Beefy Boxes and Bandwidth Generously Provided by pair Networks Cowboy Neal with Hat
"be consistent"
 
PerlMonks  

Comment on
( #3333=superdoc: print w/ replies, xml ) Need Help??
second file
use strict;
######################################################################
+#######################################
#Telnet ftp and http with client authentication partily automatic
#The authentication methods are: RADIUS (Levingston), FW-1, TACACS, TA
+CACS plus, Secure ID, IAS, OS.
#first try to open with client authentication and then without.
######################################################################
+#######################################


my $FW_POLICY="clau001.W";

 





















  #[STANDALONE_BLACKBOX]
######################################################################
+#########
###                                                                   
+      ###
###         QTL "Black Box" that configure standalone environment     
+      ###
###                                                                   
+      ###
######################################################################
+#########
#$Header: /qa_cvs/qtls/scripts/auth/Attic/clau001.auth,v 1.1.2.1 2003/
+03/18 12:06:40 obdavid Exp $
#This QTL script describes the process of working with standalone topo
+logies
#Included machines -
#fw_machine_1 - Vancouver stanalone machine

#------------ Configuration part -------------------------------------
#The CPMI Client version vc8 and above
#The CPMI Client script name, saved under /usr/local/aig/common/db/fwc
+onf/5.0/standalone/
my $CPMI_SCRIPT = "standalone_setup.cpmi";

#The FireWall-1 CPMI administrator user and password
#This is an administrator defined separately for CPMI client operation
+.
my $ADMIN_USERNAME = "cpmi-user";
my $ADMIN_PASSWORD = "cpmi-passwd";

my $CPMI_SUFFIX=".cpmi";
#Get the FireBall-1 3.0 master IP for future use as a CPMI/GUI client
my $get_master_ip_1 = $master->shell("ifconfig -a");
QTL::force ((($get_master_ip_1->exitcode eq "0")), "Failed to get the 
+master\'s ip via \'ifconfig -a\' commnad!");
my $get_master_ip_2 = $master->find_str("-reg (/inet addr\\:(.*)\\s+Bc
+ast/) " . $get_master_ip_1->outfile);
QTL::force ((($get_master_ip_2->result eq "success")), "Failed to find
+ the master\'s ip in the \'if config -a\' output!");
my $MASTER_IP = $get_master_ip_2->dollar1;

#Configure utility variables
my $STANDALONE_DIR = $master->fb_db . "\\fwconf\\5.0\\standalone";

#Variables for the clean configuration files
my $CONF_DIR  = $fw_machine_1->fw_dir . "\\conf";
my $CLEAR_DIR = $master->fw_db . "\\" . $fw_machine_1->fw_build;

#cpstart sleep time according to the platform
my $print_all_time_machines = $master->print("NT=40 SUN=40 LINUX=40 NO
+KIA=120 AIX=40 HP=40");
QTL::force ($print_all_time_machines->result eq "success");
my $find_the_platform_time = $master->find_str("-reg (/" . $fw_machine
+_1->platform . "=(\\d+)/) " . $print_all_time_machines->outfile);
QTL::force (($find_the_platform_time->result eq "success"), "Failed to
+ get CPSTART SLEEP TIME value!");
my $CPSTART_SLEEP_TIME = $find_the_platform_time->dollar1;

my $PACKAGE_SUFFIX     = ".package";
my $PACKAGE_FILE       = $fw_machine_1->fw_build . "$PACKAGE_SUFFIX";
#----------- End of configuration part

#-------- Step 1 - Connect to the FireWall-1 management -----
#Connect to the FireWall-1 management

#Stop the  FireWall-1. Do not force it - it might be down already
my $stop_fw = $fw_machine_1->cpstop();

#--------  Step 1.1 - Clean up the FWDIR\conf dir of the fw_machine_1 
+---------
#Create the conf package
my $create_package = $master->shell("perl " . $master->aig_dir . "\\co
+mmon\\scripts\\pack_conf.pl -v " . $fw_machine_1->fw_ver . " -b " . $
+fw_machine_1->fw_build . " -d " . $fw_machine_1->fw_dir);
QTL::force ((($create_package->exitcode eq "0")), "Failed to create th
+e package for the \'conf\' directory!");

#Overwrite/remove database files on the FireWall-1 machine
my $delete_conf = $fw_machine_1->rm_rf("-r $CONF_DIR\\*");
QTL::force ((($delete_conf->result eq "success")), "Failed to remove t
+he conf directory from the Firewall management!");

#Transfer the clean objects files
my $transfer_conf = $fw_machine_1->put_file("-o $CLEAR_DIR $PACKAGE_FI
+LE to " . $fw_machine_1->work_dir);
my $transfer_aiginstaller = $fw_machine_1->put_file("-o " . $master->a
+ig_dir . "\\common\\scripts aiginstaller.pl to " . $fw_machine_1->wor
+k_dir);
QTL::force ((($transfer_conf->result eq "success") and ($transfer_aigi
+nstaller->result eq "success")), "May fail to pass either the \'conf\
+' package file or the installation file to Fw machine managemet!");

#Extract the conf package
my $extract_conf = $fw_machine_1->shell("perl " . $fw_machine_1->work_
+dir . "\\aiginstaller.pl -y " . $fw_machine_1->work_dir . "\\$PACKAGE
+_FILE");
QTL::force ((($extract_conf->exitcode eq "0")), "Failed to create the 
+package for the \'conf\' directory!");
#------------------- End of Step 1.1 ---------------------------------
+---


#--------  Step 1.2 - Reset the internal CA on the FW machine --------
+-
my $reset_ca = $fw_machine_1->shell($fw_machine_1->fw_dir . "\\bin\\fw
+m sic_reset -yes");
my $reset_ca_2 = $fw_machine_1->shell($fw_machine_1->fw_dir . "\\bin\\
+fwm sic_reset -yes");
QTL::force (($reset_ca->exitcode eq "0") or ($reset_ca_2->exitcode eq 
+"0"));
$master->shell("sleep 5");
#Recreate the internal CA on the management
my $recreate_ca = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_
+path . "\\bin\\cp_conf\" ca init");
QTL::force ((($recreate_ca->exitcode eq "0")), "Failed to reset the in
+ternal CA!");

