#!/usr/bin/env perl #---------------------------------------------------------------------------- # NAME # PIXcmpcfg - compares two config files, and reports what has been # added and removed. Originally written to be used with a Cisco PIX. # Could be used with any devices two config files. # # SYNOPSIS # testaddr email_address # # FEEDBACK # The increasing functionality and usefullness of this script relies on # YOU, the user. If this script does not behave in the intended way, or # if there is a lacking feature, please provide feedback to the author # of this script so that your feedback can be looked into and possibly # integrated into this script. # # John C. Koen 12/01/2004 # johnk@southwestern.edu # $Id: PIXcmpcnf.pl,v 1.3 2005/05/06 15:04:21 root Exp $ #---------------------------------------------------------------------------- #---------------------------------------------------------------------------- # Begin of POD #---------------------------------------------------------------------------- =head1 NAME PIXcmpcfg - compares two config files, and reports what has been added and removed. Originally written to be used with a Cisco PIX. Could be used with any devices two config files. =head1 SCRIPT CATEGORIES UNIX/System_administration Mail/qmail =head1 SYNOPSIS testaddr email_address =head1 PREREQUISITES This script requres that two config files be examined, both from the same device (preferably) =head1 COPYRIGHT Copyright (c) 2004 John C. Koen . All rights reserved. This program is free software. You may modify and/or distribute it under the same terms as Perl itself. This copyright notice must remain attached to the file. =head1 REVISION $Id: PIXcmpcnf.pl,v 1.3 2005/05/06 15:04:21 root Exp $ =head1 FEEDBACK The increasing functionality and usefullness of this script relies on YOU, the user. If this script does not behave in the intended way, or if there is a lacking feature, please provide feedback to the author of this script so that your feedback can be looked into and possibly integrated into this script. =head1 README PIXcmpcfg - compares two config files, and reports what has been added and removed. Originally written to be used with a Cisco PIX. Could be used with any devices two config files. =head1 AUTHOR John C. Koen johnk@southwestern.edu http://www.southwestern.edu/~johnk =cut #---------------------------------------------------------------------------- # End of POD #---------------------------------------------------------------------------- #---------------------------------------------------------------------------- # Begin example PIXcmpcfg.sh shell script # # Here is shell script code, providing a wrapper to the PIXcmpcfg perl script. # This allows one to be e-mailed if code has changed or not. #---------------------------------------------------------------------------- ##!/bin/sh # #export PATH="/bin/:/sbin" #export DATE_TODAY=`/bin/date +%y%m%d` #export DATE_YESTERDAY=`/bin/date --date='yesterday' +%y%m%d` #export CMP_PIX_RULES_PL="/root/scripts/PIXcmpcfg.pl" #export EMAIL_TO="nobody@nowhere.nohow" # #COMMAND=`$CMP_PIX_RULES_PL` # #if [ -z "$COMMAND" ]; then # # echo "Both PIX confs appear to be identical (i.e. Nothing has changed)." | /bin/mail -s "PIX config comparison: $DATE_YESTERDAY - $DATE_TODAY" $EMAIL_TO # #else # echo -e $COMMAND | /bin/sort | /bin/mail -s "PIX config comparison: $DATE_YESTERDAY - $DATE_TODAY" $EMAIL_TO # #fi # #exit 0 #---------------------------------------------------------------------------- # End example PIXcmpcfg.sh shell script #---------------------------------------------------------------------------- #---------------------------------------------------------------------------- # Begin code logic #---------------------------------------------------------------------------- use POSIX; use strict; use vars qw(%date %conf_filename %conf_lines $k $v $debug); $debug=0; $date{'today'} = `/bin/date +%y%m%d`; $date{'yesterday'} = `/bin/date --date='yesterday' +%y%m%d`; $conf_filename{'today'} = "/mnt/tftpdir/PIX/pix515e.conf.$date{'today'}"; $conf_filename{'yesterday'} = "/mnt/tftpdir/PIX/pix515e.conf.$date{'yesterday'}"; if ($debug) {print "Working with: $conf_filename{'today'} and $conf_filename{'yesterday'}\n"} open (TODAYS_CONF, "$conf_filename{'today'}"); while () { chomp $_; if ( $_ =~ /.*remark.*/ ) { next; }; if ( $_ =~ /^[a-z].*/ ) { $conf_lines{$_} = "NEW_ENTRY"; if ($debug) {print "$conf_filename{'today'} : Line: $_ Value: $conf_lines{$_}\n"} } } close TODAYS_CONF; open (YESTERDAYS_CONF, "$conf_filename{'yesterday'}"); while () { chomp $_; if ( $_ =~ /.*remark.*/ ) { next; }; if ( $_ =~ /^[a-z].*/ ) { if ($debug) {print "$conf_filename{'yesterday'} : Line: $_ Value: $conf_lines{$_}\n"} if (defined($conf_lines{$_}) && $conf_lines{$_} eq "NEW_ENTRY") { $conf_lines{$_} = "STALE_ENTRY"; } elsif (!defined($conf_lines{$_})) { $conf_lines{$_} = "REMOVED_ENTRY"; } else { die "Something is amiss: $!" }; } } close YESTERDAYS_CONF; while (($k,$v) = each %conf_lines) { if ($debug) {print "Line: $k Value: $v\n"} if ($v eq "STALE_ENTRY") { next; } elsif ($v eq "NEW_ENTRY") { print "NEW_ENTRY: $k",'\n'; } elsif ($v eq "REMOVED_ENTRY") { print "REMOVED_ENTRY: $k",'\n'; } else { die "Something amiss: $!" }; } #---------------------------------------------------------------------------- # End code logic #----------------------------------------------------------------------------