Re: Simplified script for deletion single address ...

AlexeyB · ‎2019-04-05

If we have some dyn object with range like 10.10.10.0 - 10.10.10.20. And we want to delete ip 10.10.10.10 from this range, we need to delete manual whole range 10.10.10.0-10.10.10.20 from our dynamic object and after that add two other ranges into this object. Script just simplify this routine. We just need edit two environment variables: DYN_OBJ and FIND_IP.

export DYN_OBJ="dyn_obj_name"; export FIND_IP="10.10.10.10"; dynamic_objects -l | sed -n '/'"$DYN_OBJ"'/,/^$/p' | awk -v DYN_OBJ="$DYN_OBJ" -v FIND_IP="$FIND_IP" 
'
  function ip2dec(str){
    split(str, octets, ".");
    dec=0;
    for (i = 1; i <= 4; i++) {
        dec += octets[i] * 256 ** (4 - i);
    }
    return dec;
  }
  function dec2ip(dec){
    ip = "";
    delim = "";
    for (e = 3; e >= 0; e--) {
      octet = int(dec / (256 ^ e));
      dec -= octet * 256 ^ e;
      ip = ip delim octet;
      delim = ".";
    }
    return ip;
  }
    NR>2 {
      if( ip2dec($4) <= ip2dec(FIND_IP) && ip2dec(FIND_IP) <= ip2dec($5) ) {print $4 " " $5; cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " $5 " -d"; print cmd; system(cmd);}
      if( ip2dec($4) == ip2dec(FIND_IP) && ip2dec(FIND_IP) == ip2dec($5) ) { print "already deleted"};
      if( ip2dec($4) == ip2dec(FIND_IP) && ip2dec(FIND_IP) < ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " dec2ip(ip2dec(FIND_IP)+1) " " $5 " -a"; print cmd; system(cmd);}
      if( ip2dec($4) < ip2dec(FIND_IP) && ip2dec(FIND_IP) == ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " dec2ip(ip2dec($5)-1) " -a"; print cmd; system(cmd);};
      if( ip2dec($4) < ip2dec(FIND_IP) && ip2dec(FIND_IP) < ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " dec2ip(ip2dec(FIND_IP)-1) " -a"; print cmd; system(cmd);cmd="dynamic_objects -o " DYN_OBJ" -r " dec2ip(ip2dec(FIND_IP)+1) " " $5 " -a"; print cmd; system(cmd);};
    }
'

And all of it as `on-liner` for directly usage from CLI (run it from expert-mode)

export DYN_OBJ="dyn_obj_name"; export FIND_IP="10.10.10.10"; dynamic_objects -l | sed -n '/'"$DYN_OBJ"'/,/^$/p' | awk -v DYN_OBJ="$DYN_OBJ" -v FIND_IP="$FIND_IP" ' function ip2dec(str){ split(str, octets, "."); dec=0; for (i = 1; i <= 4; i++) { dec += octets[i] * 256 ** (4 - i); } return dec; } function dec2ip(dec){ for (e = 3; e >= 0; e--) { octet = int(dec / (256 ^ e)); dec -= octet * 256 ^ e; ip = ip delim octet; delim = "."; } return ip; } NR>2 { if( ip2dec($4) <= ip2dec(FIND_IP) && ip2dec(FIND_IP) <= ip2dec($5) ) {print $4 " " $5; cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " $5 " -d"; print cmd; system(cmd);} if( ip2dec($4) == ip2dec(FIND_IP) && ip2dec(FIND_IP) == ip2dec($5) ) { print "already deleted" }; if( ip2dec($4) == ip2dec(FIND_IP) && ip2dec(FIND_IP) < ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " dec2ip(ip2dec(FIND_IP)+1) " " $5 " -a"; print cmd; system(cmd);} if( ip2dec($4) < ip2dec(FIND_IP) && ip2dec(FIND_IP) == ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " dec2ip(ip2dec($5)-1) " -a"; print cmd; system(cmd);}; if( ip2dec($4) < ip2dec(FIND_IP) && ip2dec(FIND_IP) < ip2dec($5) ) { cmd="dynamic_objects -o " DYN_OBJ" -r " $4 " " dec2ip(ip2dec(FIND_IP)-1) " -a"; print cmd; system(cmd);cmd="dynamic_objects -o " DYN_OBJ" -r " dec2ip(ip2dec(FIND_IP)+1) " " $5 " -a"; print cmd; system(cmd);}; }'

PhoneBoy · ‎2019-04-06

You may want to put the script in a text file and attach it to your post instead as it doesn't look correct as part of the post...

AlexeyB · ‎2019-04-08

Because it is not a script-file. It's a one-liner. 🙂 We have many appliances and I don't want to copy file on each. So I preferred one-liners which I just can copy in console.

PhoneBoy · ‎2019-04-09

Huh, so it is.
Was just a bit difficult to parse is all.

AlexeyB · ‎2019-04-28

I added more readable version of code into thread main message

Are you a member of CheckMates?

Simplified script for deletion single address from dynamic object's ip range