[rancid] Rancid New Router Type
Rhys Evans
rhys.evans at Redblade.co.uk
Thu Apr 16 16:14:31 UTC 2009
Hi
I am relatively new to Rancid, and am looking for some help on adding a new router type. I have Rancid up and running for our Cisco and HP devices with no issues. Now back to the question.
I would like to create a new device type for draytek (I know not great but we do have a few of them) routers . Please bear with me regarding my coding I'm not a programmer, I am also aware I have removed some of the checks etc. I will look at bring those in once I can get the config out putting fine.
Now what I have managed to do is the following:
1) Edited rancid-fe and added the line "'draytek' => 'drancid'," in the vendor table (This seems to be working fine)
2) Hacked the clogin script and renamed it to dlogin. This again seems to be working as it logs into the router and I can enter commands and see the expected output (see end for script)
3) I have now created drancid which is a hack of rancid. This is where I am having my issue (see end for script)
a. Now when I run "dlogin -d -c 'sys version;sys iface' 79.14.24.56 > debugoutput 2>&1" I get the following output (which is what I am expecting)
++++++++++++++++++++++++++++++++++++++++
dlogin -d -c 'sys version;sys iface' 79.14.24.56 > debugoutput 2>&1
79.14.24.56
Trying 79.14.24.56...
Connected to 79.14.24.56.rdns.as8401.net (79.14.24.56).
Escape character is '^]'.
Password: **********
Type ? for command help
>
>
> sys version
Router Model: Vigor3100 series Version: v2.7.1 English
Profile version: 0x2 Status: 1 (0xcd0a7a2)
Router IP: 192.168.2.1 Netmask: 255.255.255.0
Firmware Build Date/Time: Wed Nov 29 16:32:4.45 2006
Revision: 173
ADSL Firmware Version: R308_1 Annex B
> sys iface
Interface 0 Ethernet:
Status: UP
IP Address: 192.168.2.1 Netmask: 0xFFFFFF00 (Private)
IP Address: 79.14.24.56 Netmask: 0xFFFFFFF8
MAC: 00-50-7F-B7-5C-C8
Interface 3 PPPoE:
Status: UP
IP Address: 79.14.24.56 Netmask: 0xFFFFFFFF
MAC: 00-50-7F-B7-5C-C9
> quitConnection closed by foreign host.
++++++++++++++++++++++++++++++++++++++++++
b. The issue now comes in when I run "drancid -d 79.14.24.56". I don't get the output I expect. I get the following. I suspect this is something to do with the commands in the commandtable calling the subs, I could be totally wrong here. (By the way I'm not looking for formatting at the moment just looking for some output)
++++++++++++++++++++++++++++++++++++++++++
drancid -d 79.14.24.56
executing dlogin -t 30 -c"sys version;sys iface" 79.14.24.56
79.14.24.56: missed cmd(s): sys version,sys iface
79.14.24.56: missed cmd(s): sys version,sys iface
79.14.24.56.new (output)
!RANCID-CONTENT-TYPE: draytek
!
!
!
!
!
+++++++++++++++++++++++++++++++++++++++++++
Any help with this would be greatly appreciated
Thanks
Scripts
++++++++++++++++++++++++++++++++++++++++++++++
dlogin
#! /usr/bin/expect --
#
# dlogin - draytek login
#
# Usage line
set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \
\[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \
\[-s script-file\] \[-t timeout\] \[-u username\] \
\[-v vty-password\] \[-w enable-username\] \[-x command-file\] \
\[-y ssh_cypher_type\] router \[router...\]\n"
# env(CLOGIN) may contain:
# x == do not set xterm banner or name
# Password file
set password_file $env(HOME)/.cloginrc
# Default is to login to the router
set do_command 0
set do_script 0
# The default is to automatically enable
set avenable 1
# The default is that you login non-enabled (tacacs can have you login already
# enabled)
set avautoenable 0
# The default is to look in the password file to find the passwords. This
# tracks if we receive them on the command line.
set do_passwd 1
set do_enapasswd 1
# attempt at platform switching.
set platform ""
