mirror of
https://bitbucket.org/mangelo/snippets.git
synced 2024-11-22 02:41:00 +02:00
ASA 9.6v / 8.0(2)
This commit is contained in:
commit
66581024f8
89
qemu-asa-patch.sh
Normal file
89
qemu-asa-patch.sh
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
##
|
||||||
|
## Author: Jeremy Grossmann (2009)
|
||||||
|
## Contributor: J. Pedro Flor (28 january 2010)
|
||||||
|
##
|
||||||
|
|
||||||
|
FIRST_START=no
|
||||||
|
if test ! -e /mnt/disk0/lina_monitor
|
||||||
|
then
|
||||||
|
cd /asa/scripts/
|
||||||
|
echo "d" > /asa/scripts/fdisk.pf.in
|
||||||
|
echo "o" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "n" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "p" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "1" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "1" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "t" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "4" >> /asa/scripts/fdisk.pf.in
|
||||||
|
echo "w" >>/asa/scripts/fdisk.pf.in
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo -n "Initializing partition..."
|
||||||
|
/sbin/fdisk /dev/hda < /asa/scripts/fdisk.pf.in > /dev/null 2> /dev/null
|
||||||
|
echo "done"
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo -n "Formating and mounting partition..."
|
||||||
|
mkdosfs -F 16 /dev/hda1 > /dev/null 2> /dev/null
|
||||||
|
mount -o umask=0000,noatime,check=s,shortname=mixed /dev/hda1 /mnt/disk0 > /dev/null 2> /dev/null
|
||||||
|
echo "done"
|
||||||
|
echo ""
|
||||||
|
|
||||||
|
cp /asa/bin/lina /mnt/disk0/lina
|
||||||
|
cp /asa/bin/lina_monitor /mnt/disk0/lina_monitor
|
||||||
|
FIRST_START=yes
|
||||||
|
fi
|
||||||
|
|
||||||
|
# load drivers
|
||||||
|
modprobe e100
|
||||||
|
modprobe e1000
|
||||||
|
ifconfig eth0 up
|
||||||
|
ifconfig eth1 up
|
||||||
|
ifconfig eth2 up
|
||||||
|
ifconfig eth3 up
|
||||||
|
ifconfig eth4 up
|
||||||
|
ifconfig eth5 up
|
||||||
|
|
||||||
|
if test $FIRST_START = yes
|
||||||
|
then
|
||||||
|
echo ""
|
||||||
|
echo " Cisco ASA with <NO> Multiple Security Contexts"
|
||||||
|
echo " =============================================="
|
||||||
|
echo ""
|
||||||
|
echo "This is your first boot, please wait about 2 minutes for 'disk0' creation"
|
||||||
|
echo "and then execute the following commands inside the Linux prompt:"
|
||||||
|
echo ""
|
||||||
|
echo " # cd /mnt/disk0"
|
||||||
|
echo " # /mnt/disk0/lina_monitor"
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo "Please note to use the following command under ASA to save your configs:"
|
||||||
|
echo ""
|
||||||
|
echo " ciscoasa(config)# boot config disk0:/.private/startup-config"
|
||||||
|
echo " ciscoasa(config)# copy running-config disk0:/.private/startup-config"
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo "To get webvpn working, execute the following commands:"
|
||||||
|
echo ""
|
||||||
|
echo " ciscoasa# mkdir disk0:/var"
|
||||||
|
echo " ciscoasa# mkdir disk0:/var/log"
|
||||||
|
echo " ciscoasa# mkdir disk0:/csco_config"
|
||||||
|
echo " ciscoasa# mkdir disk0:/csco_config/97"
|
||||||
|
echo " ciscoasa# mkdir disk0:/csco_config/97/webcontent"
|
||||||
|
echo ""
|
||||||
|
echo " ( Powered by Pedro Flor )"
|
||||||
|
echo " ( pedro.flor@gmail.com )"
|
||||||
|
echo ""
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo ""
|
||||||
|
echo "Starting Cisco ASA with <NO> Multiple Security Contexts..."