#NEW in ANC - FQDN configuration in the Internal CA
my $fqdn_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_path 
+. "\\bin\\cp_conf\" ca dns " . $fw_machine_1->hostname_1);
my $fqdn_2 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_path 
+. "\\bin\\cp_conf\" ca fqdn " . $fw_machine_1->hostname_1);
QTL::force ((((($fqdn_1->exitcode eq "0") and ($fw_machine_1->fw_build
+ < "52097")) or (($fqdn_2->exitcode eq "0") and ($fw_machine_1->fw_bu
+ild >= "52097")) or ($fw_machine_1->fw_build < "52000"))), "Failed to
+ configure the FQDN for the interenal CA!");

#Get the new DN of the FW from the registry
my $get_dn_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshared_pat
+h . "\\bin\\ckp_regedit\" -p software\\checkpoint\\sic");
QTL::force ((($get_dn_1->exitcode eq "0")), "Failed to perform \'ckp_r
+egedit\' command on the Firewall management\'s registry!");
$master->shell("sleep 2");
my $get_dn_2 = $fw_machine_1->find_str("-reg (/(cn=\\S+)\\s+/) " . $ge
+t_dn_1->outfile);
QTL::force ((($get_dn_2->dollar1 =~ $fw_machine_1->hostname_1)), "Fail
+ed to get the new DN of the Firewall management from the registry!");

#Assign a variable for easier use of the DN
my $DN = $get_dn_2->dollar1;
#------------------- End of Step 1.2 ---------------------------------
+---
#------------------- End of Step 1 -----------------------------------
+---

$master->shell("sleep 5");

#---  Step 2 - Configure administrator and Gui Client for the CPMI Cli
+ent ---
#Create an administrator for the future CPMI Client work
my $create_admin_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshar
+ed_path . "\\bin\\cp_conf\" admin add $ADMIN_USERNAME $ADMIN_PASSWORD
+ w");
my $create_admin_2 = $fw_machine_1->find_str("-l \"successfully or alr
+eady\" " . $create_admin_1->outfile);
QTL::force ((($create_admin_2->result eq "success")), "Failed to add t
+he administrator for the CPMI!");

#Add the master as a Gui_Client for enable connectivity between CPMI c
+lient and FireWall-1 management.
my $add_gui_cli_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshare
+d_path . "\\bin\\cp_conf\" client add $MASTER_IP");
my $add_gui_cli_2 = $fw_machine_1->find_str("-l \"successfully or alre
+ady\" " . $add_gui_cli_1->outfile);
my $add_gui_cli_3 = $fw_machine_1->find_str("-l \"successfully or alre
+ady\" " . $add_gui_cli_1->errfile);
QTL::force ((($add_gui_cli_2->result eq "success") or ($add_gui_cli_3-
+>result eq "success")), "Failed to add the GUI client for the CPMI!")
+;
#-------------- End of Step 2 ----------------------------------------
+--


#------------------- Step 3 - Configure Default Filter that accept por
+t 12321 -----------
#Transfer the new default filter that includes accept for port 12321
my $establsh_conn_1 = $fw_machine_1->put_file("-o $STANDALONE_DIR defa
+ultfilter.pf to " . $fw_machine_1->fw_dir . "\\conf");
QTL::force ((($establsh_conn_1->result eq "success")), "Failed to pass
+ $STANDALONE_DIR\\defaultfilter.pf to fw_machine_1!");

#Remove all information about an old state of the module. Do not force
+ (it - it might not be available
my $establsh_conn_2 = $fw_machine_1->rm_rf("-r " . $fw_machine_1->fw_d
+ir . "\\state\\local");

#Compile the new default filter
my $establish_conn_3 = $fw_machine_1->shell($fw_machine_1->fw_dir . "\
+\bin\\comp_init_policy");
my $establish_conn_4 = $fw_machine_1->find_str("-l \"Compiled OK\" " .
+ $establish_conn_3->errfile);
QTL::force ((($establish_conn_4->result eq "success")), "Failed to com
+pile the Fireball\'s defaultfilter!");
#------------------- End of Step 3 -----------------------------------
+---

#amos add
my $transfer_msg_cnt = $fw_machine_1->put_file("-o $CLEAR_DIR\\conf\\c
+psc msg_cnt.C to $CONF_DIR\\cpsc msg_cnt.C");
QTL::force ((($transfer_msg_cnt->result eq "success")), "Failed to pas
+s msg_cnt.C to Fw conf/cpsc directory!");


$master->shell("sleep 5");

#-------------- Step 4 - Start the FireWall-1 machine --------------
my $start_fw_1 = $fw_machine_1->shell("-exec_mode async \"" . $fw_mach
+ine_1->cpshared_path . "\\bin\\cpstart\"");
$fw_machine_1->shell("sleep 1");
QTL::force ((($start_fw_1->state eq "running")), "Failed to start the 
+Firewall!");
$master->shell("sleep $CPSTART_SLEEP_TIME");
my $start_fw_4 = $fw_machine_1->shell("cpridstart");
QTL::force ((($start_fw_4->exitcode eq "0")), "Failed to strat cprid d
+aemon on fw_machine_1!");
#------------ End of Step 4 ------------------------------------

my $core_collector_module = $fw_machine_1->shell("perl " . $fw_machine
+_1->aig_dir . "\\prod\\sysinfo\\scripts\\core_collector.pl -space 500
+");

#Execute sysinfo to collect general information and saves cores if fou
+nd
my $collect_module_cores = $fw_machine_1->sysinfo("-exec_mode async -n
+ -1 -sys=all -freq 30 -core=" . $fw_machine_1->work_dir . "/ -trace-r
+ole=fw -trace-name=cpd -trace-name=vpnd -exec=\"perl " . $fw_machine_
+1->aig_dir . "\\prod\\sysinfo\\scripts\\core_collector.pl \'-space 50
+0\'\"");

#-------------- Step 5 - Configure the CPMI Client script on the maste
+r --------------
#Copy  the CPMI client script  to a the working dir for further modifi
+cations.
my $mod_cpmi_script_1 = $master->shell("cp -vf $STANDALONE_DIR\\$CPMI_
+SCRIPT " . $master->work_dir . "\\$CPMI_SCRIPT");
QTL::force ((($mod_cpmi_script_1->exitcode eq "0")), "Failed to pass $
+CPMI_SCRIPT script to the master\'s workdir!");

