Google Git
Sign in
apache / vcl / refs/heads/VCL-1127_updates_for_cygsshd / . / managementnode / tools / Windows / Scripts / configure_networking.vbs
blob: b82ca2017478c37497b3c1c8d21e01b4162c6044 [file] [log] [blame]
' Licensed to the Apache Software Foundation (ASF) under one or more
' contributor license agreements. See the NOTICE file distributed with
' this work for additional information regarding copyright ownership.
' The ASF licenses this file to You under the Apache License, Version 2.0
' (the "License"); you may not use this file except in compliance with
' the License. You may obtain a copy of the License at
'
' http://www.apache.org/licenses/LICENSE-2.0
'
' Unless required by applicable law or agreed to in writing, software
' distributed under the License is distributed on an "AS IS" BASIS,
' WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
' See the License for the specific language governing permissions and
' limitations under the License.
Set objShell = CreateObject("WScript.Shell")
WScript.Echo (WScript.ScriptName & " beginning to run: " & Date & " " & Time)
strSystem32="%SystemRoot%\system32"
' Get the Windows version
' This allows the same script to be used for different versions
' Some commands such as setting the firewall differ between versions
Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT Version FROM Win32_OperatingSystem")
For Each objItem In colItems
strWindowsVersion = objItem.Version
Next
WScript.Echo "Windows Version: " & strWindowsVersion
'----------------------------------------------------------------------------
' Print the routing table before making any changes
' This is done for troubleshooting purposes
CMD_ROUTE_PRINT=strSystem32 & "\route.exe print"
RunCommand CMD_ROUTE_PRINT, "Printing routing table"
' Renew the DHCP lease to make sure not to retrieve old information
CMD_IPCONFIG_ALL=strSystem32 & "\ipconfig.exe /all"
CMD_IPCONFIG_RELEASE=strSystem32 & "\ipconfig.exe /release"
CMD_IPCONFIG_RENEW=strSystem32 & "\ipconfig.exe /renew"
'RunCommand CMD_IPCONFIG_RELEASE, "Releasing DHCP lease"
'RunCommand CMD_IPCONFIG_RENEW, "Renewing DHCP lease"
RunCommand CMD_IPCONFIG_ALL, "Running ipconfig /all"
'----------------------------------------------------------------------------
' Get the networking configuration
Dim PRIVATE_NAME, PRIVATE_IP, PRIVATE_SUBNET_MASK, PRIVATE_GATEWAY
Dim PUBLIC_NAME, PUBLIC_IP, PUBLIC_SUBNET_MASK, PUBLIC_GATEWAY
get_network_configuration
print_hr
WScript.Echo "PRIVATE_NAME = " & PRIVATE_NAME
WScript.Echo "PRIVATE_IP = " & PRIVATE_IP
WScript.Echo "PRIVATE_SUBNET_MASK = " & PRIVATE_SUBNET_MASK
WScript.Echo "PRIVATE_GATEWAY = " & PRIVATE_GATEWAY
WScript.Echo
WScript.Echo "PUBLIC_NAME = " & PUBLIC_NAME
WScript.Echo "PUBLIC_IP = " & PUBLIC_IP
WScript.Echo "PUBLIC_SUBNET_MASK = " & PUBLIC_SUBNET_MASK
WScript.Echo "PUBLIC_GATEWAY = " & PUBLIC_GATEWAY
WScript.Echo
' Check if all the required information was found
If (Len(PRIVATE_NAME) > 0) And (Len(PRIVATE_IP) > 0) _
And (Len(PUBLIC_NAME) > 0) And (Len(PUBLIC_IP) > 0) And (Len(PUBLIC_GATEWAY) > 0) _
Then
WScript.Echo "Successfully retrieved private and public network configuration"
Else
WScript.Echo "Failed to retrieve private and public network configuration, returning exit status 1"
WScript.Quit 1
End If
'' Set system environment variables
'Set objShell = CreateObject("WScript.Shell")
'Set sysvars = objShell.Environment("SYSTEM")
'sysvars("VCL_PRIVATE_NAME") = PRIVATE_NAME
'sysvars("VCL_PRIVATE_IP") = PRIVATE_IP
'sysvars("VCL_PRIVATE_MASK") = PRIVATE_SUBNET_MASK
'sysvars("VCL_PRIVATE_GATEWAY") = PRIVATE_GATEWAY
'sysvars("VCL_PUBLIC_NAME") = PUBLIC_NAME
'sysvars("VCL_PUBLIC_IP") = PUBLIC_IP
'sysvars("VCL_PUBLIC_MASK") = PUBLIC_SUBNET_MASK
'sysvars("VCL_PUBLIC_GATEWAY") = PUBLIC_GATEWAY
'
'WScript.Echo
'
'WScript.Echo "Set environment variables:"
'Set sysvars = objShell.Environment("SYSTEM")
'WScript.Echo "VCL_PRIVATE_NAME: " & sysvars("VCL_PRIVATE_NAME")
