Zen, life, computers, programming, firewalls
This one-liner takes Cisco ASA config, checks for “tunnel-group … remote-access” and generates the following two lines:
tunnel-group GROUPNAME webvpn-attributes group-url https://CISCO_ASA_FW_FQDN/GROUPNAME enable
for i in `fgrep tunnel-group CISCO_ASA.conf | fgrep remote-access | awk '{print $2}'`
do
echo "tunnel-group $i webvpn-attributes"
echo " group-url https://CISCO_ASA_FW_FQDN/$i enable"
done
Let’s search for “red apple”:
For Solaris (use gsed instead of sed):
curl -A "Mozilla/5.0 (X11; SunOS i86pc; rv:52.0) Gecko/20100101 Firefox/52.0" \ 'https://www.google.nl/search?q=red+apple&tbm=isch' 2>/dev/null | \ tail -1 | gsed -e 's/,"ow":/*/g' -e 's/,"ou":/*Image:/g' | \ tr '*' '\n' | grep "^Image" | sed -e 's/^Image:"//' -e 's/"$//'
For Linux:
curl -A "Mozilla/5.0 (X11; SunOS i86pc; rv:52.0) Gecko/20100101 Firefox/52.0" \ 'https://www.google.nl/search?q=red+apple&tbm=isch' 2>/dev/null | \ tail -1 | sed -e 's/,"ow":/*/g' -e 's/,"ou":/*Image:/g' | \ tr '*' '\n' | grep "^Image" | sed -e 's/^Image:"//' -e 's/"$//'
wget https://download.01.org/gfx/RPM-GPG-GROUP-KEY-ilg -O - | \ sudo apt-key add -
Run in a VDOM:
sh firewall service custom | grep 'edit\|port\|type\|proto'
edit "ALL"
set protocol IP
edit "ALL_TCP"
set tcp-portrange 1-65535
edit "ALL_UDP"
set udp-portrange 1-65535
edit "ALL_ICMP"
set protocol ICMP
unset icmptype
edit "GRE"
set protocol IP
set protocol-number 47
edit "DHCP"
set udp-portrange 67-68
edit "DNS"
set tcp-portrange 53
set udp-portrange 53
edit "FTP"
set tcp-portrange 21
edit "FTP_GET"
set tcp-portrange 21
edit "FTP_PUT"
set tcp-portrange 21
edit "H323"
set tcp-portrange 1720 1503
set udp-portrange 1719
edit "HTTP"
set tcp-portrange 80
edit "HTTPS"
set tcp-portrange 443
. . .
for i in cnn.com bbc.co.uk
do
exp=`echo | openssl s_client -connect $i:443 2>/dev/null |
openssl x509 -noout -dates | fgrep notAfter | sed -e 's/^.*=//'`
echo "$i $exp"
done
cnn.com Feb 6 12:00:00 2018 GMT
bbc.co.uk Apr 20 10:01:10 2017 GMT
cat /var/log/apache2/access.log |
awk ' {conn[$1]++;} END { for ( i in conn ) print conn[i],"",i;}' |
sort -nr | head
NB: the feline abuse is intentionally left for simplicity and modularity.
Let’s calculate the amount of lines, containing the word “extended” in */*.conf files:
egrep -c extended */*.conf |
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'
BTW, using awk alone is slower:
time awk 'BEGIN {sum=0;}/extended/{sum++} END {print sum}' */*.conf
110653
real 0m0.94s
user 0m0.91s
sys 0m0.01s
time egrep -c extended */*.conf |
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'
110653
real 0m0.13s
user 0m0.10s
sys 0m0.02s
fgrep is slower than egrep:
time fgrep -c extended */*.conf |
awk 'BEGIN {FS=":"; sum=0;}{sum +=$2} END {print sum}'
110653
real 0m0.21s
user 0m0.17s
sys 0m0.03s
for i in `ipcs -m | awk '/0x0/ {print $2}'`
do
ipcrm -m $i
done
Sometimes you do not need a detailed log-analysis but several simple one-liners that you can adjust without too much thinking how it works, what you did last time, etc. The examples below are absolutely NOT optimal, but rather modular for easy line-editing.