SAP Router

SAP Router
Logs nach Connect sortieren. ” cat saprouter.log* | grep -E “CONNECT FROM|CONNECT TO” | awk -F” ” ‘{print $5,$6,$7,$9,$10,$11 }’ | sed ‘s/\/[0-9][0-9][0-9][0-9][0-9]//g’ | sort -u ” #Die letzten drei Zeichen anzeigen. IP auseinader dividieren cat saprouttab | awk -F”.” ‘{print $1 }’ | awk ‘{ print substr( $0, length($0) – 2, length($0) ) }’ | more SAP Router starten /usr/sap/saprouter/saprouter -r -Y 0 -C 1000 -D -G /usr/sap/saprouter/saprouter.log -J 2000000 -R /usr/sap/saprouter/saprouttab ############################################################### Log Analyse time find . -type f -print0 | xargs -0 -P 207 -I % cat % | grep -iE -B0 -A 1 “CONNECT FROM” | grep -iE “CONNECT FROM|CONNECT TO” | awk ‘{printf(“%s%s”, $0, (NR%2 ? “,” : “\n”))}’ | grep –color=always -iE “[A-Za-z]{3} [A-Za-z]{3} [0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2} 2018 CONNECT FROM.*CONNECT TO” | tee > output.txt = Multi Paralized (207 Prozesse) time cat saprouter.log* | grep -iE -B0 -A 1 “CONNECT FROM” | grep -iE “CONNECT FROM|CONNECT TO” | awk ‘{printf(“%s%s”, $0, (NR%2 ? “,” : “\n”))}’ | grep –color=always -iE “[A-Za-z]{3} [A-Za-z]{3} [0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2} 2018 CONNECT FROM.*CONNECT TO” > output.txt = Single Prozess cat output.txt | awk -F ” ” ‘{print $6,$7,$10,$15,$16,$19}’ | awk -F “/” ‘{print $1,$2}’ | awk -F ” ” ‘{print $1,$2,$3,$5,$6,$7}’ | sort -u > output_uniq.txt #Niping Test############################################################### /usr/sap/saprouter/niping -c -H /H/172.17.190.85/H/172.17.190.35/S/3200 Mon Jun 3 11:07:01 2019 connect to server o.k. *** ERROR => bytes_written <> bytes_read (1000, 14) [nixxtst.cpp 1394] #SNC Konfi############################################################### benötigt SAPCRYPTOLIBP_8528-20011697.SAR (sapgenpse) mkdir /root/sec/ ./sapgenpse get_pse -v -r certreq -p local.pse “CN=saprouter, OU=0000000666, OU=SAProuter, O=SAP, C=DE” cat certreq bei der SAP registrieren vi srcert_bilfinger -> Cert einfügen oder selbst signieren ./sapgenpse export_p12 -p /root/sec/local.pse /root/sec/local.p12 #Key opennssl gerecht exportieren openssl pkcs12 -in /root/sec/local.p12 -out keys.txt -nodes #CA Generieren openssl genrsa -aes-256-cbc -out CA.key 8192 openssl req -new -sha512 -key CA.key -x509 -days 365 -subj ‘/C=DE/ST=B-W State/L=Rot/O=Bit-Devil Inc./OU=IT-Hack/CN=CA/emailAddress=root@bit-devil.ddns.net’ -out scrert.crt # openssl x509 -req -days 365 -in certreq -CA CA.crt -CAkey CA.key -CAcreateserial -out scrert.crt ./sapgenpse import_own_cert -v -c scrert.crt -p local.pse ./sapgenpse seclogin -p /root/sec/local.pse -O saprouter ./sapgenpse seclogin -p /root/sec/local.pse -O root ./sapgenpse get_my_name -v -n Issuer ./sapgenpse get_my_name export SNC_LIB=/usr/sap/saprouter/sec/libsapcrypto.so saprouter:/usr/sap/saprouter/sec # /usr/sap/saprouter/saprouter -r -Y 0 -C 1000 -D -G /usr/sap/saprouter/saprouter.log -J 2000000 -R /usr/sap/saprouter/saprouttab -K ‘p:CN=saprouter, OU=0000000666, OU=SAProuter, O=SAP, C=DE’ #Wartungs Kommandos ./sapgenpse maintain_pk -l ##########################################################################

Post Revisions:

  • December 12, 2019