From b73f299e731fbddae095c0b5eff04717b6dce1af Mon Sep 17 00:00:00 2001 From: unknown Date: Wed, 13 Feb 2008 20:34:57 +0000 Subject: Imported from rancid-2.3.2a8.tar.gz. --- bin/Makefile.am | 66 ++-- bin/Makefile.in | 58 ++-- bin/agmrancid.in | 72 +++-- bin/alogin.in | 74 +++-- bin/arancid.in | 76 +++-- bin/avologin.in | 868 ++++++++++++++++++++++++++++++++++++++++++++++++++ bin/avorancid.in | 292 +++++++++++++++++ bin/blogin.in | 91 ++++-- bin/brancid.in | 73 +++-- bin/cat5rancid.in | 90 ++++-- bin/clogin.in | 115 ++++--- bin/control_rancid.in | 50 ++- bin/cssrancid.in | 87 +++-- bin/elogin.in | 76 +++-- bin/erancid.in | 73 +++-- bin/f10rancid.in | 825 +++++++++-------------------------------------- bin/flogin.in | 93 ++++-- bin/fnrancid.in | 71 +++-- bin/francid.in | 89 ++++-- bin/hlogin.in | 184 ++++++----- bin/hpuifilter.c | 304 +++++++++++------- bin/hrancid.in | 85 +++-- bin/htlogin.in | 80 +++-- bin/htrancid.in | 69 ++-- bin/jerancid.in | 79 +++-- bin/jlogin.in | 84 +++-- bin/jrancid.in | 85 +++-- bin/lg.cgi.in | 48 ++- bin/lgform.cgi.in | 48 ++- bin/mrancid.in | 85 +++-- bin/nlogin.in | 77 +++-- bin/nrancid.in | 63 +++- bin/nslogin.in | 92 ++++-- bin/nsrancid.in | 63 +++- bin/par.in | 46 ++- bin/prancid.in | 85 +++-- bin/rancid-cvs.in | 50 ++- bin/rancid-fe.in | 53 ++- bin/rancid-run.in | 48 ++- bin/rancid.in | 227 +++++++++---- bin/rivlogin.in | 71 +++-- bin/rivrancid.in | 71 +++-- bin/rrancid.in | 73 +++-- bin/srancid.in | 71 ++++- bin/tntlogin.in | 83 +++-- bin/tntrancid.in | 69 ++-- bin/xrancid.in | 84 +++-- bin/zrancid.in | 71 +++-- 48 files changed, 3908 insertions(+), 1879 deletions(-) create mode 100644 bin/avologin.in create mode 100644 bin/avorancid.in (limited to 'bin') diff --git a/bin/Makefile.am b/bin/Makefile.am index b7fc75f..16ad0c1 100644 --- a/bin/Makefile.am +++ b/bin/Makefile.am @@ -1,37 +1,60 @@ ## Process this file with automake to produce Makefile.in ## A Makefile.in is supplied, in case you do not have automake. -## $Id: Makefile.am,v 1.36 2007/01/13 22:01:53 heas Exp $ +## $Id$ ## -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# +# The original looking glass software was written by Ed Kern, provided by +# permission and modified beyond recognition. #AUTOMAKE_OPTIONS=foreign no-dependencies AUTOMAKE_OPTIONS=foreign bin_PROGRAMS = hpuifilter -bin_SCRIPTS = cat5rancid control_rancid \ - agmrancid alogin arancid blogin brancid clogin cssrancid \ - elogin erancid f10rancid flogin francid fnrancid \ - hlogin hrancid htlogin htrancid \ - jerancid jlogin jrancid \ - mrancid nlogin nrancid nslogin nsrancid par prancid \ - rancid rancid-fe rivlogin rivrancid rrancid srancid \ - tntlogin tntrancid xrancid zrancid +bin_SCRIPTS = agmrancid alogin arancid blogin brancid cat5rancid clogin \ + control_rancid cssrancid elogin erancid f10rancid \ + flogin fnrancid francid hlogin hrancid htlogin htrancid \ + jerancid jlogin jrancid mrancid nlogin nrancid nslogin \ + nsrancid par prancid rancid-fe rancid rivlogin rivrancid \ + rrancid srancid tntlogin tntrancid xrancid zrancid bin_SCRIPTS += lg.cgi lgform.cgi rancid-cvs rancid-run EXTRA_DIST= lg.cgi.in lgform.cgi.in rancid-cvs.in rancid-run.in @@ -75,6 +98,7 @@ auto_edit = sed \ -e 's,@ADMINMAILPLUS\@,$(ADMINMAILPLUS),g' \ -e 's,@MAILPLUS\@,$(MAILPLUS),g' \ -e 's,@PACKAGE\@,$(PACKAGE),g' \ + -e 's,@SVN_FSTYPE\@,$(SVN_FSTYPE),g' \ -e 's,@VERSION\@,$(VERSION),g' lg.cgi: Makefile $(srcdir)/lg.cgi.in diff --git a/bin/Makefile.in b/bin/Makefile.in index ca80b2a..e5f4cd1 100644 --- a/bin/Makefile.in +++ b/bin/Makefile.in @@ -14,6 +14,12 @@ @SET_MAKE@ +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# +# The original looking glass software was written by Ed Kern, provided by +# permission and modified beyond recognition. + VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ @@ -35,13 +41,14 @@ bin_PROGRAMS = hpuifilter$(EXEEXT) subdir = bin DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ $(srcdir)/agmrancid.in $(srcdir)/alogin.in \ - $(srcdir)/arancid.in $(srcdir)/blogin.in $(srcdir)/brancid.in \ - $(srcdir)/cat5rancid.in $(srcdir)/clogin.in \ - $(srcdir)/control_rancid.in $(srcdir)/cssrancid.in \ - $(srcdir)/elogin.in $(srcdir)/erancid.in \ - $(srcdir)/f10rancid.in $(srcdir)/flogin.in \ - $(srcdir)/fnrancid.in $(srcdir)/francid.in $(srcdir)/hlogin.in \ - $(srcdir)/hrancid.in $(srcdir)/htlogin.in \ + $(srcdir)/arancid.in $(srcdir)/avologin.in \ + $(srcdir)/avorancid.in $(srcdir)/blogin.in \ + $(srcdir)/brancid.in $(srcdir)/cat5rancid.in \ + $(srcdir)/clogin.in $(srcdir)/control_rancid.in \ + $(srcdir)/cssrancid.in $(srcdir)/elogin.in \ + $(srcdir)/erancid.in $(srcdir)/f10rancid.in \ + $(srcdir)/flogin.in $(srcdir)/fnrancid.in $(srcdir)/francid.in \ + $(srcdir)/hlogin.in $(srcdir)/hrancid.in $(srcdir)/htlogin.in \ $(srcdir)/htrancid.in $(srcdir)/jerancid.in \ $(srcdir)/jlogin.in $(srcdir)/jrancid.in $(srcdir)/mrancid.in \ $(srcdir)/nlogin.in $(srcdir)/nrancid.in $(srcdir)/nslogin.in \ @@ -59,11 +66,12 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = control_rancid par rancid-fe agmrancid alogin \ - arancid blogin brancid cat5rancid clogin rancid cssrancid \ - elogin erancid f10rancid flogin francid fnrancid jlogin \ - jrancid jerancid hlogin hrancid htlogin htrancid mrancid \ - nlogin nrancid nslogin nsrancid prancid rivlogin rivrancid \ - rrancid srancid tntlogin tntrancid xrancid zrancid + arancid avologin avorancid blogin brancid cat5rancid clogin \ + rancid cssrancid elogin erancid f10rancid flogin francid \ + fnrancid hlogin hrancid htlogin htrancid jlogin jrancid \ + jerancid mrancid nlogin nrancid nslogin nsrancid prancid \ + rivlogin rivrancid rrancid srancid tntlogin tntrancid xrancid \ + zrancid am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(bindir)" binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) @@ -155,6 +163,7 @@ SORT = @SORT@ SSH = @SSH@ STRIP = @STRIP@ SVN = @SVN@ +SVN_FSTYPE = @SVN_FSTYPE@ TAR = @TAR@ TELNET = @TELNET@ TOUCH = @TOUCH@ @@ -204,11 +213,11 @@ top_srcdir = @top_srcdir@ #AUTOMAKE_OPTIONS=foreign no-dependencies AUTOMAKE_OPTIONS = foreign -bin_SCRIPTS = cat5rancid control_rancid agmrancid alogin arancid \ - blogin brancid clogin cssrancid elogin erancid f10rancid \ - flogin francid fnrancid hlogin hrancid htlogin htrancid \ +bin_SCRIPTS = agmrancid alogin arancid blogin brancid cat5rancid \ + clogin control_rancid cssrancid elogin erancid f10rancid \ + flogin fnrancid francid hlogin hrancid htlogin htrancid \ jerancid jlogin jrancid mrancid nlogin nrancid nslogin \ - nsrancid par prancid rancid rancid-fe rivlogin rivrancid \ + nsrancid par prancid rancid-fe rancid rivlogin rivrancid \ rrancid srancid tntlogin tntrancid xrancid zrancid lg.cgi \ lgform.cgi rancid-cvs rancid-run EXTRA_DIST = lg.cgi.in lgform.cgi.in rancid-cvs.in rancid-run.in @@ -242,6 +251,7 @@ auto_edit = sed \ -e 's,@ADMINMAILPLUS\@,$(ADMINMAILPLUS),g' \ -e 's,@MAILPLUS\@,$(MAILPLUS),g' \ -e 's,@PACKAGE\@,$(PACKAGE),g' \ + -e 's,@SVN_FSTYPE\@,$(SVN_FSTYPE),g' \ -e 's,@VERSION\@,$(VERSION),g' all: all-am @@ -289,6 +299,10 @@ alogin: $(top_builddir)/config.status $(srcdir)/alogin.