This article describes the functionalities of the Remote Execution page and provides a setup example. Remote execution can be used to execute nonrecurring tasks, such as the removal of unwanted files or the termination of processes etc., on several Barracuda NextGen Firewall F-Series boxes simultaneously and in a single administrative step. For this purpose, a collection of scripts is maintained at the Barracuda NextGen Control Center. These scripts can be edited, added, and removed by the administrator. To access the Remote Execution page on the Barracuda NextGen Control Center, open the CONTROL tab and click the Remote Execution icon in the ribbon bar.
In the Remote Execution window, information and configuration elements are divided into the following sections:
- Task List – The task list in the upper section of the page shows all tasks that have been created for Barracuda NextGen Firewall F-Series boxes.
- Objects Tab – The Objects tab allows you to create groups to simplify the remote execution process and displays the Barracuda NextGen Firewall F-Series boxes that are arraged as grouped objects.
- Boxes Tab – This tab lists all firewalls that are managed by the Barracuda NextGen Control Center. From here, you can select your units for the remote execution process.
- Scripts List – This section lists scripts and allows creation of scripts to be executed on Barracuda NextGen Firewall F-Series boxes.
- Action Bars – Depending on the selected tab, the action bars provide a selection of options that might be required when creating a task.
The listing of tasks (if present) in the upper section of the page is divided into the following columns:
- Box – The name of the Barracuda NextGen Firewall F-Series a task has been created for.
- Cluster – The name of the cluster the box resides in.
- Range ID – The name of the range the cluster and box belong to.
- Box Icon – This column depicts the status of an executed task.
- Box State – Displays the status of the Barracuda NextGen Firewall F-Series unit.
- Script – This is the name of the script that is currently executed.
- Info – This column lists additional information, such as IP address and short name.
- Flags – Flags depict the current task state. The following states are available:
- F – SSH failed (SSH-network connection or login failed)
- G – Script failed (script returned a non-zero value)
- D – Deleted (Box was removed from the CC)
- U – Untrusted (Peer authentication check is disabled)
- Priority – This is the assigned task priority. The following priorities are available:
- 0 – High priority
- 1 – Normal priority
- 2 – Low priority
- Execution Time – This is the time the task is currently running.
- First Attempt – This column provides information about date and time the first execution attempt was started (syntax used is yyyy mm dd hh:mm:ss).
- Last Try – This column informs about date and time when the last execution attempt was started (syntax used is yyyy mm dd hh:mm:ss).
- Tries – This is the number of execution tries.
- Reason – This is the failure reason in case the last execution attempt failed.
In the scripts list section on the right, scripts provided for execution on boxes can be created, modified, and deleted. Use the buttons from the action menu on the bottom of the page to perform the following operations:
- New – Click this button to create a new script. Choose a name for the script and enter a sequence of bash commands to be executed.
- Edit – Select a script and click this button to modify it.
- Remove – Discards a script stored on the Barracuda NextGen Control Center.
In the section on the left of the page, you can select groups of boxes for task execution. Under the Objects tab, multiple boxes can be combined to form group objects for quick task creation. Barracuda NextGen Control Center objects are saved to the Windows System Registry on the client PC. They can be exchanged between multiple clients by exporting and then importing them again.
To create a new object, proceed as follows:
- Click New in the action menu of the Objects tab. This opens a new window that enables box selection:
- Enter a name for the new object in the Object Name field.
- Select all desired boxes by simultaneously pressing the shift/CTRL key and clicking a box.
- Click Save Object to save the object. When reopening the object after it has been saved, the configuration window displays only the selected boxes.
- Select the Show All Boxes checkbox to display a view that shows all available boxes. The boxes belonging to a saved object are highlighted.
The following buttons in the Edit Object window allow further actions:
- Show Log – Displays a view of the box log file containing entries about the last executed task. Box log files are stored on the Barracuda NextGen Control Center. Their view can also be triggered by double-clicking a box entry in the list.
