#!/bin/bash -f
source /opt/CPshrd-R80.40/tmp/.CPprofile.sh
#Script Directory
EXECDIR="/home/admin/VPNSecondaryLink"
#User that will Execute the Scripts and Cron Job
EXECUSER="admin"

echo "First time setup"
echo "Creating all files and Gaia configuration"

echo "Creating Directories"
mkdir $EXECDIR
mkdir $EXECDIR/log
mkdir $EXECDIR/tmp

echo "Creating Files"
touch $EXECDIR/CronJob_VPNSecondaryLinkCleanUp.sh
touch $EXECDIR/VPNSecondaryLinkCleanUp.sh
touch $EXECDIR/VPNSecondaryLink_alert.sh
touch $EXECDIR/log/CronJob_VPNSecondaryLinkCleanUp.sh.log
touch /var/log/VPNSecondaryLink_alert.log

echo "Creating Symbolic Links"
ln -s /var/log/VPNSecondaryLink_alert.log $EXECDIR/log/VPNSecondaryLink_alert.log
ln -s $EXECDIR/VPNSecondaryLink_alert.sh $FWDIR/bin/VPNSecondaryLink_alert

echo "Copying Scripts to $EXECDIR"
cp ./CronJob_VPNSecondaryLinkCleanUp.sh $EXECDIR/CronJob_VPNSecondaryLinkCleanUp.sh
cp ./VPNSecondaryLink_alert.sh $EXECDIR/VPNSecondaryLink_alert.sh

echo "Changing Owner and Group"
chown $EXECUSER:bin $EXECDIR/CronJob_VPNSecondaryLinkCleanUp.sh
chown $EXECUSER:bin $EXECDIR/VPNSecondaryLink_alert.sh
chown $EXECUSER:bin $FWDIR/bin/VPNSecondaryLink_alert.sh

echo " Changing Permission"
chmod 760 $EXECDIR/CronJob_VPNSecondaryLinkCleanUp.sh
chmod 760 $EXECDIR/VPNSecondaryLink_alert.sh
chmod 760 $FWDIR/bin/VPNSecondaryLink_alert.sh

echo "Lock Database Override"
clish -c "lock database override"
echo "Adding Daily Based Recurrence for CronJob_VPNSecondaryLinkCleanUp at Cron Job to 2:00am"
clish -c 'add cron job VPNSecondaryLinkCleanUp command "/home/admin/VPNSecondaryLink/CronJob_VPNSecondaryLinkCleanUp.sh >> /home/admin/VPNSecondaryLink/log/CronJob_VPNSecondaryLinkCleanUp.sh.log 2>&1" recurrence daily time 2:00'
echo "Saving clish configuration"
clish -c "save config"

#!/bin/bash -f
source /opt/CPshrd-R80.40/tmp/.CPprofile.sh
#Script Directory
DIR="/home/admin/VPNSecondaryLink"
#User that will Execute the Scripts and Cron Job
EXECUSER="admin"

#Jump to Script Directory
cd $FWDIR/bin

#Global Variable
gateway_ip="10.0.50.100"
secondary_gw="200.200.0.102"
raw_pbr_error=0
error_msg1="Error: Object Name pattern founded on multiple Host Objects"
error_msg2="Error: Static Route alreded configure"
error_msg3="Error: Rule Name do not match"
error_msg4="Error: Object not found on management Database"
error_msg5="Error: Route Already Inserted on CleanUp Script"

echo "#### Executing VPNSecondaryLink_alert at $(date -u) ####"
[ $raw_pbr_error -gt 0 ] || {

