Hi team,
Here is one more and I stuck in loop.
I am modifying the script which shows IP addresses blocked on firewall.
However it has parameters with certain flags must on and I wanted to run a particular flag without $2 or $3 flag and it has to run as a individual flag.
Here are the codes.
Code:
#help info
usage() {
echo "Usage: $0 -a <on|off|stat|allow> [ -l <IP_Address> ] [ -al <IP_Address>] [-g <gw_list_file>] [-b <bypass_file>] [-f <feed_file>] [-s <script_file>] [ -t total IP Addresses ]" 1>&2;
echo "Option:" 1>&2;
echo " -a on: activate blocking the IP addresses in the feeds" 1>&2;
echo " -a off: stops blocking the IP addresses in the feeds" 1>&2;
echo " -a stat: prints the feature status of each GW" 1>&2;
echo " -a allow: activate bypass for given IP addresses even if they are on the blocking feeds" 1>&2;
echo " -a delete_bypass: deactivate bypass list" 1>&2;
echo " -l find the given address on particular firewall" 1>&2;
echo " -al fine the given address on all firewalls" 1>&2;
echo " -t Shows Total number of IP Addresses Blocked" 1>&2;
echo " -g gw_list_file: a list of GW IPs" 1>&2;
echo " -b bypass_file: a list of IPs to bypass" 1>&2;
echo " -f feed_file: a list of feeds URLs with IPs to block" 1>&2;
echo " -s script_file: full path to ip_block.sh to copy to the GWs" 1>&2;
echo "Example:" 1>&2;
echo " $0 -a on -g local_gw_file -f local_feed_list -l <IP_Address> -al <All_FW_IPs>"
exit 1;
}
while getopts ":a:g:b:f:s:t" o; do
case "${o}" in
a)
op=${OPTARG}
((op == "on" || op == "off" || op == "stat" || op == "allow" || op == "delete_bypass")) || usage
;;
g)
gw_list_file=${OPTARG}
;;
b)
local_bypass_file=${OPTARG}
;;
f)
local_feed_file=${OPTARG}
;;
s)
script_file=${OPTARG}
;;
t) total_ips_on_all_fws
;;
*)
usage
;;
esac
done
shift $((OPTIND-1))
if [ -z "$op" ]
then
usage
fi
if [ -z "$gw_list_file" ]
then
echo "Error: missing gw list file" 1>&2;
usage
fi
What I wanted to achieve is
Code:
# isn-threat-activate -t
On Firewall 192.168.5.16 Total IP Addresses Blocked are: 183284
While below things are happening and I am not sure why!!
Code:
[Expert@MUM-MGMT:0]# isn-threat-activate -t
On Firewall 192.168.5.16 Total IP Addresses Blocked are: 183284
Error: missing gw list file
Usage: /opt/CPshrd-R81.10/bin/isn-threat-activate -a <on|off|stat|allow> [ -l <IP_Address> ] [ -al <IP_Address>] [-g <gw_list_file>] [-b <bypass_file>] [-f <feed_file>] [-s <script_file>] [ -t total IP Addresses ]
Option:
-a on: activate blocking the IP addresses in the feeds
-a off: stops blocking the IP addresses in the feeds
-a stat: prints the feature status of each GW
-a allow: activate bypass for given IP addresses even if they are on the blocking feeds
-a delete_bypass: deactivate bypass list
-l find the given address on particular firewall
-al fine the given address on all firewalls
-t Shows Total number of IP Addresses Blocked
-g gw_list_file: a list of GW IPs
-b bypass_file: a list of IPs to bypass
-f feed_file: a list of feeds URLs with IPs to block
-s script_file: full path to ip_block.sh to copy to the GWs
Example:
/opt/CPshrd-R81.10/bin/isn-threat-activate -a on -g local_gw_file -f local_feed_list -l <IP_Address> -al <All_FW_IPs>
```
Even after I gave those parameters which script is complaining I am getting same error
```
[Expert@MUM-MGMT:0]# isn-threat-activate -t -g /usr/share/isnti/fw-ips.txt -f /usr/share/isnti/isnfeeds.txt
On Firewall 192.168.5.16 Total IP Addresses Blocked are: 183284
Usage: /opt/CPshrd-R81.10/bin/isn-threat-activate -a <on|off|stat|allow> [ -l <IP_Address> ] [ -al <IP_Address>] [-g <gw_list_file>] [-b <bypass_file>] [-f <feed_file>] [-s <script_file>] [ -t total IP Addresses ]
Option:
-a on: activate blocking the IP addresses in the feeds
-a off: stops blocking the IP addresses in the feeds
-a stat: prints the feature status of each GW
-a allow: activate bypass for given IP addresses even if they are on the blocking feeds
-a delete_bypass: deactivate bypass list
-l find the given address on particular firewall
-al fine the given address on all firewalls
-t Shows Total number of IP Addresses Blocked
-g gw_list_file: a list of GW IPs
-b bypass_file: a list of IPs to bypass
-f feed_file: a list of feeds URLs with IPs to block
-s script_file: full path to ip_block.sh to copy to the GWs
Example:
/opt/CPshrd-R81.10/bin/isn-threat-activate -a on -g local_gw_file -f local_feed_list -l <IP_Address> -al <All_FW_IPs>
Eventually I want to run -t flag individually