#Change all requested parameters in the cpmi_script.(e.g. the Administ
+rator username and IP etc )
my $mod_cpmi_script_2 = $master->transform("-v ADMIN_USERNAME -d $ADMI
+N_USERNAME " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_3 = $master->transform("-v ADMIN_PASSWORD -d $ADMI
+N_PASSWORD " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_4 = $master->transform("-v FW_MACHINE_1_HOSTNAME_1
+ -d " . $fw_machine_1->hostname_1 . " " . $master->work_dir . "\\$CPM
+I_SCRIPT");
my $mod_cpmi_script_5 = $master->transform("-v FW_MACHINE_1_IP_1 -d " 
+. $fw_machine_1->ip_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_6 = $master->transform("-v FW_MACHINE_1_IF_1 -d " 
+. $fw_machine_1->if_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_7 = $master->transform("-v FW_MACHINE_1_MASK_1 -d 
+" . $fw_machine_1->mask_1 . " " . $master->work_dir . "\\$CPMI_SCRIPT
+");
my $mod_cpmi_script_8 = $master->transform("-v FW_MACHINE_1_IP_2 -d " 
+. $fw_machine_1->ip_2 . " " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_9 = $master->transform("-v FW_MACHINE_1_IF_2 -d " 
+. $fw_machine_1->if_2 . " " . $master->work_dir . "\\$CPMI_SCRIPT");
my $mod_cpmi_script_10 = $master->transform("-v FW_MACHINE_1_MASK_2 -d
+ " . $fw_machine_1->mask_2 . " " . $master->work_dir . "\\$CPMI_SCRIP
+T");
my $mod_cpmi_script_11 = $master->transform("-v SIC_NAME -d $DN " . $m
+aster->work_dir . "\\$CPMI_SCRIPT");
QTL::force ((($mod_cpmi_script_2->number_of_transform eq "1") and ($mo
+d_cpmi_script_3->number_of_transform eq "1") and ($mod_cpmi_script_4-
+>number_of_transform eq "2") and ($mod_cpmi_script_5->number_of_trans
+form eq "2") and ($mod_cpmi_script_6->number_of_transform eq "1") and
+ ($mod_cpmi_script_7->number_of_transform eq "1") and ($mod_cpmi_scri
+pt_8->number_of_transform eq "1") and ($mod_cpmi_script_9->number_of_
+transform eq "1") and ($mod_cpmi_script_10->number_of_transform eq "1
+") and ($mod_cpmi_script_11->number_of_transform eq "1")), "Failed to
+ edit $CPMI_SCRIPT CPMI script!");
#---------------------------------- End of Step 5 --------------------
+----------------

$master->shell("sleep 5");

#------------------- Step 6 - Execute the CPMI Client -------------

#Execute the CPMI Client
my $exec_cpmi_1 = $master->shell($master->aig_dir . "\\common\\bin\\Cp
+miUI -o 1 " . $master->work_dir . "\\$CPMI_SCRIPT");
QTL::force ((($exec_cpmi_1->exitcode eq "0")), "Failed to run the Cpmi
+UI with $CPMI_SCRIPT!");

#Check for a success
my $exec_cpmi_2 = $master->find_str("-l \"Update and object and " . $f
+w_machine_1->hostname_1 . " and succeeded\" " . $exec_cpmi_1->outfile
+);
QTL::force ((($exec_cpmi_2->result eq "success")), "Failed to create f
+w_machine_1 via the CPMI!");
#----------------------------------- End of Step 6 -------------------
+---------------


#amos add
#--------------------------------------------------------configure the
+ main cpmi scripts---------------------------------------------------
+-------------------
#copy the main cpmi files to work directory
my $main1 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_
+scripts/main1.cpmi " . $master->work_dir . "/main1.cpmi");
QTL::force ((($main1->exitcode eq "0")), "Failed to copy main1->cpmi f
+ile to master\'s work directory");

my $main2 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_
+scripts/main2.cpmi " . $master->work_dir . "/main2.cpmi");
QTL::force ((($main2->exitcode eq "0")), "Failed to copy main2->cpmi f
+ile to master\'s work directory");

my $main3 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0/cpmi_
+scripts/main3.cpmi " . $master->work_dir . "/main3.cpmi");
QTL::force ((($main3->exitcode eq "0")), "Failed to copy main3->cpmi f
+ile to master\'s work directory");

#configure the ip of internal network
my $to_network1 = $master->shell("cp " . $master->fb_db . "/fwconf/5.0
+/files/to_network.pl " . $master->work_dir . "/to_network.pl");
QTL::force ((($to_network1->exitcode eq "0")), "Failed to copy to_netw
+ork.pl file to master\'s work directory");

my $to_network2 = $master->shell("perl " . $master->work_dir . "/to_ne
+twork.pl " . $fw_machine_1->ip_2);
QTL::force ((($to_network2->exitcode eq "0")), "Failed to run to_netwo
+rk.pl script");

my $to_network3 = $master->find_str("-reg (/(\\d+\\.\\d+\\.\\d+\\.\\d+
+)/) " . $to_network2->outfile);
QTL::force ((($to_network3->result eq "success")), "Failed to get the 
+network ip!");

my $network_ip=$to_network3->dollar1;

#-----start with transforms--------
my $to_network4 = $master->transform("-v NETWORK_IP -d $network_ip " .
+ $master->work_dir . "\\main1.cpmi");
QTL::force ((($to_network4->number_of_transform eq "1")), "Failed to u
+pdate the network ip in main1->cpmi script!");


my $main4 = $master->transform("-v FW_MACHINE_1_HOSTNAME_1 -d " . $fw_
+machine_1->hostname_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main4->result eq "success")), "Failed to update the fw_
+maachine_1 name in main1->cpmi script!");



my $main5 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin
+e_1->ip_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main5->result eq "success")), "Failed to update the Fir
+ewall management ip in main1->cpmi script!");

my $main6 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin
+e_1->ip_1 . " " . $master->work_dir . "\\main2.cpmi");
QTL::force ((($main6->result eq "success")), "Failed to update the Fir
+ewall management ip in main2->cpmi script!");

