ihashacks

i dunno

PIX Object-group Update

Symantec changed LiveUpdate servers and since outbound FTP is blocked except for to these servers, I needed to update the object-group entry in the firewall:

awk sorcery
1
2
3
awk '/network-object/ { print "no network-object " $3 }' fwconfig.txt
host ftp.symantec.com | awk ' /address/ { print "network-object host " $4 } '
host liveupdate.symantec.com | awk ' /address/ { print "network-object host " $4 } '

awk one-liners

PIX Configuration

Can’t forget to update the comma delimited Snort variable:

DNS to Snort
1
2
host ftp.symantec.com | awk ' /address/ { print $4 } ' | tr '\n' ','
host liveupdate.symantec.com | awk ' /address/ { print $4 } ' | tr '\n' ','

Comments