[isapros] Re: How to programmicly add IP address to a computer set
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 29 May 2007 06:04:04 -0700
Yeh; that was a *very* useful diagram and was one for the first things I
commented on when ISA 2004 SDK was published.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of John T (lists)
Sent: Monday, May 28, 2007 11:18 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: How to programmicly add IP address to a computer set
Yep, that is what we ended up doing on Friday. (Very frustrating for the
programmer since the MSDN site could not find the ISA object hierarchy list.)
Took about 2 ½ hours of trial and error to get all the right objects in the
right spots and so forth.
John T
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Sunday, May 27, 2007 9:23 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: How to programmicly add IP address to a computer set
Actually, because a ComputerSet can contain either a Computer, Address Range or
Subnet, you need to choose (in the script) which type of object you want to
work with. Since we're talking about a single IP, a "Computer" object is most
appropriate.
<old>
Function FixPF(Data)
Dim PF
FixPF = False
Const fpcSingleHost = 2
Const fpcSinglemask = "255.255.255.255"
Set PF =
Data.ISA.Arrays.GetContainingArray.Arraypolicy.IPPacketFilters.Item(Data.PFName)
PF.SetRemotehost fpcSingleHost, Data.ServerIP, fpcSinglemask
PF.Save
FixPF = True
End Function
</old>
<new>
Function FixCS(Data)
Dim Cs
FixCompSet = False
Set Cs = Data.ISA.GetContainingArray.RuleElements.ComputerSets.Item(
Data.CsName )
Dim Computer
On Error Resume Next
Set Computer = Cs.Item( Data.ServerName )
If 0 = Err.Number Then
Computer.IPAddress = Data.ServerIP
FixCompSet = True
Exit Function
ElseIf "80070002" = Hex( Err.Number ) Then
Set Computer = Cs.Computers.Add( Data.ServerName, Data.ServerIP )
FixCompSet = True
Exit Function
Else
WScript.Echo "Failed to access the '" & Data.CsName & _
"'Computer Set; 0x" & Hex( Err.Number ) & "; " & _
Err.Description
Err.Clear
End If
End Function
</new>
..of course, you'll have to S&R all instances of "PFName" to "CsName", and
"FixPF" to "FixCS", but it should work just fine.
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of John T (lists)
Sent: Thursday, May 24, 2007 8:37 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: How to programmicly add IP address to a computer set
So in that script, I believe that the one line that needs to be modified is:
Set PF =
Data.ISA.Arrays.GetContainingArray.Arraypolicy.IPPacketFilters.Item(Data.PFN
ame)
In ISA 2006, this will be to update a computerset say called
Test1ComputerSet. It also has to give the added item to the computerset a
name, which can be the IP address.
I can see in the registry that the object class is msFPCComputerSet and that
the name is parameter is msFPCName.
How does that translate into defining Data.PFName?
John T
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-
> bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Tuesday, May 08, 2007 1:22 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: How to programmicly add IP address to a computer
> set
>
> Greggie-poo once asked for a similar mechanism for ISA 2000 and it
> exists on isatools.org as http://www.isatools.org/tools/updatepf.vbs.
>
> The main functionality is already there - you need only adjust the
> ISA-specific logic to accommodate ISA 2006.
>
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of John T (lists)
> Sent: Tuesday, May 08, 2007 1:15 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: How to programmicly add IP address to a computer
> set
>
> And where can I find the instructions or documentation on how to do
> that?
>
> John T
>
>
> > -----Original Message-----
> > From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-
> > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> > Sent: Tuesday, May 08, 2007 1:14 PM
> > To: isapros@xxxxxxxxxxxxx
> > Subject: [isapros] Re: How to programmicly add IP address to a
> computer
> > set
> >
> > Yes.
> >
> > -----Original Message-----
> > From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-
> > bounce@xxxxxxxxxxxxx]
> > On Behalf Of John T (lists)
> > Sent: Tuesday, May 08, 2007 12:56 PM
> > To: isapros@xxxxxxxxxxxxx
> > Subject: [isapros] How to programmicly add IP address to a computer
> set
> >
> > I know that GFI WebMonitor3 if configured to use the Yahoo Adult list
> > is
> > able to block access to a site listed on Yahoo's adult site list by
> > adding that site to the destination set WebMonitor3 created for use
> in
> > the Deny Access Rule WebMonitor3 created.
> >
> >
> >
> > Is it possible to create a function that will resolve a URL to an IP
> > address, compare that IP address to an existing list, if the IP is
> not
> > on the list, add it to a computer set destination set on ISA 2006
> > Standard?
> >
> >
> >
> > John T
> >
> >
> >
> >
> > All mail to and from this domain is GFI-scanned.
> >
>
>
>
>
> All mail to and from this domain is GFI-scanned.
>
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
Other related posts:
