Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

batch script required to check for firewall issues

Posted on 2014-11-22
13
Medium Priority
?
314 Views
Last Modified: 2014-12-10
Folks

How can I build a script/batch that logs onto multiple servers and run's a telnet test for 5 different IP's?

I would like to test for firewall issues

i.e.

log onto server 1
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

log onto server 2
TELNET 149.129.111.83
TELNET 149.129.111.84
TELNET 149.129.111.85
TELNET 149.129.111.86
TELNET 149.129.111.87

i would like to see the results in a log file if either successful or fail

all
0
Comment
Question by:rutgermons
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 3
13 Comments
 
LVL 12

Expert Comment

by:andreas
ID: 40459896
#!/bin/bash


ssh user@server1 netcat -z 149.129.111.83 && echo S1 .83 telnet port OK || echo S1 .83 telnet port ERROR > out.log
ssh user@server1 netcat -z 149.129.111.84 && echo S1 .84 telnet port OK || echo S1 .84 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.85 && echo S1 .85 telnet port OK || echo S1 .85 telnet port ERROR >> out.log
ssh user@server1 netcat -z 149.129.111.86 && echo S1 .86 telnet port OK || echo S1 .86 telnet port ERROR >> out.log

ssh user@server2 netcat -z 149.129.111.83 &&  echo S2 .83 telnet port OK || echo S2 .83 telnet port ERROR >> out.log
...

Open in new window


Assumptions:

1. ssh needts to be running on server 1 and 2 and accept password less logins via kerberos or keys.
2. the tool netcat needs to be installes on both servers
0
 

Author Comment

by:rutgermons
ID: 40459902
thanks Andreas, will this work on windows servers?

is netcat included in the OS aready?
0
 
LVL 12

Expert Comment

by:andreas
ID: 40459909
nope will not run on windows. when I hear server i assume a unixoid OS, you might get it to run with installation of cygwin on all machines, but be aware that you also need to install an ssh service which also can be a security problem if it is not cared properly with. And the cygwin things wont be automatically patched over windows update.

How to realize this on windows Ive no idea.

BTW i hope the mentioned IPs are not accessible via TELNET over the internet. Its a very bad idea.

I overlooked the category the post was filed in, as its only shown very small in the EE pages...
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 71

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 40460161
Netcat has several Windows ports, e.g. at https://eternallybored.org/misc/netcat/, so it can be used and that is my recommendation anyway.
For starting it on remote PCs PsExec from www.sysinternals.com is a good tool. The corresponding batch file looks very similar to the suggested bash script.

Best to have the server names or IPs in a text file servers.txt. Also we will use a batch file performing the test, called testtelnet.cmd. All files should be on a network share \\server\share.
@echo off
REM testtelnet.cmd - test telnet connection to 5 fixed IP addresses
pushd %~dp0
(for /L %%i in (83,1,87) do netcat -z 149.129.111.%%i >nul && echo %computername%: %%i ok || echo %computername%: %%i failed) >> result.log
popd
exit /b

Open in new window

@echo off
REM Run tests
pushd \\server\share
psexec @servers.txt -u MyUser -p MyPassword cmd /c \\server\share\testtelnet.cmd
popd

Open in new window

Note that you need to provide credentials here, otherwise psexec will not be able to access network shares.
0
 

Author Comment

by:rutgermons
ID: 40460386
qlermo

thanks for this, i realize I missed the ports, how do I add this to this script?

cheers
0
 
LVL 12

Expert Comment

by:andreas
ID: 40460390
just add port number 23 after the IP in the netcat woild look like that:

... do netcat -z 149.129.111.%%i 23 >nul ....

rest of script remains the same. same applies to the bash script i also forgot the port numbers there.
0
 

Author Comment

by:rutgermons
ID: 40486565
andreas

I am getting an error:



PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com

\\myhostname

'netcat' is not recognized as an internal or external command,
operable program or batch file.
'netcat' is not recognized as an internal or external command,
operable program or batch file.
cmd exited on myhostname with error code 0.
Press any key to continue . . .

how exactly do I correctly call up Netcat to run the telnet?
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 40486578
The script expects netcat to be on the same location as the batch file.
0
 
LVL 12

Expert Comment

by:andreas
ID: 40486588
Netcat is not a standard windows program. You need to install it first on the machines that need to use it.

You can find it here  http://www.securityfocus.com/tools/139
0
 

Author Comment

by:rutgermons
ID: 40492619
I've requested that this question be closed as follows:

Accepted answer: 0 points for rutgermons's comment #a40460386

for the following reason:

good
0
 
LVL 12

Expert Comment

by:andreas
ID: 40492620
you should distribute the points when closing the topic to the participants according to the usefulness regarding solving your problem.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 40492634
I'm objecting,  as you selected your own comment as answer. Please make sure to use the action buttons above the comment to accept.
0
 

Author Closing Comment

by:rutgermons
ID: 40492642
good
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you receive another warning that your shared drive is almost full and you have asked your users to clean out old files again and again, here is a single command that may help. This command will place all the files that have not been used rec…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question