Re: Scheduling PIX commands

[Josh Ward <jward () network-services uoregon edu>]

Hey Ian,

I had a need for something similar to this a while back (albeit with an
8.0.x ASA).  It doesn't appear that the Cisco firewalls have the "at"
functions included in some other devices (someone please correct me if
I'm wrong).

I solved the problem by using expect...  Actually, perl expect because
its easier to use.

If you are interested in the script I wrote, send me e-mail off the list
and I'll share it.

-Josh
--
Josh Ward <jward () network-services uoregon edu>
Network Security Engineer - University of Oregon - Network Services
P. 541.346.1651  F. 541.346.4397
U of O Security Hotline: 541.346.5837
PGP Fingerprint: CFB6 62C0 370B AD6D BA33 6034 8FFB 4A49 297F 6A4C


Ian Rarity wrote:
> Hi all,
>
> We've just made some changes to our PIX config, and we need to clear
> the xlates to make the changes fully live.  The only problem with this
> is that we also have another system that will react badly (to put it
> mildly) to the state of all its connections disappearing when we do
> this.  This system gets an hour's downtime at 2am, so the ideal time to
> clear the xlates on the PIX seems obvious.
> The only problem is that, although I'm mainly nocturnal, I really can
> think of better things to be doing at 2am than sitting in our server
> room.  Does anyone know of a way to schedule commands to run at a
> specified time on a PIX 6.3 firewall?
>
> Ta,
> IR.
>
> *********************************
> Ian Rarity
> Technical Engineer
> ESPC (UK) Ltd.
> T: (44)131 624 8000
> F: (44)131 624 8509
> http://www.espc.com ( http://www.espc.com/ )
>
>
> *******************************************************************
> Private and Confidential:  This e-mail transmission is strictly 
> confidential and intended solely for the addressee.  It may contain
> privileged and confidential information and if you are not the 
> intended recipient, you must not copy, disclose, distribute or 
> take any action in reliance on it. If you have received this 
> e-mail in error, please delete it and notify our E-mail Systems 
> Administrator on +44 (0) 131 624 8000. ESPC (UK) Ltd does not 
> accept any liability for any harm that may be caused to the 
> recipient's system or data by this message or any attachment. 
>
> ESPC (UK) Ltd is a company registered under the Companies 
> Acts in Scotland (Registered Number SC203535), and having its
> registered office at 90A George Street, Edinburgh, Midlothian 
> EH2 3DF.
>
> ESPC (UK) Limited is authorised and regulated by the Financial 
> Services Authority.
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () listserv icsalabs com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards