Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??
second file
use strict; ###################################################################### +####################################### #Telnet ftp and http with client authentication partily automatic #The authentication methods are: RADIUS (Levingston), FW-1, TACACS, TA +CACS plus, Secure ID, IAS, OS. #first try to open with client authentication and then without. ###################################################################### +####################################### my $FW_POLICY="clau001.W"; #[STANDALONE_BLACKBOX] ###################################################################### +######### ### + ### ### QTL "Black Box" that configure standalone environment + ### ### + ### ###################################################################### +######### #$Header: /qa_cvs/qtls/scripts/auth/Attic/clau001.auth,v 1.1.2.1 2003/ +03/18 12:06:40 obdavid Exp $ #This QTL script describes the process of working with standalone topo +logies #Included machines - #fw_machine_1 - Vancouver stanalone machine #------------ Configuration part ------------------------------------- #The CPMI Client version vc8 and above #The CPMI Client script name, saved under /usr/local/aig/common/db/fwc +onf/5.0/standalone/ my $CPMI_SCRIPT = "standalone_setup.cpmi"; #The FireWall-1 CPMI administrator user and password #This is an administrator defined separately for CPMI client operation +. my $ADMIN_USERNAME = "cpmi-user"; my $ADMIN_PASSWORD = "cpmi-passwd"; my $CPMI_SUFFIX=".cpmi"; #Get the FireBall-1 3.0 master IP for future use as a CPMI/GUI client my $get_master_ip_1 = $master->shell("ifconfig -a"); QTL::force ((($get_master_ip_1->exitcode eq "0")), "Failed to get the +master\'s ip via \'ifconfig -a\' commnad!"); my $get_master_ip_2 = $master->find_str("-reg (/inet addr\\:(.*)\\s+Bc +ast/) " . $get_master_ip_1->outfile); QTL::force ((($get_master_ip_2->result eq "success")), "Failed to find + the master\'s ip in the \'if config -a\' output!"); my $MASTER_IP = $get_master_ip_2->dollar1; #Configure utility variables my $STANDALONE_DIR = $master->fb_db . "\\fwconf\\5.0\\standalone"; #Variables for the clean configuration files my $CONF_DIR = $fw_machine_1->fw_dir . "\\conf"; my $CLEAR_DIR = $master->fw_db . "\\" . $fw_machine_1->fw_build; #cpstart sleep time according to the platform my $print_all_time_machines = $master->print("NT=40 SUN=40 LINUX=40 NO +KIA=120 AIX=40 HP=40"); QTL::force ($print_all_time_machines->result eq "success"); my $find_the_platform_time = $master->find_str("-reg (/" . $fw_machine +_1->platform . "=(\\d+)/) " . $print_all_time_machines->outfile); QTL::force (($find_the_platform_time->result eq "success"), "Failed to + get CPSTART SLEEP TIME value!"); my $CPSTART_SLEEP_TIME = $find_the_platform_time->dollar1; my $PACKAGE_SUFFIX = ".package"; my $PACKAGE_FILE = $fw_machine_1->fw_build . "$PACKAGE_SUFFIX"; #----------- End of configuration part #-------- Step 1 - Connect to the FireWall-1 management ----- #Connect to the FireWall-1 management #Stop the FireWall-1. Do not force it - it might be down already my $stop_fw = $fw_machine_1->cpstop(); #-------- Step 1.1 - Clean up the FWDIR\conf dir of the fw_machine_1 +--------- #Create the conf package my $create_package = $master->shell("perl " . $master->aig_dir . "\\co +mmon\\scripts\\pack_conf.pl -v " . $fw_machine_1->fw_ver . " -b " . $ +fw_machine_1->fw_build . " -d " . $fw_machine_1->fw_dir); QTL::force ((($create_package->exitcode eq "0")), "Failed to create th +e package for the \'conf\' directory!"); #Overwrite/remove database files on the FireWall-1 machine my $delete_conf = $fw_machine_1->rm_rf("-r $CONF_DIR\\*"); QTL::force ((($delete_conf->result eq "success")), "Failed to remove t +he conf directory from the Firewall management!"); #Transfer the clean objects files my $transfer_conf = $fw_machine_1->put_file("-o $CLEAR_DIR $PACKAGE_FI +LE to " . $fw_machine_1->work_dir); my $transfer_aiginstaller = $fw_machine_1->put_file("-o " . $master->a +ig_dir . "\\common\\scripts aiginstaller.pl to " . $fw_machine_1->wor +k_dir); QTL::force ((($transfer_conf->result eq "success") and ($transfer_aigi +nstaller->result eq "success")), "May fail to pass either the \'conf\ +' package file or the installation file to Fw machine managemet!"); #Extract the conf package my $extract_conf = $fw_machine_1->shell("perl " . $fw_machine_1->work_ +dir . "\\aiginstaller.pl -y " . $fw_machine_1->work_dir . "\\$PACKAGE +_FILE"); QTL::force ((($extract_conf->exitcode eq "0")), "Failed to create the +package for the \'conf\' directory!"); #------------------- End of Step 1.1 --------------------------------- +--- #-------- Step 1.2 - Reset the internal CA on the FW machine -------- +- my $reset_ca = $fw_machine_1->shell($fw_machine_1->fw_dir . "\\bin\\fw +m sic_reset -yes"); my $reset_ca_2 = $fw_machine_1->shell($fw_machine_1->fw_dir . "\\bin\\ +fwm sic_reset -yes"); QTL::force (($reset_ca->exitcode eq "0") or ($reset_ca_2->exitcode eq +"0")); $master->shell("sleep 5"); #Recreate the internal CA on the management my $recreate_ca = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_ +path . "\\bin\\cp_conf\" ca init"); QTL::force ((($recreate_ca->exitcode eq "0")), "Failed to reset the in +ternal CA!"); #NEW in ANC - FQDN configuration in the Internal CA my $fqdn_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_path +. "\\bin\\cp_conf\" ca dns " . $fw_machine_1->hostname_1); my $fqdn_2 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_path +. "\\bin\\cp_conf\" ca fqdn " . $fw_machine_1->hostname_1); QTL::force ((((($fqdn_1->exitcode eq "0") and ($fw_machine_1->fw_build + < "52097")) or (($fqdn_2->exitcode eq "0") and ($fw_machine_1->fw_bu +ild >= "52097")) or ($fw_machine_1->fw_build < "52000"))), "Failed to + configure the FQDN for the interenal CA!"); #Get the new DN of the FW from the registry my $get_dn_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_pat +h . "\\bin\\ckp_regedit\" -p