[c-nsp] OSPF Dampening

[Jeremiah Millay]

Ok can someone verify me on this...
I've created an EEM policy in my router that looks something like this 
(IPs and e-mail addresses have been changed):

ip access-list extended BLOCK_OSPF
 deny   ospf any any
 permit ip any any
!

event manager environment cmd1 config t
event manager environment cmd2 int fa0/0
event manager environment cmd3 ip access-group BLOCK_OSPF in
event manager applet WirelessOSPF
 event syslog occurs 6 pattern "%OSPF-5-ADJCHG: Process 1, Nbr X.X.X.X 
on FastEthernet0/0" period 300
 action BLOCK cli command "cmd1 cmd2 cmd3"
 action MAIL mail server "mail.rockriver.net" to "someone at rockriver.net" 
from "someone at rockriver.net" subject "ROA OSPF FLAP"
!


and here is my "show event manager policy registered" output:

ROA#sh event manager policy registered
No.  Class   Type    Event Type          Trap  Time Registered           
Name
1    applet  system  syslog              Off   Fri Sep 29 15:31:44 2006  
WirelessOSPF
 occurs 6 period 300.000 pattern {%OSPF-5-ADJCHG: Process 1, Nbr X.X.X.X 
on FastEthernet0/0}
 action BLOCK cli command "cmd1 cmd2 cmd3"
 action MAIL mail server "mail.rockriver.net" to "someone at rockriver.net" 
from "someone at rockriver.net" subject "ROA OSPF FLAP"



So basically what I think this should do is if "%OSPF-5-ADJCHG: Process 
1, Nbr X.X.X.X on FastEthernet0/0" shows up in the logs 6 times within 5 
minutes (300 sec)  it will execute cmd1 cmd2 and cmd3 to apply my access 
list to block ospf traffic through my ethernet interface and then send 
me an e-mail letting me know there is a problem. At this point I can 
manually remove the ACL when the wireless link problem has been 
resolved. Any EEM gurus think this will work? I'm working on setting up 
a testing environment but wanted to run this by you all as well.
Jeremiah