my $main7 = $master->transform("-v FW_MACHINE_1_IP_1 -d " . $fw_machin
+e_1->ip_1 . " " . $master->work_dir . "\\main3.cpmi");
QTL::force ((($main7->result eq "success")), "Failed to update the Fir
+ewall management ip in main3->cpmi script!");


my $main8 = $master->transform("-v FW_HOST_1_HOSTNAME_1 -d " . $fw_hos
+t_1->hostname_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main8->result eq "success")), "Failed to update the fw_
+host_1 name in main1->cpmi script!");

my $main24 = $master->transform("-v FW_HOST_1_HOSTNAME_1 -d " . $fw_ho
+st_1->hostname_1 . " " . $master->work_dir . "\\main2.cpmi");
QTL::force ((($main24->result eq "success")), "Failed to update the fw
+_host_1 name in main2->cpmi script!");


my $main9 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1->i
+p_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main9->result eq "success")), "Failed to update the fw_
+host_1 ip in main1->cpmi script!");

my $main10 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1->
+ip_1 . " " . $master->work_dir . "\\main2.cpmi");
QTL::force ((($main10->result eq "success")), "Failed to update the fw
+_host_1 ip in main2->cpmi script!");

my $main11 = $master->transform("-v FW_HOST_1_IP_1 -d " . $fw_host_1->
+ip_1 . " " . $master->work_dir . "\\main3.cpmi");
QTL::force ((($main11->result eq "success")), "Failed to update the fw
+_host_1 ip in main3->cpmi script!");


my $main12 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1->
+hostname_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main12->result eq "success")), "Failed to update the ho
+st_1 name in main1->cpmi script!");

my $main13 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1->
+hostname_1 . " " . $master->work_dir . "\\main2.cpmi");
QTL::force ((($main13->result eq "success")), "Failed to update the ho
+st_1 name in main2->cpmi script!");

my $main14 = $master->transform("-v HOST_1_HOSTNAME_1 -d " . $host_1->
+hostname_1 . " " . $master->work_dir . "\\main3.cpmi");
QTL::force ((($main14->result eq "success")), "Failed to update the ho
+st_1 name in main3->cpmi script!");


my $main15 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 .
+ " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main15->result eq "success")), "Failed to update the ho
+st_1 ip in main1->cpmi script!");

my $main16 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 .
+ " " . $master->work_dir . "\\main2.cpmi");
QTL::force ((($main16->result eq "success")), "Failed to update the ho
+st_1 name in main2->cpmi script!");

my $main17 = $master->transform("-v HOST_1_IP_1 -d " . $host_1->ip_1 .
+ " " . $master->work_dir . "\\main3.cpmi");
QTL::force ((($main17->result eq "success")), "Failed to update the ho
+st_1 ip in main3->cpmi script!");


my $main18 = $master->transform("-v HOST_2_HOSTNAME_1 -d " . $host_2->
+hostname_1 . " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main18->result eq "success")), "Failed to update the ho
+st_1 name in main1->cpmi script!");


my $main19 = $master->transform("-v HOST_2_IP_1 -d " . $host_2->ip_1 .
+ " " . $master->work_dir . "\\main1.cpmi");
QTL::force ((($main19->result eq "success")), "Failed to update the ho
+st_1 ip in main1->cpmi script!");


my $main20 = $master->transform("-v SIC_NAME -d $DN " . $master->work_
+dir . "\\main1.cpmi");
QTL::force (($main20->number_of_transform eq "1"), "Failed to update t
+he DN in main1->cpmi script!");

my $main21 = $master->transform("-v SIC_NAME -d $DN " . $master->work_
+dir . "\\main2.cpmi");
QTL::force (($main21->number_of_transform eq "1"), "Failed to update t
+he DN in main2->cpmi script!");

my $main22 = $master->transform("-v SIC_NAME -d $DN " . $master->work_
+dir . "\\main3.cpmi");
QTL::force (($main22->number_of_transform eq "1"), "Failed to update t
+he DN in main3->cpmi script!");


my $main23 = $master->transform("-v mxname -d mail" . $host_1->hostnam
+e_1 . " " . $master->work_dir . "\\main2.cpmi");
QTL::force (($main23->number_of_transform eq "1"), "Failed to update t
+he host_1 mail name in main2->cpmi script!");

#------------------------------------------Execute the main cpmi scrip
+ts--------------------------------- 
my $cpmi_exec_main1 = $master->shell($master->aig_dir . "\\common\\bin
+\\CpmiUI -o 1 " . $master->work_dir . "\\main1.cpmi");
QTL::force (($cpmi_exec_main1->exitcode eq "0"), "Failed to run CpmiUI
+ with main1->cpmi script!");
my $look_for_success = $master->find_str("-l \"Update and object and s
+ucceeded\" " . $cpmi_exec_main1->outfile);
QTL::warn ((($look_for_success->number_of_lines_matched eq "43") or ($
+look_for_success->number_of_lines_matched eq "42")), "At least one ob
+ject was not created successfully via CPMI with main1->cpmi!");
my $look_for_fail = $master->find_str("-l \"fail or Fail\" " . $cpmi_e
+xec_main1->outfile);
QTL::warn ((($look_for_fail->result eq "failure") or ($look_for_succes
+s->number_of_lines_matched eq "42")), "At least one object was not cr
+eated successfully via CPMI with main1->cpmi!");

my $cpmi_exec_main2 = $master->shell($master->aig_dir . "\\common\\bin
+\\CpmiUI -o 1 " . $master->work_dir . "\\main2.cpmi");
QTL::force (($cpmi_exec_main2->exitcode eq "0"), "Failed to run CpmiUI
+ with main2->cpmi script!");
my $look_for_success2 = $master->find_str("-l \"Update and object and 
+succeeded\" " . $cpmi_exec_main2->outfile);
QTL::warn (($look_for_success2->number_of_lines_matched eq "19"), "At 
+least one object was not created successfully via CPMI with main2->cp
+mi!");
my $look_for_fail2 = $master->find_str("-l \"fail or Fail\" " . $cpmi_
+exec_main2->outfile);
QTL::warn (($look_for_fail2->result eq "failure"), "At least one objec
+t was not created successfully via CPMI with main2->cpmi!");

my $cpmi_exec_main3 = $master->shell($master->aig_dir . "\\common\\bin
+\\CpmiUI -o 1 " . $master->work_dir . "\\main3.cpmi");
QTL::force (($cpmi_exec_main3->exitcode eq "0"), "Failed to run CpmiUI
+ with main3->cpmi script!");
my $look_for_success3 = $master->find_str("-l \"Update and object and 
+succeeded\" " . $cpmi_exec_main3->outfile);
QTL::warn (($look_for_success3->number_of_lines_matched eq "22"), "At 
+least one object was not created successfully via CPMI with main3->cp
+mi!");
my $look_for_fail3 = $master->find_str("-l \"fail or Fail\" " . $cpmi_
+exec_main3->outfile);
QTL::warn (($look_for_fail3->result eq "failure"), "At least one objec
+t was not created successfully via CPMI with main3->cpmi!");
#-------------------------------End of main cpmi scripts execution----
+----------------------------------------

