be created in ~/.ssh/id_rsa"
	ssh-keygen -f ~/.ssh/id_rsa -N "" 2> /dev/null > /dev/null
fi

########## connect to server ##########

echo "Connecting to server "$SERVER
echo ""

ssh-copy-id -i ~/.ssh/id_rsa.pub root@$SERVER 2> /dev/null > /dev/null
if test "$?" = "1"; then
	echo "*** Error connecting to server "$SERVER" ***"
	echo "Try to manually connect using command 'ssh root@"$SERVER"' to troubleshoot the connection."
	echo ""
	exit 1
fi

########## check tcpdump ##########

ssh root@$SERVER tcpdump --version 2> /dev/null > /dev/null
if test "$?" = "127"; then
	echo "*** Error running tcpdump ***"
        echo "Please verify if tcpdump has been installed correctly on "$SERVER"."
        echo ""
        exit 1
fi

########## perform the remote capture and get trace ##########

echo ""
echo "Capture in progress on server "$SERVER", press CTRL-C to finish."
echo ""
rm ~/trace.cap 2> /dev/null
ssh root@$SERVER "tcpdump -w /tmp/trace.cap -s 1514 2> /tmp/rdumpout" 2> /dev/null
ssh root@$SERVER "killall tcpdump"
echo "Status output:"
echo "--------------"
ssh root@$SERVER "cat /tmp/rdumpout | grep captured"
echo ""
echo "Retrieving trace file..."
echo "------------------------"
scp root@$SERVER:/tmp/trace.cap ~/trace.cap
echo ""
echo "Starting Wireshark"
echo "-----------------"
wireshark ~/trace.cap 2> /dev/null &
echo "OK"
echo ""