'WScript.Echo "VCL_PRIVATE_IP: " & sysvars("VCL_PRIVATE_IP")
'WScript.Echo "VCL_PRIVATE_MASK: " & sysvars("VCL_PRIVATE_MASK")
'WScript.Echo "VCL_PRIVATE_GATEWAY: " & sysvars("VCL_PRIVATE_GATEWAY")
'WScript.Echo
'WScript.Echo "VCL_PUBLIC_NAME: " & sysvars("VCL_PUBLIC_NAME")
'WScript.Echo "VCL_PUBLIC_IP: " & sysvars("VCL_PUBLIC_IP")
'WScript.Echo "VCL_PUBLIC_MASK: " & sysvars("VCL_PUBLIC_MASK")
'WScript.Echo "VCL_PUBLIC_GATEWAY: " & sysvars("VCL_PUBLIC_GATEWAY")
'----------------------------------------------------------------------------
' Assemble the external commands
CMD_ROUTE_ADD_PUBLIC_GATEWAY=strSystem32 & "\route.exe -p ADD 0.0.0.0 MASK 0.0.0.0 " & PUBLIC_GATEWAY & " METRIC 1"
CMD_ROUTE_ADD_PRIVATE_GATEWAY=strSystem32 & "\route.exe -p ADD 0.0.0.0 MASK 0.0.0.0 " & PRIVATE_GATEWAY & " METRIC 2"
CMD_ROUTE_DELETE_GATEWAYS=strSystem32 & "\route.exe DELETE 0.0.0.0 MASK 0.0.0.0 "
CMD_ROUTE_FLUSH=strSystem32 & "\route.exe -f"
CMD_SET_NTSYSLOG_GATEWAY=strSystem32 & "\reg.exe ADD HKLM\SOFTWARE\SaberNet /v syslog /d " & PRIVATE_GATEWAY & " /f"
CMD_START_NTSYSLOG_SERVICE=strSystem32 & "\net.exe start ntsyslog"
CMD_STOP_NTSYSLOG_SERVICE=strSystem32 & "\net.exe stop ntsyslog"
CMD_SET_PRIVATE_STATIC=strSystem32 & "\netsh.exe interface ip set address name=""" & PRIVATE_NAME & """ source=static addr=" & PRIVATE_IP & " mask=" & PRIVATE_SUBNET_MASK & " gateway=none"
CMD_SET_PUBLIC_DNS=strSystem32 & "\netsh.exe interface ip set dns name=""" & PUBLIC_NAME & """ source=dhcp register=none"
CMD_SET_PRIVATE_DNS=strSystem32 & "\netsh.exe interface ip set dns name=""" & PRIVATE_NAME & """ source=dhcp register=none"
CMD_SET_PUBLIC_NAME=strSystem32 & "\netsh.exe interface set interface name=""" & PUBLIC_NAME & """ newname=""Public Interface"""
CMD_SET_PRIVATE_NAME=strSystem32 & "\netsh.exe interface set interface name=""" & PRIVATE_NAME & """ newname=""Private Interface"""
CMD_FIREWALL_ALLOW_PRIVATE_PING=strSystem32 & "\netsh.exe firewall set icmpsetting" & _
" type = 8" & _
" mode = ENABLE" & _
" interface = """ & PRIVATE_NAME & """"
CMD_FIREWALL_ALLOW_PRIVATE_SSH=strSystem32 & "\netsh.exe firewall set portopening" & _
" protocol = TCP" & _
" port = 22" & _
" mode = ENABLE" & _
" name = ""SSHD""" & _
" interface = """ & PRIVATE_NAME & """"
CMD_FIREWALL_ALLOW_PRIVATE_RDP=strSystem32 & "\netsh.exe firewall set portopening" & _
" protocol = TCP" & _
" port = 3389" & _
" mode = ENABLE" & _
" name = ""Remote Desktop""" & _
" interface = """ & PRIVATE_NAME & """"
CMD_ADVFIREWALL_ALLOW_PRIVATE_PING=strSystem32 & "\netsh.exe advfirewall firewall set rule" & _
" name=""VCL: allow ping from private network""" & _
" new" & _
" action=allow" & _
" description=""Allows incoming ping (ICMP type 8) messages from 10.x.x.x addresses""" & _
" dir=in" & _
" enable=yes" & _
" localip=10.0.0.0/8" & _
" protocol=icmpv4:8,any" & _
" remoteip=10.0.0.0/8"
CMD_ADVFIREWALL_ALLOW_PRIVATE_SSH=strSystem32 & "\netsh.exe advfirewall firewall set rule" & _
" name=""VCL: allow SSH port 22 from private network""" & _
" new" & _
" action=allow" & _
" description=""Allows incoming TCP port 22 traffic from 10.x.x.x addresses""" & _
" dir=in" & _
" enable=yes" & _
" localip=10.0.0.0/8" & _
" localport=22" & _
" protocol=TCP" & _
" remoteip=10.0.0.0/8"
CMD_ADVFIREWALL_ALLOW_PRIVATE_RDP=strSystem32 & "\netsh.exe advfirewall firewall set rule" & _
" name=""VCL: allow RDP port 3389 from private network""" & _
" new" & _
" action=allow" & _
" description=""Allows incoming TCP port 3389 traffic from 10.x.x.x addresses""" & _
" dir=in" & _
" enable=yes" & _
" localip=10.0.0.0/8" & _
" localport=3389" & _
" protocol=TCP" & _
" remoteip=10.0.0.0/8"
'----------------------------------------------------------------------------
' Run commands to configure networking
' Keep a total of the exit codes
intExitStatusTotal = 0
' Set the adapters to not register DNS records
intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_SET_PUBLIC_DNS, "Setting the public adapter to not register DNS records")
intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_SET_PRIVATE_DNS, "Setting the private adapter to not register DNS records")
'' Set the private adapter to static and remove the default gateway
'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_SET_PRIVATE_STATIC, "Setting the private adapter to static")
' Configure the routing table default gateways
intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ROUTE_DELETE_GATEWAYS, "Deleting routes to default gateways")
intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ROUTE_ADD_PUBLIC_GATEWAY, "Adding route to public default gateway")
'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ROUTE_ADD_PRIVATE_GATEWAY, "Adding route to private default gateway")
'' Configure the ntsyslog service to use the address of the private default gateway (management node)
'RunCommand CMD_STOP_NTSYSLOG_SERVICE, "Stopping the ntsyslog service"
'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_SET_NTSYSLOG_GATEWAY, "Configuring ntsyslog to use private default gateway")
'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_START_NTSYSLOG_SERVICE, "STARTING the ntsyslog service")
' Configure the firewall to allow ping, RDP and SSH on the private network
'print_hr
'If (Left(strWindowsVersion, 1) < 6) Then
' WScript.Echo "Windows version is " & strWindowsVersion & ", configuring firewall with netsh firewall"
' intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_FIREWALL_ALLOW_PRIVATE_PING, "Allowing ping on the private interface")
' intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_FIREWALL_ALLOW_PRIVATE_SSH, "Allowing SSH on the private interface")
' 'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_FIREWALL_ALLOW_PRIVATE_RDP, "Allowing RDP on the private interface")
'Else
' WScript.Echo "Windows version is " & strWindowsVersion & ", configuring firewall with netsh advfirewall"
' intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ADVFIREWALL_ALLOW_PRIVATE_PING, "Allowing ping from private addresses")
' intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ADVFIREWALL_ALLOW_PRIVATE_SSH, "Allowing SSH from private addresses")
' 'intExitStatusTotal = intExitStatusTotal + RunCommand(CMD_ADVFIREWALL_ALLOW_PRIVATE_RDP, "Allowing RDP from private addresses")
'End If
'' Set the names of the adapters to Public and Private
'RunCommand CMD_SET_PRIVATE_NAME, "Setting the private adapter name to Private"
'RunCommand CMD_SET_PUBLIC_NAME, "Setting the public adapter name to Public"
' Print the routing table
RunCommand CMD_ROUTE_PRINT, "Printing routing table"
' Run ipconfig /all
RunCommand CMD_IPCONFIG_ALL, "Running ipconfig /all"
print_hr
WScript.Echo (WScript.ScriptName & " finished: " & Date & " " & Time)
WScript.Echo "Exit status total: " & intExitStatusTotal
WScript.Quit intExitStatusTotal
'-----------------------------------------------------------------------------
function get_network_configuration
' Connect to local computer via WMI
Set wmi = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
' Get a list of network adapters
' NetConnectionStatus: 0 = Disconnected, 1 = Connecting, 2 = Connected
Set wmi_NAs = wmi.ExecQuery("SELECT * FROM Win32_NetworkAdapter WHERE " & _
"NetConnectionStatus = 2 " & _
"AND NOT ServiceName LIKE '%loop%'")
' Loop through neteork adapters
If (wmi_NAs.count = 0) Then
WScript.Echo "No network adapters were found"
WScript.Quit 1
End If
' Regular expression to ignore certain network connection names
strPatternIgnoredAdapterNames = "(loopback|vmnet|afs)"
' Regular expression to ignore certain network connection descriptions
strPatternIgnoredAdapterDescriptions = "(loopback|virtual|afs)"
' Regular expression to make sure the address is in the correct format
strPatternIPAddress = "((\d{1,3}\.?){4})"
' Use a regular expression to check if the IP address is private
strPatternPrivate = "^(10)\."
