[Dshield] CAUTION email about shell scripting...

Meidinger Chris chris.meidinger at badenit.de
Wed Oct 13 17:15:35 GMT 2004


i'm a bit of a hack of a shell scripter, someone will probably have a one
liner for you, but .....


----------------------begin-------------------

#!/bin/bash

# i have no idea what you are checking for with your 
# ps command, i assume you want to make sure that 
# there is no tunnel already up, if so, then this is right.
# else you need to set a ! before -z or change accordingly

PROC=`ps aux | grep "ssh -C -p 9428 -R" | grep -v grep`

if [ -z ${PROC} ]; then

	SSH_CMD='ssh -C -p 9428 ${SNORT_IP} "/snort/startup.sh"'

	for i in 1 2 3; do
		${SSH_CMD} && exit
		sleep 20
	done

	mail -s "Snort tunnel error" foo at foo.com < /snort/cito.error
fi


-----------------------end--------------------

> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Esler, 
> Joel - Contractor
> Sent: Wednesday, October 13, 2004 15:55
> To: General DShield Discussion List
> Subject: [Dshield] CAUTION email about shell scripting...
> 
> Shell scripting..  I know this may not be the best place to 
> ask this question, however, I always get great answers from 
> this list..
> 
> ----------------------begin-------------------
> 
> #!/bin/bash
> 
> ps aux | grep "ssh -C -p 9428 -R" | grep -v grep
> 
> if [ $? -ne 0 ]; then
>         ssh -C -p 9428 -R 1521:localhost:1521 -R 
> 3306:localhost:3306 <ip> /snort/startup.sh else
>         sleep 20; ssh -C -p 9428 -R 1521:localhost:1521 -R
> 3306:localhost:3306 <ip> /snort/startup.sh
>         mail -s "Snort tunnel error" foo at foo.com < 
> /snort/cito.error fi
> 
> ----------------------end-----------------------
> 
> 
> I want the script to connect to the box and run the 
> startup.sh script, if it faults (can't establish the 
> connection, something wrong with the script on the the box 
> etc...) I want it to wait a bit (20 seconds) then try again, 
> and if it STILL fails...  Then email..  I'd like for it to do 
> it three times (am I doing this correctly?)
> 
> Joel
> _______________________________________________
> DShield and the Internet Storm Center are sponsored by the 
> SANS Institute.
> To learn more about current SANS training, see http://www.sans.org .
> 
> _______________________________________________
> send all posts to list at lists.dshield.org To change your 
> subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 



More information about the list mailing list