#!/bin/bash -f

source /opt/CPshrd-R80.40/tmp/.CPprofile.sh

#Script Directory

EXECDIR="/home/admin/PBRPerUser"

#User that will Execute the Scripts and Cron Job

EXECUSER="admin"

echo "First time setup"

echo "Creating all files and Gaia configuration"

echo "Creating Exec Directory"

mkdir $EXECDIR

echo "Creating Files"

touch $EXECDIR/PBRPerUser.log

touch $EXECDIR/PBRPerUserLink1.sh

touch $EXECDIR/PBRPerUserLink1_IPs.txt

touch $EXECDIR/PBRPerUserLink1_Table.txt

touch $EXECDIR/PBRPerUserLink1_Table_To_Compare.txt

touch $EXECDIR/PBRPerUserLink1_ToRemove.txt

touch $EXECDIR/PBRPerUserLink1_Users.txt

touch $EXECDIR/PBRPerUserLink1_Watch.sh

touch $EXECDIR/sid_c.txt

echo "Copying Scripts to $EXECDIR"

cp ./PBRPerUserLink1.sh $EXECDIR/PBRPerUserLink1.sh

cp ./PBRPerUserLink1_Watch.sh $EXECDIR/PBRPerUserLink1_Watch.sh

cp ./PBRPerUserLink1_CronJob.sh $EXECDIR/PBRPerUserLink1_CronJob.sh

echo "Change Permission"

chmod 760 $EXECDIR/PBRPerUserLink1.sh

chmod 760 $EXECDIR/PBRPerUserLink1_Watch.sh

chmod 760 $EXECDIR/PBRPerUserLink1_CronJob.sh

echo "Adding System-Startup Recurrence for PBRPerUserLink1_Watch.sh at Cron Job"

clish -c "add cron job PBRPerUserLink1_CronJob command '$EXECDIR/PBRPerUserLink1_CronJob.sh >> $EXECDIR/PBRPerUser.log 2>&1' recurrence system-startup"

if grep -q PBRPerUserLink1_Watch.sh /var/spool/cron/admin; then

    echo "Job already in Cron"

else

    echo "Creating Cron Job"

    echo "##PBRPerUser" >> /var/spool/cron/$EXECUSER

    echo "*       *       *       *       * $EXECDIR/PBRPerUserLink1_Watch.sh >> $EXECDIR/PBRPerUser.log 2>&1" >> /var/spool/cron/$EXECUSER

fi

echo "Lock Database Override"

clish -c "lock database override"

### Creating IP Reachability Detection ###

### CHANGE IP TO REFLET YOUR ON ENVIRONMENT ###

echo "Creating IP Reachability Detection"

clish -c "set ip-reachability-detection ping address 200.150.0.100 enable-ping on"

clish -c "set ip-reachability-detection ping address 200.200.0.100 enable-ping on"

### Creating Default Route HA without ISP Redundancy With ICMP Health Checking ###

### CHANGE IP TO REFLET YOUR ON ENVIRONMENT ###

echo "Creating Default Route HA without ISP Redundancy With ICMP Health Checking"

clish -c "set static-route default nexthop gateway address 200.150.0.100 priority 1 on"

clish -c "set static-route default nexthop gateway address 200.150.0.100 monitored-ip 200.150.0.100 on"

clish -c "set static-route default nexthop gateway address 200.150.0.100 monitored-ip-option fail-any"

clish -c "set static-route default nexthop gateway address 200.200.0.100 priority 2 on"

clish -c "set static-route default nexthop gateway address 200.200.0.100 monitored-ip 200.200.0.100 on"

clish -c "set static-route default nexthop gateway address 200.200.0.100 monitored-ip-option fail-any"

### Creating PBR Table ###

### CHANGE IP TO REFLET YOUR ON ENVIRONMENT ###

echo "Creating PBR Table"

clish -c "set pbr table PBRPerUserLink1 static-route default nexthop gateway address 200.200.0.100 on"

echo "Saving Config"

clish -c "save config"

#!/bin/bash -f

source /opt/CPshrd-R80.40/tmp/.CPprofile.sh

#Script Directory

EXECDIR="/home/admin/PBRPerUser"

#User that will Execute the Scripts and Cron Job

EXECUSER="admin"

APIKEY="4JjIKMtzRCLx8MEs4rcRTg=="

MGMTIP="10.0.50.10"

cd $EXECDIR

echo "#### Executing PBRPerUserScript_Watch.sh at $(date -u) ####"

echo "MGMT Login"

mgmt_cli login --management $MGMTIP api-key $APIKEY > sid_c.txt

echo "Erasing PBRPerUserLink1_Users.txt file"

