##################################################
# Open the internet connection for an ip address.
# Usage: inet_conn.pl [-e | -d ] ip_address
##################################################
# 应该对IP地址进行测试
sub print_usage{
print "Usage: inet_conn.pl [-e | -d ] ip_address \n";
}
sub check_ip_address_valid{
my $h = shift;
# verify if ip address is valid.
my $re='^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$';
if(!($h =~ /$re/)){
print "The ip address \'$h\' is not valid.\n";
exit 1;
}
if($1 < 0 || $2 < 0 || $3 < 0 || $4 < 0 || $1 > 255 || $2 > 255 || $3 > 255 || $4 > 255 ){
print "The ip address \'$h\' is not valid.\n";
exit 1;
}
}
sub get_conf{
my $abc;
$t->open("10.10.10.1");
$t->waitfor('/PIX passwd:.*$/');
$t->print('pwd1');
$t->waitfor('/out-pix> .*$/');
$t->print('enable');
$t->waitfor('/Password:.*$/');
$t->print('pwd2');
$t->waitfor('/out-pix#.*$/');
$t->print('pager lines 0');
$t->waitfor('/out-pix#.*$/');
$t->print('show config');
($abc) = $t->waitfor('/out-pix#.*$/');
return $abc;
}
# Main program begins.
$argc = scalar(@ARGV);
if ( $argc > 2 || $argc < 1){
print_usage;
exit 1;
}
# login to the pix firewall and get the configuration.
use Net::Telnet ();
$t = new Net::Telnet (Timeout => 10,
Prompt => '/PIX passwd:.*$/', Errmode => 'return');
my $abc;
# check if the ip address is already opened.
if($argc == 1){
# display status
$h = $ARGV[0];
check_ip_address_valid($h);
$abc = get_conf();
$ip="nat (inside) 1 $h 255.255.255.255 0 0";
$ip =~ s/\./\\\./g;
$ip =~ s/\(/\\\(/g;
$ip =~ s/\)/\\\)/g;
if ($abc =~ ?$ip?){
print "The ip address \'$h\' is OPENED." ;
}else{
print "The ip address \'$h\' is CLOSED." ;
}
$t->print('exit');
exit 0;
}
if($argc == 2){
$s = $ARGV[0];
$h=$ARGV[1];
if($s eq "-e"){
check_ip_address_valid($h);
$abc = get_conf();
# open the internet connection
$ip="nat (inside) 1 $h 255.255.255.255 0 0";
$ip =~ s/\./\\\./g;
$ip =~ s/\(/\\\(/g;
$ip =~ s/\)/\\\)/g;
if ($abc =~ ?$ip?){
print "The ip address \'$h\' is ALREADY OPENED!" ;
exit 0;
}
$t->print('conf t');
$t->waitfor('/out-pix\(config\)#.*$/');
$cmd="nat (inside) 1 $h 255.255.255.255 0 0";
$t->print($cmd);
$t->waitfor('/out-pix\(config\)#.*$/');
$t->print('exit');
$t->waitfor('/out-pix#.*$/');
$t->print('wr mem');
$t->waitfor('/out-pix#.*$/');
$t->print('exit');
print "The ip address \'$h\' is OPENED SUCCESSFULLY.\n" ;
exit 0;
}elsif($s eq "-d"){
check_ip_address_valid($h);
# close the internet connection
$abc = get_conf();
$ip="nat (inside) 1 $h 255.255.255.255 0 0";
$ip =~ s/\./\\\./g;
$ip =~ s/\(/\\\(/g;
$ip =~ s/\)/\\\)/g;
# the internet connection must be 'open'.
if (!($abc =~ ?$ip?)){
print "The ip address \'$h\' is NOT PENED." ;
exit 0;
}
$t->print('conf t');
$t->waitfor('/out-pix\(config\)#.*$/');
$cmd="no nat (inside) 1 $h 255.255.255.255 0 0";
$t->print($cmd);
$t->waitfor('/out-pix\(config\)#.*$/');
$t->print('exit');
$t->waitfor('/out-pix#.*$/');
$t->print('wr mem');
$t->waitfor('/out-pix#.*$/');
$t->print('exit');
print "The ip address \'$h\' is CLOSED SUCCESSFULLY.\n" ;
$t->print('exit');
exit 0;
}else{
print('exit');
print_usage;
exit 1;
}
}
exit 0;
11-20
776
776
09-03
1983
1983
05-17
“相关推荐”对你有帮助么?
-
非常没帮助 -
没帮助 -
一般 -
有帮助 -
非常有帮助
提交
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
