--===============0618302426==
Content-Type: multipart/alternative;
boundary="----=_Part_16144_6765424.1158868189394"

------=_Part_16144_6765424.1158868189394
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Firewall Wizards,

I want to run some fw tab commands from a script out of cron to alert on
full nat alloc tables and things.... This is a checkpoint nokia firewall.
I can't see to get it to work and I am not sure what I am missing if
anything from the environment... I've been playing with this for a few
hours and I'm ready for some assistance if you have a moment.

Thanks!

Error:

Could not initialize SIC.: Interrupted system call
Could not initialize SIC.: Interrupted system call

Script:
#!/bin/sh

export USER="admin"
export LOGNAME="admin"
export HOME="/var/admin"
export SHELL="/bin/csh"
export TZ=":/etc/localtime"
export SSH_TTY="/dev/ttyp0"
export TERM="vt100"
export SSH_AUTH_SOCK="/tmp/ssh-MZm15868/agent.15868"
export PWD="/etc"
export BLOCKSIZE="K"
export
PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/libexec:/etc:/opt/CPshared-R55p/bin:/opt/CPfw1-R55p/bin:/opt/CPinfo-R5
5p/bin"
export MIBS="ALL"
export
IPSO_PACKAGE_CLASS="/opt/CPshared-R55p=0x8a,/opt/CPfw1-R55p=0x9a,/opt/CPinfo-R55p=0x8a"
export ACTIVE_PKG="/opt/CPshared-R55p /opt/CPfw1-R55p /opt/CPinfo-R55p"
export LD_LIBRARY_PATH="/opt/CPshared-R55p/lib:/opt/CPfw1-R55p/lib"
export CPDIR="/opt/CPshared-R55p"
export IPSO_PACKAGE_PREFIX="CPshared VPN-1/FireWall-1"
export TEMPLATE_PATH="/opt/CPfw1-R55p/templates"
export FWDIR="/opt/CPfw1-R55p"
export VARDIR="/var/opt/CPfw1-R55p"
export SUDIR="/opt/CPfw1-R55p/sup"
export SUROOT="/var/suroot"
export FWDEV="/var/dev/fw0"
export VPNDEV="/var/dev/vpn0"
export FW_BOOT_DIR="/opt/CPfw1-R55p/boot"

echo "grabing values"
#Grab the current #VAl and MAX from the translation table
CURRENT=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc -s | grep "8187" | awk
'{print $4}';`
CURRENT1=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc | grep "8187" | awk
'{print $10}' |sed s/,//;`
echo "calculating stuff"
#Get 85 percent of the MAX Value
CURRENT2=$(($CURRENT1 * 85 / 100))
echo "comparing"
#If the #VAL is greater then or equal to 85 percent of peak, then send email
if [ $CURRENT -ge $CURRENT2 ]; then

month=`date +%Y%m`

day=`date +%Y%m%d`

HELO=`hostname`

MAIL_FROM="Firewall"

RCPT_TO1=person@boh.com
RCPT_TO2=person2@boh.com

SUBJECT="Translation Table threshold Exceeded!!"
echo "Sending email"

(sleep 2; echo "HELO ${HELO}"; sleep 1; echo "MAIL FROM:<${HELO}>"; sleep 1;
echo "RCPT TO:<${RCPT_TO1}>"; sleep 1; ec
ho "RCPT TO:<${RCPT_TO2}>"; sleep 1; echo "DATA"; sleep 1; echo
"SUBJECT:${SUBJECT}"; sleep 1; echo "Test body"; sleep
1; echo "."; sleep 1; echo quit) | telnet 10.202.248.222 25

Fi

Crontab:

*/1 * * * * /var/tmp2/xlate/test3.sh >> /var/log/xlate.log 2>&1


This is in the admin users crontab too so the admin user is running the
script and not root, I verified this with env. I created a /var/cron/admin
file and saw it reload in the /var/log/messages.