software\\checkpoint\\sic"); QTL::force ((($get_dn_1->exitcode eq "0")), "Failed to perform \'ckp_r +egedit\' command on the Firewall management\'s registry!"); $master->shell("sleep 2"); my $get_dn_2 = $fw_machine_1->find_str("-reg (/(cn=\\S+)\\s+/) " . $ge +t_dn_1->outfile); QTL::force ((($get_dn_2->dollar1 =~ $fw_machine_1->hostname_1)), "Fail +ed to get the new DN of the Firewall management from the registry!"); #Assign a variable for easier use of the DN my $DN = $get_dn_2->dollar1; #------------------- End of Step 1.2 --------------------------------- +--- #------------------- End of Step 1 ----------------------------------- +--- $master->shell("sleep 5"); #--- Step 2 - Configure administrator and Gui Client for the CPMI Cli +ent --- #Create an administrator for the future CPMI Client work my $create_admin_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshar +ed_path . "\\bin\\cp_conf\" admin add $ADMIN_USERNAME $ADMIN_PASSWORD + w"); my $create_admin_2 = $fw_machine_1->find_str("-l \"successfully or alr +eady\" " . $create_admin_1->outfile); QTL::force ((($create_admin_2->result eq "success")), "Failed to add t +he administrator for the CPMI!"); #Add the master as a Gui_Client for enable connectivity between CPMI c +lient and FireWall-1 management. my $add_gui_cli_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshare +d_path . "\\bin\\cp_conf\" client add $MASTER_IP"); my $add_gui_cli_2 = $fw_machine_1->find_str("-l \"successfully or alre +ady\" " . $add_gui_cli_1->outfile); my $add_gui_cli_3 = $fw_machine_1->find_str("-l \"successfully or alre +ady\" " . $add_gui_cli_1->errfile); QTL::force ((($add_gui_cli_2->result eq "success") or ($add_gui_cli_3- +>result eq "success")), "Failed to add the GUI client for the CPMI!") +; #-------------- End of Step 2 ---------------------------------------- +-- #------------------- Step 3 - Configure Default Filter that accept por +t 12321 ----------- #Transfer the new default filter that includes accept for port 12321 my $establsh_conn_1 = $fw_machine_1->put_file("-o $STANDALONE_DIR defa +ultfilter.pf to " . $fw_machine_1->fw_dir . "\\conf"); QTL::force ((($establsh_conn_1->result eq "success")), "Failed to pass + $STANDALONE_DIR\\defaultfilter.pf to fw_machine_1!"); #Remove all information about an old state of the module. Do not force + (it - it might not be available my $establsh_conn_2 = $fw_machine_1->rm_rf("-r " . $fw_machine_1->fw_d +ir . "\\state\\local"); #Compile the new default filter my $establish_conn_3 = $fw_machine_1->shell($fw_machine_1->fw_dir . "\ +\bin\\comp_init_policy"); my $establish_conn_4 = $fw_machine_1->find_str("-l \"Compiled OK\" " . + $establish_conn_3->errfile); QTL::force ((($establish_conn_4->result eq "success")), "Failed to com +pile the Fireball\'s defaultfilter!"); #------------------- End of Step 3 ----------------------------------- +--- #amos add my $transfer_msg_cnt = $fw_machine_1->put_file("-o $CLEAR_DIR\\conf\\c +psc msg_cnt.C to $CONF_DIR\\cpsc msg_cnt.C"); QTL::force ((($transfer_msg_cnt->result eq "success")), "Failed to pas +s msg_cnt.C to Fw conf/cpsc directory!"); $master->shell("sleep 5"); #-------------- Step 4 - Start the FireWall-1 machine -------------- my $start_fw_1 = $fw_machine_1->shell("-exec_mode async \"" . $fw_mach +ine_1->cpshared_path . "\\bin\\cpstart\""); $fw_machine_1->shell("sleep 1"); QTL::force ((($start_fw_1->state eq "running")), "Failed to start the +Firewall!"); $master->shell("sleep $CPSTART_SLEEP_TIME"); my $start_fw_4 = $fw_machine_1->shell("cpridstart"); QTL::force ((($start_fw_4->exitcode eq "0")), "Failed to strat cprid d +aemon on fw_machine_1!"); #------------ End of Step 4 ------------------------------------ my $core_collector_module = $fw_machine_1->shell("perl " . $fw_machine +_1->aig_dir . "\\prod\\sysinfo\\scripts\\core_collector.pl -space 500 +"); #Execute sysinfo to collect general information and saves cores if fou +nd my $collect_module_cores = $fw_machine_1->sysinfo("-exec_mode async -n + -1 -sys=all -freq 30 -core=" . $fw_machine_1->work_dir . "/ -trace-r +ole=fw -trace-name=cpd -trace-name=vpnd -exec=\"perl " . $fw_machine_ +1->aig_dir . "\\prod\\sysinfo\\scripts\\core_collector.pl \'-space 50 +0\'\""); #-------------- Step 5 - Configure the CPMI Client script on the maste +r -------------- #Copy the CPMI client script to a the working dir for further modifi +cations. my $mod_cpmi_script_1 = $master->shell("cp -vf $STANDALONE_DIR\\$CPMI_ +SCRIPT " . $master->work_dir . "\\$CPMI_SCRIPT"); QTL::force ((($mod_cpmi_script_1->exitcode eq "0")), "Failed to pass $ +CPMI_SCRIPT script to the master\'s workdir!"); #Change all requested parameters in the cpmi_script.(e.g. the Administ +rator username and IP etc ) my $mod_cpmi_script_2 = $master->transform("-v ADMIN_USERNAME -d $ADMI +N_USERNAME " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_3 = $master->transform("-v ADMIN_PASSWORD -d $ADMI +N_PASSWORD " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_4 = $master->transform("-v FW_MACHINE_1_HOSTNAME_1 + -d " . $fw_machine_1->hostname_1 . " " . $master->work_dir . "\\$CPM +I_SCRIPT"); my $mod_cpmi_script_5 = $master->transform("-v FW_MACHINE_1_IP_1 -d " +. $fw_machine_1->ip_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_6 = $master->transform("-v FW_MACHINE_1_IF_1 -d " +. $fw_machine_1->if_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_7 = $master->transform("-v FW_MACHINE_1_MASK_1 -d +" . $fw_machine_1->mask_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT +"); my $mod_cpmi_script_8 = $master->transform("-v FW_MACHINE_1_IP_2 -d " +. $fw_machine_1->ip_2 . " " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_9 = $master->transform("-v FW_MACHINE_1_IF_2 -d " +. $fw_machine_1->if_2 . " " . $master->work_dir . "\\$CPMI_SCRIPT"); my $mod_cpmi_script_10 = $master->transform("-v FW_MACHINE_1_MASK_2 -d + " . $fw_machine_1->mask_2 . " " . $master->work_dir . "\\$CPMI_SCRIP +T"); my $mod_cpmi_script_11 = $master->transform("-v