#
set send_human {.2 .1 .4 .2 1}
# Find the user in the ENV, or use the unix userid.
if {[ info exists env(CISCO_USER) ]} {
set default_user $env(CISCO_USER)
} elseif {[ info exists env(USER) ]} {
set default_user $env(USER)
} elseif {[ info exists env(LOGNAME) ]} {
set default_user $env(LOGNAME)
} else {
# This uses "id" which I think is portable. At least it has existed
# (without options) on all machines/OSes I've been on recently -
# unlike whoami or id -nu.
if [ catch {exec id} reason ] {
send_error "\nError: could not exec id: $reason\n"
exit 1
}
regexp {\(([^)]*)} "$reason" junk default_user
}
if {[ info exists env(CLOGINRC) ]} {
set password_file $env(CLOGINRC)
}
# Sometimes routers take awhile to answer (the default is 10 sec)
set timeout 45
# Process the command line
for {set i 0} {$i < $argc} {incr i} {
set arg [lindex $argv $i]
switch -glob -- $arg {
# Expect debug mode
-d* {
exp_internal 1
# Username
} -u* -
-U* {
if {! [ regexp .\[uU\](.+) $arg ignore user]} {
incr i
set username [ lindex $argv $i ]
}
# VTY Password
} -p* -
-P* {
if {! [ regexp .\[pP\](.+) $arg ignore userpasswd]} {
incr i
set userpasswd [ lindex $argv $i ]
}
set do_passwd 0
# VTY Password
} -v* {
if {! [ regexp .\[vV\](.+) $arg ignore passwd]} {
incr i
set passwd [ lindex $argv $i ]
}
set do_passwd 0
# Version string
} -V* {
send_user "rancid 2.3.2a9\n"
exit 0
# Enable Username
} -w* -
-W* {
if {! [ regexp .\[wW\](.+) $arg ignore enauser]} {
incr i
set enausername [ lindex $argv $i ]
}
# Environment variable to pass to -s scripts
} -E*
{
if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} {
set E$varname $varvalue
} else {
send_user "\nError: invalid format for -E in $arg\n"
exit 1
}
# Enable Password
} -e*
{
if {! [ regexp .\[e\](.+) $arg ignore enapasswd]} {
incr i
set enapasswd [ lindex $argv $i ]
}
set do_enapasswd 0
# Command to run.
} -c* -
-C* {
if {! [ regexp .\[cC\](.+) $arg ignore command]} {
incr i
set command [ lindex $argv $i ]
}
set do_command 1
# Expect script to run.
} -s* -
-S* {
if {! [ regexp .\[sS\](.+) $arg ignore sfile]} {
incr i
set sfile [ lindex $argv $i ]
}
if { ! [ file readable $sfile ] } {
send_user "\nError: Can't read $sfile\n"
exit 1
}
set do_script 1
# 'ssh -c' cypher type
} -y* -
-Y* {
if {! [ regexp .\[eE\](.+) $arg ignore cypher]} {
incr i
set cypher [ lindex $argv $i ]
}
# alternate cloginrc file
} -f* -
-F* {
if {! [ regexp .\[fF\](.+) $arg ignore password_file]} {
incr i
set password_file [ lindex $argv $i ]
}
# Timeout
} -t* -
-T* {
if {! [ regexp .\[tT\](.+) $arg ignore timeout]} {
incr i
set timeout [ lindex $argv $i ]
}
# Command file
} -x* -
-X {
if {! [ regexp .\[xX\](.+) $arg ignore cmd_file]} {
incr i
set cmd_file [ lindex $argv $i ]
}
if [ catch {set cmd_fd [open $cmd_file r]} reason ] {
send_user "\nError: $reason\n"
exit 1
}
set cmd_text [read $cmd_fd]
close $cmd_fd
set command [join [split $cmd_text \n] \;]
set do_command 1
# Do we enable?
} -noenable {
set avenable 0
# Does tacacs automatically enable us?
} -autoenable {
# hp does not autoenable
set autoenable 1
set avenable 0
} -* {
send_user "\nError: Unknown argument! $arg\n"
send_user $usage
exit 1
} default {
break
}
}
}
# Process routers...no routers listed is an error.
if { $i == $argc } {
send_user "\nError: $usage"