> PBRPerUserLink1_Users.txt

echo "Getting information from AR_PBRPerUserLink1 Object and saving on file PBRPerUserLink1_Users.txt"

mgmt_cli --management $MGMTIP -s sid_c.txt show access-role name "AR_PBRPerUserLink1" --format json | jq '.users[].name' | awk -F'_' '{gsub(/"/, "", $2); print $2}' > PBRPerUserLink1_Users.txt

echo "MGMT Logout"

mgmt_cli --management $MGMTIP -s sid_c.txt logout

echo "Erasing PBRPerUserLink1_Table.txt file"

> PBRPerUserLink1_Table.txt

echo "Creating Matrix with User and IP Information"

sort PBRPerUserLink1_Users.txt | while read a; do NAME=$a; IP=$(pdp monitor user $a | grep "Ip: " | awk -F ' ' '{print $2}'); echo "$NAME;$IP" >> PBRPerUserLink1_Table.txt; done

echo "Comparing PBRPerUserLink1_Table.txt file with previous version"

diff -q PBRPerUserLink1_Table_To_Compare.txt PBRPerUserLink1_Table.txt 1>/dev/null

if [[ $? == "0" ]]

then

  echo "No changes on PBRPerUserLink1_Table.txt file"

else

  echo "Running script $EXECDIR/PBRPerUserLink1.sh"

  sh PBRPerUserLink1.sh     

fi

echo "#### End of Execution of PBRPerUserScript_Watch.sh at $(date -u) ####"

#!/bin/bash -f

source /opt/CPshrd-R80.40/tmp/.CPprofile.sh

#Script Directory

EXECDIR="/home/admin/PBRPerUser"

#User that will Execute the Scripts and Cron Job

EXECUSER="admin"

cd $EXECDIR

echo "#### Executing PBRPerUserScript.sh at $(date -u) ####"

echo "Lock Database Override"

clish -c "lock database override"

echo "Erasing current PBR per User"

cat PBRPerUserLink1_ToRemove.txt | while read a; do clish -c "$a"; done

echo "Erasing old PBRPerUserLink1_IPs.txt file"

> PBRPerUserLink1_IPs.txt

echo "Creating new PBRPerUserLink1_IPs.txt file"

sort PBRPerUserLink1_Users.txt | while read a; do pdp monitor user $a | grep "Ip: " | awk -F ' ' '{print $2}' >> PBRPerUserLink1_IPs.txt; done

echo "Creating PBR Match condition Based on Extracted IP Information form User"

pn=100 && cat PBRPerUserLink1_IPs.txt | while read a; do clish -c "set pbr rule priority $pn match from $a/32"; clish -c "set pbr rule priority $pn action table PBRPerUserLink1"; pn=$((pn+1)); done

echo "Erasing PBRPerUserLink1_ToRemove.txt file"

> PBRPerUserLink1_ToRemove.txt

echo "Create file to remove PBR"

pn=100 && cat PBRPerUserLink1_IPs.txt | while read a; do echo "set pbr rule priority $pn off" >> PBRPerUserLink1_ToRemove.txt; pn=$((pn+1)); done

echo "Creating copy of PBRPerUserLink1_Table.txt"

cp PBRPerUserLink1_Table.txt PBRPerUserLink1_Table_To_Compare.txt

echo "#### End of Execution of PBRPerUserScript.sh at $(date -u) ####"

#!/bin/bash -f

source /opt/CPshrd-R80.40/tmp/.CPprofile.sh

#Script Directory

EXECDIR="/home/admin/PBRPerUser"

#User that will Execute the Scripts and Cron Job

EXECUSER="admin"

cd $EXECDIR

echo "#### Executing PBRPerUserScript.sh at $(date -u) ####"

echo "Lock Database Override"

clish -c "lock database override"

echo "Erasing current PBR per User"

cat PBRPerUserLink1_ToRemove.txt | while read a; do clish -c "$a"; done

echo "Erasing old PBRPerUserLink1_IPs.txt file"

> PBRPerUserLink1_IPs.txt

echo "Creating new PBRPerUserLink1_IPs.txt file"

sort PBRPerUserLink1_Users.txt | while read a; do pdp monitor user $a | grep "Ip: " | awk -F ' ' '{print $2}' >> PBRPerUserLink1_IPs.txt; done

echo "Creating PBR Match condition Based on Extracted IP Information form User"

pn=100 && cat PBRPerUserLink1_IPs.txt | while read a; do clish -c "set pbr rule priority $pn match from $a/32"; clish -c "set pbr rule priority $pn action table PBRPerUserLink1"; pn=$((pn+1)); done

echo "Erasing PBRPerUserLink1_ToRemove.txt file"

> PBRPerUserLink1_ToRemove.txt

echo "Create file to remove PBR"

pn=100 && cat PBRPerUserLink1_IPs.txt | while read a; do echo "set pbr rule priority $pn off" >> PBRPerUserLink1_ToRemove.txt; pn=$((pn+1)); done

echo "Creating copy of PBRPerUserLink1_Table.txt"

cp PBRPerUserLink1_Table.txt PBRPerUserLink1_Table_To_Compare.txt

echo "#### End of Execution of PBRPerUserScript.sh at $(date -u) ####"