SIC_NAME -d $DN " . $m +aster->work_dir . "\\$CPMI_SCRIPT"); QTL::force ((($mod_cpmi_script_2->number_of_transform eq "1") and ($mo +d_cpmi_script_3->number_of_transform eq "1") and ($mod_cpmi_script_4- +>number_of_transform eq "2") and ($mod_cpmi_script_5->number_of_trans +form eq "2") and ($mod_cpmi_script_6->number_of_transform eq "1") and + ($mod_cpmi_script_7->number_of_transform eq "1") and ($mod_cpmi_scri +pt_8->number_of_transform eq "1") and ($mod_cpmi_script_9->number_of_ +transform eq "1") and ($mod_cpmi_script_10->number_of_transform eq "1 +") and ($mod_cpmi_script_11->number_of_transform eq "1")), "Failed to + edit $CPMI_SCRIPT CPMI script!"); #---------------------------------- End of Step 5 -------------------- +---------------- $master->shell("sleep 5"); #------------------- Step 6 - Execute the CPMI Client ------------- #Execute the CPMI Client my $exec_cpmi_1 = $master->shell($master->aig_dir . "\\common\\bin\\Cp +miUI -o 1 " . $master->work_dir . "\\$CPMI_SCRIPT"); QTL::force ((($exec_cpmi_1->exitcode eq "0")), "Failed to run the Cpmi +UI with $CPMI_SCRIPT!"); #Check for a success my $exec_cpmi_2 = $master->find_str("-l \"Update and object and " . $f +w_machine_1->hostname_1 . " and succeeded\" " . $exec_cpmi_1->outfile +); QTL::force ((($exec_cpmi_2->result eq "success")), "Failed to create f +w_machine_1 via the CPMI!"); #----------------------------------- End of Step 6 ------------------- +--------------- #amos add #--------------------------------------------------------configure the + main cpmi scripts--------------------------------------------------- +------------------- #copy the main cpmi files to work directory my $main1 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_ +scripts/main1.cpmi " . $master->work_dir . "/main1.cpmi"); QTL::force ((($main1->exitcode eq "0")), "Failed to copy main1->cpmi f +ile to master\'s work directory"); my $main2 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_ +scripts/main2.cpmi " . $master->work_dir . "/main2.cpmi"); QTL::force ((($main2->exitcode eq "0")), "Failed to copy main2->cpmi f +ile to master\'s work directory"); my $main3 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_ +scripts/main3.cpmi " . $master->work_dir . "/main3.cpmi"); QTL::force ((($main3->exitcode eq "0")), "Failed to copy main3->cpmi f +ile to master\'s work directory"); #configure the ip of internal network my $to_network1 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0 +/files/to_network.pl " . $master->work_dir . "/to_network.pl"); QTL::force ((($to_network1->exitcode eq "0")), "Failed to copy to_netw +ork.pl file to master\'s work directory"); my $to_network2 = $master->shell("perl " . $master->work_dir . "/to_ne +twork.pl " . $fw_machine_1->ip_2); QTL::force ((($to_network2->exitcode eq "0")), "Failed to run to_netwo +rk.pl script"); my $to_network3 = $master->find_str("-reg (/(\\d+\\.\\d+\\.\\d+\\.\\d+ +)/) " . $to_network2->outfile); QTL::force ((($to_network3->result eq "success")), "Failed to get the +network ip!"); my $network_ip=$to_network3->dollar1; #-----start with transforms-------- my $to_network4 = $master->transform("-v NETWORK_IP -d $network_ip " . + $master->work_dir . "\\main1.cpmi"); QTL::force ((($to_network4->number_of_transform eq "1")), "Failed to u +pdate the network ip in main1->cpmi script!"); my $main4 = $master->transform("-v FW_MACHINE_1_HOSTNAME_1 -d " . $fw_ +machine_1->hostname_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main4->result eq "success")), "Failed to update the fw_ +maachine_1 name in main1->cpmi script!"); my $main5 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin +e_1->ip_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main5->result eq "success")), "Failed to update the Fir +ewall management ip in main1->cpmi script!"); my $main6 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin +e_1->ip_1 . " " . $master->work_dir . "\\main2.cpmi"); QTL::force ((($main6->result eq "success")), "Failed to update the Fir +ewall management ip in main2->cpmi script!"); my $main7 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin +e_1->ip_1 . " " . $master->work_dir . "\\main3.cpmi"); QTL::force ((($main7->result eq "success")), "Failed to update the Fir +ewall management ip in main3->cpmi script!"); my $main8 = $master->transform("-v FW_HOST_1_HOSTNAME_1 -d " . $fw_hos +t_1->hostname_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main8->result eq "success")), "Failed to update the fw_ +host_1 name in main1->cpmi script!"); my $main24 = $master->transform("-v FW_HOST_1_HOSTNAME_1 -d " . $fw_ho +st_1->hostname_1 . " " . $master->work_dir . "\\main2.cpmi"); QTL::force ((($main24->result eq "success")), "Failed to update the fw +_host_1 name in main2->cpmi script!"); my $main9 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1->i +p_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main9->result eq "success")), "Failed to update the fw_ +host_1 ip in main1->cpmi script!"); my $main10 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1-> +ip_1 . " " . $master->work_dir . "\\main2.cpmi"); QTL::force ((($main10->result eq "success")), "Failed to update the fw +_host_1 ip in main2->cpmi script!"); my $main11 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1-> +ip_1 . " " . $master->work_dir . "\\main3.cpmi"); QTL::force ((($main11->result eq "success")), "Failed to update the fw +_host_1 ip in main3->cpmi script!"); my $main12 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1-> +hostname_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main12->result eq "success")), "Failed to update the ho +st_1 name in main1->cpmi script!"); my $main13 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1-> +hostname_1 . " " . $master->work_dir . "\\main2.cpmi"); QTL::force ((($main13->result eq "success")), "Failed to update the ho +st_1 name in main2->cpmi script!"); my $main14 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1-> +hostname_1 . " " . $master->work_dir . "\\main3.cpmi"); QTL::force ((($main14->result eq "success")), "Failed to update the ho +st_1 name in main3->cpmi script!"); my $main15 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 . + " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main15->result eq "success")), "Failed to update the ho +st_1 ip in main1->cpmi script!"); my $main16 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 . + " " . $master->work_dir . "\\main2.cpmi"); QTL::force ((($main16->result eq "success")), "Failed to update the ho +st_1 name in main2->cpmi script!"); my $main17 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 . + " " . $master->work_dir . "\\main3.cpmi"); QTL::force ((($main17->result eq "success")), "Failed to update the ho +st_1 ip in main3->cpmi script!"); my $main18 = $master->transform("-v HOST_2_HOSTNAME_1 -d " . $host_2-> +hostname_1 . " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main18->result eq "success")), "Failed to update the ho +st_1 name in main1->cpmi script!"); my $main19 = $master->transform("-v HOST_2_IP_1 -d " . $host_2->ip_1 . + " " . $master->work_dir . "\\main1.cpmi"); QTL::force ((($main19->result eq "success")), "Failed to update the ho +st_1 ip in main1->cpmi script!"); my $main20 = $master->transform("-v SIC_NAME -d $DN " . $master->work_ +dir . "\\main1.cpmi"); QTL::force (($main20->number_of_transform eq "1"), "Failed to update t +he DN in main1->cpmi script!"); my $main21 = $master->transform("-v SIC_NAME -d $DN " . $master->work_ +dir . "\\main2.cpmi"); QTL::force (($main21->number_of_transform eq "1"), "Failed to update t +he DN in main2->cpmi script!"); my $main22 = $master->transform("-v SIC_NAME -d $DN " . $master->work_ +dir . "\\main3.cpmi"); QTL::force (($main22->number_of_transform eq "1"), "Failed to update t +he DN in main3->cpmi script!"); my $main23 = $master->transform("-v mxname -d mail" . $host_1->hostnam +e_1 . " " . $master->work_dir . "\\main2.cpmi"); QTL::force (($main23->number_of_transform eq "1"), "Failed to update t +he host_1 mail name in main2->cpmi script!"); #------------------------------------------Execute the main cpmi scrip +ts--------------------------------- my $cpmi_exec_main1 = $master->shell($master->aig_dir . "\\common\\bin +\\CpmiUI -o 1 " . $master->work_dir . "\\main1.cpmi"); QTL::force (($cpmi_exec_main1->exitcode eq "0"), "Failed to run CpmiUI + with main1->cpmi script!"); my $look_for_success = $master->find_str("-l \"Update and object and s +ucceeded\" " . $cpmi_exec_main1->outfile); QTL::warn ((($look_for_success->number_of_lines_matched eq "43") or ($ +look_for_success->number_of_lines_matched eq "42")), "At least one ob +ject was not created successfully via CPMI with main1->cpmi!"); my $look_for_fail = $master->find_str("-l \"fail or Fail\" " . $cpmi_e +xec_main1->outfile); QTL::warn ((($look_for_fail->result eq "failure") or ($look_for_succes +s->number_of_lines_matched eq "42")), "At least one object was not cr +eated successfully via CPMI with main1->cpmi!"); my $cpmi_exec_main2 = $master->shell($master->aig_dir . "\\common\\bin +\\CpmiUI -o 1 " . $master->work_dir . "\\main2.cpmi"); QTL::force (($cpmi_exec_main2->exitcode eq "0"), "Failed to run CpmiUI + with main2->cpmi script!"); my $look_for_success2 = $master->find_str("-l \"Update and object and +succeeded\" " . $cpmi_exec_main2->outfile); QTL::warn (($look_for_success2->number_of_lines_matched eq "19"), "At +least one object was not created successfully via CPMI with main2->cp +mi!"); my $look_for_fail2 = $master->find_str("-l \"fail or Fail\" " . $cpmi_ +exec_main2->outfile); QTL::warn (($look_for_fail2->result eq "failure"), "At least one objec +t was not created successfully via CPMI with main2->cpmi!"); my $cpmi_exec_main3 = $master->shell($master->aig_dir . "\\common\\bin +\\CpmiUI -o 1 " . $master->work_dir . "\\main3.cpmi"); QTL::force (($cpmi_exec_main3->exitcode eq "0"), "Failed to run CpmiUI + with main3->cpmi script!"); my $look_for_success3 = $master->find_str("-l \"Update and object and +succeeded\" " . $cpmi_exec_main3->outfile); QTL::warn (($look_for_success3->number_of_lines_matched eq "22"), "At +least one object was not created successfully via CPMI with main3->cp +mi!"); my $look_for_fail3 = $master->find_str("-l \"fail or Fail\" " . $cpmi_ +exec_main3->outfile); QTL::warn (($look_for_fail3->result eq "failure"), "At least one objec +t was not created successfully via CPMI with main3->cpmi!"); #-------------------------------End of main cpmi scripts execution---- +---------------------------------------- #[POLICIES_CREATION] #Copy the policies CPMI files to work directory my $FW_POLICY_CPMI_FILE = "$FW_POLICY$CPMI_SUFFIX"; my $copy_policy = $master->shell("cp " . $master->fb_db . "\\fwconf\\5 +.0\\enfdb\\$FW_POLICY_CPMI_FILE " . $master->work_dir . "\\."); QTL::force ((($copy_policy->exitcode eq "0")), "Failed to pass $FW_POL +ICY_CPMI_FILE to master\'s work directory!"); my $transform_policy_1 = $master->transform("-v ADMIN_USERNAME -d $ADM +IN_USERNAME " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE"); my $transform_policy_2 = $master->transform("-v ADMIN_PASSWORD -d $ADM +IN_PASSWORD " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE"); my $transform_policy_3 = $master->transform("-v FW_MACHINE_1_IP_1 -d " + . $fw_machine_1->ip_1 . " " . $master->work_dir . "\\$FW_POLICY_CPMI +_FILE"); my $transform_policy_4 = $master->transform("-v SIC_NAME -d $DN " . $m +aster->work_dir . "\\$FW_POLICY_CPMI_FILE"); my $transform_policy_5 = $master->transform("-v \"step 24 0\" -d \"ste +p 24 1\" " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE"); QTL::force (((($transform_policy_5->number_of_transform eq "1") and ($ +transform_policy_1->number_of_transform eq "1") and ($transform_polic +y_2->number_of_transform eq "1") and ($transform_policy_3->number_of_ +transform eq "1") and ($transform_policy_4->number_of_transform eq "1 +"))), "Failed to update $FW_POLICY_CPMI_FILE properly!"); my $cpmi_exec_policies = $master->shell($master->aig_dir . "\\common\\ +bin\\CpmiUI -o 1 " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE"); QTL::force ((($cpmi_exec_policies->exitcode eq "0")), "Failed to run C +pmiUI with $FW_POLICY_CPMI_FILE script!"); #[\POLICIES_CREATION] #----------------------------------- Step 7 - clean up --------------- +-------- #Remove the CPMI administrator my $remove_admin_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshar +ed_path . "\\bin\\cp_conf\" admin del $ADMIN_USERNAME"); QTL::warn (($remove_admin_1->exitcode eq "0"), "Failed to remove the C +PMI administrator!"); my $remove_admin_2 = $fw_machine_1->find_str("-l \"successfully\" " . +$remove_admin_1->outfile); QTL::warn (($remove_admin_2->result eq "success"), "CPMI administrator + may not be removed successfully!"); #Remove the GUI client my $remove_gui_cli_1 = $fw_machine_1->shell("cp_conf client del $MASTE +R_IP"); QTL::warn (($remove_gui_cli_1->exitcode eq "0"), "Failed to remove the + master\'s GUI client!"); my $remove_gui_cli_2 = $fw_machine_1->find_str("-l \"successfully\" " +. $remove_gui_cli_1->outfile); QTL::warn (($remove_gui_cli_2->result eq "success"), "Master\'s GUI cl +ient may not be removed successfully!"); #----------------------------------- End of Step 7 ------------------- +--------- ###################################################################### +######### ### + ### ### End of "Black Box" for configure standalone environment + ### ### + ### ###################################################################### +######### #[\STANDALOE_BLACKBOX] #put configuration files my $put2 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/ +files NetAPS_Template.conf.opsec to " . $fw_host_1->aig_dir . "/prod/ +fireball-1/conf NetAPS_Template.conf.opsec"); QTL::force ((($put2->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.opsec to fw_h +ost_1!"); my $put3 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil +es NetAPS_Template.conf.opsec to " . $host_1->aig_dir . "/prod/fireba +ll-1/conf NetAPS_Template.conf.opsec"); QTL::force ((($put3->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.opsec to host +_1!"); my $put4 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/ +files NetAPS_Template.conf.smtp to " . $fw_host_1->aig_dir . "/prod/f +ireball-1/conf NetAPS_Template.conf.smtp"); QTL::force ((($put4->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to fw_ho +st_1!"); my $put5 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil +es NetAPS_Template.conf.smtp to " . $host_1->aig_dir . "/prod/firebal +l-1/conf NetAPS_Template.conf.smtp"); QTL::force ((($put5->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to host_ +1!"); my $put6 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/ +files gfile to /tmp gfile"); QTL::force ((($put6->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to host_ +1!"); my $put7 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil +es gfile to /tmp gfile"); QTL::force ((($put7->result eq "success")), "Failed to pass file " . $ +master->fb_db . "/fwconf/5.0/files/gfile to /tmp directory on host_1! +"); my $put10 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fi +les virustest.exe to /tmp virustest.exe"); QTL::force ((($put10->result eq "success")), $master->fb_db . "/fwconf +/5.0/files/virustest.exe to /tmp directory on host_1!"); my $put11 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0 +/files virustest.exe to /tmp virustest.exe"); QTL::force ((($put11->result eq "success")), $master->fb_db . "/fwconf +/5.0/files/virustest.exe to /tmp directory on fw_host_1!"); my $put12 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0 +/files SessionAgent to /tmp SessionAgent"); QTL::force ((($put12->result eq "success")), $master->fb_db . "/fwconf +/5.0/files/SessionAgent to /tmp directory on fw_host_1!"); my $chmod_sa = $fw_host_1->shell("chmod 777 /tmp/SessionAgent"); QTL::force ((($chmod_sa->exitcode eq "0")), "Failed to change the perm +issions of /tmp/SessionAgent directory of fw_host_1 to 777!"); my $load = $fw_machine_1->fwload("$FW_POLICY"); QTL::force ((($load->result eq "success")), "Failed to load $FW_POLICY + policy on the Fw module!"); $master->shell("sleep 2"); my $logswitch = $fw_machine_1->fwlogswitch(); QTL::warn ((($logswitch->result eq "success")), "fw logswitch command +on the Fw management Failed!"); #-------------------------------------------------------------end of S +tandardInit macro---------------------------------------------------- +----------------------------- ################################################### #fw-1 Auth ################################################### my $mca11 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca11->result eq "success")); $master->shell("sleep 1"); my $mca21 = $fw_machine_1->fwlogswitch(); QTL::force (($mca21->result eq "success")); my $mca31 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and +host " . $fw_host_1->ip_1); QTL::force ((($mca31->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca41 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +t -s " . $fw_machine_1->ip_1 . " -fu aa -fp aaaa -st 1"); QTL::force ((($mca41->result eq "success")), "failed to open connectio +n with user aa and auth server FireWall-1"); $master->shell("sleep 2"); my $mca51 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +telnet -s " . $host_1->ip_1 . " -su root -sp zubur"); QTL::force ((($mca51->result eq "success")), "failed to open connectio +n with user aa and auth server FireWall-1"); $master->shell("sleep 5"); my $mca61 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_telnet and user =~ aa and reason =~ FireWall-1 )"); QTL::warn ((($mca61->result eq "success")), "checklog failed to find a + log with user aa"); QTL::force ((($mca31->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); ##################################################### #Radius - Levingston auth ##################################################### $host_2->shell("ka