- Clear Log – Clears a box log file’s contents. This should be done before executing a new task.
- Remove Box – Removes the box from the saved object.
- Reload Object – Refreshes the view to display boxes saved in the object only.
- Create Copy – Creates a copy of an object already saved.
The Boxes tab displays a listing of all existing boxes on the Barracuda NextGen Control Center. When a box is selected, it is highlighted. Multiple boxes can be selected by simultaneous pressing of the shift/CTRL key and clicking on a box. The following detail information is covered in the box list:
- Box / Cluster / Range ID columns – These data sets describe the membership of the Barracuda NextGen Firewall F-Series, that is, its name and the names of cluster and range it belongs to.
- Info – This column displays additional box information (IP address and short name).
- Version – Displays the installed version number of the Barracuda NextGen Firewall F-Series.
On the bottom of the page, the following action menu applies for both tabs in the box list:
Create Task – This button becomes active when a Box/Object/Script combination is chosen from the scripts and box lists. Task creation opens the Schedule Task window, allowing for detailed specification when and how the task should be executed. The following values can be specified within the Schedule Task configuration window:
- Box Authentication – The following two modes are available for selection:
- Trusted (Validate Key)
- Untrusted (Ignore Key) – The untrusted mode enables the update of boxes that are not known to the Barracuda NextGen Control Center. Untrusted updates can also be used on boxes in case problems with authentication keys arise. Otherwise, trusted mode should always be used.
- Scheduling Mode – By default, tasks are scheduled for Immediate Execution. The option Delayed Execution activates the parameter Scheduled Time, where task execution time can be configured in detail.
- Scheduled Time – These two fields require a scheduling time for task execution.
- Priority – When multiple tasks are configured for execution, the priority setting determines the execution succession. You can select Low, Normal, or High priority.
The following action menu only applies to the Boxes tab:
- Show Log – Displays a view of the box log file containing entries about the last executed task. Box log files are stored on the CC. Their view can also be triggered by double-clicking a box entry in the list.
- Clear Log – Clears the log files of all selected boxes. This should be done before executing a new task.
The following action menu only applies for the Objects tab:
- Edit – Clicking this button allows editing a selected object.
- New – Creates a new object.
- Remove – Removes the selected object.
- Import – Imports an object into the Microsoft Windows System registry.
Export – Exports an object from the Microsoft Windows System registry. Box group objects are saved to Barracuda NextGen Control Center Object (*.mco) files.
Perform a Remote Execution Task
Execution of the script can be triggered by selecting a particular script and a Barracuda NextGen Firewall F-Series. During execution, all output of the script is directed to a box log file that is held at the Barracuda NextGen Control Center and can be reviewed by the administrator after execution. Consult these files for verbose output or error logging of the script. The following section describes the process of a remote execution task that cleans up the /tmp directory on selected firewalls.
Step 1. Create a Script
- Click the New button in the Script list window.
- Enter cleantmp as script name and insert the command sequence shown in the following screenprint.
Step 2. Create the Tasks
- Select all boxes on the Boxes tab in the Box list window and the cleantmp script in the Script list window simultaneously.
- Click Create Task.
- Schedule the tasks for Immediate Execution in the Schedule Task window.
The newly created tasks appear as entries with a green indicator (see following screenprint) and disappear as soon as the task is finished.
If a task fails, the corresponding entry remains in the task list and is shown with a red indicator. Look at the Reason column for an explanation of the failure.
Step 4. Review the Log Files
Double-click on the firewalls to view the log files and check if the desired actions have been taken.
Step 5. Reschedule or Delete Failed Tasks
To reschedule or delete a task, right-click it and select Reschedule or Delete Task from the context menu.
Simultaneously clears all events from the selected Barracuda NextGen Firewall F-Series(s).
Performs a release check on newly installed NextGen Firewall F-Series(s).
Initiates an emergency stop on the selected Barracuda NextGen Firewall F-Series(s).