diff options
| author | Tar Committer <tar@ocjtech.us> | 2001-02-05 17:47:18 +0000 |
|---|---|---|
| committer | Tar Committer <tar@ocjtech.us> | 2001-02-05 17:47:18 +0000 |
| commit | b88919bea4b222a616adbdd2b82fc262a14afc8d (patch) | |
| tree | a75da71b0e2f905f35d2d7cbfd161df97a3d2c63 /bin | |
| parent | 25c2b7c2c8a333b276c3499bcce004137d4b4fe0 (diff) | |
| download | rancid-b88919bea4b222a616adbdd2b82fc262a14afc8d.tar.gz rancid-b88919bea4b222a616adbdd2b82fc262a14afc8d.tar.xz rancid-b88919bea4b222a616adbdd2b82fc262a14afc8d.zip | |
Imported from rancid-2.1.tar.gz.rancid-2.1
Diffstat (limited to 'bin')
| -rw-r--r-- | bin/Makefile.in | 6 | ||||
| -rwxr-xr-x | bin/cat5rancid.in | 24 | ||||
| -rwxr-xr-x | bin/clogin.in | 53 | ||||
| -rwxr-xr-x | bin/configure | 12 | ||||
| -rw-r--r-- | bin/configure.in | 9 | ||||
| -rwxr-xr-x | bin/control_rancid.in | 64 | ||||
| -rwxr-xr-x | bin/do-diffs.in | 21 | ||||
| -rwxr-xr-x | bin/elogin.in | 50 | ||||
| -rw-r--r-- | bin/env.in | 2 | ||||
| -rwxr-xr-x | bin/erancid.in | 6 | ||||
| -rwxr-xr-x | bin/flogin.in | 66 | ||||
| -rwxr-xr-x | bin/francid.in | 30 | ||||
| -rwxr-xr-x | bin/jlogin.in | 32 | ||||
| -rwxr-xr-x | bin/jrancid.in | 6 | ||||
| -rwxr-xr-x | bin/rancid.in | 54 | ||||
| -rwxr-xr-x | bin/rrancid.in | 15 |
16 files changed, 316 insertions, 134 deletions
diff --git a/bin/Makefile.in b/bin/Makefile.in index 8a97def..04b2545 100644 --- a/bin/Makefile.in +++ b/bin/Makefile.in @@ -13,10 +13,12 @@ install: all $(INSTALL) $$prog $(PREFIX)/bin; \ done; \ if test -f $(PREFIX)/bin/env ; then \ - echo "WARNING: *** $(PREFIX)/bin/env exists: not installing."; \ + echo "WARNING: *** $(PREFIX)/bin/env exists: installing as env.new."; \ + echo " *** review env.new for new/deprecated switches"; \ + $(INSTALL_DATA) env $(PREFIX)/bin/env.new; \ else \ $(INSTALL_DATA) env $(PREFIX)/bin; \ - fi + fi # BIN_DATAS are empty at the moment. # for prog in $(BIN_DATAS) ; do \ # $(INSTALL_DATA) $$prog $(PREFIX)/bin; \ diff --git a/bin/cat5rancid.in b/bin/cat5rancid.in index 8eb529b..cf0583d 100755 --- a/bin/cat5rancid.in +++ b/bin/cat5rancid.in @@ -354,6 +354,7 @@ sub ShowFlash { return(1) if ($type =~ /^(120|7)/); return(1) if /^\s*\^\s*$/; return(1) if /Invalid input detected/; + return(-1) if /session in progress. Try again later/; # Flash is busy ProcessHistory("FLASH","","","!Flash: $_"); } ProcessHistory("","","","!\n"); @@ -798,6 +799,23 @@ sub ShowC7200 { return(0); } +# This routine processes a "show port ifindex" +sub ShowPortIfindex { + print STDERR " In ShowPortIfindex: $_" if ($debug); + + ProcessHistory("","","","!\n"); + while (<INPUT>) { + tr/\015//d; + last if(/^$prompt/); + next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /^\s*\^\s*$/; + return(1) if /Invalid input detected/; + return(1) if /Unknown command/; + return(1) if /Usage: /; + ProcessHistory("","","","! $_"); + } +} + # This routine processes a "write term" sub WriteTerm { print STDERR " In WriteTerm: $_" if ($debug); @@ -908,9 +926,6 @@ sub WriteTerm { # order logging statements /^set logging server (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; - # order name-server statements - /^set ip dns server (\d+\.\d+\.\d+\.\d+)/ && - ProcessHistory("NAMESERVER","ipsort","$1","$_") && next; # order/prune snmp-server host statements # we only prune lines of the form # snmp-server host a.b.c.d <community> @@ -983,6 +998,7 @@ sub DoNothing {print STDOUT;} 'dir slot0:' => "DirSlotN", 'dir slot1:' => "DirSlotN", 'show module' => "ShowModule", + 'show port ifindex' => "ShowPortIfindex", 'write term' => "WriteTerm" ); # keys() doesnt return things in the order entered and the order of the @@ -995,6 +1011,7 @@ sub DoNothing {print STDOUT;} "dir slot0:", "dir slot1:", "show module", + "show port ifindex", "write term" ); $cisco_cmds=join(";",@commands); @@ -1020,6 +1037,7 @@ if ($file) { } } +ProcessHistory("","","","!RANCID-CONTENT-TYPE: cat5\n!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","F0","!\n"); ProcessHistory("COMMENTS","keysort","G0","!\n"); diff --git a/bin/clogin.in b/bin/clogin.in index e239d50..40d0d57 100755 --- a/bin/clogin.in +++ b/bin/clogin.in @@ -53,11 +53,17 @@ set do_enapasswd 1 # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ] } { set default_user $env(CISCO_USER) +} elseif {[ info exists env(USER) ]} { + set default_user $env(USER) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. - regexp {\(([^)]*)} [exec id] junk default_user + if [ catch {exec id} reason ] { + send_error "Error: could not exec id: $reason\n" + exit 1 + } + regexp {\(([^)]*)} "$reason" junk default_user } # Sometimes routers take awhile to answer (the default is 10 sec) @@ -213,36 +219,39 @@ proc label { host } { # add password sl* pete cow # add password at* steve # add password * hanky-pie -proc add {var args} { global $var ;lappend $var $args} +proc add {var args} { global int_$var ; lappend int_$var $args} +proc include {args} { + global env + regsub -all "(^{|}$)" $args {} args + if { [ regexp "^/" $args ignore ] == 0 } { + set args $env(HOME)/$args + } + source_password_file $args +} + proc find {var router} { - source_password_file - upvar $var list - if { [info exists list] } { - foreach line $list { - if { [string match [lindex $line 0] $router ] } { - return [lrange $line 1 end] - } - } - } - return {} -} + upvar int_$var list + if { [info exists list] } { + foreach line $list { + if { [string match [lindex $line 0] $router ] } { + return [lrange $line 1 end] + } + } + } + return {} +} # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script -proc source_password_file { } { - global env password_file read_password_file - if { [info exists read_password_file] } { return } - if { [info exists password_file] == 0 } { - set password_file $env(HOME)/.cloginrc - } +proc source_password_file { password_file } { + global env if { ! [file exists $password_file] } { send_user "Error: password file ($password_file) does not exist\n" exit 1 } - set read_password_file 1 file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "Error: $password_file must not be world readable/writable\n" @@ -458,6 +467,7 @@ proc run_commands { prompt command } { # # For each router... (this is main loop) # +source_password_file $password_file set in_proc 0 foreach router [lrange $argv $i end] { set router [string tolower $router] @@ -530,7 +540,7 @@ foreach router [lrange $argv $i end] { # Figure out prompts set u_prompt [find userprompt $router] - if { "$u_prompt" == "" } { set u_prompt "(Username|login):" } + if { "$u_prompt" == "" } { set u_prompt "(Username|login|user name):" } set p_prompt [find passprompt $router] if { "$p_prompt" == "" } { set p_prompt "(\[Pp]assword|passwd):" } set e_prompt [find enableprompt $router] @@ -573,6 +583,7 @@ foreach router [lrange $argv $i end] { send "term length 0\r" } else { send "set length 0\r" + send "set logging session disable\r" } expect $prompt {} source $sfile diff --git a/bin/configure b/bin/configure index b0770e7..69078a7 100755 --- a/bin/configure +++ b/bin/configure @@ -616,12 +616,21 @@ RD_BIN_PROGS=$rd_cv_rd_bin_progs PERLV_PATH=$ac_cv_path_PERLV_PATH +PERLV=$ac_cv_PERLV + + EXPECT_PATH=$ac_cv_path_EXPECT_PATH ENV_PATH=$ac_cv_env_path +MAILPLUS=$rd_cv_MAILPLUS + + +DIFF_CMD=$rd_cv_DIFF_CMD + + trap '' 1 2 15 cat > confcache <<\EOF # This file is a shell script that caches the results of configure @@ -773,8 +782,11 @@ s%@INSTALL_DATA@%$INSTALL_DATA%g s%@RD_BIN_DATAS@%$RD_BIN_DATAS%g s%@RD_BIN_PROGS@%$RD_BIN_PROGS%g s%@PERLV_PATH@%$PERLV_PATH%g +s%@PERLV@%$PERLV%g s%@EXPECT_PATH@%$EXPECT_PATH%g s%@ENV_PATH@%$ENV_PATH%g +s%@MAILPLUS@%$MAILPLUS%g +s%@DIFF_CMD@%$DIFF_CMD%g CEOF EOF diff --git a/bin/configure.in b/bin/configure.in index 02b7d71..d78d758 100644 --- a/bin/configure.in +++ b/bin/configure.in @@ -14,12 +14,21 @@ AC_SUBST(RD_BIN_PROGS) PERLV_PATH=$ac_cv_path_PERLV_PATH AC_SUBST(PERLV_PATH) +PERLV=$ac_cv_PERLV +AC_SUBST(PERLV) + EXPECT_PATH=$ac_cv_path_EXPECT_PATH AC_SUBST(EXPECT_PATH) ENV_PATH=$ac_cv_env_path AC_SUBST(ENV_PATH) +MAILPLUS=$rd_cv_MAILPLUS +AC_SUBST(MAILPLUS) + +DIFF_CMD=$rd_cv_DIFF_CMD +AC_SUBST(DIFF_CMD) + AC_OUTPUT(Makefile env $RD_BIN_DATAS $RD_BIN_PROGS) # fix permissions on scripts. diff --git a/bin/control_rancid.in b/bin/control_rancid.in index 2acecc7..58f6211 100755 --- a/bin/control_rancid.in +++ b/bin/control_rancid.in @@ -28,38 +28,61 @@ if [ $# -lt 1 ]; then else GROUP=$1 fi -TMP=/var/tmp/rancid.