|
||||||
|
echo ""
|
||||||
|
|
||||||
|
cd /mnt/disk0
|
||||||
|
/mnt/disk0/lina_monitor
|
88
qemu-asa-shell.sh
Normal file
88
qemu-asa-shell.sh
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
#======================================================================
|
||||||
|
# -- ASA9v --
|
||||||
|
#======================================================================
|
||||||
|
|
||||||
|
#
|
||||||
|
# Serial console:
|
||||||
|
# Start with -curses
|
||||||
|
# copy disk0:/coredumpinfo/coredump.cfg disk0:/use_ttyS0
|
||||||
|
# Start with -display none
|
||||||
|
#
|
||||||
|
|
||||||
|
qemu-system-x86_64 \
|
||||||
|
-daemonize \
|
||||||
|
-L /usr/share/qemu \
|
||||||
|
-m 1024M \
|
||||||
|
-smp cpus=1 \
|
||||||
|
-enable-kvm \
|
||||||
|
-boot order=c \
|
||||||
|
-drive file=asav961.qcow2,if=ide,index=0,media=disk \
|
||||||
|
-monitor none -display none -vga none \
|
||||||
|
-serial telnet::2000,server,nowait \
|
||||||
|
-net none \
|
||||||
|
-net nic,vlan=1,macaddr=00:00:ab:e3:eb:01,model=e1000 -net socket,vlan=1,udp=127.0.0.1:9000,localaddr=:9001 \
|
||||||
|
-net nic,vlan=2,macaddr=00:00:ab:e3:eb:02,model=e1000 -net socket,vlan=2,udp=127.0.0.1:9002,localaddr=:9003 \
|
||||||
|
-net nic,vlan=3,macaddr=00:00:ab:e3:eb:03,model=e1000 -net socket,vlan=3,udp=127.0.0.1:9004,localaddr=:9005 \
|
||||||
|
-net nic,vlan=4,macaddr=00:00:ab:e3:eb:04,model=e1000 -net socket,vlan=4,udp=127.0.0.1:9006,localaddr=:9007
|
||||||
|
|
||||||
|
|
||||||
|
#======================================================================
|
||||||
|
# -- ASA 8.0(2) --
|
||||||
|
#======================================================================
|
||||||
|
|
||||||
|
#
|
||||||
|
# Create flash:
|
||||||
|
# qemu-img create -f qcow2 asa802-flash.qcow2 128M
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# Save config:
|
||||||
|
# copy running-config flash:/.private/startup-config
|
||||||
|
#
|
||||||
|
|
||||||
|
ASAPID=/dev/shm/.asa802.pid
|
||||||
|
|
||||||
|
qemu-system-x86_64 \
|
||||||
|
-daemonize \
|
||||||
|
-L /usr/share/qemu \
|
||||||
|
-m 1024M \
|
||||||
|
-smp cpus=1 \
|
||||||
|
-enable-kvm \
|
||||||
|
-boot order=c \
|
||||||
|
-hdachs 980,16,32 \
|
||||||
|
-hda asa802-flash.qcow2 \
|
||||||
|
-initrd asa802-k8.initrd \
|
||||||
|
-kernel asa802-k8.kernel \
|
||||||
|
-append "ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 ide1=noprobe no-hlt -net nic" \
|
||||||
|
-monitor none -display none -vga none \
|
||||||
|
-pidfile "${ASAPID}" \
|
||||||
|
-serial telnet::2000,server,nowait \
|
||||||
|
-net none \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:00,netdev=A00 -netdev socket,id=A00,udp=127.0.0.1:9000,localaddr=:9001 \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:01,netdev=A01 -netdev socket,id=A01,udp=127.0.0.1:9002,localaddr=:9003 \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:02,netdev=A02 -netdev socket,id=A02,udp=127.0.0.1:9004,localaddr=:9005 \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:03,netdev=A03 -netdev socket,id=A03,udp=127.0.0.1:9006,localaddr=:9007 \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:04,netdev=A04 -netdev socket,id=A04,udp=127.0.0.1:9008,localaddr=:9009 \
|
||||||
|
-device e1000,mac=00:00:00:e3:eb:05,netdev=A05 -netdev socket,id=A05,udp=127.0.0.1:9010,localaddr=:9011
|
||||||
|
|
||||||
|
sleep 1
|
||||||
|
cpulimit --lazy --pid=`cat "${ASAPID}"` --limit=75 --background --quiet
|
||||||
|
|
||||||
|
#
|
||||||
|
# Extract kernel
|
||||||
|
# https://ji8an.wordpress.com/2010/08/27/how-to-emulate-cisco-asa/
|
||||||
|
#
|
||||||
|
|
||||||
|
hexdump -C asa802-k8.bin > asa802-k8.hex
|
||||||
|
grep "1f 8b 08 00 1d" asa802-k8.hex #---> 001228b0 1f 8b 08 00 1d 3d ...
|
||||||
|
ls -la asa802-k8.bin #---> 14524416
|
||||||
|
echo "14524416 ; ibase=16 ; last - 1228B0" | bc | tail -n 1 #---> 13334352
|
||||||
|
tail -c 13334352 asa802-k8.bin > asa802-k8.gz
|
||||||
|
gzip -d asa802-k8
|
||||||
|
mkdir tmp ; cd tmp
|
||||||
|
cpio -i --no-absolute-filenames --make-directories < ../asa802-k8 #---> as root.
|
||||||
|
cp vmlinuz ../asa802-k8.kernel
|
||||||
|
create /asa/scripts/first_start.sh
|
||||||
|
chmod 755 asa/scripts/first_start.sh
|
||||||
|
edit etc/init.d/rcS --> change /asa/bin/lina_monitor to /asa/scripts/first_start.sh
|
||||||
|
find . | cpio -o -H newc | gzip -9 > ../asa802-k8.initrd.gz #---> as root
|
Loading…
Reference in New Issue
Block a user