Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. mod_backhand>
  3. Wackamole
wackamole and arp
jwest at kwcorp
Apr 16, 2004, 11:05 AM
Post #1 of 5 (4811 views)
Permalink
Theo, looks like a no-go on the SNMP approach. According to cisco, there is
no SNMP setting that will cause the PIX to clear it's arp cache. They said
there's only 3 ways the arp cache will clear on a PIX:

1) Reboot the PIX
2) Let arp entries expire as per the arp timeout setting (and if set to less
than 60 seconds, the pix will loose packets)
3) Manually type a "clear arp" command on the PIX

Greaaaat. So I am left with cobbling together an expect script that will let
each machine in the cluster log into the pix and do a clear arp command.
Yucky Yucky solution, but I can't think of anything else. I hate having
cleartext password to my pix inside a script. Anyone have any other
thoughts?

Jay West

---
[This E-mail scanned for viruses by Declude Virus]
Re: wackamole and arp [ In reply to ]
jwest at kwcorp
Apr 16, 2004, 11:39 AM
Post #2 of 5 (4616 views)
Permalink
Can anyone elucidate:

PerlUseLib .
PerlUse example

What exactly do these do in the wackamole config file and what can be used
as arguments? (not a perl programmer here)

Jay

---
[This E-mail scanned for viruses by Declude Virus]
Re: wackamole and arp [ In reply to ]
jesus at omniti
Apr 16, 2004, 11:54 AM
Post #3 of 5 (4615 views)
Permalink
Jay West wrote:

>Can anyone elucidate:
>
>PerlUseLib .
>PerlUse example
>
>What exactly do these do in the wackamole config file and what can be used
>as arguments? (not a perl programmer here)
>
>
PerlUseLib is lile:
use lib '/path/to/perl/modules';

PerlUse is like:
use MyModule;

So, if you write a routine in perl called "doit" and place it in a
package in a file called MyModule.pm:

package MyModule;
sub doit {
printf STDERR "Called doir\n";
}
1;

And place that MyModule.pm file in: /opt/wackamole/perl, then you could do:

PerlUseLib /opt/wackamole/perl
PerlUse MyModule
RunDynamic MyModule::doit on up

--
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth
Re: wackamole and arp [ In reply to ]
jesus at omniti
Apr 16, 2004, 11:57 AM
Post #4 of 5 (4630 views)
Permalink
Theo Schlossnagle wrote:

>
> PerlUseLib /opt/wackamole/perl
> PerlUse MyModule
> RunDynamic MyModule::doit on up
>
This tells wackamole to run the perl function doit from the module
MyModule in the event that a virtual interfa ce is brought up on the box.

--
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth
wackamole and arp [ In reply to ]
ben at algroup
Apr 19, 2004, 3:43 AM
Post #5 of 5 (4624 views)
Permalink
Jay West wrote:

> Theo, looks like a no-go on the SNMP approach. According to cisco, there is
> no SNMP setting that will cause the PIX to clear it's arp cache. They said
> there's only 3 ways the arp cache will clear on a PIX:
>
> 1) Reboot the PIX
> 2) Let arp entries expire as per the arp timeout setting (and if set to less
> than 60 seconds, the pix will loose packets)
> 3) Manually type a "clear arp" command on the PIX
>
> Greaaaat. So I am left with cobbling together an expect script that will let
> each machine in the cluster log into the pix and do a clear arp command.
> Yucky Yucky solution, but I can't think of anything else. I hate having
> cleartext password to my pix inside a script. Anyone have any other
> thoughts?

Sell the PIX and use something good instead?

--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal