SonicWALL Shared Key Daily Config Change

Unimus support forum
Post Reply
ahoff
Posts: 1
Joined: Thu May 19, 2022 12:32 pm

Thu May 19, 2022 12:36 pm

I'm getting notified daily of a config change on my SonicWall for a shared-key that for some reason the ignored data filter will not apply to.

Looks like this:

Code: Select all

467	467		max-requests 256
468	468		enable
469	 	-	shared-key 4,b983daaf96f58a49e68a87767884dab57ed6c5e5c165ba8a
 	469	+	shared-key 4,dda15fd502e32f51c703158d778611b02231d6fda7e5f1a0
470	470		exit
I'm using this filter:

Code: Select all

(?m)^\s*shared-key\s4,[[:xdigit:]]{48}$
It looks like it's being filtered when using a diff between config changes but not for the daily change.
Vik@Unimus
Posts: 100
Joined: Thu Aug 05, 2021 6:35 pm

Thu May 19, 2022 12:58 pm

Hello,

The regex flavor used by Unimus is Java regex. Your regex is perfectly fine, but that would work for PCRE flavor of regex which supports the [[:xxx:]] character classes. You can change it to something like this

Code: Select all

(?m)^\h*shared-key\h4,.+?$
and the IGNORE filter should work just fine. One more change I have done above and what I would suggest is to use \h (horizontal whitespace) instead of \s (any whitespace character), you can see here it could be any of them.
Post Reply