Automatic E-mailing of Configuration Changes (10.x)

Security Gateway Articles and How to's
Locked
Roger
Posts: 6
Joined: 16 May 2008, 10:57

Automatic E-mailing of Configuration Changes (10.x)

Post by Roger » 12 Apr 2011, 09:35

This How-to applies to:
  • Clavister Security Gateway 9.x, 10.x
Objective:
  • Email configuration changes on one or more firewalls to one or more recipients.
Description:
  • If more than one user can configure firewalls, it could be very nice to receive an email with the configuration changes in order to keep track on what changes has be done and for instance to prevent malicious rules to be implemented
Files:
  • changelog.pl A perl script looping through all firewalls configured. It checks if changes has been performed, downloads the new configuration, runs diff and emails the results
  • changelog.cfg A file containing a list of recipients for each firewall and off course the firewalls with name, user name, password and IP address/DNS
  • diff.exe A command line program for determining differences between two text files.
change_log.zip
(75.89 KiB) Downloaded 258 times
Files that needs to be downloaded elsewhere:
  • plink.exe A command line program for running one single command in a SSH tunnel. (Downloadable from the same site as putty)
  • pscp.exe A command line program for downloading files using SSH encryption.(Downloadable from the same site as putty)
  • SendEmail.exe a command line tool to send emails. Freeware that is downloadable here
Additional notes:
  • You should put all files in the same directory and try running it by using "perl firewall.pl".
  • Each firewall must have the SSH fingerprint stored on the computer running the script, so manually run it at least once before doing a "scheduled task" in Windows.
  • With the scheduled task you could select to run this every day, and the recommendation is to enter the "advanced" section where you can chose to run it for instance every 15 minutes.
  • The parameters for sending the emails are within the changelog,cfg. As seen in the sample configuration the parameter syntax has been simplified for this purpose.

Locked