' Use a regular expression to check if the IP address is not public
' 10.0.0.0 – 10.255.255.255
' 127.0.0.0 - 127.255.255.255
' 172.16.0.0 – 172.31.255.255
' 192.168.0.0 – 192.168.255.255
strPatternNotPublic = "^(10|127|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\."
'intCheckAdapters = 1
'intLoopCount = 0
'Do While (intCheckAdapters <> 0 And intLoopCount < 3)
' intLoopCount = intLoopCount + 1
' intCheckAdapters = 0
' Renew the DHCP lease if not the first iteration
' This means DHCP was enabled on an adapter
If (intLoopCount > 1) Then
RunCommand CMD_IPCONFIG_RENEW, "Renewing DHCP lease"
End If
' Loop through network adapters
For Each NA in wmi_NAs
WScript.Echo "----------------------------------------------------------------------"
WScript.Echo "*** " & NA.Description & " (Index: " & NA.Index & ") ***"
'WScript.Echo
'' Print all of the the Win32_NetworkAdapter properties
'For Each NA_property in NA.Properties_
' If Not IsNull(NA_property.Value) Then
' print_variable NA_property.Value, "NA:" & NA_property.Name
' End If
'Next
' Get a list of network adapter configurations matching the index of the network adapter
Set wmi_NACs = wmi.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE Index = '" & NA.Index & "'")
For Each NAC in wmi_NACs
WScript.Echo
'' Print all of the the Win32_NetworkAdapterConfiguration properties
'For Each NAC_property in NAC.Properties_
' If Not IsNull(NAC_property.Value) Then
' print_variable NAC_property.Value, "NAC:" & NAC_property.Name
' End If
'Next
' Evaluate the regular expressions
strIgnoredAdapterName = RegExpVal(strPatternIgnoredAdapterNames, NA.Name, 0)
strIgnoredAdapterDescription = RegExpVal(strPatternIgnoredAdapterDescriptions, NA.Description, 0)
strIPAddress = RegExpVal(strPatternIPAddress, Join(NAC.IPAddress), 0)
strIPAddressMatchPrivate = RegExpVal(strPatternPrivate, strIPAddress, 0)
strIPAddressMatchNotPublic = RegExpVal(strPatternNotPublic, strIPAddress, 0)
WScript.Echo "Adpater name: " & NA.Name
WScript.Echo "Ignored adpater name section: " & strIgnoredAdapterName
WScript.Echo "Ignored adpater description section: " & strIgnoredAdapterDescription
WScript.Echo "IP address: " & strIPAddress
WScript.Echo "Matching VCL private address section: " & strIPAddressMatchPrivate
WScript.Echo "Matching non-public address section: " & strIPAddressMatchNotPublic
' Check if adapter should be ignored
If Len(strIgnoredAdapterName) > 0 Then
WScript.Echo "Network adapter " & NA.Name & " is being ignored because the name contains: " & strIgnoredAdapterName
' Check if adapter should be ignored
Elseif Len(strIgnoredAdapterDescription) > 0 Then
WScript.Echo "Network adapter " & NA.Name & " is being ignored because the description contains: " & strIgnoredAdapterDescription
' Check to make sure a valid IP address was found
Elseif Len(strIPAddress) = 0 Then
WScript.Echo "IP address is either blank or not in the correct format: " & NAC.IPAddress
' Check if address is a valid VCL private address (10.*)
Elseif Len(strIPAddressMatchPrivate) > 0 Then
PRIVATE_NAME = NA.NetConnectionID
WScript.Echo "* PRIVATE_NAME = " & PRIVATE_NAME
WScript.Echo "* DHCP enabled = " & NAC.DHCPEnabled
'If (NAC.DHCPEnabled = "False") Then
' CMD_PRIVATE_ENABLE_DHCP=strSystem32 & "\netsh.exe interface ip set address name=""" & PRIVATE_NAME & """ source=dhcp"
' RunCommand CMD_PRIVATE_ENABLE_DHCP, "Enabling DHCP on the private adapter"
' intCheckAdapters = 1
'Else
PRIVATE_IP = strIPAddress
PRIVATE_SUBNET_MASK = Join(NAC.IPSubnet)
PRIVATE_DESCRIPTION = NA.Description
If Not IsNull(NAC.DefaultIPGateway) Then
PRIVATE_GATEWAY = Join(NAC.DefaultIPGateway)
End If
WScript.Echo "* PRIVATE_IP = " & PRIVATE_IP
WScript.Echo "* PRIVATE_SUBNET_MASK = " & PRIVATE_SUBNET_MASK
WScript.Echo "* PRIVATE_GATEWAY = " & PRIVATE_GATEWAY
WScript.Echo "* PRIVATE_DESCRIPTION = " & PRIVATE_DESCRIPTION
'End If
' Address is not a valid VCL private address (10.*) but may still be private (192.168.* ...)