$GROUP.$$ DIR=$BASEDIR/$GROUP +TMP=${TMPDIR:=/tmp}/rancid.$GROUP.$$ +trap 'rm -fr $TMP;' 1 2 15 # Bail if we do not have the necessary info to run if [ ! -d $DIR ] then + echo "$DIR does not exist." + echo "Run bin/create_cvs $GROUP to make all of the needed directories." ( echo "$DIR does not exist." - ) | Mail -s "no $GROUP directory" rancid-admin-$GROUP + echo "Run bin/create_cvs $GROUP to make all of the needed directories." + ) | Mail -s "no $GROUP directory" @MAILPLUS@admin-$GROUP exit 1 fi + +# do cvs update of router.db in case anyone has fiddled. +cd $DIR +cvs update router.db > $TMP 2>&1 +grep "^C" $TMP > /dev/null +if [ $? -eq 0 ] ; then + echo "There were CVS conflicts during update." + echo "" + cat $TMP + rm -f $TMP + exit 1 +fi +rm -f $TMP + if [ ! -f $DIR/router.db ] then ( echo "$DIR/router.db does not exist." - ) | Mail -s "no $GROUP/router.db file" rancid-admin-$GROUP + ) | Mail -s "no $GROUP/router.db file" @MAILPLUS@admin-$GROUP exit 1; elif [ ! -s $DIR/router.db ] then exit fi -# generate the list of routers we should try to fetch +# generate the list of all, up, & down routers cd $DIR +trap 'rm -fr routers.db routers.all.new routers.down.new routers.up.new \ + $TMP;' 1 2 15 grep -v '^#' router.db > routers.db cut -d: -f1,2 routers.db | sort -u > routers.all.new +if [ ! -f routers.all ] ; then touch routers.all; fi diff routers.all routers.all.new > /dev/null 2>&1; RALL=$? -@PERLV_PATH@ -F: -ane '{($F[0] =~ tr@A-Z@a-z@,print "$F[0]:$F[1]\n") +@PERLV@ -F: -ane '{($F[0] =~ tr@A-Z@a-z@,print "$F[0]:$F[1]\n") if ($F[2] =~ /^down$/i);}' routers.db | sort -u > routers.down.new +if [ ! -f routers.down ] ; then touch routers.down; fi diff routers.down routers.down.new > /dev/null 2>&1; RDOWN=$? -@PERLV_PATH@ -F: -ane '{($F[0] =~ tr@A-Z@a-z@,print "$F[0]:$F[1]\n") +@PERLV@ -F: -ane '{($F[0] =~ tr@A-Z@a-z@,print "$F[0]:$F[1]\n") if ($F[2] =~ /^up$/i);}' routers.db | sort -u > routers.up.new +if [ ! -f routers.up ] ; then touch routers.up; fi diff routers.up routers.up.new > /dev/null 2>&1; RUP=$? if [ $RALL -ne 0 -o $RDOWN -ne 0 -o $RUP -ne 0 ] @@ -96,7 +119,7 @@ then ) > routers.mail if [ -s routers.mail ] ; then - Mail -s "changes in $GROUP routers" rancid-admin-$GROUP < routers.mail + Mail -s "changes in $GROUP routers" @MAILPLUS@admin-$GROUP < routers.mail fi rm -f routers.mail @@ -124,11 +147,12 @@ mv routers.all.new routers.all mv routers.down.new routers.down mv routers.up.new routers.up rm -f routers.db +trap 'rm -fr $TMP;' 1 2 15 # cvs delete configs for routers not listed in routers.up. cd $DIR/configs for router in `find . \( -name \*.new -prune -o -name CVS -prune \) -o -type f -print | sed -e 's/^.\///'` ; do - grep "^$router:" ../router.db > /dev/null 2>&1 + grep -i "^$router:" ../router.db > /dev/null 2>&1 if [ $? -eq 1 ]; then rm -f $router cvs delete $router @@ -207,26 +231,17 @@ rename 's/.new$//' *.new # This has been different for different machines... # Diff the directory and then checkin. +trap 'rm -fr $TMP $TMP.diff;' 1 2 15 cd $DIR -#cvs diff -c3 >$TMP.diff -#cvs diff -C 3 >$TMP.diff -# Change the output of a unified diff to make it a bit more readable. -cat > $TMP.sedf << EOF -/^RCS file: /d -#/^retrieving revision /d -/^--- /d -/^+++ /d -s/^\([-+ ]\)/\1 / -EOF -cvs -f diff -u -4 | sed -f $TMP.sedf >$TMP.diff -rm -f $TMP.sedf +cvs -f @DIFF_CMD@ | sed -e '/^RCS file: /d' -e '/^--- /d' \ + -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /' >$TMP.diff cvs commit -m updates # Mail out the diffs (if there are any). if [ -s $TMP.diff ]; then sendmail -t <<EMAIL -To: rancid-$GROUP +To: @MAILPLUS@$GROUP Subject: $GROUP router config diffs Precedence: bulk @@ -241,7 +256,7 @@ rm -f $DIR/routers.failed if [ "X$OLDTIME" = "X" ] ; then OLDTIME=24 fi -@PERLV_PATH@ -F: -ane "{\$t = (stat(\$F[0]))[9]; print \`ls -ld \$F[0]\` +@PERLV@ -F: -ane "{\$t = (stat(\$F[0]))[9]; print \`ls -ld \$F[0]\` if (time() - \$t >= $OLDTIME*60*60);}" $DIR/routers.up | sort -u > $DIR/routers.failed if [ -s $DIR/routers.failed ] then @@ -252,8 +267,9 @@ than $OLDTIME hours. END cat $DIR/routers.failed - ) | Mail -s "config fetcher problems - $GROUP" rancid-admin-$GROUP + ) | Mail -s "config fetcher problems - $GROUP" @MAILPLUS@admin-$GROUP fi # Cleanup -rm -f $TMP.diff $TMP.lst +rm -f $TMP.diff +trap '' 1 2 15 diff --git a/bin/do-diffs.in b/bin/do-diffs.in index 4a310ef..1304a7e 100755 --- a/bin/do-diffs.in +++ b/bin/do-diffs.in @@ -7,6 +7,8 @@ ENVFILE="`dirname $0`/env" . $ENVFILE +TMPDIR=${TMPDIR:=/tmp}; export TMPDIR + if [ $# -ge 1 ] ; then LIST_OF_GROUPS="$*"; export LIST_OF_GROUPS elif [ "$LIST_OF_GROUPS" = "" ] ; then @@ -18,6 +20,7 @@ if [ ! -d $BASEDIR/logs ] ; then mkdir $BASEDIR/logs fi + for GROUP in $LIST_OF_GROUPS do @@ -30,28 +33,32 @@ do if [ -f $LOCKFILE ] then echo hourly config diffs failed: $LOCKFILE exists - /bin/ls -l $LOCKFILE + ls -l $LOCKFILE # Send email if the lock file is old. if [ "X$LOCKTIME" = "X" ] ; then LOCKTIME=4 fi - @PERLV_PATH@ -e "\$t = (stat(\"$LOCKFILE\"))[9]; print \"OLD\\n\" if (time() - \$t >= $LOCKTIME*60*60);" > $TMPDIR/.$GROUP.old + @PERLV@ -e "\$t = (stat(\"$LOCKFILE\"))[9]; print \"OLD\\n\" if (time() - \$t >= $LOCKTIME*60*60);" > $TMPDIR/.$GROUP.old if [ -s $TMPDIR/.$GROUP.old ] then ( cat <<END rancid $GROUP hung on `hostname`? Old lockfile still exists: -`/bin/ls -l $LOCKFILE` +`ls -l $LOCKFILE` END - ) | Mail -s "rancid hung - $GROUP" rancid-admin-$GROUP + ) | Mail -s "rancid hung - $GROUP" @MAILPLUS@admin-$GROUP fi rm -f $TMPDIR/.$GROUP.old else - /usr/bin/touch $LOCKFILE - control_rancid $GROUP - /bin/rm -f $LOCKFILE + trap 'rm -fr $LOCKFILE;' 1 2 15 + touch $LOCKFILE + if [ $? -eq 0 ] ; then + control_rancid $GROUP + rm -f $LOCKFILE + fi + trap '' 1 2 15 fi echo diff --git a/bin/elogin.in b/bin/elogin.in index 5ef908b..89f7a99 100755 --- a/bin/elogin.in +++ b/bin/elogin.in @@ -47,12 +47,18 @@ set do_passwd 1 # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ] } { set default_user $env(CISCO_USER) +} elseif {[ info exists env(USER) ]} { + set default_user $env(USER) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. - regexp {\(([^)]*)} [exec id] junk default_user -} + if [ catch {exec id} reason ] { + send_error "Error: could not exec id: $reason\n" + exit 1 + } + regexp {\(([^)]*)} "$reason" junk default_user +} # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 @@ -199,36 +205,40 @@ proc label { host } { # add password sl* pete cow # add password at* steve # add password * hanky-pie -proc add {var args} { global $var ;lappend $var $args} +proc add {var args} { global int_$var ; lappend int_$var $args} +proc include {args} { + global env + regsub -all "(^{|}$)" $args {} args + if { [ regexp "^/" $args ignore ] == 0 } { + set args $env(HOME)/$args + } + source_password_file $args +} + proc find {var router} { - source_password_file - upvar $var list - if { [info exists list] } { - foreach line $list { - if { [string match [lindex $line 0] $router ] } { - return [lrange $line 1 end] - } + upvar int_$var list + if { [info exists list] } { + foreach line $list { + if { [string match [lindex $line 0] $router ] } { + return [lrange $line 1 end] + } + } } - } - return {} + return {} } + # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script -proc source_password_file { } { - global env password_file read_password_file - if { [info exists read_password_file] } { return } - if { [info exists password_file] == 0 } { - set password_file $env(HOME)/.cloginrc - } +proc source_password_file { password_file } { + global env if { ! [file exists $password_file] } { send_user "Error: password file ($password_file) does not exist\n" exit 1 } - set read_password_file 1 file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "Error: $password_file must not be world readable/writable\n" @@ -240,6 +250,7 @@ proc source_password_file { } { } } + # Log into the router. proc login { router user userpswd passwd prompt cyphertype } { global spawn_id in_proc do_command