}
# Only be quiet if we are running a script (it can log its output
# on its own)
if { $do_script } {
log_user 0
} else {
log_user 1
}
#
# Done configuration/variable setting. Now run with it...
#
# Sets Xterm title if interactive...if its an xterm and the user cares
proc label { host } {
global env
# if CLOGIN has an 'x' in it, don't set the xterm name/banner
if [info exists env(CLOGIN)] {
if {[string first "x" $env(CLOGIN)] != -1} { return }
}
# take host from ENV(TERM)
if [info exists env(TERM)] {
if [regexp \^(xterm|vs) $env(TERM) ignore ] {
send_user "\033]1;[lindex [split $host "."] 0]\a"
send_user "\033]2;$host\a"
}
}
}
# This is a helper function to make the password file easier to
# maintain. Using this the password file has the form:
# add password sl* pete cow
# add password at* steve
# add password * hanky-pie
proc add {var args} { global int_$var ; lappend int_$var $args}
proc include {args} {
global env
regsub -all "(^{|}$)" $args {} args
if { [ regexp "^/" $args ignore ] == 0 } {
set args $env(HOME)/$args
}
source_password_file $args
}
proc find {var router} {
upvar int_$var list
if { [info exists list] } {
foreach line $list {
if { [string match [lindex $line 0] $router ] } {
return [lrange $line 1 end]
}
}
}
return {}
}
# Loads the password file. Note that as this file is tcl, and that
# it is sourced, the user better know what to put in there, as it
# could install more than just password info... I will assume however,
# that a "bad guy" could just as easy put such code in the clogin
# script, so I will leave .cloginrc as just an extention of that script
proc source_password_file { password_file } {
global env
if { ! [file exists $password_file] } {
send_user "\nError: password file ($password_file) does not exist\n"
exit 1
}
file stat $password_file fileinfo
if { [expr ($fileinfo(mode) & 007)] != 0000 } {
send_user "\nError: $password_file must not be world readable/writable\n"
exit 1
}
if [ catch {source $password_file} reason ] {
send_user "\nError: $reason\n"
exit 1
}
}
# Log into the router.
# returns: 0 on success, 1 on failure
proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
global spawn_id in_proc do_command do_script platform
global prompt u_prompt p_prompt e_prompt sshcmd
set in_proc 1
# try each of the connection methods in $cmethod until one is successful
set progs [llength $cmethod]
foreach prog [lrange $cmethod 0 end] {
incr progs -1
regexp {(telnet|ssh)(:([^[:space:]]+))*} $prog command suffix junk port
if [string match "telnet*" $prog] {
if {"$port" == ""} {
set retval [ catch {spawn telnet $router} reason ]
} else {
set retval [ catch {spawn telnet $router $port} reason ]
}
if { $retval } {
send_user "\nError: telnet failed: $reason\n"
return 1
}
} elseif [string match "ssh*" $prog] {
if {"$port" == ""} {
set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ]
} else {
set retval [ catch {spawn $sshcmd -c $cyphertype -p $port -x -l $user $router} reason ]
}
if { $retval } {
send_user "\nError: $sshcmd failed: $reason\n"
return 1
}
} elseif ![string compare $prog "rsh"] {
send_error "\nError: unsupported method: rsh\n"
if { $progs == 0 } {
return 1
}
continue;
} else {
send_user "\nError: unknown connection method: $prog\n"
return 1
}
sleep 0.3
# This helps cleanup each expect clause.
expect_after {
timeout {
send_user "\nError: TIMEOUT reached\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
} eof {
send_user "\nError: EOF received\n"
catch {close}; catch {wait};
