Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] AW: [FW-1] Scripts to Monitor Solaris?

from FWAdmin [Permanent Link]
Subject: [FW-1] AW: [FW-1] Scripts to Monitor Solaris?
From: FWAdmin <FWAdmin AT WLW DOT DE>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Thu, 24 Jun 2004 09:13:46 +0200 
Hi Shane,

for me it's a BB script ;-), it uses sudo and a lttle fwrun-script
-------------------- snip (sudo-entry)
-----------------------------------------
bb      ALL=    NOPASSWD:       /opt/CPfw1-R55/bin/fwrun stat
bb      ALL=    NOPASSWD:       /opt/CPfw1-R55/bin/fwrun ctlpstat
-------------------- snap (sudo-entry)
-----------------------------------------
-------------------- snip (fwrun)
----------------------------------------------
#!/bin/sh
. /opt/CPshrd-R55/tmp/.CPprofile.sh
case $1 in
        stat) $FWDIR/bin/fw stat -log ;;
        ctlpstat) $FWDIR/bin/fw ctl pstat ;;
        *) ;;
esac
-------------------- snap (fwrun)
----------------------------------------------
-------------------- snip (bb-fwstat.sh)
---------------------------------------
#!/bin/sh
#set -x
# bb-fwstat.sh
#
# BIG BROTHER - PROTOTYPE EXTERNAL SCRIPT
# Sean MacGuire - The MacLawran Group Inc.
#
# This program is Copyright (c) 1997-1999
# The MacLawran Group Inc.
# All Rights Reserved

#
# SCRIPTS IN THE BBHOME/ext DIRECTORY ARE ONLY RUN IF
# LISTED IN THE BBEXT VARIABLE OF $BBHOME/runbb.sh
# THIS IS FOR SECURITY.
#

#
# BBPROG SHOULD JUST CONTAIN THE NAME OF THIS FILE
# USEFUL WHEN YOU GET ENVIRONMENT DUMPS TO LOCATE
# THE OFFENDING SCRIPT...
#
BBPROG=bb-fwstat.sh; export BBPROG

#
# TEST NAME: THIS WILL BECOME A COLUMN ON THE DISPLAY
# IT SHOULD BE AS SHORT AS POSSIBLE TO SAVE SPACE...
# NOTE YOU CAN ALSO CREATE A HELP FILE FOR YOUR TEST
# WHICH SHOULD BE PUT IN www/help/$TEST.html.  IT WILL
# BE LINKED INTO THE DISPLAY AUTOMATICALLY.
#
TEST="fw"

#
# BBHOME CAN BE SET MANUALLY WHEN TESTING.
# OTHERWISE IT SHOULD BE SET FROM THE BB ENVIRONMENT
#
#BBHOME=/usr/local/bb; export BBHOME    # FOR TESTING

if test "$BBHOME" = ""
then
        echo "BBHOME is not set... exiting"
        exit 1
fi

if test ! "$BBTMP"                      # GET DEFINITIONS IF NEEDED
then
         # echo "*** LOADING BBDEF ***"
        . $BBHOME/etc/bbdef.sh          # INCLUDE STANDARD DEFINITIONS
fi

#
# NOW COLLECT SOME DATA
# IN THIS CASE, IT'S THE CURRENT TEMPERATURE IN CELCIUS
# FOR MONTREAL, QUEBEC

# SELECT SOME LEVELS... GREEN IS THE DEFAULT...

/usr/local/bin/sudo $FWDIR/bin/fwrun stat > /tmp/OUTPUT.$$

WARN="2"
PANIC="2"

if test -s "/tmp/OUTPUT.$$"                     # IF WE HAVE OUTPUT...
then
        RESULT="`$GREP -v Standard /tmp/OUTPUT.$$ | wc -l | sed 's/ //g'`"
        echo ""                 >> /tmp/OUTPUT.$$
        /usr/local/bin/sudo $FWDIR/bin/fwrun ctlpstat >> /tmp/OUTPUT.$$

        sed 's/</{-/g
s/>/-}/g' /tmp/OUTPUT.$$       > /tmp/OUTPUT.1.$$
        mv /tmp/OUTPUT.1.$$ /tmp/OUTPUT.$$

        #
        # DETERMINE RED/YELLOW/GREEN
        #
        if test "$RESULT" -ge "$PANIC"
        then
                COLOR="red"
        elif test "$RESULT" -ge "$WARN"
        then
                COLOR="yellow"
        else
                COLOR="green"
        fi
else
        COLOR="clear"
fi

#
# AT THIS POINT WE HAVE OUR RESULTS.  NOW WE HAVE TO SEND IT TO
# THE BBDISPLAY TO BE DISPLAYED...
#

# THE hostname COMMAND MUST RETURN THE FULL MACHINE NAME
MACHINE=`hostname | $SED 's/\./,/g' | $TR '[:upper:]' '[:lower:]'`

#
# THE FIRST LINE IS STATUS INFORMATION... STRUCTURE IMPORANT!
# THE REST IS FREE-FORM - WHATEVER YOU'D LIKE TO SEND...
#
LINE="status $MACHINE.$TEST $COLOR `date` FW-1 Status
`cat /tmp/OUTPUT.$$`
"

$RM -f /tmp/OUTPUT.$$

# NOW USE THE BB COMMAND TO SEND THE DATA ACROSS
$BB $BBDISP "$LINE"                     # SEND IT TO BBDISPLAY
---------------------------------- snap (bb-fwstat.sh)
------------------------------------

-----Ursprüngliche Nachricht-----
Von: Shane Presley [mailto:shane.presley AT GMAIL DOT COM]
Gesendet: Mittwoch, 23. Juni 2004 17:19
An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Betreff: [FW-1] Scripts to Monitor Solaris?


Does anybody have any quick scripts that monitor the health of a
solaris firewall?  I'm running Solaris 8, NG AI R55.  Maybe something
that might e-mail me basic health info, or a big brother plugin?

TIA,
Shane

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [FW-1] AW: [FW-1] Scripts to Monitor Solaris?, Scholz Wolfgang
Next by Date:  [FW-1] Crontab error on Nokia, Shiazad Ahmed
Previous by Thread:  [FW-1] AW: [FW-1] Scripts to Monitor Solaris?, Scholz Wolfgang
Next by Thread:  [FW-1] Crontab error on Nokia, Shiazad Ahmed
Indexes:  [Date] [Thread] [Top] [All Lists]