#[POLICIES_CREATION]
#Copy the policies CPMI files to work directory
my $FW_POLICY_CPMI_FILE = "$FW_POLICY$CPMI_SUFFIX";

my $copy_policy = $master->shell("cp " . $master->fb_db . "\\fwconf\\5
+.0\\enfdb\\$FW_POLICY_CPMI_FILE " . $master->work_dir . "\\.");
QTL::force ((($copy_policy->exitcode eq "0")), "Failed to pass $FW_POL
+ICY_CPMI_FILE to master\'s work directory!");

my $transform_policy_1 = $master->transform("-v ADMIN_USERNAME -d $ADM
+IN_USERNAME " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE");
my $transform_policy_2 = $master->transform("-v ADMIN_PASSWORD -d $ADM
+IN_PASSWORD " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE");
my $transform_policy_3 = $master->transform("-v FW_MACHINE_1_IP_1 -d "
+ . $fw_machine_1->ip_1 . " " . $master->work_dir . "\\$FW_POLICY_CPMI
+_FILE");
my $transform_policy_4 = $master->transform("-v SIC_NAME -d $DN " . $m
+aster->work_dir . "\\$FW_POLICY_CPMI_FILE");
my $transform_policy_5 = $master->transform("-v \"step 24 0\" -d \"ste
+p 24 1\" " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE");

QTL::force (((($transform_policy_5->number_of_transform eq "1") and ($
+transform_policy_1->number_of_transform eq "1") and ($transform_polic
+y_2->number_of_transform eq "1") and ($transform_policy_3->number_of_
+transform eq "1") and ($transform_policy_4->number_of_transform eq "1
+"))), "Failed to update $FW_POLICY_CPMI_FILE properly!");

my $cpmi_exec_policies = $master->shell($master->aig_dir . "\\common\\
+bin\\CpmiUI -o 1 " . $master->work_dir . "\\$FW_POLICY_CPMI_FILE");

QTL::force ((($cpmi_exec_policies->exitcode eq "0")), "Failed to run C
+pmiUI with $FW_POLICY_CPMI_FILE script!");
#[\POLICIES_CREATION]


#----------------------------------- Step 7 - clean up ---------------
+--------
#Remove the CPMI administrator
my $remove_admin_1 = $fw_machine_1->shell("\"" . $fw_machine_1->cpshar
+ed_path . "\\bin\\cp_conf\" admin del $ADMIN_USERNAME");
QTL::warn (($remove_admin_1->exitcode eq "0"), "Failed to remove the C
+PMI administrator!");
my $remove_admin_2 = $fw_machine_1->find_str("-l \"successfully\" " . 
+$remove_admin_1->outfile);
QTL::warn (($remove_admin_2->result eq "success"), "CPMI administrator
+ may not be removed successfully!");

#Remove the GUI client
my $remove_gui_cli_1 = $fw_machine_1->shell("cp_conf client del $MASTE
+R_IP");
QTL::warn (($remove_gui_cli_1->exitcode eq "0"), "Failed to remove the
+ master\'s GUI client!");
my $remove_gui_cli_2 = $fw_machine_1->find_str("-l \"successfully\" " 
+. $remove_gui_cli_1->outfile);
QTL::warn (($remove_gui_cli_2->result eq "success"), "Master\'s GUI cl
+ient may not be removed successfully!");
#----------------------------------- End of Step 7 -------------------
+---------
######################################################################
+#########
###                                                                   
+      ###
###         End of "Black Box" for configure standalone environment   
+      ###
###                                                                   
+      ###
######################################################################
+#########
#[\STANDALOE_BLACKBOX]

#put configuration files

my $put2 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/
+files NetAPS_Template.conf.opsec to " . $fw_host_1->aig_dir . "/prod/
+fireball-1/conf NetAPS_Template.conf.opsec");
QTL::force ((($put2->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.opsec to fw_h
+ost_1!");

my $put3 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil
+es NetAPS_Template.conf.opsec to " . $host_1->aig_dir . "/prod/fireba
+ll-1/conf NetAPS_Template.conf.opsec");
QTL::force ((($put3->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.opsec to host
+_1!");

my $put4 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/
+files NetAPS_Template.conf.smtp to " . $fw_host_1->aig_dir . "/prod/f
+ireball-1/conf NetAPS_Template.conf.smtp");
QTL::force ((($put4->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to fw_ho
+st_1!");

my $put5 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil
+es NetAPS_Template.conf.smtp to " . $host_1->aig_dir . "/prod/firebal
+l-1/conf NetAPS_Template.conf.smtp");
QTL::force ((($put5->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to host_
+1!");

my $put6 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/
+files gfile to /tmp gfile");
QTL::force ((($put6->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/NetAPS_Template.conf.smtp to host_
+1!");

my $put7 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fil
+es gfile to /tmp gfile");
QTL::force ((($put7->result eq "success")), "Failed to pass file " . $
+master->fb_db . "/fwconf/5.0/files/gfile to /tmp directory on host_1!
+");

my $put10 = $host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0/fi
+les virustest.exe to /tmp virustest.exe");
QTL::force ((($put10->result eq "success")), $master->fb_db . "/fwconf
+/5.0/files/virustest.exe to /tmp directory on host_1!");

my $put11 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0
+/files virustest.exe to /tmp virustest.exe");
QTL::force ((($put11->result eq "success")), $master->fb_db . "/fwconf
+/5.0/files/virustest.exe to /tmp directory on fw_host_1!");

my $put12 = $fw_host_1->put_file("-o " . $master->fb_db . "/fwconf/5.0
+/files SessionAgent to /tmp SessionAgent");
QTL::force ((($put12->result eq "success")), $master->fb_db . "/fwconf
+/5.0/files/SessionAgent to /tmp directory on fw_host_1!");

my $chmod_sa = $fw_host_1->shell("chmod 777 /tmp/SessionAgent");
QTL::force ((($chmod_sa->exitcode eq "0")), "Failed to change the perm
+issions of /tmp/SessionAgent directory of fw_host_1 to 777!");



my $load = $fw_machine_1->fwload("$FW_POLICY");
QTL::force ((($load->result eq "success")), "Failed to load $FW_POLICY
+ policy on the Fw module!");

