#!/usr/local/bin/bash
#
# process-check script
# kills any process that has too many socket connections, ie: mechs, bnc's, mirkforce, xdcc's, etc.
#
# crontab entry needed:
# */5 * * * * /usr/local/sbin/process-check >/dev/null 2>&1
#
# Zoidial, Inc.
# Eric Thern, 2001
#
# v0.1 11/03/2001 - initial release
# v0.2 11/04/2001 - added egrep, multiple entries
# v0.3 11/07/2001 - fixed second egrep checking connections - no more false positives
# v0.4 04/11/2002 - added logging to standard error syslog
#               --- completely redid awks and egreps to rule out killing the wrong processes due to username matches
# v0.5 04/16/2002 - added illegal process section

#
# checks for excessive IRC connections
#
for i in `sockstat | awk '{ print $2 "\t" $3 "\t" $7 }' | egrep '(bnc|psybnc|ezbnc|muh|ez|mech|emech|mirkforce|Mirkforce|iroffer|xdcc|sc_serv)' |egrep '(:666|:7000|:8000|:8080)' | awk '{ print $1 "\t" $2 }' | uniq -c | awk '{ if ( $1 > 2 ) print $3 }'`; do `kill -9 $i; echo "killed process $i -- process-check script" | logger`; done

#
# checks for illegal processes
#
for i in `sockstat | awk '{ print $2 "\t" $3 }' | egrep '(icecast|mirkforce|Mirkforce|iroffer|xdcc|sc_serv)' |uniq -c | awk '{print $3}'`; do `kill -9 $i; echo "killed illegal process $i -- process-check script" | logger`; done