' Check if address is private
Elseif Len(strIPAddressMatchNotPublic) > 0 Then
WScript.Echo "IP address is not a public nor valid VCL private address: " & strIPAddress
' Address is not private, it's a valid public address
Else
PUBLIC_NAME = NA.NetConnectionID
WScript.Echo "* PUBLIC_NAME = " & PUBLIC_NAME
WScript.Echo "* DHCP enabled = " & NAC.DHCPEnabled
'If (NAC.DHCPEnabled = "False") Then
' CMD_PUBLIC_ENABLE_DHCP=strSystem32 & "\netsh.exe interface ip set address name=""" & PUBLIC_NAME & """ source=dhcp"
' RunCommand CMD_PUBLIC_ENABLE_DHCP, "Enabling DHCP on the public adapter"
' intCheckAdapters = 1
'Else
PUBLIC_IP = strIPAddress
PUBLIC_SUBNET_MASK = Join(NAC.IPSubnet)
PUBLIC_DESCRIPTION = NA.Description
If Not IsNull(NAC.DefaultIPGateway) Then
PUBLIC_GATEWAY = Join(NAC.DefaultIPGateway)
End If
WScript.Echo "* PUBLIC_IP = " & PUBLIC_IP
WScript.Echo "* PUBLIC_SUBNET_MASK = " & PUBLIC_SUBNET_MASK
WScript.Echo "* PUBLIC_GATEWAY = " & PUBLIC_GATEWAY
WScript.Echo "* PUBLIC_DESCRIPTION = " & PUBLIC_DESCRIPTION
'End If
End If
Next
Next
'Loop
End function
'-----------------------------------------------------------------------------
function print_variable(arr, strTitle)
If Not IsNull(arr) Then
If IsArray(arr) Then
For Each element In arr
WScript.Echo strTitle & " = " & element
Next
Else
WScript.Echo strTitle & " = " & arr
End If
Else
WScript.Echo strTitle & " = NULL"
End If
End function
'-----------------------------------------------------------------------------
Function RegExpVal(strPattern, strString, idx)
On Error Resume Next
Dim regEx, Match, Matches, RetStr
Set regEx = New RegExp
regEx.Pattern = strPattern
regEx.IgnoreCase = True
regEx.Global = True
Set Matches = regEx.Execute( strString )
RegExpVal = Matches( 0 ).SubMatches( idx )
End Function
'-----------------------------------------------------------------------------
Function RunCommand (strCommand, strDescription)
print_hr
strCommand = "cmd.exe /c " & strCommand
WScript.Echo strDescription & ", command: " & strCommand
Set objExecResult = objShell.Exec(strCommand & " 2>&1")
If objExecResult.ProcessID = 0 And objExecResult.Status = 1 Then
WScript.Echo strDescription & " failed: " & err.Description
WScript.Quit 1
End If
Do
intStatus = objExecResult.Status
WScript.StdOut.Write objExecResult.StdOut.ReadAll()
WScript.StdErr.Write objExecResult.StdErr.ReadAll()
If intStatus <> 0 Then Exit Do
'WScript.Sleep 10
Loop
If objExecResult.ExitCode > 0 Then
WScript.Echo strDescription & " failed, exit code: " & objExecResult.ExitCode
Else
WScript.Echo strDescription & " successful, exit code: " & objExecResult.ExitCode
End If
RunCommand = objExecResult.ExitCode
WScript.Echo (Time)
End Function
'-----------------------------------------------------------------------------
Function print_hr
WScript.Echo "---------------------------------------------------------------------------"
WScript.Echo (Time)
WScript.Echo "---------------------------------------------------------------------------"
End Function