if { $in_proc} {
return 1
} else {
continue
}
}
}
# Here we get a little tricky. There are several possibilities:
# the router can ask for a username and passwd and then
# talk to the TACACS server to authenticate you, or if the
# TACACS server is not working, then it will use the enable
# passwd. Or, the router might not have TACACS turned on,
# then it will just send the passwd.
# if telnet fails with connection refused, try ssh
expect {
"Press any key to continue" {
send " "
exp_continue
}
-re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" {
catch {close}; catch {wait};
if !$progs {
send_user "\nError: Connection Refused ($prog)\n"; return 1
}
}
"Host is unreachable" {
catch {close}; catch {wait};
send_user "\nError: Host Unreachable!\n"; wait; return 1
}
"No address associated with name" {
catch {close}; catch {wait};
send_user "\nError: Unknown host\n"; wait; return 1
}
-re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" {
send "yes\r"
send_user "\nHost $router added to the list of known hosts.\n"
exp_continue }
-re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" {
send "no\r"
send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n"
return 1 }
-re "Offending key for .* \(yes\/no\)\?" {
send "no\r"
send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n"
return 1 }
eof { send_user "\nError: Couldn't login\n"; wait; return 1 }
-nocase "unknown host\r" {
catch {close}; catch {wait};
send_user "\nError: Unknown host\n"; wait; return 1
}
-re "$u_prompt" { send -- "$user\r"
expect {
eof { send_user "\nError: Couldn't login\n"; wait; return 1 }
"Login invalid" { send_user "\nError: Invalid login\n";
catch {close}; catch {wait};
return 1 }
-re "$p_prompt" { send -- "$userpswd\r" }
"$prompt" { set in_proc 0; return 0 }
"Press any key to continue" {
send " "
exp_continue
}
}
exp_continue
}
-re "$p_prompt" {
if ![string compare $prog "ssh"] {
send -- "$userpswd\r"
} else {
send -- "$passwd\r"
}
expect {
eof { send_user "\nError: Couldn't login\n";
wait;
return 1
}
"Press any key to continue" {
send " ";
exp_continue
}
-re "$e_prompt" { send -- "$enapasswd\r" }
"$prompt" { set in_proc 0;
return 0
}
}
exp_continue
}
"$prompt" { break; }
denied { send_user "\nError: Check your passwd for $router\n"
catch {close}; catch {wait}; return 1
}
"% Bad passwords" {send_user "\nError: Check your passwd for $router\n"; return 1 }
}
}
set in_proc 0
return 0
}
# Enable
proc do_enable { enauser enapasswd } {
global prompt in_proc
global u_prompt e_prompt
set in_proc 1
send "enable\r"
expect {
-re "$u_prompt" { send -- "$enauser\r"; exp_continue}
-re "$e_prompt" { send -- "$enapasswd\r"; exp_continue}
">" { set prompt ">" }
"(enable)" { set prompt "# (enable) " }
denied { send_user "\nError: Check your Enable passwd\n"; return 1}
"% Bad passwords" { send_user "\nError: Check your Enable passwd\n"
return 1
}
}
# We set the prompt variable (above) so script files don't need
# to know what it is.
set in_proc 0
return 0
}
# Run commands given on the command line.
proc run_commands { prompt command } {
global in_proc platform
set in_proc 1
# Turn off the pager and escape regex meta characters in the $prompt
#send "no page\r"
send "\r"
regsub -all {[)(]} $prompt {\\&} reprompt
regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt
expect {
-re $reprompt {}
-re "\[\n\r]+" { exp_continue }
}
# this is the only way i see to get rid of more prompts in o/p..grrrrr
log_user 0
set commands [split $command \;]
set num_commands [llength $commands]
# if the pager can not be turned off, we have to look for the "More"
# prompt.
for {set i 0} {$i < $num_commands} { incr i} {
send -- "[subst -nocommands [lindex $commands $i]]\r"
expect {
-re "^\[^\n\r *]*$reprompt" { catch {send_user -- "$expect_out(buffer)"} }
-re "^\[^\n\r]*$reprompt." { catch {send_user -- "$expect_out(buffer)"}
exp_continue }
-re "\[\n\r]+" { catch {send_user -- "$expect_out(buffer)"}
exp_continue }
-re "\[^\r\n]*Press <SPACE> to cont\[^\r\n]*" {
send " "
expect {
# gag, 2 more prompts
-re "\[\r\n]*\r" {}
-re "\[^\r\n]*Press <SPACE> to cont\[^\r\n]*" {
catch {send " "};
exp_continue
}
}
exp_continue
}
-re "^<-+ More -+>\[^\n\r]*" { catch {send " "}
exp_continue }
-re "^-+ MORE -+\[^\n\r]*" { catch {send " "}
exp_continue }
# 3 flavours of the more prompt, first -More-, then --More-- (for
# cisco/riverhead AGM), then with more dashes.
-re "^-More-\[^\n\r-]*" { catch {send " "}
exp_continue }
-re "^--More--\[^\n\r-]*" { catch {send " "}
exp_continue }
-re "^---+More---+\[^\n\r]*" {
catch {send " "}
exp_continue }
-re "\b+" { exp_continue }
}
}
log_user 1
send -h "quit\r"
expect {
"quitConnection closed by foreign host" {
catch {close}
return 0
}
"Do you want to save current configuration" {
catch {send "n\r"}
exp_continue
}
"Do you wish to save " {
catch {send "n\r"}
exp_continue
}
"Do you want to log out" {
catch {send "y\r"}
exp_continue
}
-re "\[\r\n]+" { exp_continue }
-re "^.+> " {
catch {send -h "quit\r"}
exp_continue
}
timeout { catch {close}; catch {wait};
return 0
}
eof { return 0 }
}
set in_proc 0
}
#
# For each router... (this is main loop)
#
source_password_file $password_file
set in_proc 0
set exitval 0
foreach router [lrange $argv $i end] {
set router [string tolower $router]
send_user "$router\n"