do_script @@ -372,6 +383,7 @@ proc run_commands { prompt command } { # # For each router... (this is main loop) # +source_password_file $password_file set in_proc 0 foreach router [lrange $argv $i end] { set router [string tolower $router] @@ -38,4 +38,4 @@ LIST_OF_GROUPS="sl joebobisp" # rancid-group-admin: hostmaster # be sure to read ../README regarding aliases. # -umask 007 +umask 027 diff --git a/bin/erancid.in b/bin/erancid.in index 185a634..1106018 100755 --- a/bin/erancid.in +++ b/bin/erancid.in @@ -237,6 +237,7 @@ if ($file) { } } +ProcessHistory("","","","- RANCID-CONTENT-TYPE: ezt3\n-\n"); ProcessHistory("COMMENTS","keysort","B0","-\n"); ProcessHistory("COMMENTS","keysort","F0","-\n"); ProcessHistory("COMMENTS","keysort","G0","-\n"); @@ -255,7 +256,10 @@ while(<INPUT>) { } while (/Active\) >\s*($cmds_regexp)\s*$/) { $cmd = $1; - if (!defined($prompt)) {$prompt = ($_ =~ /^([^#]+#)/)[0]; } + if (!defined($prompt)) { + $prompt = ($_ =~ /^([^#]+#)/)[0]; + $prompt =~ s/([}{)(\\])/\\$1/g; + } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "found unexpected command - \"$cmd\"\n"; diff --git a/bin/flogin.in b/bin/flogin.in index a43ddda..6c82594 100755 --- a/bin/flogin.in +++ b/bin/flogin.in @@ -55,12 +55,18 @@ set do_enapasswd 1 # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ] } { set default_user $env(CISCO_USER) +} elseif {[ info exists env(USER) ]} { + set default_user $env(USER) } else { - # This uses "id" which I think is portable. At least it has existed - # (without options) on all machines/OSes I've been on recently - + # This uses "id" which I think is portable. At least it has existed + # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. - regexp {\(([^)]*)} [exec id] junk default_user -} + if [ catch {exec id} reason ] { + send_error "Error: could not exec id: $reason\n" + exit 1 + } + regexp {\(([^)]*)} "$reason" junk default_user +} # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 @@ -211,18 +217,26 @@ proc label { host } { # add password sl* pete cow # add password at* steve # add password * hanky-pie -proc add {var args} { global $var ;lappend $var $args} +proc add {var args} { global int_$var ; lappend int_$var $args} +proc include {args} { + global env + regsub -all "(^{|}$)" $args {} args + if { [ regexp "^/" $args ignore ] == 0 } { + set args $env(HOME)/$args + } + source_password_file $args +} + proc find {var router} { - source_password_file - upvar $var list - if { [info exists list] } { - foreach line $list { - if { [string match [lindex $line 0] $router ] } { - return [lrange $line 1 end] - } + upvar int_$var list + if { [info exists list] } { + foreach line $list { + if { [string match [lindex $line 0] $router ] } { + return [lrange $line 1 end] + } + } } - } - return {} + return {} } # Loads the password file. Note that as this file is tcl, and that @@ -230,18 +244,17 @@ proc find {var router} { # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script -proc source_password_file { } { - global env password_file read_password_file - if { [info exists read_password_file] } { return } - if { [info exists password_file] == 0 } { - set password_file $env(HOME)/.cloginrc - } - set read_password_file 1 - file stat $password_file fileinfo - if { [expr ($fileinfo(mode) & 007)] != 0000 } { - send_user "Error: $password_file must not be world readable/writable\n" - exit 1 - } +proc source_password_file { password_file } { + global env + if { ! [file exists $password_file] } { + send_user "Error: password file ($password_file) does not exist\n" + exit 1 + } + file stat $password_file fileinfo + if { [expr ($fileinfo(mode) & 007)] != 0000 } { + send_user "Error: $password_file must not be world readable/writable\n" + exit 1 + } if [ catch {source $password_file} reason ] { send_user "Error: $reason\n" exit 1 @@ -423,6 +436,7 @@ proc run_commands { prompt command } { # # For each router... (this is main loop) # +source_password_file $password_file set in_proc 0 foreach router [lrange $argv $i end] { set router [string tolower $router] diff --git a/bin/francid.in b/bin/francid.in index 6f0c2b7..560d959 100755 --- a/bin/francid.in +++ b/bin/francid.in @@ -244,15 +244,21 @@ sub WriteTerm { # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; - # order name-server statements - /^ip name-server (\d+\.