Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Running script containing fw tab commands on Nokia ipso out of cron
From: "Jon Sabo" <jonathan.sabo () gmail com>
Date: Thu, 21 Sep 2006 19:49:49 +0000

Firewall Wizards,

I want to run some fw tab commands from a script out of cron to alert on
full nat alloc tables and things....  This is a checkpoint nokia firewall.
I can't see to get it to work and I am not sure what I am missing if
anything from the environment...  I've been playing with this for a few
hours and I'm ready for some assistance if you have a moment.

Thanks!

Error:

Could not initialize SIC.: Interrupted system call
Could not initialize SIC.: Interrupted system call

Script:
#!/bin/sh

export USER="admin"
export LOGNAME="admin"
export HOME="/var/admin"
export SHELL="/bin/csh"
export TZ=":/etc/localtime"
export SSH_TTY="/dev/ttyp0"
export TERM="vt100"
export SSH_AUTH_SOCK="/tmp/ssh-MZm15868/agent.15868"
export PWD="/etc"
export BLOCKSIZE="K"
export
PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/libexec:/etc:/opt/CPshared-R55p/bin:/opt/CPfw1-R55p/bin:/opt/CPinfo-R5
5p/bin"
export MIBS="ALL"
export
IPSO_PACKAGE_CLASS="/opt/CPshared-R55p=0x8a,/opt/CPfw1-R55p=0x9a,/opt/CPinfo-R55p=0x8a"
export ACTIVE_PKG="/opt/CPshared-R55p /opt/CPfw1-R55p /opt/CPinfo-R55p"
export LD_LIBRARY_PATH="/opt/CPshared-R55p/lib:/opt/CPfw1-R55p/lib"
export CPDIR="/opt/CPshared-R55p"
export IPSO_PACKAGE_PREFIX="CPshared VPN-1/FireWall-1"
export TEMPLATE_PATH="/opt/CPfw1-R55p/templates"
export FWDIR="/opt/CPfw1-R55p"
export VARDIR="/var/opt/CPfw1-R55p"
export SUDIR="/opt/CPfw1-R55p/sup"
export SUROOT="/var/suroot"
export FWDEV="/var/dev/fw0"
export VPNDEV="/var/dev/vpn0"
export FW_BOOT_DIR="/opt/CPfw1-R55p/boot"

echo "grabing values"
#Grab the current #VAl and MAX from the translation table
CURRENT=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc -s | grep "8187" | awk
'{print $4}';`
CURRENT1=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc | grep "8187" | awk
'{print $10}' |sed s/,//;`
echo "calculating stuff"
#Get 85 percent of the MAX Value
CURRENT2=$(($CURRENT1 * 85 / 100))
echo "comparing"
#If the #VAL is greater then or equal to 85 percent of peak, then send email
if [ $CURRENT -ge $CURRENT2 ]; then

month=`date +%Y%m`

day=`date +%Y%m%d`

HELO=`hostname`

MAIL_FROM="Firewall"

RCPT_TO1=person () boh com
RCPT_TO2=person2 () boh com

SUBJECT="Translation Table threshold Exceeded!!"
echo "Sending email"

(sleep 2; echo "HELO ${HELO}"; sleep 1; echo "MAIL FROM:<${HELO}>"; sleep 1;
echo "RCPT TO:<${RCPT_TO1}>"; sleep 1; ec
ho "RCPT TO:<${RCPT_TO2}>"; sleep 1; echo "DATA"; sleep 1; echo
"SUBJECT:${SUBJECT}"; sleep 1; echo "Test body"; sleep
1; echo "."; sleep 1; echo quit) | telnet 10.202.248.222 25

Fi

Crontab:

*/1 * * * * /var/tmp2/xlate/test3.sh >> /var/log/xlate.log 2>&1


This is in the admin users crontab too so the admin user is running the
script and not root, I verified this with env.  I created a /var/cron/admin
file and saw it reload in the /var/log/messages.


Thanks,

Jonathan
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
  • Running script containing fw tab commands on Nokia ipso out of cron Jon Sabo (Sep 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]