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ arancid: $(top_builddir)/config.status $(srcdir)/arancid.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +avologin: $(top_builddir)/config.status $(srcdir)/avologin.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +avorancid: $(top_builddir)/config.status $(srcdir)/avorancid.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ blogin: $(top_builddir)/config.status $(srcdir)/blogin.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ brancid: $(top_builddir)/config.status $(srcdir)/brancid.in @@ -313,12 +327,6 @@ francid: $(top_builddir)/config.status $(srcdir)/francid.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ fnrancid: $(top_builddir)/config.status $(srcdir)/fnrancid.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ -jlogin: $(top_builddir)/config.status $(srcdir)/jlogin.in - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ -jrancid: $(top_builddir)/config.status $(srcdir)/jrancid.in - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ -jerancid: $(top_builddir)/config.status $(srcdir)/jerancid.in - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ hlogin: $(top_builddir)/config.status $(srcdir)/hlogin.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ hrancid: $(top_builddir)/config.status $(srcdir)/hrancid.in @@ -327,6 +335,12 @@ htlogin: $(top_builddir)/config.status $(srcdir)/htlogin.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ htrancid: $(top_builddir)/config.status $(srcdir)/htrancid.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +jlogin: $(top_builddir)/config.status $(srcdir)/jlogin.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +jrancid: $(top_builddir)/config.status $(srcdir)/jrancid.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +jerancid: $(top_builddir)/config.status $(srcdir)/jerancid.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ mrancid: $(top_builddir)/config.status $(srcdir)/mrancid.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ nlogin: $(top_builddir)/config.status $(srcdir)/nlogin.in diff --git a/bin/agmrancid.in b/bin/agmrancid.in index 0542bd2..af6e807 100644 --- a/bin/agmrancid.in +++ b/bin/agmrancid.in @@ -1,24 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: agmrancid.in,v 1.2 2006/12/06 00:40:54 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with Cisco AGMs. # @@ -47,7 +68,9 @@ $timeo = 90; # clogin timeout in seconds $ENV{'TERM'} = "dumb"; my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -187,8 +210,10 @@ sub ShowDiag { next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; + return(-1) if (/general error/i); return(-1) if (/command authorization failed/i); return(0) if ($found_diag); # Only do this routine once + return(-1) if (/failed to get counters/i); /^$/ && next; # the pager can not be disabled per-session on the PIX if (/^(-+More-+)/i) { @@ -252,7 +277,7 @@ sub WriteTerm { if (/^(enable )?(password|passwd)( level \w+)? encrypted ((.)\S+)/) { if ($filter_pwds >= 2) { ProcessHistory("USER","keysort","$1", - "!$1$2$3 encrypted \n"); + "!$1$2$3 encrypted \n"); } elsif ($filter_pwds >= 1 && $5 ne "\$") { ProcessHistory("USER","keysort","$1", "!$1$2$3 encrypted \n"); @@ -293,7 +318,7 @@ sub WriteTerm { s/\$(Revision|Id):/ $1:/; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; # order logging statements /^logging host (\d+\.\d+\.\d+\.