[fw-wiz] Running script containing fw tab commands on Nokia ipso out of cron

Jon Sabo jonathan.sabo at gmail.com
Thu Sep 21 15:49:49 EDT 2006

Firewall Wizards,

I want to run some fw tab commands from a script out of cron to alert on
full nat alloc tables and things....  This is a checkpoint nokia firewall.
I can't see to get it to work and I am not sure what I am missing if
anything from the environment...  I've been playing with this for a few
hours and I'm ready for some assistance if you have a moment.



 Could not initialize SIC.: Interrupted system call
 Could not initialize SIC.: Interrupted system call


export USER="admin"
export LOGNAME="admin"
export HOME="/var/admin"
export SHELL="/bin/csh"
export TZ=":/etc/localtime"
export SSH_TTY="/dev/ttyp0"
export TERM="vt100"
export SSH_AUTH_SOCK="/tmp/ssh-MZm15868/agent.15868"
export PWD="/etc"
export BLOCKSIZE="K"
export MIBS="ALL"
export ACTIVE_PKG="/opt/CPshared-R55p /opt/CPfw1-R55p /opt/CPinfo-R55p"
export LD_LIBRARY_PATH="/opt/CPshared-R55p/lib:/opt/CPfw1-R55p/lib"
export CPDIR="/opt/CPshared-R55p"
export IPSO_PACKAGE_PREFIX="CPshared VPN-1/FireWall-1"
export TEMPLATE_PATH="/opt/CPfw1-R55p/templates"
export FWDIR="/opt/CPfw1-R55p"
export VARDIR="/var/opt/CPfw1-R55p"
export SUDIR="/opt/CPfw1-R55p/sup"
export SUROOT="/var/suroot"
export FWDEV="/var/dev/fw0"
export VPNDEV="/var/dev/vpn0"
export FW_BOOT_DIR="/opt/CPfw1-R55p/boot"

echo "grabing values"
#Grab the current #VAl and MAX from the translation table
CURRENT=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc -s | grep "8187" | awk
'{print $4}';`
CURRENT1=`/opt/CPfw1-R55p/bin/fw tab -t fwx_alloc | grep "8187" | awk
'{print $10}' |sed s/,//;`
echo "calculating stuff"
#Get 85 percent of the MAX Value
CURRENT2=$(($CURRENT1 * 85 / 100))
echo "comparing"
#If the #VAL is greater then or equal to 85 percent of peak, then send email
if [ $CURRENT -ge $CURRENT2 ]; then

month=`date +%Y%m`

day=`date +%Y%m%d`



RCPT_TO1=person at boh.com
RCPT_TO2=person2 at boh.com

SUBJECT="Translation Table threshold Exceeded!!"
echo "Sending email"

(sleep 2; echo "HELO ${HELO}"; sleep 1; echo "MAIL FROM:<${HELO}>"; sleep 1;
echo "RCPT TO:<${RCPT_TO1}>"; sleep 1; ec
ho "RCPT TO:<${RCPT_TO2}>"; sleep 1; echo "DATA"; sleep 1; echo
"SUBJECT:${SUBJECT}"; sleep 1; echo "Test body"; sleep
 1; echo "."; sleep 1; echo quit) | telnet 25



*/1 * * * * /var/tmp2/xlate/test3.sh >> /var/log/xlate.log 2>&1

This is in the admin users crontab too so the admin user is running the
script and not root, I verified this with env.  I created a /var/cron/admin
file and saw it reload in the /var/log/messages.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20060921/05396199/attachment.html 

More information about the firewall-wizards mailing list