Five Pounds of Flax

Every culture has a burrito.

Getting the external IP address from a Netscreen firewall using SNMP

Tuesday, June 24, 2003posted by Michael Rothwell @ 10:40 PM

If you have a Netscreen firewall, and want to use DynDNS to advertise your external IP address, you have to first get the IP address you've been assigned by your ISP.

I wrote the following little script, suitable for placement into /etc/cron.daily to do the job for me. There's probably a more elegant way to get the IP address -- perhaps by using some kind of straightforward snmpget command, rather than doing a walk, but hey, this works.


NS5IP=`snmpwalk -v 1 -c FBM ipAdEntAddr | head -1 | cut -d" " -f4`
PREVIP=`tail -1 /var/log/ipaddresses | cut -d" " -f1`
echo -n "$NS5IP " >> /var/log/ipaddresses
date +"%Y-%M-%d %T" >> /var/log/ipaddresses

if [ $NS5IP != $PREVIP ]; then
echo NEW
tail -1 /var/log/ipaddresses | mail -s "IP Change" my@email.address
/usr/local/bin/dyndnsupdate [options here] $NS5IP
echo OLD

echo $NS5IP
echo $PREVIP