$master->shell("sleep 2");

my $logswitch = $fw_machine_1->fwlogswitch();
QTL::warn ((($logswitch->result eq "success")), "fw logswitch command 
+on the Fw management Failed!");
#-------------------------------------------------------------end of S
+tandardInit macro----------------------------------------------------
+-----------------------------



###################################################
#fw-1 Auth
###################################################

my $mca11 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca11->result eq "success"));

$master->shell("sleep 1");

my $mca21 = $fw_machine_1->fwlogswitch();
QTL::force (($mca21->result eq "success"));

my $mca31 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca31->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca41 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+t -s " . $fw_machine_1->ip_1 . " -fu aa -fp aaaa -st 1");
QTL::force ((($mca41->result eq "success")), "failed to open connectio
+n with user aa and auth server FireWall-1");

$master->shell("sleep 2");

my $mca51 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+telnet -s " . $host_1->ip_1 . " -su root -sp zubur");
QTL::force ((($mca51->result eq "success")), "failed to open connectio
+n with user aa and auth server FireWall-1");

$master->shell("sleep 5");

my $mca61 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_telnet and user =~ aa and reason =~ FireWall-1 )");
QTL::warn ((($mca61->result eq "success")), "checklog failed to find a
+ log with user aa");

QTL::force ((($mca31->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

#####################################################
#Radius - Levingston auth
#####################################################
$host_2->shell("ka radius");

$master->shell("sleep 2");

$host_2->shell("/etc/init.d/radius start");

$master->shell("sleep 2");

my $mca12 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca12->result eq "success"));

$master->shell("sleep 1");

my $mca22 = $fw_machine_1->fwlogswitch();
QTL::force (($mca22->result eq "success"));

my $mca32 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca32->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca42 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+t -s " . $fw_machine_1->ip_1 . " -fu raa -fp aa -st 1");
QTL::force ((($mca42->result eq "success")), "failed to open connectio
+n with user raa and auth server RADIUS");

$master->shell("sleep 2");

my $mca52 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+telnet -s " . $host_1->ip_1 . " -su root -sp zubur");
QTL::force ((($mca52->result eq "success")), "failed to open connectio
+n with user raa and auth server RADIUS");

$master->shell("sleep 5");

my $mca62 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_telnet and user =~ raa and reason =~ RADIUS )");
QTL::warn ((($mca62->result eq "success")), "checklog failed to find a
+ log with user raa");

QTL::force ((($mca32->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

##############################################################
#Radius - Funk telnet
##############################################################
$host_2->shell("/etc/init.d/radius stop");

$master->shell("sleep 2");

$host_2->shell("/etc/rc2.d/S90radius start");

$master->shell("sleep 4");

my $mca13 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca13->result eq "success"));

$master->shell("sleep 1");

my $mca23 = $fw_machine_1->fwlogswitch();
QTL::force (($mca23->result eq "success"));

my $mca33 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca33->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca43 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+h -s " . $fw_machine_1->ip_1 . " -fu funkyfish -fp aa -st 1");
QTL::force ((($mca43->result eq "success")), "failed to open connectio
+n with user funkyfish and auth server RADIUS");

$master->shell("sleep 2");

my $mca53 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubur
+");
QTL::force ((($mca53->result eq "success")), "failed to open connectio
+n with user funkyfish and auth server RADIUS");

$master->shell("sleep 5");

my $mca63 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_http and user =~ funkyfish and reason =~ RADIUS )");
QTL::warn ((($mca63->result eq "success")), "checklog failed to find a
+ log with user funkyfish");

QTL::force ((($mca33->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

$host_2->shell("/etc/init.d/radius stop");

#######################################################
#IAS  (MS-RADIUS)
#######################################################

my $mca14 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca14->result eq "success"));

$master->shell("sleep 1");

my $mca24 = $fw_machine_1->fwlogswitch();
QTL::force (($mca24->result eq "success"));

my $mca34 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca34->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca44 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+h -s " . $fw_machine_1->ip_1 . " -fu bill -fp gates -st 1");
QTL::force ((($mca44->result eq "success")), "failed to open connectio
+n with user bill and auth server RADIUS");

$master->shell("sleep 2");

my $mca54 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubur
+");
QTL::force ((($mca54->result eq "success")), "failed to open connectio
+n with user bill and auth server RADIUS");

$master->shell("sleep 5");

my $mca64 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_http and user =~ bill and reason =~ RADIUS )");
QTL::warn ((($mca64->result eq "success")), "checklog failed to find a
+ log with user bill");

QTL::force ((($mca34->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

#############################################################
#TACACS UDP auth
#############################################################

my $mca15 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca15->result eq "success"));

$master->shell("sleep 1");

my $mca25 = $fw_machine_1->fwlogswitch();
QTL::force (($mca25->result eq "success"));

my $mca35 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca35->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca45 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+h -s " . $fw_machine_1->ip_1 . " -fu taca -fp taca -st 1");
QTL::force ((($mca45->result eq "success")), "failed to open connectio
+n with user taca and auth server TACACS");

$master->shell("sleep 2");

my $mca55 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zub
+ur");
QTL::force ((($mca55->result eq "success")), "failed to open connectio
+n with user taca and auth server TACACS");

$master->shell("sleep 5");

my $mca75 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_http and user =~ taca and reason =~ TACACS)");
QTL::warn ((($mca75->result eq "success")), "checklog failed to find a
+ log with user taca");

