a bv <[email protected]> wrote:
>
> How and how often do you use DBedit tool? Does it help you do any
> troubleshoot?
I use dbedit when creating large numbers of objects that fit known
patterns, or that can be auto-generated by a perl script. For example:
create host_plain command00-10.1.1.42
modify network_objects command00-10.1.1.42 ipaddr 10.1.1.42
modify network_objects command00-10.1.1.42 add_adtr_rule true
modify network_objects command00-10.1.1.42 NAT NAT
modify network_objects command00-10.1.1.42 NAT:valid_ipaddr 172.29.50.73
modify network_objects command00-10.1.1.42 NAT:netobj_adtr_method adtr_static
update network_objects command00-10.1.1.42
create host_plain async00-10.1.1.43
modify network_objects async00-10.1.1.43 ipaddr 10.1.1.43
modify network_objects async00-10.1.1.43 add_adtr_rule true
modify network_objects async00-10.1.1.43 NAT NAT
modify network_objects async00-10.1.1.43 NAT:valid_ipaddr 172.29.50.74
modify network_objects async00-10.1.1.43 NAT:netobj_adtr_method adtr_static
update network_objects async00-10.1.1.43
create host_plain wiz00-10.1.1.44
modify network_objects wiz00-10.1.1.44 ipaddr 10.1.1.44
modify network_objects wiz00-10.1.1.44 add_adtr_rule true
modify network_objects wiz00-10.1.1.44 NAT NAT
modify network_objects wiz00-10.1.1.44 NAT:valid_ipaddr 172.29.50.75
modify network_objects wiz00-10.1.1.44 NAT:netobj_adtr_method adtr_static
update network_objects wiz00-10.1.1.44
Sure beats pointing and clicking and typing!
Object text like this can be generated by a perl script, for example:
#!/usr/bin/perl
while (<DATA>)
{
chomp;
($host, $ip1, $ip2) = split;
$objname = "$host-$ip2";
print "create host_plain $objname\n";
print "modify network_objects $objname ipaddr $ip2\n";
print "modify network_objects $objname add_adtr_rule true\n";
print "modify network_objects $objname NAT NAT\n";
print "modify network_objects $objname NAT:valid_ipaddr $ip1\n";
print "modify network_objects $objname NAT:netobj_adtr_method
adtr_static\n";
print "update network_objects $objname\n";
}
__END__
api00 172.29.50.66 10.1.1.35
api01 172.29.50.67 10.1.1.36
api02 172.29.50.68 10.1.1.37
api03 172.29.50.69 10.1.1.38
api04 172.29.50.70 10.1.1.39
reseller00 172.29.50.71 10.1.1.40
reseller01 172.29.50.72 10.1.1.41
command00 172.29.50.73 10.1.1.42
async00 172.29.50.74 10.1.1.43
wiz00 172.29.50.75 10.1.1.44
branding00 172.29.50.76 10.1.1.45
branding01 172.29.50.77 10.1.1.46
prov00 172.29.50.78 10.1.1.47
prov01 172.29.50.79 10.1.1.48
You can then load the data from a file, using a command like:
dbedit -local -f filename
--
David DeSimone == Network Admin == [email protected]
"I don't like spinach, and I'm glad I don't, because if I
liked it I'd eat it, and I just hate it." -- Clarence Darrow
This email message is intended for the use of the person to whom it has been
sent, and may contain information that is confidential or legally protected. If
you are not the intended recipient or have received this message in error, you
are not authorized to copy, distribute, or otherwise use this message or its
attachments. Please notify the sender immediately by return e-mail and
permanently delete this message and any attachments. Verio, Inc. makes no
warranty that this email is error or virus free. Thank you.
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
