Firesight API Explorer

I am having to make some changes to an object group in the Firesight management platform for my firewalls. Some of these changes required me to add and remove a 50-100 network entries at one time and doing it by hand was going to take a while and could also be prone to errors. I started to research the options for using the api interface for Firesight and came across this YouTube video from Cisco Devnet showing how to use the API Explorer built into firesight and showing how I could easily take and copy out a program so that I could build the object group very easily with a python script. So now I have taken what was started in the API Explorer and modifying it to pull the data out of my central address repository, format the data, and then build the script to run. You can see the in process script here.

The Passing of our sweet dog Sydney

On 7/9/20 we lost our beautiful girl Sydney. She went years before her time as she was only 10 at the time. She started to have seizures a week before and we had her on medication, but we believe she had a brain tumor as it’s the only thing that explains her passing within such a short time. She was a sweet girl and we will miss her dearly. We fell lucky to have had her bless our lives for the time that she was in it. She was a stubborn girl who would look at you and ignore all the while doing what she wanted, but we loved her very much and will miss her greatly.
IMG 2325

Planes of Fame PT-17 Stearman

Planes of Fame flew their Stearman on Saturday 6/21 and Sunday 6/22, they did a brief presentation on it talking about it and then took it up in the air. However the day was really overcast and the shots weren’t very good that came out of it. They decided to take the plane up again on Sunday so I went over and luckily there was sun out so I was able to get some much better shots of the plane as it flew around. I worked on testing out the wide focus tracking to keep the plane in focus and work on my panning skills. Pretty happy with how these shots came out and the level detail in them.

Falcon in flight

I was on my way over to the Chino Airport to photograph the Stearman flying over. As I was headed over I spotted this Peregrine Falcon flying around. I pulled over to take some shots of this magnificent predator out hunting for food. It was my first chance to try and capture a bird in flight and I am pretty happy with the results. Minimal fixes required in Lightroom to brighten the photo up a little.

2020 06 21 2020 6 21 PT Stearman 212020 06 21 2020 6 21 PT Stearman 1882020 06 21 2020 6 21 PT Stearman 197

Python Program to sort RAW vs JPG files from a photo shoot

I shoot a lot of photos at airshows and needed a quick to sort the RAW photos from the JPGs and to put them into different directories. I may not always use the RAW photos, but I don’t want to discard, I also may not want them in my Lightroom library. This program will quickly sort them, name them, and put them into separate directories for import into Lightroom.

The programs repository is here: https://github.com/undrwatr/SONY_FILE_SORT

This is of course version 1:

#!/usr/bin/env python3

#Program to sort my photo files between Sony RAW and JPG files. Sorts into two separete directores so I can chooose what to import into Lightroom.

import os
import shutil

# ask for the name of the directory
SORT_DIR = os.getcwd()

DIRECTORY = input("What is the name of the Directory to be created? ")


DIRECTORY_RAW = (DIRECTORY + '_RAW')
DIRECTORY_JPG = (DIRECTORY + '_JPG')



# List the files in the source directory
list_ = os.listdir(SORT_DIR)

# rename the files based on the requested directory name
INCR = 0

for file_ in list_:
    name, ext = os.path.splitext(file_)
    INCR = INCR +1
    os.rename(file_, ((DIRECTORY) + "-" + str(INCR) + ext))


# create a directory for jpg
# create a directory for raw files

os.mkdir(DIRECTORY_RAW)
os.mkdir(DIRECTORY_JPG)

CURRENT_DIR = os.getcwd()

list1_ = os.listdir(SORT_DIR)

# Sort the photos into the directories, but do not sort the directory

for file1_ in list1_:
    if file1_.endswith('.ARW'):
        shutil.move(((CURRENT_DIR) + "/" + (file1_)), ((CURRENT_DIR) + "/" + (DIRECTORY_RAW)))
    if file1_.endswith('.JPG'):
        shutil.move(((CURRENT_DIR) + "/" + (file1_)), ((CURRENT_DIR) + "/" + (DIRECTORY_JPG)))
    else:
        continue

Passing the CWSP – PearsonVue Online

I passed the CWSP on my first try last week, which I was happy about. With Covid-19 running rampant and changing things I had to take the test at home with PearsonVue. I liked the idea of testing at home and ran through all of the steps for PearsonVue that they recommended. However that didn’t stop from needing to reboot my machine multiple times and have to spend quite a bit of time trying to get setup and talking to their online people over chat. It took about 30 minutes for them to finally present the test and for me to be able to take it online successfully.

