Jcpetrucci/panorama-rollback.sh

## panorama-rollback.sh
#!/bin/bash
which tmux >/dev/null || { printf '%s\n' 'Error: could not locate tmux.' >&2; exit 1; }

# Create session, window, pane
readonly SESSION_NAME="$(head -c 30 <(tr -d -c [:alnum:] </dev/urandom))"
tmux start-server
tmux new-session -d -s $SESSION_NAME
tmux split-window -d -v -p 10

# Configure timer:
SECONDS_TIL_ROLLBACK=300
readonly EPOCH_NOW="$(date '+%s')"
readonly EPOCH_ROLLBACK=$((EPOCH_NOW + SECONDS_TIL_ROLLBACK ))
tmux set-option -t $SESSION_NAME status on
tmux set-option -t $SESSION_NAME status-interval 1
tmux set-option -t $SESSION_NAME status-left-length 70

# Start rollback 'deadman switch':
{
    sleep ${SECONDS_TIL_ROLLBACK}s;
    tmux send-keys -t ${SESSION_NAME}:0.0 C-w;
    sleep 2s
    tmux send-keys -t ${SESSION_NAME}:0.0 'configure' C-m;
    sleep 2s
    tmux send-keys -t ${SESSION_NAME}:0.0 'load config from rollback.xml' C-m;
    sleep 2s
    tmux send-keys -t ${SESSION_NAME}:0.0 'commit description "automatic rollback"' C-m;
    sleep 2s
    tmux send-keys -t ${SESSION_NAME}:0.0 'run commit-all shared-policy include-template yes description "automatic rollback" device-group YOURDEVICEGROUPNAME' C-m;
} &
{
    while :;
      do sleep 1s;
      SECONDS_TIL_ROLLBACK=$((EPOCH_ROLLBACK - $(date '+%s') ));
      if (( SECONDS_TIL_ROLLBACK < 30 )); then
         if (( SECONDS_TIL_ROLLBACK % 2 )); then
           tmux set-option -q -t $SESSION_NAME status-bg red
         else
           tmux set-option -q -t $SESSION_NAME status-bg blue
         fi
      fi
      tmux set-option -q -t $SESSION_NAME status-left "Automatic rollback in: #(echo $SECONDS_TIL_ROLLBACK ) seconds.";
    done;
} &

tmux send-keys -t ${SESSION_NAME}:0.1 'clear; read -p "In the top pane, SSH to Panorama as a user with \"superuser\" CLI access.  Save the known-good configuration as \"rollback.xml\".  From either the webUI or CLI, make the configuration changes and commit to both Panorama and the managed firewalls."; logout' C-m

# Attach to session:
tmux attach-session -d -t $SESSION_NAME

# Stop backgrounded jobs:
kill $(jobs -p)
	#!/bin/bash
	which tmux >/dev/null \|\| { printf '%s\n' 'Error: could not locate tmux.' >&2; exit 1; }

	# Create session, window, pane
	readonly SESSION_NAME="$(head -c 30 <(tr -d -c [:alnum:] </dev/urandom))"
	tmux start-server
	tmux new-session -d -s $SESSION_NAME
	tmux split-window -d -v -p 10

	# Configure timer:
	SECONDS_TIL_ROLLBACK=300
	readonly EPOCH_NOW="$(date '+%s')"
	readonly EPOCH_ROLLBACK=$((EPOCH_NOW + SECONDS_TIL_ROLLBACK ))
	tmux set-option -t $SESSION_NAME status on
	tmux set-option -t $SESSION_NAME status-interval 1
	tmux set-option -t $SESSION_NAME status-left-length 70

	# Start rollback 'deadman switch':
	{
	sleep ${SECONDS_TIL_ROLLBACK}s;
	tmux send-keys -t ${SESSION_NAME}:0.0 C-w;
	sleep 2s
	tmux send-keys -t ${SESSION_NAME}:0.0 'configure' C-m;
	sleep 2s
	tmux send-keys -t ${SESSION_NAME}:0.0 'load config from rollback.xml' C-m;
	sleep 2s
	tmux send-keys -t ${SESSION_NAME}:0.0 'commit description "automatic rollback"' C-m;
	sleep 2s
	tmux send-keys -t ${SESSION_NAME}:0.0 'run commit-all shared-policy include-template yes description "automatic rollback" device-group YOURDEVICEGROUPNAME' C-m;
	} &
	{
	while :;
	do sleep 1s;
	SECONDS_TIL_ROLLBACK=$((EPOCH_ROLLBACK - $(date '+%s') ));
	if (( SECONDS_TIL_ROLLBACK < 30 )); then
	if (( SECONDS_TIL_ROLLBACK % 2 )); then
	tmux set-option -q -t $SESSION_NAME status-bg red
	else
	tmux set-option -q -t $SESSION_NAME status-bg blue
	fi
	fi
	tmux set-option -q -t $SESSION_NAME status-left "Automatic rollback in: #(echo $SECONDS_TIL_ROLLBACK ) seconds.";
	done;
	} &

	tmux send-keys -t ${SESSION_NAME}:0.1 'clear; read -p "In the top pane, SSH to Panorama as a user with \"superuser\" CLI access. Save the known-good configuration as \"rollback.xml\". From either the webUI or CLI, make the configuration changes and commit to both Panorama and the managed firewalls."; logout' C-m

	# Attach to session:
	tmux attach-session -d -t $SESSION_NAME

	# Stop backgrounded jobs:
	kill $(jobs -p)