Avatar of rutgermons
rutgermons
 asked on

batch script required to check for firewall issues

Folks

How can I build a script/batch that logs onto multiple servers and run's a telnet test for 5 different IP's?

I would like to test for firewall issues

i.e.

log onto server 1
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

log onto server 2
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

i would like to see the results in a log file if either successful or fail

all
Windows BatchMicrosoft DOSWindows Server 2003

Avatar of undefined
Last Comment
rutgermons

8/22/2022 - Mon
Member_2_406981

#!/bin/bash


ssh user@server1 netcat -z 149.129.111.83 && echo S1 .83 telnet port OK || echo S1 .83 telnet port ERROR > out.log
ssh user@server1 netcat -z 149.129.111.84 && echo S1 .84 telnet port OK || echo S1 .84 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.85 && echo S1 .85 telnet port OK || echo S1 .85 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.86 && echo S1 .86 telnet port OK || echo S1 .86 telnet port ERROR >> out.log

ssh user@server2 netcat -z 149.129.111.83 &&  echo S2 .83 telnet port OK || echo S2 .83 telnet port ERROR >> out.log
...

Open in new window


Assumptions:

1. ssh needts to be running on server 1 and 2 and accept password less logins via kerberos or keys.
2. the tool netcat needs to be installes on both servers
rutgermons

ASKER
thanks Andreas, will this work on windows servers?

is netcat included in the OS aready?
Member_2_406981

nope will not run on windows. when I hear server i assume a unixoid OS, you might get it to run with installation of cygwin on all machines, but be aware that you also need to install an ssh service which also can be a security problem if it is not cared properly with. And the cygwin things wont be automatically patched over windows update.

How to realize this on windows Ive no idea.

BTW i hope the mentioned IPs are not accessible via TELNET over the internet. Its a very bad idea.

I overlooked the category the post was filed in, as its only shown very small in the EE pages...
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
ASKER CERTIFIED SOLUTION
Qlemo

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
rutgermons

ASKER
qlermo

thanks for this, i realize I missed the ports, how do I add this to this script?

cheers
Member_2_406981

just add port number 23 after the IP in the netcat woild look like that:

... do netcat -z 149.129.111.%%i 23 >nul ....

rest of script remains the same. same applies to the bash script i also forgot the port numbers there.
rutgermons

ASKER
andreas

I am getting an error:



PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com

\\myhostname

'netcat' is not recognized as an internal or external command,
operable program or batch file.
'netcat' is not recognized as an internal or external command,
operable program or batch file.
cmd exited on myhostname with error code 0.
Press any key to continue . . .

how exactly do I correctly call up Netcat to run the telnet?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Qlemo

The script expects netcat to be on the same location as the batch file.
Member_2_406981

Netcat is not a standard windows program. You need to install it first on the machines that need to use it.

You can find it here  http://www.securityfocus.com/tools/139
rutgermons

ASKER
I've requested that this question be closed as follows:

Accepted answer: 0 points for rutgermons's comment #a40460386

for the following reason:

good
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Member_2_406981

you should distribute the points when closing the topic to the participants according to the usefulness regarding solving your problem.
Qlemo

I'm objecting,  as you selected your own comment as answer. Please make sure to use the action buttons above the comment to accept.
rutgermons

ASKER
good
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.