QTL::force ((($mca35->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

############################################################
#TACACS PLUS auth
############################################################

my $mca16 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca16->result eq "success"));

$master->shell("sleep 1");

my $mca26 = $fw_machine_1->fwlogswitch();
QTL::force (($mca26->result eq "success"));

my $mca36 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca36->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca46 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+h -s " . $fw_machine_1->ip_1 . " -fu tacap -fp tacap -st 1");
QTL::force ((($mca46->result eq "success")), "failed to open connectio
+n with user tacap and auth server TACACS");

$master->shell("sleep 2");

my $mca56 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zub
+ur");
QTL::force ((($mca56->result eq "success")), "failed to open connectio
+n with user tacap and auth server TACACS");

$master->shell("sleep 5");

my $mca76 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_http and user =~ tacap and reason =~ TACACS)");
QTL::warn ((($mca76->result eq "success")), "checklog failed to find a
+ log with user tacap");

QTL::force ((($mca36->state eq "finished")), "tcpdump should be finish
+ed on host_1 and it is not");
 

###########################################################
#Secure ID auth
###########################################################

#TELNET_OPEN_CONN_MANUAL_CLIENT_AUTH(7,amos,1111,SecurID,finished,succ
+ess,accept)


######################################################################
+###############################################################

#NOW TRY TO CONNECT WITH WRONG PASSWORD.

######################################################################
+###############################################################

###################################################
#fw-1 Auth
###################################################

my $mca18 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca18->result eq "success"));

$master->shell("sleep 1");

my $mca28 = $fw_machine_1->fwlogswitch();
QTL::force (($mca28->result eq "success"));

my $mca38 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca38->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca48 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+t -s " . $fw_machine_1->ip_1 . " -fu aa -fp abcd -st 1");
QTL::force ((($mca48->result eq "failure")), "failed to open connectio
+n with user aa and auth server FireWall-1");

$master->shell("sleep 2");

my $mca58 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+telnet -s " . $host_1->ip_1 . " -su root -sp zubur");
QTL::force ((($mca58->result eq "failure")), "failed to open connectio
+n with user aa and auth server FireWall-1");

$master->shell("sleep 5");

my $mca68 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_telnet and user =~ aa and reason =~ FireWall-1 )");
QTL::warn ((($mca68->result eq "failure")), "checklog failed to find a
+ log with user aa");

QTL::force ((($mca38->state eq "running")), "tcpdump should be running
+ on host_1 and it is not");
 

#####################################################
#Radius - Levingston auth
#####################################################
$host_2->shell("ka radius");

$master->shell("sleep 2");

$host_2->shell("/etc/init.d/radius start");

$master->shell("sleep 2");

my $mca19 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->hostn
+ame_1);
QTL::force (($mca19->result eq "success"));

$master->shell("sleep 1");

my $mca29 = $fw_machine_1->fwlogswitch();
QTL::force (($mca29->result eq "success"));

my $mca39 = $host_1->shell("-exec_mode async tcpdump -c 3 port 23 and 
+host " . $fw_host_1->ip_1);
QTL::force ((($mca39->state eq "running")), "failed to start tcpdump o
+n host_1");

my $mca49 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -ca
+t -s " . $fw_machine_1->ip_1 . " -fu raa -fp abcd -st 1");
QTL::force ((($mca49->result eq "failure")), "failed to open connectio
+n with user raa and auth server RADIUS");

$master->shell("sleep 2");

my $mca59 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c 
+telnet -s " . $host_1->ip_1 . " -su root -sp zubur");
QTL::force ((($mca59->result eq "failure")), "failed to open connectio
+n with user raa and auth server RADIUS");

$master->shell("sleep 5");

my $mca69 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ a
+uthorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnta
+uth_telnet and user =~ raa and reason =~ RADIUS )");
QTL::warn ((($mca69->result eq "failure")), "checklog failed to find a
+ log with user raa");

QTL::force ((($mca39->state eq "running")), "tcpdump should be running
+ on host_1 and it is not");
 

##############################################################
#Radius - Funk telnet
##############################################################
$host_2->shell("/etc/init.d/radius stop");

$master->shell("sleep 2");

$host_2->shell("/etc/rc2.d/S90radius start");

$master->shell("sleep 4");

my $mca110 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host
+name_1);
QTL::force (($mca110->result eq "success"));

$master->shell("sleep 1");

my $mca210 = $fw_machine_1->fwlogswitch();
QTL::force (($mca210->result eq "success"));

my $mca310 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and
+ host " . $fw_host_1->ip_1);
QTL::force ((($mca310->state eq "running")), "failed to start tcpdump 
+on host_1");

my $mca410 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ah -s " . $fw_machine_1->ip_1 . " -fu funkyfish -fp abcd -st 1");
QTL::force ((($mca410->result eq "failure")), "failed to open connecti
+on with user funkyfish and auth server RADIUS");

$master->shell("sleep 2");

my $mca510 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubu
+r");
QTL::force ((($mca510->result eq "failure")), "failed to open connecti
+on with user funkyfish and auth server RADIUS");

$master->shell("sleep 5");

my $mca610 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ 
+authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt
+auth_http and user =~ funkyfish and reason =~ RADIUS )");
QTL::warn ((($mca610->result eq "failure")), "checklog failed to find 
+a log with user funkyfish");

QTL::force ((($mca310->state eq "running")), "tcpdump should be runnin
+g on host_1 and it is not");
 

$host_2->shell("/etc/init.d/radius stop");

#######################################################
#IAS  (MS-RADIUS)
#######################################################

my $mca111 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host
+name_1);
QTL::force (($mca111->result eq "success"));

$master->shell("sleep 1");

my $mca211 = $fw_machine_1->fwlogswitch();
QTL::force (($mca211->result eq "success"));

my $mca311 = $host_1->shell("-exec_mode async tcpdump -c 3 port 80 and
+ host " . $fw_host_1->ip_1);
QTL::force ((($mca311->state eq "running")), "failed to start tcpdump 
+on host_1");

my $mca411 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ah -s " . $fw_machine_1->ip_1 . " -fu bill -fp abcd -st 1");
QTL::force ((($mca411->result eq "failure")), "failed to open connecti
+on with user bill and auth server RADIUS");

