Use form-data
This commit is contained in:
parent
711407f626
commit
748c16ecb1
17
getKey.sh
17
getKey.sh
|
@ -1,17 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# This script is used to get the API key from a palo alto firewall
|
|
||||||
|
|
||||||
FW_MGMT_IP=$1
|
|
||||||
USERNAME=$2
|
|
||||||
PASSWD=$3
|
|
||||||
|
|
||||||
# Check parameters
|
|
||||||
if [ $# -ne 3 ]; then
|
|
||||||
echo "Usage: $0 <firewall_ip> <username> <password>"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
URL="https://$FW_MGMT_IP/api/?type=keygen&user=$USERNAME&password=$PASSWD"
|
|
||||||
|
|
||||||
# Get the key from firewall
|
|
||||||
curl -k -s -X POST "$URL" | grep -oP '(?<=<key>)[^<]+'
|
|
16
get_key.sh
Executable file
16
get_key.sh
Executable file
|
@ -0,0 +1,16 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Configuration
|
||||||
|
FW_MGMT_IP=$1
|
||||||
|
USER=$2
|
||||||
|
PASSWD=$3
|
||||||
|
|
||||||
|
[ $# -eq 0 ] && {
|
||||||
|
echo "ERRO - Uso: $0 Exemplo: 192.168.1.1 admin password"
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
wget --output-document=/tmp/getkey.txt "https://$FW_MGMT_IP/api/?type=keygen&user=$USER&password=$PASSWD" --no-check-certificate
|
||||||
|
|
||||||
|
KEY=$(cat /tmp/getkey.txt | awk '{print $4}' | grep -o '<key>.*</key>' | sed 's/\(<key>\|<\/key>\)//g')
|
||||||
|
|
||||||
|
echo "Valor da variavel KEY do PaloAlto >>> $KEY"
|
21
smb-pan.sh
Normal file → Executable file
21
smb-pan.sh
Normal file → Executable file
|
@ -20,6 +20,15 @@ LOGGED_USERS=$(sudo smbstatus -b | tail -n +5)
|
||||||
# Count logged in users
|
# Count logged in users
|
||||||
LOGGED_USERS_COUNT=$(echo "$LOGGED_USERS" | wc -l)
|
LOGGED_USERS_COUNT=$(echo "$LOGGED_USERS" | wc -l)
|
||||||
|
|
||||||
|
# If no users are logged in, exit
|
||||||
|
if [ $LOGGED_USERS_COUNT -eq 0 ]; then
|
||||||
|
echo "No users logged in, exiting"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Build XML command
|
||||||
|
ENTRIES=""
|
||||||
|
|
||||||
while read -r line; do
|
while read -r line; do
|
||||||
USER=$(echo $line | awk '{print $2}')
|
USER=$(echo $line | awk '{print $2}')
|
||||||
IP=$(echo $line | awk '{print $5}')
|
IP=$(echo $line | awk '{print $5}')
|
||||||
|
@ -40,21 +49,15 @@ while read -r line; do
|
||||||
ENTRIES="$ENTRIES<entry%20name=\"$USER\"%20ip=\"$IP\"%20timeout=\"$TIMEOUT_IN_MINUTES\"></entry>"
|
ENTRIES="$ENTRIES<entry%20name=\"$USER\"%20ip=\"$IP\"%20timeout=\"$TIMEOUT_IN_MINUTES\"></entry>"
|
||||||
done <<<"$LOGGED_USERS"
|
done <<<"$LOGGED_USERS"
|
||||||
|
|
||||||
# Check if ENTRIES is empty
|
|
||||||
if [ -z "$ENTRIES" ]; then
|
|
||||||
echo "No users logged in, skipping"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
COMMAND="<uid-message><version>1.0</version><type>update</type><payload><login>$ENTRIES</login></payload></uid-message>"
|
COMMAND="<uid-message><version>1.0</version><type>update</type><payload><login>$ENTRIES</login></payload></uid-message>"
|
||||||
|
|
||||||
URL="https://$FW_MGMT_IP/api/?type=user-id&key=$FW_KEY&cmd=$COMMAND"
|
URL="https://$FW_MGMT_IP/api/?type=user-id&key=$FW_KEY"
|
||||||
|
|
||||||
echo ---
|
echo ---
|
||||||
|
|
||||||
$CURL -k -H "Content-Type: application/xml" -X POST "$URL"
|
$CURL -k -H "Content-Type: application/x-www-form-urlencoded" -d "cmd=$COMMAND" -X POST "$URL"
|
||||||
|
|
||||||
# Get current datetime
|
# Get current datetime
|
||||||
NOW=$(date +"%Y-%m-%d %H:%M:%S")
|
NOW=$(date +"%Y-%m-%d %H:%M:%S")
|
||||||
|
|
||||||
echo $NOW " - $LOGGED_USERS_COUNT users mapped to firewall" >/var/log/smb-pan.log
|
echo $NOW " - $LOGGED_USERS_COUNT users mapped to firewall" >>/var/log/smb-pan.log
|
||||||
|
|
Loading…
Reference in New Issue
Block a user