# Figure out prompt.
# Since autoenable is off by default, if we have it defined, it
# was done on the command line. If it is not specifically set on the
# command line, check the password file.
if $avautoenable {
set autoenable 1
set enable 0
set prompt ">"
} else {
set ae [find autoenable $router]
if { "$ae" == "1" } {
set autoenable 1
set enable 0
set prompt "#"
} else {
set autoenable 0
set enable $avenable
set prompt ">"
}
}
# look for noenable option in .cloginrc
if { [find noenable $router] != "" } {
set enable 0
}
# Figure out passwords
if { $do_passwd || $do_enapasswd } {
set pswd [find password $router]
if { [llength $pswd] == 0 } {
send_user "\nError: no password for $router in $password_file.\n"
continue
}
if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {
send_user "\nError: no enable password for $router in $password_file.\n"
continue
}
set passwd [join [lindex $pswd 0] ""]
set enapasswd [join [lindex $pswd 1] ""]
} else {
set passwd $userpasswd
set enapasswd $enapasswd
}
# Figure out username
if {[info exists username]} {
# command line username
set ruser $username
} else {
set ruser [join [find user $router] ""]
if { "$ruser" == "" } { set ruser $default_user }
}
# Figure out username's password (if different from the vty password)
if {[info exists userpasswd]} {
# command line username
set userpswd $userpasswd
} else {
set userpswd [join [find userpassword $router] ""]
if { "$userpswd" == "" } { set userpswd $passwd }
}
# Figure out enable username
if {[info exists enausername]} {
# command line enausername
set enauser $enausername
} else {
set enauser [join [find enauser $router] ""]
if { "$enauser" == "" } { set enauser $ruser }
}
# Figure out prompts
set u_prompt [find userprompt $router]
if { "$u_prompt" == "" } {
set u_prompt "(Username|login|user name):"
} else {
set u_prompt [join [lindex $u_prompt 0] ""]
}
set p_prompt [find passprompt $router]
if { "$p_prompt" == "" } {
set p_prompt "(\[Pp]assword|passwd):"
} else {
set p_prompt [join [lindex $p_prompt 0] ""]
}
set e_prompt [find enableprompt $router]
if { "$e_prompt" == "" } {
set e_prompt "\[Pp]assword:"
} else {
set e_prompt [join [lindex $e_prompt 0] ""]
}
# Figure out cypher type
if {[info exists cypher]} {
# command line cypher type
set cyphertype $cypher
} else {
set cyphertype [find cyphertype $router]
if { "$cyphertype" == "" } { set cyphertype "3des" }
}
# Figure out connection method
set cmethod [find method $router]
if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} }
# Figure out the SSH executable name
set sshcmd [find sshcmd $router]
if { "$sshcmd" == "" } { set sshcmd {ssh} }
# Login to the router
if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} {
incr exitval
continue
}
if { $enable } {
if {[do_enable $enauser $enapasswd]} {
if { $do_command || $do_script } {
incr exitval
catch {close}; catch {wait};
continue
}
}
}
# we are logged in, now figure out the full prompt
send "\r"
expect {
-re "\[\r\n]+" { exp_continue; }
#rhys -re "^.+$prompt " { set prompt $expect_out(0,string); }
-re "> " { set prompt $expect_out(0,string); }
}
if { $do_command } {
if {[run_commands $prompt $command]} {
incr exitval
continue
}
} elseif { $do_script } {
# disable the pager
#rhys send "no page\r"
expect -re $prompt {}
source $sfile
catch {close};
} else {
label $router
log_user 1
interact
}
# End of for each router
catch {wait};
sleep 0.3
}
exit $exitval
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
drancid
#! /usr/bin/perl
##
# RANCID - Really Awesome New Cisco confIg Differ
#
# usage: rancid [-dV] [-l] [-f filename | hostname]
#
use Getopt::Std;
getopts('dflV');
if ($opt_V) {
print "rancid 2.3.2a9\n";
exit(0);
}
$log = $opt_l;
$debug = $opt_d;
$file = $opt_f;
$host = $ARGV[0];
$ios = "IOS";
$clean_run = 0;
$found_end = 1;
$found_version = 0;
$found_env = 0;
$found_diag = 0;
$timeo = 30; # dlogin timeout in seconds
#$prompt = '> ';
my(@commandtable, %commands, @commands);# command lists
my($aclsort) = ("ipsort"); # ACL sorting mode
my($config_register); # configuration register value
my($filter_commstr); # SNMP community string filtering
my($filter_pwds); # password filtering mode
# This routine is used to print out the router configuration
sub ProcessHistory {
my($new_hist_tag,$new_command,$command_string, at string) = (@_);
if ((($new_hist_tag ne $hist_tag) || ($new_command ne $command))
&& defined %history) {
print eval "$command \%history";
undef %history;
}
if (($new_hist_tag) && ($new_command) && ($command_string)) {
if ($history{$command_string}) {
$history{$command_string} = "$history{$command_string}@string";
} else {
$history{$command_string} = "@string";
}
} elsif (($new_hist_tag) && ($new_command)) {
$history{++$#history} = "@string";
} else {
print "@string";
}
$hist_tag = $new_hist_tag;
$command = $new_command;
1;
}
sub numerically { $a <=> $b; }
# This is a sort routine that will sort numerically on the
# keys of a hash as if it were a normal array.
sub keynsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort numerically keys(%lines)) {
$sorted_lines[$i] = $lines{$key};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# keys of a hash as if it were a normal array.
sub keysort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort keys(%lines)) {
$sorted_lines[$i] = $lines{$key};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# values of a hash as if it were a normal array.
sub valsort{
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort values %lines) {
$sorted_lines[$i] = $key;
$i++;
}
@sorted_lines;
}
# This is a numerical sort routine (ascending).
sub numsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $num (sort {$a <=> $b} keys %lines) {
$sorted_lines[$i] = $lines{$num};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# ip address when the ip address is anywhere in
# the strings.
sub ipsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $addr (sort sortbyipaddr keys %lines) {
$sorted_lines[$i] = $lines{$addr};
$i++;
}
@sorted_lines;
}
# These two routines will sort based upon IP addresses
sub ipaddrval {
my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#);
$a[3] + 256 * ($a[2] + 256 * ($a[1] +256 * $a[0]));
}
sub sortbyipaddr {
&ipaddrval($a) <=> &ipaddrval($b);
}
# This routine parses "sys version"
sub SysVer1 {
# skip if this is 7000, 7200, 7500, or 12000; else we end up with
# redundant data from dir /all slot0:
print STDERR " In SysVer1: $_"; #if ($debug);
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
next if (/^(\s*|\s*$cmd\s*)$/);
return(1) if ($type =~ /^(12[40]|7)/);
return(1) if /^\s*\^\s*$/;
return(1) if /Line has invalid autocommand /;
return(1) if /(Invalid input detected|Type help or )/;
return(-1) if (/command authorization failed/i);
# the pager can not be disabled per-session on the PIX
if (/^(<-+ More -+>)/) {
my($len) = length($1);
s/^$1\s{$len}//;
}
/\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next;
ProcessHistory("FLASH","","","!Flash: $_");
}
ProcessHistory("","","","!\n");
return;
}
sub SysVer2 {
print STDERR " In SysVer2: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if(/^$prompt/);
next if /^\s*$/;
#next if /Router Model/;
#next if(/^(\s*|\s*$cmd\s*)$/);
#return(1) if /^(upnp|radius)/;
#return(1) if /^%/;
#return(-1) if (/command authorization failed/i);
ProcessHistory("VERSION","","","!SW: $_");
}
ProcessHistory("VERSION","","","!\n");
return;
}
sub SysVer {
print STDERR " In SysVer: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if(/^$prompt/);
next if(/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
ProcessHistory("COMMENTS","keysort","C0", "! $_") && next;
}
return(0);
}
#
# dummy function
sub DoNothing {print STDOUT;}
# Main
@commandtable = (
{'sys version' => 'SysVer'},
{'sys iface' => 'DoNothing'}
#{'\?' => 'SysVer'}
);