$master->shell("sleep 2");

my $mca511 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ httpstress -s " . $host_1->ip_1 . " -p /index.html -su root -sp zubu
+r");
QTL::force ((($mca511->result eq "failure")), "failed to open connecti
+on with user bill and auth server RADIUS");

$master->shell("sleep 5");

my $mca611 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ 
+authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt
+auth_http and user =~ bill and reason =~ RADIUS )");
QTL::warn ((($mca611->result eq "failure")), "checklog failed to find 
+a log with user bill");

QTL::force ((($mca311->state eq "running")), "tcpdump should be runnin
+g on host_1 and it is not");
 

#############################################################
#TACACS UDP auth
#############################################################

my $mca112 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host
+name_1);
QTL::force (($mca112->result eq "success"));

$master->shell("sleep 1");

my $mca212 = $fw_machine_1->fwlogswitch();
QTL::force (($mca212->result eq "success"));

my $mca312 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and
+ host " . $fw_host_1->ip_1);
QTL::force ((($mca312->state eq "running")), "failed to start tcpdump 
+on host_1");

my $mca412 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ah -s " . $fw_machine_1->ip_1 . " -fu taca -fp abcd -st 1");
QTL::force ((($mca412->result eq "failure")), "failed to open connecti
+on with user taca and auth server TACACS");

$master->shell("sleep 2");

my $mca512 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zu
+bur");
QTL::force ((($mca512->result eq "failure")), "failed to open connecti
+on with user taca and auth server TACACS");

$master->shell("sleep 5");

my $mca712 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ 
+authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt
+auth_http and user =~ taca and reason =~ TACACS)");
QTL::warn ((($mca712->result eq "failure")), "checklog failed to find 
+a log with user taca");

QTL::force ((($mca312->state eq "running")), "tcpdump should be runnin
+g on host_1 and it is not");
 

############################################################
#TACACS PLUS auth
############################################################

my $mca113 = $fw_machine_1->fwload("$FW_POLICY " . $fw_machine_1->host
+name_1);
QTL::force (($mca113->result eq "success"));

$master->shell("sleep 1");

my $mca213 = $fw_machine_1->fwlogswitch();
QTL::force (($mca213->result eq "success"));

my $mca313 = $host_1->shell("-exec_mode async tcpdump -c 3 port 21 and
+ host " . $fw_host_1->ip_1);
QTL::force ((($mca313->state eq "running")), "failed to start tcpdump 
+on host_1");

my $mca413 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ah -s " . $fw_machine_1->ip_1 . " -fu tacap -fp abcd -st 1");
QTL::force ((($mca413->result eq "failure")), "failed to open connecti
+on with user tacap and auth server TACACS");

$master->shell("sleep 2");

my $mca513 = $fw_host_1->open_conn("-exec_timeout 60 -context opsec -c
+ ftp -s " . $host_1->ip_1 . " -remote_file /etc/hosts -su root -sp zu
+bur");
QTL::force ((($mca513->result eq "failure")), "failed to open connecti
+on with user tacap and auth server TACACS");

$master->shell("sleep 5");

my $mca713 = $fw_machine_1->checklog("-resolve -n 1 -query (action =~ 
+authorize and src =~ " . $fw_host_1->ip_1 . " and service =~ FW1_clnt
+auth_http and user =~ tacap and reason =~ TACACS)");
QTL::warn ((($mca713->result eq "failure")), "checklog failed to find 
+a log with user tacap");

QTL::force ((($mca313->state eq "running")), "tcpdump should be runnin
+g on host_1 and it is not");
 

###########################################################
#Secure ID auth
###########################################################

#TELNET_OPEN_CONN_MANUAL_CLIENT_AUTH(14,amos,abcd,SecurID,running,fail
+ure,reject)



#[CONFIGURATION_FILES]
#fwconf/5.0/enfdb/clau001.W.cpmi
#fwconf/5.0/enfdb/clau002.W.cpmi
#fwconf/5.0/enfdb/clau003.W.cpmi
#fwconf/5.0/enfdb/clau004.W.cpmi
#fwconf/5.0/enfdb/clau001.W.cpmi
#fwconf/5.0/enfdb/clau001.W.cpmi
#fwconf/5.0/enfdb/clau008.W.cpmi
#fwconf/5.0/enfdb/clau010.W.cpmi
#fwconf/5.0/enfdb/doauth001.W.cpmi
#fwconf/5.0/enfdb/transerv005.W.cpmi
#fwconf/5.0/enfdb/transerv007.W.cpmi
#fwconf/5.0/enfdb/transerv009.W.cpmi
#fwconf/5.0/enfdb/transerv012.W.cpmi
#fwconf/5.0/enfdb/usau001.W.cpmi
#fwconf/5.0/enfdb/usau004.W.cpmi
#fwconf/5.0/enfdb/usau007.W.cpmi
#fwconf/5.0/enfdb/seau001.W.cpmi
#fwconf/5.0/enfdb/seau002.W.cpmi
#fwconf/5.0/enfdb/seau003.W.cpmi
#fwconf/5.0/cpmi_scripts/authstrm002.cpmi
#fwconf/5.0/standalone/standalone_setup.cpmi
#fwconf/5.0/standalone/defaultfilter.pf
#fwconf/5.0/cpmi_scripts/main1.cpmi
#fwconf/5.0/cpmi_scripts/main2.cpmi
#fwconf/5.0/cpmi_scripts/main3.cpmi
#fwconf/5.0/cpmi_scripts/predefined.cpmi
#fwconf/5.0/files/to_network.pl
#fwconf/5.0/files/NetAPS_Template.conf.opsec
#fwconf/5.0/files/NetAPS_Template.conf.smtp
#fwconf/5.0/files/NetAPS_Template.conf.waitMode
#fwconf/5.0/files/gfile
#fwconf/5.0/files/discard
#fwconf/5.0/files/virustest.exe
#fwconf/5.0/files/SessionAgent
#[/CONFIGURATION_FILES]

[download]

In reply to Re: Re: Finding duplicated code in Perl by shushu
in thread Finding duplicated code in Perl by shushu

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
    • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others about the Monastery: (14)
    As of 2013-05-21 09:15 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      The best material for plates (tableware) is:









      Results (431 votes), past polls