Great Circle Associates Firewalls
(March 1998) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Monitoring Web Server
From: P Nathan <pacoid @ fringeware . com>
Date: Thu, 26 Feb 1998 18:44:29 -0600 (CST)
To: rdew @ el . nec . com (Bob De Witt)
Cc: firewalls @ GreatCircle . COM
In-reply-to: <199802262337 . PAA19427 @ yginsburg . el . nec . com> from "Bob De Witt" at Feb 26, 98 03:37:44 pm 
> Could you forward a copy of the Expect script?  I would like to look at
> it.  Does it run on UNIX or NT or ...?
> 
> TIA,
> Bob De Witt,

hi bob,

i'll send out two Expect scripts, along the lines of the other
script sent to the list today, but more robust.

the first script reads a file of host/port pairs then attempts
to open a TCP connection to each, paging the sysadmin (me) with
an alphanumeric msg if the given server fails to respond.

consider this a framework to use if you like; the next script
is more of what you asked, in terms of actually requesting a 
particular page.

thanx -
paco.

ps: y'all are responsible of the pager intf; i've got mine but
that *won't* be published :)

------------------------------

#!/usr/local/bin/expect -f

# fw.lym.ping
#
# ping wrapper to check the given services
# 19970709 Paco X Nathan, Smallworks Inc.
# 19971222 PXN, modified for testing TCP services

log_user 1


### error check the command line usage

if {[llength $argv] < 1} {
   puts "usage: fw.cat.ping \<hosttable\> \[\<pingvictim\>\]"
   exit 1
}

set filename [lindex $argv 0]
set pgvictim [lindex $argv 1]
set thistime [timestamp -format "%c"]
set messages ""


### load the hostname table

set input [open $filename "r"]

while {[gets $input line] != -1} {
   scan $line "%s\t%s\t%s\t%s" host port state lasttime
   set service($host) $port
   set status($host) $state
}

close $input


### try to ping each hostname, while
### rewriting the hostname table

set output [open $filename "w"]

foreach host [array names status] {
   spawn telnet $host [set service($host)]
   set timeout 300
   set response "dead"

   expect {
      "telnet: Unable to connect to remote host: Connection refused" {
         set response "dead"
      }

      "Escape character is" {
         set response "alive"
      }

      timeout {
         set response "timeout"
      }
   }

   if {[string compare $response $status($host)] != 0} {
      set messages "$messages[set host] is now $response. " 
   }

   puts $output "$host\t$service($host)\t$response\t$thistime"
}

close $output


### test whether there are any messages to send

if {[string length $messages] > 0} {
   if {[string length $pgvictim] > 0} {
      spawn /usr/local/bin/pageme $pgvictim
      send "[set messages]\r"
      send "\004"     ;# eof

      expect {
         "message sent" {
            exit 0
         }

         timeout {
            send_user "timeout on pager\n"

         }

         exit 1
      }
   } else {
      puts $messages
      exit 0
   }
}


-----data file-----------------------------

moo.fringeware.com	666	alive	Thu Feb 26 18:00:03 1998
bot.fringeware.com	80	alive	Thu Feb 26 18:00:03 1998
www.fringeware.com	80	alive	Thu Feb 26 18:00:03 1998
fringeware.com	443	alive	Thu Feb 26 18:00:03 1998
Indexed By Date Previous: Re: IDS: Re: RE: Simply a Question "?"
From: "Kevin P. O'Brien" <Kevin.P.O'Brien @ norm . island . net>
Next: [no subject]
From: jojohimself @ joblow_sec . com
Indexed By Thread Previous: Re: Monitoring Web Server
From: David Lang <dlang @ diginsite . com>
Next: Re: Monitoring Web Server
From: "Marcus J. Ranum" <mjr @ nfr . net>
Google
 
Search Internet Search www.greatcircle.com