# Use an array to preserve the order of the commands and a hash for mapping
# commands to the subroutine and track commands that have been completed.
@commands = map(keys(%$_), @commandtable);
%commands = map(%$_, @commandtable);
$cisco_cmds = join(";", at commands);
$cmds_regexp = join("|", at commands);
if (length($host) == 0) {
if ($file) {
print(STDERR "Too few arguments: file name required\n");
exit(1);
} else {
print(STDERR "Too few arguments: host name required\n");
exit(1);
}
}
open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n";
select(OUTPUT);
# make OUTPUT unbuffered if debugging
if ($debug) { $| = 1; }
if ($file) {
print STDERR "opening file $host\n" if ($debug);
print STDOUT "opening file $host\n" if ($log);
open(INPUT,"<$host") || die "open failed for $host: $!\n";
} else {
print STDERR "executing dlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug);
print STDOUT "executing dlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log);
if (defined($ENV{NOPIPE})) {
system "dlogin -t $timeo -c \"$cisco_cmds\" $host </dev/null > $host.raw 2>&1" || die "dlogin failed for $host: $!\n";
open(INPUT, "< $host.raw") || die "dlogin failed for $host: $!\n";
} else {
open(INPUT,"dlogin -t $timeo -c \"$cisco_cmds\" $host </dev/null |") || die "dlogin failed for $host: $!\n";
}
}
# determine ACL sorting mode
if ($ENV{"ACLSORT"} =~ /no/i) {
$aclsort = "";
}
# determine community string filtering mode
if (defined($ENV{"NOCOMMSTR"}) &&
($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) {
$filter_commstr = 1;
} else {
$filter_commstr = 0;
}
# determine password filtering mode
if ($ENV{"FILTER_PWDS"} =~ /no/i) {
$filter_pwds = 0;
} elsif ($ENV{"FILTER_PWDS"} =~ /all/i) {
$filter_pwds = 2;
} else {
$filter_pwds = 1;
}
ProcessHistory("","","","!RANCID-CONTENT-TYPE: draytek\n!\n");
ProcessHistory("COMMENTS","keysort","B0","!\n");
ProcessHistory("COMMENTS","keysort","D0","!\n");
ProcessHistory("COMMENTS","keysort","F0","!\n");
ProcessHistory("COMMENTS","keysort","G0","!\n");
TOP: while(<INPUT>) {
tr/\015//d;
# if (/[>#]\s?exit$/) {
# if (/[>#]\s?quit$/) {
# if (/^$prompt/) {
if (/> s?quitConnection closed by foreign host\.$/){
$clean_run = 1;
last;
}
if (/^Error:/) {
print STDOUT ("$host dlogin error: $_");
print STDERR ("$host dlogin error: $_") if ($debug);
$clean_run = 0;
last;
}
while (/#\s*($cmds_regexp)\s*$/) {
$cmd = $1;
if (!defined($prompt)) {
$prompt = ($_ =~ /^([^#]+#)/)[0];
$prompt =~ s/([][}{)(\\])/\\$1/g;
print STDERR ("PROMPT MATCH: $prompt\n")if ($debug);
}
print STDERR ("HIT COMMAND:$_") if ($debug);
if (! defined($commands{$cmd})) {
print STDERR "$host: found unexpected command - \"$cmd\"\n";
$clean_run = 0;
last TOP;
}
$rval = &{$commands{$cmd}};
delete($commands{$cmd});
if ($rval == -1) {
$clean_run = 0;
last TOP;
}
}
}
print STDOUT "Done $logincmd: $_\n" if ($log);
print STDOUT "Clean Run = $clean_run \n" if ($log);
print STDOUT "End Found = $found_end \n" if ($log);
###next 2 lines troubleshooting
#$clean_run = 1;
#$found_end = 1;
# Flush History
ProcessHistory("","","","");
# Cleanup
close(INPUT);
close(OUTPUT);
if (defined($ENV{NOPIPE})) {
unlink("$host.raw") if (! $debug);
}
# check for completeness
if (scalar(%commands) || !$clean_run || !$found_end) {
###=debug
if (scalar(%commands)) {
printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands)));
printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug);
}
if (!$clean_run || !$found_end) {
print STDOUT "$host: End of run not found\n";
print STDERR "$host: End of run not found\n" if ($debug);
system("/usr/bin/tail -1 $host.new");
}
unlink "$host.new" if (! $debug);
}
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
--
This message was scanned by Redclient and is believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090416/b27ca586/attachment.html
More information about the Rancid-discuss
mailing list