\d+)/ && @@ -302,7 +327,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server trap-dest (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -329,7 +354,7 @@ sub WriteTerm { next; } if (/^(snmp community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -417,6 +442,17 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 0; diff --git a/bin/alogin.in b/bin/alogin.in index 27286d7..c21b49f 100644 --- a/bin/alogin.in +++ b/bin/alogin.in @@ -1,24 +1,44 @@ #! @EXPECT_PATH@ -- ## -## $Id: alogin.in,v 1.35 2006/12/05 16:50:52 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # The login expect scripts were based on Erik Sherk's gwtn, by permission. # @@ -29,7 +49,7 @@ # # Usage line -set usage "Usage: $argv0 \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-c command\] \ \[-Evar=x\] \[-f cloginrc-file\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-x command-file\] \ @@ -81,8 +101,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -314,7 +337,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -322,7 +345,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -333,7 +356,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect { "Connection refused" { - close; wait + catch {close}; catch {wait}; sleep 0.3 expect eof send_user "\nError: Connection Refused\n"; wait; return 1 @@ -380,10 +403,10 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { exp_continue } "Password incorrect" { send_user "\nError: Check your password for $router\n"; - catch {close}; wait; return 1 } + catch {close}; catch {wait}; return 1 } -re "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "\r\n" { exp_continue; } } @@ -430,7 +453,7 @@ proc run_commands { prompt command } { } "\n" { exp_continue } "\[^\n\r *]*Session terminated" { return 0 } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -443,6 +466,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -514,18 +538,20 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { + incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { send "lines 0\r" expect -re $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -533,7 +559,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/arancid.in b/bin/arancid.in index 165a187..1ff5f64 100644 --- a/bin/arancid.in +++ b/bin/arancid.in @@ -1,28 +1,44 @@ #! @PERLV_PATH@ ## -## $Id: arancid.in,v 1.22 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Hacked version of rancid for Alteon WebOS switches -## tested with: ad3 v8.1.18 -## afort@choqolat.org (andrew fort) -## -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. -## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # RANCID - Really Awesome New Cisco confIg Differ # @@ -46,7 +62,9 @@ $prompt = "#"; $timeo = 90; # alogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -181,8 +199,7 @@ sub WriteTerm { tr/\015//d; last if(/^>>.*$prompt/); chop; - if (/(rcomm|wcomm|t1com|t2com)(\s+)(.*)/ && - defined($ENV{'NOCOMMSTR'})) { + if (/(rcomm|wcomm|t1com|t2com)(\s+)(.*)/ && $filter_commstr) { ProcessHistory("","","","\/\*\t$1$2\"\"\n") && next; } /^(\s+.{2,3}pw )\S+/ && @@ -247,6 +264,25 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} +# determine password filtering mode +if ($ENV{"FILTER_PWDS"} =~ /no/i) { + $filter_pwds = 0; +} elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { + $filter_pwds = 2; +} else { + $filter_pwds = 1; +} ProcessHistory("","","","\/\*RANCID-CONTENT-TYPE: alteon\n\/\*\n"); ProcessHistory("COMMENTS","keysort","B0","\/\*\n"); ProcessHistory("COMMENTS","keysort","F0","\/\*\n"); diff --git a/bin/avologin.in b/bin/avologin.in new file mode 100644 index 0000000..ed2617f --- /dev/null +++ b/bin/avologin.in @@ -0,0 +1,868 @@ +#! @EXPECT_PATH@ -- +## +## $Id$ +## +## @PACKAGE@ @VERSION@ +## Copyright (C) 1997-2007 by Terrapin Communications, Inc. +## All rights reserved. +## +## This software may be freely copied, modified and redistributed +## without fee for non-commerical purposes provided that this license +## remains intact and unmodified with any RANCID distribution. +## +## There is no warranty or other guarantee of fitness of this software. +## It is provided solely "as is". The author(s) disclaim(s) all +## responsibility and liability with respect to this software's usage +## or its effect upon hardware, computer systems, other software, or +## anything else. +## +## Except where noted otherwise, rancid was written by and is maintained by +## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## +# +# The login expect scripts were based on Erik Sherk's gwtn, by permission. +# +# avologin - Cisco login +# +# Most options are intuitive for logging into a Cisco router. +# The default is to enable (thus -noenable). Some folks have +# setup tacacs to have a user login at priv-lvl = 15 (enabled) +# so the -autoenable flag was added for this case (don't go through +# the process of enabling and the prompt will be the "#" prompt. +# The default username password is the same as the vty password. +# + +# Usage line +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ +\[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ +\[-s script-file\] \[-t timeout\] \[-u username\] \ +\[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ +\[-y ssh_cypher_type\] router \[router...\]\n" + +# env(CLOGIN) may contain: +# x == do not set xterm banner or name + +# Password file +set password_file $env(HOME)/.cloginrc +# Default is to login to the router +set do_command 0 +set do_script 0 +# The default is to automatically enable +set avenable 1 +# The default is that you login non-enabled (tacacs can have you login already +# enabled) +set avautoenable 1 +# The default is to look in the password file to find the passwords. This +# tracks if we receive them on the command line. +set do_passwd 1 +set do_enapasswd 1 +# attempt at platform switching. +set platform "" + +# Find the user in the ENV, or use the unix userid. +if {[ info exists env(CISCO_USER) ]} { + set default_user $env(CISCO_USER) +} elseif {[ info exists env(USER) ]} { + set default_user $env(USER) +} elseif {[ info exists env(LOGNAME) ]} { + set default_user $env(LOGNAME) +} else { + # This uses "id" which I think is portable. At least it has existed + # (without options) on all machines/OSes I've been on recently - + # unlike whoami or id -nu. + if [ catch {exec id} reason ] { + send_error "\nError: could not exec id: $reason\n" + exit 1 + } + regexp {\(([^)]*)} "$reason" junk default_user +} + +# Sometimes routers take awhile to answer (the default is 10 sec) +set timeout 45 + +# Process the command line +for {set i 0} {$i < $argc} {incr i} { + set arg [lindex $argv $i] + + switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 + # Username + } -u* - + -U* { + if {! [ regexp .\[uU\](.+) $arg ignore user]} { + incr i + set username [ lindex $argv $i ] + } + # VTY Password + } -p* - + -P* { + if {! [ regexp .\[pP\](.+) $arg ignore userpasswd]} { + incr i + set userpasswd [ lindex $argv $i ] + } + set do_passwd 0 + # VTY Password + } -v* - + -v* { + if {! [ regexp .\[vV\](.+) $arg ignore passwd]} { + incr i + set passwd [ lindex $argv $i ] + } + set do_passwd 0 + # Version string + } -V* { + send_user "@PACKAGE@ @VERSION@\n" + exit 0 + # Enable Username + } -w* - + -W* { + if {! [ regexp .\[wW\](.