Mailing List Archive: mod_backhand: Wackamole

wackamole and arp

Index | Next | Previous | View Threaded

jwest at kwcorp

Apr 16, 2004, 11:05 AM

Post #1 of 5 (3011 views)
Permalink

wackamole and arp

Theo, looks like a no-go on the SNMP approach. According to cisco, there is
no SNMP setting that will cause the PIX to clear it's arp cache. They said
there's only 3 ways the arp cache will clear on a PIX:

1) Reboot the PIX
2) Let arp entries expire as per the arp timeout setting (and if set to less
than 60 seconds, the pix will loose packets)
3) Manually type a "clear arp" command on the PIX

Greaaaat. So I am left with cobbling together an expect script that will let
each machine in the cluster log into the pix and do a clear arp command.
Yucky Yucky solution, but I can't think of anything else. I hate having
cleartext password to my pix inside a script. Anyone have any other
thoughts?

Jay West

---
[This E-mail scanned for viruses by Declude Virus]

jwest at kwcorp

Apr 16, 2004, 11:39 AM

Post #2 of 5 (2847 views)
Permalink

Re: wackamole and arp [In reply to]

Can anyone elucidate:

PerlUseLib .
PerlUse example

What exactly do these do in the wackamole config file and what can be used
as arguments? (not a perl programmer here)

Jay

---
[This E-mail scanned for viruses by Declude Virus]

jesus at omniti

Apr 16, 2004, 11:54 AM

Post #3 of 5 (2842 views)
Permalink

Re: wackamole and arp [In reply to]

Jay West wrote:

>Can anyone elucidate:
>
>PerlUseLib .
>PerlUse example
>
>What exactly do these do in the wackamole config file and what can be used
>as arguments? (not a perl programmer here)
>
>
PerlUseLib is lile:
use lib '/path/to/perl/modules';

PerlUse is like:
use MyModule;

So, if you write a routine in perl called "doit" and place it in a
package in a file called MyModule.pm:

package MyModule;
sub doit {
printf STDERR "Called doir\n";
}
1;

And place that MyModule.pm file in: /opt/wackamole/perl, then you could do:

PerlUseLib /opt/wackamole/perl
PerlUse MyModule
RunDynamic MyModule::doit on up

--
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth

jesus at omniti

Apr 16, 2004, 11:57 AM

Post #4 of 5 (2862 views)
Permalink

Re: wackamole and arp [In reply to]

Theo Schlossnagle wrote:

>
> PerlUseLib /opt/wackamole/perl
> PerlUse MyModule
> RunDynamic MyModule::doit on up
>
This tells wackamole to run the perl function doit from the module
MyModule in the event that a virtual interfa ce is brought up on the box.

--
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth

ben at algroup

Apr 19, 2004, 3:43 AM

Post #5 of 5 (2854 views)
Permalink

wackamole and arp [In reply to]

Jay West wrote:

> Theo, looks like a no-go on the SNMP approach. According to cisco, there is
> no SNMP setting that will cause the PIX to clear it's arp cache. They said
> there's only 3 ways the arp cache will clear on a PIX:
>
> 1) Reboot the PIX
> 2) Let arp entries expire as per the arp timeout setting (and if set to less
> than 60 seconds, the pix will loose packets)
> 3) Manually type a "clear arp" command on the PIX
>
> Greaaaat. So I am left with cobbling together an expect script that will let
> each machine in the cluster log into the pix and do a clear arp command.
> Yucky Yucky solution, but I can't think of anything else. I hate having
> cleartext password to my pix inside a script. Anyone have any other
> thoughts?

Sell the PIX and use something good instead?

--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads