[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Testing firewall ports with parallel
From: |
Divan Santana |
Subject: |
Re: Testing firewall ports with parallel |
Date: |
Fri, 19 Jan 2018 10:34:11 +0200 |
Hans Schou <chlor@schou.dk> writes:
> You could have all your hosts and ports in a file and pass that to parallel.
>
> File "dst_hosts" containing:
> cloud-ec.amp.cisco.com 443
> cloud-ec.amp.cisco.com 32137
> console.ampo.cisco.com 443
>
> And then run:
> parallel -P 0 nc -w 2 -vz < dst_hosts
>
> Or with 'cat':
> cat dst_hosts | parallel -P 0 nc -w 2 -vz
Much better. Simple and easy.
Think where I was going wrong and getting stuck was I was trying to not
have duplicate lines of the dst host in the file. Didn't think of the
simpler alternative you suggested.
For example what I was doing:
File "dst_hosts" containing:
cloud-ec.amp.cisco.com 443 32137
console.ampo.cisco.com 443
It was then quite difficult to get this working with parallel. Tried
various --link options but wasn't sure how to link _multiple_ arguments
(ie the ports) with the first argument (the dst host).
For now, I'll go with the above which makes things much better.
Thanks Hans.
> 2018-01-18 18:55 GMT+01:00 Divan Santana <divan@santanas.co.za>:
>
>> Hi all,
>>
>> Like a lot of GNU software parallel is awesome.
>>
>> Need help, am trying to test if servers we manage have the required
>> firewall ports open. Have tried a few things but am not winning so far.
>>
>> This works, but is quite terrible and inefficient. Sure it could be
>> simpler and better.
>>
>> How can I achieve the below equivalent in a better way?
>>
>> NOTE: I only want to test particular ports for a specific host. Hence I
>> used an associated array in bash.
>>
>> #!/usr/bin/env bash
>>
>> declare -A dst_hosts
>> dst_hosts=(
>> [cloud-ec.amp.cisco.com]='443 32137'
>> [console.amp.cisco.com]='443'
>> [mgmt.amp.cisco.com]='443'
>> [intake.amp.cisco.com]='443'
>> [policy.amp.cisco.com]='443'
>> [crash.amp.cisco.com]='443'
>> [ioc-schema.amp.cisco.com]='443'
>> [api.amp.cisco.com]='443'
>> [sourcefire-apps.s3.amazonaws.com]='443'
>> [update.immunet.com]='80 443'
>> [defs.amp.sourcefire.com]='80 443'
>> [cloud-ec-asn.amp.sourcefire.com]='443'
>> [cloud-ec-est.amp.sourcefire.com]='443'
>> [android.amp.sourcefire.com]='443'
>> [cloud-pc.amp.sourcefire.com]='443 32137'
>> [packages.amp.sourcefire.com]='443'
>> [support-sessions.amp.sourcefire.com]='443'
>> [cloud-dc.amp.sourcefire.com]='443 32137'
>> [export.amp.sourcefire.com]='443'
>> [intel.api.sourcefire.com]='443'
>> )
>>
>> for dst_host in "${!dst_hosts[@]}"; do
>> parallel -P 0 nc -w 2 -vz ${dst_host} ::: ${dst_hosts[$dst_host]} ;
>> done
>>
>> Also, ideally I could use parallel to do the above test in parallel on
>> multiple hosts.
>> --
>> Divan
>>
>>
--
Divan