echo "Reading input from rule"
read input
#echo "Troubleshooting enabled"
#echo $input > $DIR/tmp/VPNSecondaryLink_alert_tr.log
echo "Parsing Source Object Name"
echo "Checking if Source is using Object Name"
raw_src_name=$(echo $input | sed -n 's/.* src: \(.*\); dst: .*/\1/p')
#echo "variavel raw_src_name=$raw_src_name"
echo "Checking if Source is using IP"
raw_src_ip=$(echo "$input" | grep -o -P '.{0,5}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' | grep src | sed -n 's/^src: \(.*\)/\1/p' )
#echo "variavel raw_src_ip=$raw_src_ip"
firstocteto=$(echo "$raw_src_ip" | sed -n 's/\(^[[:digit:]]*\)\..*\..*\..*/\1/p')
#echo "variavel firstocteto=$firstocteto"
if [ -z $firstocteto ] || [ $firstocteto -gt 223 ]; then
echo "Cannot match with IP parsing... Trying to find IP on Management Object Database"
raw_src_ip=$(mgmt_cli -r true show objects limit 2 offset 0 order.1.ASC "name" in.1 "name" in.2 "$raw_src_name" order.2.DESC "objId" type "host" --format json | jq '.objects[]."ipv4-address"')
if [ -z $raw_src_ip ] ; then
echo $error_msg4;
raw_pbr_error=1;
exit 1;
elif [ $(echo "$raw_src_ip" | wc -l) -gt 1 ] ; then
echo $error_msg1;
raw_pbr_error=1;
exit 1;
else
echo "IP Founded"
raw_src_ip=$(echo "$raw_src_ip"| tr -d \");
echo "Source IP: $raw_src_ip"
fi
else
echo "IP has no object in Database, using IP from Log"
echo "Source IP: $raw_src_ip"
fi
echo "Parsing Destination Object Name"
raw_dst_ip=$eth1
echo "Destination IP: $raw_dst_ip"
echo "Check if Route already exist"
if [ $(/usr/local/bin/g_cli 10.0.50.100 show configuration static-route | grep "$raw_src_ip" | wc -l) -gt 0 ] ; then
echo $error_msg2;
raw_pbr_error=1;
exit 0;
else
touch $DIR/VPNSecondaryLinkCleanUp.sh
chmod +x $DIR/VPNSecondaryLinkCleanUp.sh
echo "Creating Routing for $raw_src_ip/32"
/usr/local/bin/g_cli $gateway_ip "set static-route $raw_src_ip/32 nexthop gateway address $secondary_gw on"
echo "Checking file VPNSecondaryLinkCleanUp.sh"
if [ $(cat /tmp/VPNSecondaryLinkCleanUp.sh | grep $raw_src_ip | wc -l ) -gt 0 ] ; then
echo $error_msg5;
raw_pbr_error=1;
exit 1;
else
echo "Adding new route to VPNSecondaryLinkCleanUp.sh"
echo "/usr/local/bin/g_cli $gateway_ip set static-route $raw_src_ip/32 off" >> $DIR/VPNSecondaryLinkCleanUp.sh
fi
fi
echo "#### End of Execution of VPNSecondaryLink_alert at $(date -u) ####"
echo -e '\n\n'
exit 1;
}

#!/bin/bash -f
source /opt/CPshrd-R80.40/tmp/.CPprofile.sh
#Script Directory
DIR="/home/admin/VPNSecondaryLink"
#User that will Execute the Scripts and Cron Job
EXECUSER="admin"

#Jump to Script Directory
cd $DIR
touch $DIR/VPNSecondaryLinkCleanUp.sh
if [ $(cat $DIR/VPNSecondaryLinkCleanUp.sh | wc -l ) -gt 0 ] ; then
echo "Coping old VPNSecondaryLinkCleanUp to TMP Diretory for historical purpose"
cp $DIR/VPNSecondaryLinkCleanUp.sh $DIR/tmp/VPNSecondaryLinkCleanUp-$(date +%s).txt
echo "Executing VPNSecondaryLinkCleanUp.sh to CleanUp Routes"
$DIR/VPNSecondaryLinkCleanUp.sh
echo "Erasing Old VPNSecondaryLinkCleanUp.sh"
> $DIR/VPNSecondaryLinkCleanUp.sh
else
echo "Current VPNSecondaryLinkCleanUp.sh is already empty. No routes to be cleaned"
fi