Once I finally got the technical issues resolved with their service and I was able to take the test I was surprised at how quick it went and I was glad I could do it at home. Seeing as how it would have taken me longer to drive to and from the testing center than to take the test. The content was tough as I deal with it almost every day in regards to network security and trying to build a secure network

So now I get to display this logo:

Cwsp 200x200

My next exam is going to be the CWDP and given the fact that I am still working from home and testing centers aren’t open I will be taking this one also at home. Hopefully the whole testing experience will go better.

Installing PYODBC onto Ubuntu

Steps to install PYODBC on Ubuntu and the requirements that needed to be done to convert from PYMSSQL to PYODBC for connecting to an MS SQL database to pull information. Just wanted to get all of these steps in one place and everything that I went through to get it working in my Linux environment.

sudo curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add –

#Download appropriate package for the OS version
#Choose only ONE of the following, corresponding to your OS version

#Ubuntu 16.04
curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list

#Ubuntu 18.04
curl https://packages.microsoft.com/config/ubuntu/18.04/prod.list > /etc/apt/sources.list.d/mssql-release.list

#Ubuntu 19.10
curl https://packages.microsoft.com/config/ubuntu/19.10/prod.list > /etc/apt/sources.list.d/mssql-release.list

sudo apt-get update
sudo ACCEPT_EULA=Y apt-get install msodbcsql17
sudo apt-get install unixodbc-dev

Once the driver is installed you then need to install pyodbc with pip
pip3 install pyodbc

After I did these steps it then did require me to reinstall the requests module for some reason to resolve some HTTPS issues. Not really sure what that issue was or the reason for it.

Reference links for the installs from Microsoft:

https://docs.microsoft.com/en-us/sql/connect/python/pyodbc/step-3-proof-of-concept-connecting-to-sql-using-pyodbc?view=sql-server-ver15

https://docs.microsoft.com/en-us/sql/connect/odbc/linux-mac/installing-the-microsoft-odbc-driver-for-sql-server?view=sql-server-ver15

How to rebuild an F5 Physical Load Balancer

Because I forget this and it always seems to cause me more pain than it should to have to rebuild one. I’ve had this happen 3 times in the 8 years of dealing with the physical 1600 LTMs all of them have failed due to some power problem that won’t let them startup completely and I end up spending 8 or more hours having to rebuild them and figure out what the heck happened to them. Luckily they have always been in a fault tolerant pair so I haven’t been down completely, but have never wanted to push the amount of time one is down because of how important they are to my company.

Steps:

Call into Support and open a ticket with the s/n of the failed unit and the error message on the screen.

If you don’t already have enhanced 4 hour replacement ask for an upgrade to it via credit card. Waiting more than 4 hours is very painful and dangerous for us.

Wait 4 hours for the new unit to come in.

While waiting:
Unrack the currently failed unit making sure that all of the cables are correctly labeled and ready to be plugged into the new unit.

Download the current version ISO along with any hot fixes to match the current install version. Download your latest backup for the unit and have it all ready and waiting to go on your laptop.

On the active unit make sure to clear out any ssh keys if needed from the failover interface

Also Reset the Device Trust under Device Management/Device Trust on the active unit

When the new unit finally arrives rack it and plug in at least the serial cable and the management ethernet cable. Before powering on plug in the recovery USB stick if it came with one that has the version of LTM that you need on it. This will greatly simplify the upgrade process and get it to at least the major version you need.

Once the unit has been upgraded to at least the major base version that you need. Login via the serial console with root/default and type config. This will let you set the management IP address for the unit.

Once the management address is set, connect to it via the browser with admin/default and start going through the licensing and configuration process.

Upload the hot fixes if necessary to the replacement unit and update to the version needed to restore the backup file. Once the hot fixes are done updating go ahead and restore the backup to the failed unit.

Hookup the failover ethernet cable.

Set backup the HA configuration between the units and ensure that you can ssh between the units on their failover interfaces.

Push the configuration from the Active unit to the new unit with an override, if it fails or there is any issue during the time run this command on the failed unit to see what the issue is:

tmsh show cm sync-status

Once it’s all done and happy it should be back in sync and in an active/standby state.

Then plug in the last of the cables for the internal/external interfaces and then you should be done.

Pack the old unit up and ship it out.