Skip to content


SNMP in Gaia default community string

Configuring SNMP in Gaia as opposed to SPLAT has been made much simpler. So simple that it is easy to overlook that default configured read-only community is public .
So , it is a good idea to change it while enabling SNMP:
set snmp agent on
set snmp agent-version any
set snmp community public read-only

PS. Another ‘feature’ of the SNMP is that you can either enable SNMP version 1 and 2 or version 3. Trying to enable just version 2c is not possible.

Posted in Checkpoint NG/NGX.

Tagged with .


RIPE database query for a route object, or why my network is not advertised via BGP to the world

Once it was a nice-to-have configuration that most ISPs in the world ignored anyway, but today it is a must if you are planning to advertise your networks via BGP through your uplink provider – your route object in the AS whois database of the uplink provider. If not – you will happily advertise your networks, the uplink provider will duly advertise them to its uplink peers, which will check AS registry database of your provider and not finding this route object will silently drop the advertising.
Of course it is duty of your transit ISP provider to update their records with your network, but after all, you are the one most interested – so as they say in Russian ” Доверяй но проверяй ” , and here is how to do it:
whois -h whois.ripe.net — ‘-a -r -i or -T route AS1680′ | grep route
In this example I assume your uplink provider is Netvision with AS1680 , replace AS number with the correct one.
Output will look like:
route: 109.186.0.0/16
route: 109.253.0.0/16
route: 117.121.245.0/24
route: 138.134.0.0/16
route: 147.161.0.0/16

If you don’t find in such listing your network – Houston, you have a problem here.

Posted in Awk weekly, Cisco, Networking.


Cisco CUCM CDR report – call duration and called numbers extraction script

Yesterday I had to extract some data from a CDR report for a client, namely call start time, its duartion and the called number. And while I am sure Google has zillion scripts to be found, it was much faster to hack this one-liner .
The script extracts the following fields from the CDR report in this order:
dateTimeOrigination – for outgoing calls it is the time the device goes off hook
callingPartyNumber – initiator of the call
finalCalledPartyNumber – the reached/dialed number (after forwarding if any)
duration – duration of the call
The extracted data is placed in CSV format to be easily imported into Microsoft Excel.
Enjoy. Any questions – feel free to ask here.

 awk -F, 'BEGIN {OFS=","} {print strftime("%c",$5),$9,$31,$56}'  report_cdr 

Output:
Sun 04 May 2014 01:54:37 PM IDT,0555555555,2988,41
Sun 04 May 2014 01:55:07 PM IDT,2908,0555555555,25

Posted in Awk weekly, Cisco.

Tagged with , .


Convert Checkpoint SPLAT routes into Gaia configuration commands

Hi there, not much of a script , just the one-liner to turn output of the Secure Platform cli command route/ip route list into the ready for copy&paste list of Gaia clish commands.
Be aware I am not doing any error checking, so examine the final result before applying to a production system.
See ya.
You should run it on SPLAT cli being in expert mode.

ip route list | awk ‘/via/ {print " set static-route ",$1," nexthop gateway address " $3," on "}’

set static-route 172.19.0.0/16 nexthop gateway address 172.12.255.4 on
set static-route 172.20.0.0/16 nexthop gateway address 10.20.20.6 on
set static-route default nexthop gateway address 19.9.15.33 on

Posted in Awk weekly, Checkpoint NG/NGX.


PTR bulk resolver in Perl to see what is in the name

There are 50 ways to do PTR resolving in bulk,and this is just one of them. It doesn’t pretend to be the fastest/coolest/best, the only thing
I can claim – it works. So use it for pleasure and work.


# Yuri
# 19.02.2013
# this script accepts range of IP addresses to do PTr resolving for
# the range has to be in this format: startIp-endIp.startIp-endIp.startIp-endIp.startIp-endIp.
# Only answers are printed, i.e. if there is no answer  nothing is printed
use warnings;
use strict;
use Net::DNS ;

my $res = Net::DNS::Resolver->new();
  my $input = shift ;
     $input =~ /(.+)-(.+)\.(.+)-(.+)\.(.+)-(.+)\.(.+)-(.+)/ ;
     print "Resolving ptrs for the following range: $input\n" ;
     print "Started working at: " . scalar gmtime . "\n" ;
     my ($oct1_start,$oct1_end,$oct2_start,$oct2_end,$oct3_start,$oct3_end,$oct4_start,$oct4_end) = ($1,$2,$3,$4,$5,$6,$7,$8) ;
 foreach my $oct1 ($oct1_start..$oct1_end) {
   foreach my $oct2 ($oct2_start..$oct2_end) {
     foreach my $oct3 ($oct3_start..$oct3_end) {
       foreach my $oct4 ($oct4_start..$oct4_end) {
   my $answer = $res->query("${oct1}.${oct2}.${oct3}.${oct4}") ;
 if (defined $answer) {
my @ptr = $answer->answer;
foreach my $record_ptr (@ptr) {
#print " NEw " . $record_ptr->print ;
 my $str = substr($record_ptr->string,rindex($record_ptr->string,'R')+1) ;
 print "$oct1.$oct2.$oct3.$oct4  "  . $str . "\n";
}

}
} } }}

  print "Run completed at: " . scalar gmtime . "\n" ;

Example run: #perl script.pl 194-194.90-90.33-33.0-255

Posted in Awk weekly.

Tagged with .