+) $arg ignore enauser]} { + incr i + set enausername [ lindex $argv $i ] + } + # Environment variable to pass to -s scripts + } -E* + { + if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { + set E$varname $varvalue + } else { + send_user "\nError: invalid format for -E in $arg\n" + exit 1 + } + # Enable Password + } -e* + { + if {! [ regexp .\[e\](.+) $arg ignore enapasswd]} { + incr i + set enapasswd [ lindex $argv $i ] + } + set do_enapasswd 0 + # Command to run. + } -c* - + -C* { + if {! [ regexp .\[cC\](.+) $arg ignore command]} { + incr i + set command [ lindex $argv $i ] + } + set do_command 1 + # Expect script to run. + } -s* - + -S* { + if {! [ regexp .\[sS\](.+) $arg ignore sfile]} { + incr i + set sfile [ lindex $argv $i ] + } + if { ! [ file readable $sfile ] } { + send_user "\nError: Can't read $sfile\n" + exit 1 + } + set do_script 1 + # 'ssh -c' cypher type + } -y* - + -Y* { + if {! [ regexp .\[eE\](.+) $arg ignore cypher]} { + incr i + set cypher [ lindex $argv $i ] + } + # alternate cloginrc file + } -f* - + -F* { + if {! [ regexp .\[fF\](.+) $arg ignore password_file]} { + incr i + set password_file [ lindex $argv $i ] + } + # Timeout + } -t* - + -T* { + if {! [ regexp .\[tT\](.+) $arg ignore timeout]} { + incr i + set timeout [ lindex $argv $i ] + } + # Command file + } -x* - + -X { + if {! [ regexp .\[xX\](.+) $arg ignore cmd_file]} { + incr i + set cmd_file [ lindex $argv $i ] + } + if [ catch {set cmd_fd [open $cmd_file r]} reason ] { + send_user "\nError: $reason\n" + exit 1 + } + set cmd_text [read $cmd_fd] + close $cmd_fd + set command [join [split $cmd_text \n] \;] + set do_command 1 + # Do we enable? + } -noenable { + set avenable 0 + # Does tacacs automatically enable us? + } -autoenable { + set avautoenable 1 + set avenable 0 + } -* { + send_user "\nError: Unknown argument! $arg\n" + send_user $usage + exit 1 + } default { + break + } + } +} +# Process routers...no routers listed is an error. +if { $i == $argc } { + send_user "\nError: $usage" +} + +# Only be quiet if we are running a script (it can log its output +# on its own) +if { $do_script } { + log_user 0 +} else { + log_user 1 +} + +# +# Done configuration/variable setting. Now run with it... +# + +# Sets Xterm title if interactive...if its an xterm and the user cares +proc label { host } { + global env + # if CLOGIN has an 'x' in it, don't set the xterm name/banner + if [info exists env(CLOGIN)] { + if {[string first "x" $env(CLOGIN)] != -1} { return } + } + # take host from ENV(TERM) + if [info exists env(TERM)] { + if [regexp \^(xterm|vs) $env(TERM) ignore ] { + send_user "\033]1;[lindex [split $host "."] 0]\a" + send_user "\033]2;$host\a" + } + } +} + +# This is a helper function to make the password file easier to +# maintain. Using this the password file has the form: +# add password sl* pete cow +# add password at* steve +# add password * hanky-pie +proc add {var args} { global int_$var ; lappend int_$var $args} +proc include {args} { + global env + regsub -all "(^{|}$)" $args {} args + if { [ regexp "^/" $args ignore ] == 0 } { + set args $env(HOME)/$args + } + source_password_file $args +} + +proc find {var router} { + upvar int_$var list + if { [info exists list] } { + foreach line $list { + if { [string match [lindex $line 0] $router ] } { + return [lrange $line 1 end] + } + } + } + return {} +} + +# Loads the password file. Note that as this file is tcl, and that +# it is sourced, the user better know what to put in there, as it +# could install more than just password info... I will