Thanks,

Jonathan

------=_Part_16144_6765424.1158868189394
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Firewall Wizards,

I want to run some fw tab commands from a script out of cron to alert on full nat alloc tables and things....  This is a checkpoint nokia firewall.  I can't see to get it to work and I am not sure what I am missing if anything from the environment...  I've been playing with this for a few hours and I'm ready for some assistance if you have a moment.


Thanks!

Error:

 Could not initialize SIC.: Interrupted system call
 Could not initialize SIC.: Interrupted system call

Script:
#!/bin/sh

export USER="admin"
export LOGNAME="admin"

export HOME="/var/admin"
export SHELL="/bin/csh"
export TZ=":/etc/localtime"
export SSH_TTY="/dev/ttyp0"
export TERM="vt100"
export SSH_AUTH_SOCK="/tmp/ssh-MZm15868/agent.15868"

export PWD="/etc"
export BLOCKSIZE="K"
export PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/libexec:/etc:/opt/CPshared-R55p/bin:/opt/CPfw1-R55p/bin:/opt/CPinfo-R5
5p/bin"
export MIBS="ALL"

export IPSO_PACKAGE_CLASS="/opt/CPshared-R55p=0x8a,/opt/CPfw1-R55p=0x9a,/opt/CPinfo-R55p=0x8a"
export ACTIVE_PKG="/opt/CPshared-R55p /opt/CPfw1-R55p /opt/CPinfo-R55p"
export LD_LIBRARY_PATH="/opt/CPshared-R55p/lib:/opt/CPfw1-R55p/lib"

export CPDIR="/opt/CPshared-R55p"
export IPSO_PACKAGE_PREFIX="CPshared VPN-1/FireWall-1"
export TEMPLATE_PATH="/opt/CPfw1-R55p/templates"
export FWDIR="/opt/CPfw1-R55p"

export VARDIR="/var/opt/CPfw1-R55p"
export SUDIR="/opt/CPfw1-R55p/sup"
export SUROOT="/var/suroot"
export FWDEV="/var/dev/fw0"
export VPNDEV="/var/dev/vpn0"

export FW_BOOT_DIR="/opt/CPfw1-R55p/boot"

echo "grabing values"
#Grab the current #VAl and MAX from the translation table
CURRENT=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc -s | grep "8187" | awk '{print $4}';`

CURRENT1=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc | grep "8187" | awk '{print $10}' |sed s/,//;`
echo "calculating stuff"
#Get 85 percent of the MAX Value
CURRENT2=$(($CURRENT1 * 85 / 100))

echo "comparing"
#If the #VAL is greater then or equal to 85 percent of peak, then send email
if [ $CURRENT -ge $CURRENT2 ]; then

month=`date +%Y%m`

day=`date +%Y%m%d`

HELO=`hostname`


MAIL_FROM="Firewall"

RCPT_TO1=erson@boh.com">person@boh.com
RCPT_TO2=erson2@boh.com">person2@boh.com

SUBJECT="Translation Table threshold Exceeded!!"        

echo "Sending email"

(sleep 2; echo "HELO ${HELO}"; sleep 1; echo "MAIL FROM:<${HELO}>"; sleep 1; echo "RCPT TO:<${RCPT_TO1}>"; sleep 1; ec
ho "RCPT TO:<${RCPT_TO2}>"; sleep 1; echo "DATA"; sleep 1; echo "SUBJECT:${SUBJECT}"; sleep 1; echo "Test body"; sleep

 1; echo "."; sleep 1; echo quit) | telnet 10.202.248.222 25

Fi

Crontab:

*/1 * * * * /var/tmp2/xlate/test3.sh >> /var/log/xlate.log 2>&1



This is in the admin users crontab too so the admin user is running the script and not root, I verified this with env.  I created a /var/cron/admin file and saw it reload in the /var/log/messages.


Thanks,


Jonathan


------=_Part_16144_6765424.1158868189394--

--===============0618302426==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards

--===============0618302426==--