Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

External monitor Realsec Cryptosec HSM

Hi all,

I am trying to monitor a HSM appliance using the external monitor template provided on this link:

link text

I modified this part in the template so it should send CCCCNC and the response 00000000, I really am not sure if this is the correct line. I uploaded the script and attached it to the pool and it is available and actively sending monitor request towards the pool members, however looking at the payload in wireshark there is no data being send. I verify it in wireshark (Follow TCP stream).

        # Send the request request and check the response
echo -n 'CCCCNC' | nc $IP $PORT | grep "00000000" 2>&1 > /dev/null

Someone over here with some bash scripting experience?

Thanks in advance.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

Please check your script and strictly follow the template notes. Remember to edit the IP and Port of your host.

Here's a simple test with your command via CLI, from a BIG-IP to a host and it worked:

Terminal 1

echo -n 'Pedro' | nc w.x.y.z 80 | grep "00000000" 2>&1 > /dev/null

Terminal 2

[root@bigip:Active:In Sync] config # tcpdump -ni 0.0 -Xs0 host w.x.y.z and port 80
    00:15:46.389185 IP a.b.c.d.32239 > w.x.y.z.http: Flags [S], seq 4156473052, win 29200, options [mss 1460,sackOK,TS val 2793760084 ecr 0,nop,wscale 7], length 0 out slot1/tmm2 lis=
    ...Output Omitted...    .
    00:15:46.392185 IP a.b.c.d.32239 > w.x.y.z.http: Flags [P.], seq 1:6, ack 1, win 229, options [nop,nop,TS val 2793760087 ecr 0], length 5 out slot1/tmm2 lis=
            0x0000:  0161 0800 4500 0039 3fc9 4000 4006 1d20  .a..E..9?.@.@...
            0x0010:  c0a8 2a02 ac13 4718 7def 0050 f7be bedd  ..*...G.}..P....
            0x0020:  c254 62d9 8018 00e5 de01 0000 0101 080a  .Tb.............
            0x0030:  a685 6557 0000 0000 5065 6472 6f01 0501  ..eW....Pedro...
    00:15:46.392194 IP a.b.c.d.32239 > w.x.y.z.http: Flags [F.], seq 6, ack 1, win 229, options [nop,nop,TS val 2793760087 ecr 0], length 0 out slot1/tmm2 lis=
    ...Output Omitted...

I hope it helps.

1
Comments on this Answer
Comment made 02-Aug-2017 by Marvin 430

Hi Pedro, Yes I also managed to send the string but somehow the HSM device is not responding. I guess it needs some modification within the HSM to respond to my request.

Do you know what this string is used for 2>&1 > /dev/null?

0
Comment made 03-Aug-2017 by Pedro Haoa

The string 2>&1 redirects Channel 2 (Standard Error/stderr) to wherever Channel 1 (Standard Output/stdout) currently points to. The argument > /dev/null redirects stdout to /dev/null to discard/silent the output.

So the string is used to suppress all output and errors from the command.

0