\d+\.\d+\.\d+)/ && - ProcessHistory("NAMESERVER","ipsort","$1","$_") && next; - # order snmp-server host statements - /^snmp-server host (\d+\.\d+\.\d+\.\d+)/ && - ProcessHistory("SNMPSERVERHOST","ipsort","$1","$_") && next; - /^snmp-server community / && - ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; - + # order/prune snmp-server host/community statements + if (/^(snmp-server host )(\d+\.\d+\.\d+\.\d+)/) { + if (defined($ENV{'NOCOMMSTR'})) { + ProcessHistory("SNMPSERVERHOST","ipsort","$2","!$1 $2 <removed>\n") && next; + } else { + ProcessHistory("SNMPSERVERHOST","ipsort","$2","$_") && next; + } + } + if (/^(snmp-server community )(\S+)/) { + if (defined($ENV{'NOCOMMSTR'})) { + ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1<removed>$'") && next; + } else { + ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; + } + } # order tacacs server statements /^(tacacs-server key )/ && ProcessHistory("","","","! $1<removed>\n") && next; @@ -328,6 +334,7 @@ if ($file) { } } +ProcessHistory("","","","!RANCID-CONTENT-TYPE: foundry\n!\n"); TOP: while(<INPUT>) { tr/\015//d; if (/\#exit$/) { @@ -343,7 +350,10 @@ TOP: while(<INPUT>) { } while (/#\s*($cmds_regexp)\s*$/) { $cmd = $1; - if (!defined($prompt)) {$prompt = ($_ =~ /^([^#]+#)/)[0]; } + if (!defined($prompt)) { + $prompt = ($_ =~ /^([^#]+#)/)[0]; + $prompt =~ s/([}{)(\\])/\\$1/g; + } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "found unexpected command - \"$cmd\"\n"; diff --git a/bin/jlogin.in b/bin/jlogin.in index 28e773b..e0ac844 100755 --- a/bin/jlogin.in +++ b/bin/jlogin.in @@ -47,11 +47,17 @@ set passphrase "" # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ] } { set default_user $env(CISCO_USER) +} elseif {[ info exists env(USER) ]} { + set default_user $env(USER) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. - regexp {\(([^)]*)} [exec id] junk default_user + if [ catch {exec id} reason ] { + send_error "Error: could not exec id: $reason\n" + exit 1 + } + regexp {\(([^)]*)} "$reason" junk default_user } # Sometimes routers take awhile to answer (the default is 10 sec) @@ -184,11 +190,18 @@ proc label { host } { # add password sl* pete cow # add password at* steve # add password * hanky-pie -proc add {var args} { global $var ;lappend $var $args } +proc add {var args} { global int_$var ; lappend int_$var $args} +proc include {args} { + global env + regsub -all "(^{|}$)" $args {} args + if { [ regexp "^/" $args ignore ] == 0 } { + set args $env(HOME)/$args + } + source_password_file $args +} proc find {var router} { - source_password_file - upvar $var list + upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router ] } { @@ -204,18 +217,12 @@ proc find {var router} { # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script -proc source_password_file { } { - global env password_file read_password_file - if { [info exists read_password_file] } { return } - if { [info exists password_file] == 0 } { - set password_file $env(HOME)/.cloginrc - } +proc source_password_file { password_file } { + global env if { ! [file exists $password_file] } { send_user "Error: password file ($password_file) does not exist\n" exit 1 } - - set read_password_file 1 file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "Error: $password_file must not be world readable/writable\n" @@ -400,6 +407,7 @@ proc run_commands { prompt command } { # # For each router... (this is main loop) # +source_password_file $password_file set in_proc 0 foreach router [lrange $argv $i end] { set router [string tolower $router] diff --git a/bin/jrancid.in b/bin/jrancid.in index 633d844..6e2311f 100755 --- a/bin/jrancid.in +++ b/bin/jrancid.in @@ -443,6 +443,7 @@ if ($file) { } +ProcessHistory("","","","# RANCID-CONTENT-TYPE: juniper\n#\n"); TOP: while(<INPUT>) { tr/\015//d; if (/^Error:/) { @@ -460,7 +461,10 @@ TOP: while(<INPUT>) { } while (/>\s*($cmds_regexp)\s*$/) { $cmd = $1; - if (!defined($prompt)) {$prompt = ($_ =~ /^([^>]+>)/)[0]; } + if (!defined($prompt)) { + $prompt = ($_ =~ /^([^>]+>)/)[0]; + $prompt =~ s/([}{)(\\])/\\$1/g; + } print STDERR ("HIT COMMAND:$_") if ($debug); if (! defined($commands{$cmd})) { print STDERR "found unexpected command - \"$cmd\"\n"; diff --git a/bin/rancid.in b/bin/rancid.in index 24b9d14..065697a 100755 --- a/bin/rancid.in +++ b/bin/rancid.in @@ -138,6 +138,7 @@ sub ShowVersion { tr/\015//d; last if(/^$prompt/); next if(/^(\s*|\s*$cmd\s*)$/); + return(-1) if (/command authorization failed/i); if (/^Slave in slot (\d+) is running/) { $slave = " Slave:"; next; @@ -213,6 +214,9 @@ sub ShowVersion { } elsif ( $1 =~ /WS-C35/) { $type = "3500XL"; $device = "switch"; + } elsif ( $1 =~ /6000/) { + $type = "6000"; + $device = "switch"; } else { $type = $1; } @@ -281,6 +285,7 @@ sub ShowInstallActive { next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; + return(-1) if (/command authorization failed/i); ProcessHistory("COMMENTS","keysort","F5","!Image: $_") && next; } return(0); @@ -296,6 +301,7 @@ sub ShowEnv { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type !~ /^7/); + return(-1) if (/command authorization failed/i); if (!defined($E0)) { $E0=1; ProcessHistory("COMMENTS","keysort","E0","!\n"); @@ -329,6 +335,7 @@ sub ShowGSR { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(-1) if (/command authorization failed/i); return(1) if ($type !~ /^120/); /^$/ && next; /^\s+Chassis: type (\S+) Fab Ver: (\S+)/ && @@ -364,6 +371,7 @@ sub ShowBoot { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; + return(-1) if (/command authorization failed/i); return(1) if /Ambiguous command/i; return(1) if /(Invalid input detected|Type help or )/; return(1) if /(Open device \S+ failed|Error opening \S+:)/; @@ -395,6 +403,7 @@ sub ShowFlash { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type =~ /^(120|7)/); + return(-1) if (/command authorization failed/i); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; ProcessHistory("FLASH","","","!Flash: $_"); @@ -421,6 +430,7 @@ sub DirSlotN { return(1) if /No space information available/; return(-1) if /\%Error calling/; return(-1) if /: device being squeezed/; # Flash is busy + return(-1) if (/command authorization failed/i); return(1) if /(Open device \S+ failed|Error opening \S+:)/; ProcessHistory("FLASH","","","!Flash: $dev: $_"); } @@ -438,6 +448,7 @@ sub ShowContAll { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type =~ /^(120|7[05])/); + return(-1) if (/command authorization failed/i); if (/^Interface ([^ \n(]*)/) { $INT = "$1, "; next; } /^(BRI unit \d)/ && ProcessHistory("INT","","","!Interface: $1\n") && next; @@ -495,6 +506,7 @@ sub ShowContCbus { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type !~ /^7[05]0/); + return(-1) if (/command authorization failed/i); if (/^\s*slot(\d+): ([^,]+), hw (\S+), sw (\S+), ccb/) { $slot = $1; $board{$slot} = $2; @@ -539,6 +551,7 @@ sub ShowDiagbus { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type !~ /^7[05]/); + return(-1) if (/command authorization failed/i); if (/^\s*Slot (\d+):/i) { $slot = $1; next; @@ -624,6 +637,7 @@ sub ShowDiag { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type !~ /^(120|720|36|26)/); + return(-1) if (/command authorization failed/i); /^$/ && next; if (!defined($showdiags)) {$showdiags=1; ProcessHistory("SLOT","","","!\n");} s/Port Packet Over SONET/POS/; @@ -632,6 +646,7 @@ sub ShowDiag { ProcessHistory("SLOT","","","!Slot $slot: $3\n"); # Here we look for boards that don't have DRAM. $board = "Other"; + $board = "PS" if (/Power Supply/); $board = "RP" if (/Route Processor/); $board = "CLK" if (/Clock Scheduler Card/); $board = "SFC" if (/Switch Fabric Card/); @@ -640,6 +655,9 @@ sub ShowDiag { if (/^\s+MAIN:\s+ type \d+,\s+(.*)/) { ProcessHistory("SLOT","","","!Slot $slot/MAIN: part $1\n") && next; } + if (/ Engine:\s+(.*)/) { + ProcessHistory("SLOT","","","!Slot $slot/Engine: $1\n"); + } if (/^\s+PCA:\s+(.*)/) { local($part) = $1; $_ = <INPUT>; @@ -720,6 +738,7 @@ sub ShowModule { return if (/^\s*\^$/); last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(-1) if (/command authorization failed/i); # match slot info line, slot info then the rev info (the two are split) if (/^ ?(\d+)\s+(\d+)\s+(.*)\s+(\S+)\s+(\S+)\s*$/) { @@ -750,6 +769,7 @@ sub ShowC7200 { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type !~ /^72/); + return(-1) if (/command authorization failed/i); /^$/ && next; if (/C7200 Midplane EEPROM:/) { $_ = <INPUT>; @@ -783,14 +803,37 @@ sub ShowVTP { next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; - return(1) if ($type !~ /^2900XL$/); + return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); + return(-1) if (/command authorization failed/i); next if (/^Configuration last modified by/); + if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { + $DO_SHOW_VLAN = 1; + } ProcessHistory("COMMENTS","keysort","I0","!VTP: $_"); } ProcessHistory("COMMENTS","keysort","I0","!\n"); return(0); } +# This routine parses "show vlan" +sub ShowVLAN { + print STDERR " In ShowVLAN: $_" if ($debug); + + ($_=<INPUT>,return(1)) if (!$DO_SHOW_VLAN); + + while (<INPUT>) { + tr/\015//d; + last if (/^$prompt/); + next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; + return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); + return(-1) if (/command authorization failed/i); + ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_"); + } + ProcessHistory("COMMENTS","keysort","IO","!\n"); + return(0); +} + # This routine processes a "write term" sub WriteTerm { print STDERR " In WriteTerm: $_" if ($debug); @@ -798,6 +841,7 @@ sub WriteTerm { while (<INPUT>) { tr/\015//d; last if(/^$prompt/); + return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX s/^<-+ More -+>\s*//; /Non-Volatile memory is in use/ && return(-1); # NvRAM is locked @@ -898,9 +942,6 @@ sub WriteTerm { # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; - # order name-server statements - /^ip name-server (\d+\.\d+\.\d+\.\d+)/ && - ProcessHistory("NAMESERVER","ipsort","$1","$_") && next; # order/prune snmp-server host statements # we only prune lines of the form # snmp-server host a.b.c.d <community> @@ -993,6 +1034,7 @@ sub DoNothing {print STDOUT;} 'show gsr chassis' => "ShowGSR", 'show boot' => "ShowBoot", 'show bootvar' => "ShowBoot", + 'show variables boot' => "ShowBoot", 'show flash' => "ShowFlash", 'dir /all nvram:' => "DirSlotN", 'dir /all bootflash:' => "DirSlotN", @@ -1007,6 +1049,7 @@ sub DoNothing {print STDOUT;} 'show module' => "ShowModule", # cat 6500-ios 'show c7200' => "ShowC7200", 'show vtp status' => "ShowVTP", + 'show vlan' => "ShowVLAN", 'write term' => "WriteTerm" ); # keys() doesnt return things in the order entered and the order of the @@ -1018,6 +1061,7 @@ sub DoNothing {print STDOUT;} "show gsr chassis", "show boot", "show bootvar", + "show variables boot", "show flash", "dir /all nvram:", "dir /all bootflash:", @@ -1032,6 +1076,7 @@ sub DoNothing {print STDOUT;} "show module", "show c7200", "show vtp status", + "show vlan", "write term" ); $cisco_cmds=join(";",@commands); @@ -1057,6 +1102,7 @@ if ($file) { } } +ProcessHistory("","","","!RANCID-CONTENT-TYPE: cisco\n!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","F0","!\n"); ProcessHistory("COMMENTS","keysort","G0","!\n"); diff --git a/bin/rrancid.in b/bin/rrancid.in index 9d9b84f..9d40591 100755 --- a/bin/rrancid.in +++ b/bin/rrancid.in @@ -212,11 +212,19 @@ sub WriteTerm { # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + # prune snmp community statements + if (/^snmp (group|community) (\S+)/) { + if (defined($ENV{'NOCOMMSTR'})) { + ProcessHistory("SNMPSERVERCOMM","keysort","$_","!snmp $1 <removed>$'") && next; + } else { + ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; + } + } ProcessHistory("","","","$_"); # end of config - if (/^end$/) { - $found_end = 1; - last; + if (/^end$/) { + $found_end = 1; + last; } } return; @@ -286,6 +294,7 @@ if ($file) { } } +ProcessHistory("","","","!RANCID-CONTENT-TYPE: redback\n!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","C0","!\n"); ProcessHistory("COMMENTS","keysort","E0","!\n"); |