radius"); $master->shell("sleep 2"); $host_2->shell("/etc/init.d/radius start"); $master->shell("sleep 2"); my $mca12 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca12->result eq "success")); $master->shell("sleep 1"); my $mca22 = $fw_machine_1->fwlogswitch(); QTL::force (($mca22->result eq "success")); my $mca32 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and +host " . $fw_host_1->ip_1); QTL::force ((($mca32->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca42 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +t -s " . $fw_machine_1->ip_1 . " -fu raa -fp aa -st 1"); QTL::force ((($mca42->result eq "success")), "failed to open connectio +n with user raa and auth server RADIUS"); $master->shell("sleep 2"); my $mca52 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +telnet -s " . $host_1->ip_1 . " -su root -sp zubur"); QTL::force ((($mca52->result eq "success")), "failed to open connectio +n with user raa and auth server RADIUS"); $master->shell("sleep 5"); my $mca62 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_telnet and user =~ raa and reason =~ RADIUS )"); QTL::warn ((($mca62->result eq "success")), "checklog failed to find a + log with user raa"); QTL::force ((($mca32->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); ############################################################## #Radius - Funk telnet ############################################################## $host_2->shell("/etc/init.d/radius stop"); $master->shell("sleep 2"); $host_2->shell("/etc/rc2.d/S90radius start"); $master->shell("sleep 4"); my $mca13 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca13->result eq "success")); $master->shell("sleep 1"); my $mca23 = $fw_machine_1->fwlogswitch(); QTL::force (($mca23->result eq "success")); my $mca33 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and +host " . $fw_host_1->ip_1); QTL::force ((($mca33->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca43 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +h -s " . $fw_machine_1->ip_1 . " -fu funkyfish -fp aa -st 1"); QTL::force ((($mca43->result eq "success")), "failed to open connectio +n with user funkyfish and auth server RADIUS"); $master->shell("sleep 2"); my $mca53 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubur +"); QTL::force ((($mca53->result eq "success")), "failed to open connectio +n with user funkyfish and auth server RADIUS"); $master->shell("sleep 5"); my $mca63 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_http and user =~ funkyfish and reason =~ RADIUS )"); QTL::warn ((($mca63->result eq "success")), "checklog failed to find a + log with user funkyfish"); QTL::force ((($mca33->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); $host_2->shell("/etc/init.d/radius stop"); ####################################################### #IAS (MS-RADIUS) ####################################################### my $mca14 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca14->result eq "success")); $master->shell("sleep 1"); my $mca24 = $fw_machine_1->fwlogswitch(); QTL::force (($mca24->result eq "success")); my $mca34 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and +host " . $fw_host_1->ip_1); QTL::force ((($mca34->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca44 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +h -s " . $fw_machine_1->ip_1 . " -fu bill -fp gates -st 1"); QTL::force ((($mca44->result eq "success")), "failed to open connectio +n with user bill and auth server RADIUS"); $master->shell("sleep 2"); my $mca54 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubur +"); QTL::force ((($mca54->result eq "success")), "failed to open connectio +n with user bill and auth server RADIUS"); $master->shell("sleep 5"); my $mca64 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_http and user =~ bill and reason =~ RADIUS )"); QTL::warn ((($mca64->result eq "success")), "checklog failed to find a + log with user bill"); QTL::force ((($mca34->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); ############################################################# #TACACS UDP auth ############################################################# my $mca15 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca15->result eq "success")); $master->shell("sleep 1"); my $mca25 = $fw_machine_1->fwlogswitch(); QTL::force (($mca25->result eq "success")); my $mca35 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and +host " . $fw_host_1->ip_1); QTL::force ((($mca35->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca45 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +h -s " . $fw_machine_1->ip_1 . " -fu taca -fp taca -st 1"); QTL::force ((($mca45->result eq "success")), "failed to open connectio +n with user taca and auth server TACACS"); $master->shell("sleep 2"); my $mca55 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zub +ur"); QTL::force ((($mca55->result eq "success")), "failed to open connectio +n with user taca and auth server TACACS"); $master->shell("sleep 5"); my $mca75 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_http and user =~ taca and reason =~ TACACS)"); QTL::warn ((($mca75->result eq "success")), "checklog failed to find a + log with user taca"); QTL::force ((($mca35->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); ############################################################ #TACACS PLUS auth ############################################################ my $mca16 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca16->result eq "success")); $master->shell("sleep 1"); my $mca26 = $fw_machine_1->fwlogswitch(); QTL::force (($mca26->result eq "success")); my $mca36 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and +host " . $fw_host_1->ip_1); QTL::force ((($mca36->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca46 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +h -s " . $fw_machine_1->ip_1 . " -fu tacap -fp tacap -st 1"); QTL::force ((($mca46->result eq "success")), "failed to open connectio +n with user tacap and auth server TACACS"); $master->shell("sleep 2"); my $mca56 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zub +ur"); QTL::force ((($mca56->result eq "success")), "failed to open connectio +n with user tacap and auth server TACACS"); $master->shell("sleep 5"); my $mca76 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_http and user =~ tacap and reason =~ TACACS)"); QTL::warn ((($mca76->result eq "success")), "checklog failed to find a + log with user tacap"); QTL::force ((($mca36->state eq "finished")), "tcpdump should be finish +ed on host_1 and it is not"); ########################################################### #Secure ID auth ########################################################### #TELNET_OPEN_CONN_MANUAL_CLIENT_AUTH(7,amos,1111,SecurID,finished,succ +ess,accept) ###################################################################### +############################################################### #NOW TRY TO CONNECT WITH WRONG PASSWORD. ###################################################################### +############################################################### ################################################### #fw-1 Auth ################################################### my $mca18 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca18->result eq "success")); $master->shell("sleep 1"); my $mca28 = $fw_machine_1->fwlogswitch(); QTL::force (($mca28->result eq "success")); my $mca38 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and +host " . $fw_host_1->ip_1); QTL::force ((($mca38->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca48 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +t -s " . $fw_machine_1->ip_1 . " -fu aa -fp abcd -st 1"); QTL::force ((($mca48->result eq "failure")), "failed to open connectio +n with user aa and auth server FireWall-1"); $master->shell("sleep 2"); my $mca58 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +telnet -s " . $host_1->ip_1 . " -su root -sp zubur"); QTL::force ((($mca58->result eq "failure")), "failed to open connectio +n with user aa and auth server FireWall-1"); $master->shell("sleep 5"); my $mca68 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_telnet and user =~ aa and reason =~ FireWall-1 )"); QTL::warn ((($mca68->result eq "failure")), "checklog failed to find a + log with user aa"); QTL::force ((($mca38->state eq "running")), "tcpdump should be running + on host_1 and it is not"); ##################################################### #Radius - Levingston auth ##################################################### $host_2->shell("ka radius"); $master->shell("sleep 2"); $host_2->shell("/etc/init.d/radius start"); $master->shell("sleep 2"); my $mca19 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn +ame_1); QTL::force (($mca19->result eq "success")); $master->shell("sleep 1"); my $mca29 = $fw_machine_1->fwlogswitch(); QTL::force (($mca29->result eq "success")); my $mca39 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and +host " . $fw_host_1->ip_1); QTL::force ((($mca39->state eq "running")), "failed to start tcpdump o +n host_1"); my $mca49 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca +t -s " . $fw_machine_1->ip_1 . " -fu raa -fp abcd -st 1"); QTL::force ((($mca49->result eq "failure")), "failed to open connectio +n with user raa and auth server RADIUS"); $master->shell("sleep 2"); my $mca59 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +telnet -s " . $host_1->ip_1 . " -su root -sp zubur"); QTL::force ((($mca59->result eq "failure")), "failed to open connectio +n with user raa and auth server RADIUS"); $master->shell("sleep 5"); my $mca69 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a +uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta +uth_telnet and user =~ raa and reason =~ RADIUS )"); QTL::warn ((($mca69->result eq "failure")), "checklog failed to find a + log with user raa"); QTL::force ((($mca39->state eq "running")), "tcpdump should be running + on host_1 and it is not"); ############################################################## #Radius - Funk telnet ############################################################## $host_2->shell("/etc/init.d/radius stop"); $master->shell("sleep 2"); $host_2->shell("/etc/rc2.d/S90radius start"); $master->shell("sleep 4"); my $mca110 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host +name_1); QTL::force (($mca110->result eq "success")); $master->shell("sleep 1"); my $mca210 = $fw_machine_1->fwlogswitch(); QTL::force (($mca210->result eq "success")); my $mca310 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and + host " . $fw_host_1->ip_1); QTL::force ((($mca310->state eq "running")), "failed to start tcpdump +on host_1"); my $mca410 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ah -s " . $fw_machine_1->ip_1 . " -fu funkyfish -fp abcd -st 1"); QTL::force ((($mca410->result eq "failure")), "failed to open connecti +on with user funkyfish and auth server RADIUS"); $master->shell("sleep 2"); my $mca510 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c + httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubu +r"); QTL::force ((($mca510->result eq "failure")), "failed to open connecti +on with user funkyfish and auth server RADIUS"); $master->shell("sleep 5"); my $mca610 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ +authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt +auth_http and user =~ funkyfish and reason =~ RADIUS )"); QTL::warn ((($mca610->result eq "failure")), "checklog failed to find +a log with user funkyfish"); QTL::force ((($mca310->state eq "running")), "tcpdump should be runnin +g on host_1 and it is not"); $host_2->shell("/etc/init.d/radius stop"); ####################################################### #IAS (MS-RADIUS) ####################################################### my $mca111 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host +name_1); QTL::force (($mca111->result eq "success")); $master->shell("sleep 1"); my $mca211 = $fw_machine_1->fwlogswitch(); QTL::force (($mca211->result eq "success")); my $mca311 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and + host " . $fw_host_1->ip_1); QTL::force ((($mca311->state eq "running")), "failed to start tcpdump +on host_1"); my $mca411 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ah -s " . $fw_machine_1->ip_1 . " -fu bill -fp abcd -st 1"); QTL::force ((($mca411->result eq "failure")), "failed to open connecti +on with user bill and auth server RADIUS"); $master->shell("sleep 2"); my $mca511 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c + httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubu +r"); QTL::force ((($mca511->result eq "failure")), "failed to open connecti +on with user bill and auth server RADIUS"); $master->shell("sleep 5"); my $mca611 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ +authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt +auth_http and user =~ bill and reason =~ RADIUS )"); QTL::warn ((($mca611->result eq "failure")), "checklog failed to find +a log with user bill"); QTL::force ((($mca311->state eq "running")), "tcpdump should be runnin +g on host_1 and it is not"); ############################################################# #TACACS UDP auth ############################################################# my $mca112 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host +name_1); QTL::force (($mca112->result eq "success")); $master->shell("sleep 1"); my $mca212 = $fw_machine_1->fwlogswitch(); QTL::force (($mca212->result eq "success")); my $mca312 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and + host " . $fw_host_1->ip_1); QTL::force ((($mca312->state eq "running")), "failed to start tcpdump +on host_1"); my $mca412 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ah -s " . $fw_machine_1->ip_1 . " -fu taca -fp abcd -st 1"); QTL::force ((($mca412->result eq "failure")), "failed to open connecti +on with user taca and auth server TACACS"); $master->shell("sleep 2"); my $mca512 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c + ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zu +bur"); QTL::force ((($mca512->result eq "failure")), "failed to open connecti +on with user taca and auth server TACACS"); $master->shell("sleep 5"); my $mca712 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ +authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt +auth_http and user =~ taca and reason =~ TACACS)"); QTL::warn ((($mca712->result eq "failure")), "checklog failed to find +a log with user taca"); QTL::force ((($mca312->state eq "running")), "tcpdump should be runnin +g on host_1 and it is not"); ############################################################ #TACACS PLUS auth ############################################################ my $mca113 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host +name_1); QTL::force (($mca113->result eq "success")); $master->shell("sleep 1"); my $mca213 = $fw_machine_1->fwlogswitch(); QTL::force (($mca213->result eq "success")); my $mca313 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and + host " . $fw_host_1->ip_1); QTL::force ((($mca313->state eq "running")), "failed to start tcpdump +on host_1"); my $mca413 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c +ah -s " . $fw_machine_1->ip_1 . " -fu tacap -fp abcd -st 1"); QTL::force ((($mca413->result eq "failure")), "failed to open connecti +on with user tacap and auth server TACACS"); $master->shell("sleep 2"); my $mca513 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c + ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zu +bur"); QTL::force ((($mca513->result eq "failure")), "failed to open connecti +on with user tacap and auth server TACACS"); $master->shell("sleep 5"); my $mca713 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ +authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt +auth_http and user =~ tacap and reason =~ TACACS)"); QTL::warn ((($mca713->result eq "failure")), "checklog failed to find +a log with user tacap"); QTL::force ((($mca313->state eq "running")), "tcpdump should be runnin +g on host_1 and it is not"); ########################################################### #Secure ID auth ########################################################### #TELNET_OPEN_CONN_MANUAL_CLIENT_AUTH(14,amos,abcd,SecurID,running,fail +ure,reject) #[CONFIGURATION_FILES] #fwconf/5.0/enfdb/clau001.W.cpmi #fwconf/5.0/enfdb/clau002.W.cpmi #fwconf/5.0/enfdb/clau003.W.cpmi #fwconf/5.0/enfdb/clau004.W.cpmi #fwconf/5.0/enfdb/clau001.W.cpmi #fwconf/5.0/enfdb/clau001.W.cpmi #fwconf/5.0/enfdb/clau008.W.cpmi #fwconf/5.0/enfdb/clau010.W.cpmi #fwconf/5.0/enfdb/doauth001.W.cpmi #fwconf/5.0/enfdb/transerv005.W.cpmi #fwconf/5.0/enfdb/transerv007.W.cpmi #fwconf/5.0/enfdb/transerv009.W.cpmi #fwconf/5.0/enfdb/transerv012.W.cpmi #fwconf/5.0/enfdb/usau001.W.cpmi #fwconf/5.0/enfdb/usau004.W.cpmi #fwconf/5.0/enfdb/usau007.W.cpmi #fwconf/5.0/enfdb/seau001.W.cpmi #fwconf/5.0/enfdb/seau002.W.cpmi #fwconf/5.0/enfdb/seau003.W.cpmi #fwconf/5.0/cpmi_scripts/authstrm002.cpmi #fwconf/5.0/standalone/standalone_setup.cpmi #fwconf/5.0/standalone/defaultfilter.pf #fwconf/5.0/cpmi_scripts/main1.cpmi #fwconf/5.0/cpmi_scripts/main2.cpmi #fwconf/5.0/cpmi_scripts/main3.cpmi #fwconf/5.0/cpmi_scripts/predefined.cpmi #fwconf/5.0/files/to_network.pl #fwconf/5.0/files/NetAPS_Template.conf.opsec #fwconf/5.0/files/NetAPS_Template.conf.smtp #fwconf/5.0/files/NetAPS_Template.conf.waitMode #fwconf/5.0/files/gfile #fwconf/5.0/files/discard #fwconf/5.0/files/virustest.exe #fwconf/5.0/files/SessionAgent #[/CONFIGURATION_FILES]

In reply to Re: Re: Finding duplicated code in Perl by shushu
in thread Finding duplicated code in Perl by shushu

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others rifling through the Monastery: (9)
    As of 2015-07-07 06:44 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









      Results (87 votes), past polls