assume however, +# that a "bad guy" could just as easy put such code in the avologin +# script, so I will leave .cloginrc as just an extention of that script +proc source_password_file { password_file } { + global env + if { ! [file exists $password_file] } { + send_user "\nError: password file ($password_file) does not exist\n" + exit 1 + } + file stat $password_file fileinfo + if { [expr ($fileinfo(mode) & 007)] != 0000 } { + send_user "\nError: $password_file must not be world readable/writable\n" + exit 1 + } + if [ catch {source $password_file} reason ] { + send_user "\nError: $reason\n" + exit 1 + } +} + +# Log into the router. +# returns: 0 on success, 1 on failure, -1 if rsh was used successfully +proc login { router user userpswd passwd enapasswd cmethod cyphertype } { + global spawn_id in_proc do_command do_script platform + global prompt u_prompt p_prompt e_prompt sshcmd + set in_proc 1 + set uprompt_seen 0 + + # try each of the connection methods in $cmethod until one is successful + set progs [llength $cmethod] + foreach prog [lrange $cmethod 0 end] { + incr progs -1 + if [string match "telnet*" $prog] { + regexp {telnet(:([^[:space:]]+))*} $prog command suffix port + if {"$port" == ""} { + set retval [ catch {spawn telnet $router} reason ] + } else { + set retval [ catch {spawn telnet $router $port} reason ] + } + if { $retval } { + send_user "\nError: telnet failed: $reason\n" + return 1 + } + } elseif [string match "ssh*" $prog] { + regexp {ssh(:([^[:space:]]+))*} $prog command suffix port + if {"$port" == ""} { + set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] + + } else { + set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] + } + if { $retval } { + send_user "\nError: $sshcmd failed: $reason\n" + return 1 + } + } elseif ![string compare $prog "rsh"] { + global command + + if { ! $do_command } { + if { [llength $cmethod] == 1 } { + send_user "\nError: rsh is an invalid method for -x and " + send_user "interactive logins\n" + } + if { $progs == 0 } { + return 1 + } + continue; + } + + set commands [split $command \;] + set num_commands [llength $commands] + set rshfail 0 + for {set i 0} {$i < $num_commands && !$rshfail} { incr i} { + log_user 0 + set retval [ catch {spawn rsh $user@$router [lindex $commands $i] } reason ] + if { $retval } { + send_user "\nError: rsh failed: $reason\n" + log_user 1; return 1 + } + send_user "$router# [lindex $commands $i]\n" + + # rcmd does not get a pager and no prompts, so we just have to + # look for failures & lines. + expect { + "Connection refused" { catch {close}; catch {wait}; + send_user "\nError: Connection\ + Refused ($prog): $router\n" + set rshfail 1 + } + -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { + catch {close}; catch {wait}; + send_user "\nError: Connection\ + closed ($prog): $router\n" + set rshfail 1 + } + "Host is unreachable" { catch {close}; catch {wait}; + send_user "\nError: Host Unreachable:\ + $router\n" + set rshfail 1 + } + "No address associated with" { + catch {close}; catch {wait}; + send_user "\nError: Unknown host\ + $router\n" + set rshfail 1 + } + -re "\b+" { exp_continue } + -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" + exp_continue + } + timeout { catch {close}; catch {wait}; + send_user "\nError: TIMEOUT reached\n" + set rshfail 1 + } + eof { catch {close}; catch {wait}; } + } + log_user 1 + } + if { $rshfail } { + if { !$progs } { + return 1 + } else { + continue + } + } + # fake the end of the session for rancid. + send_user "$router# exit\n" + # return rsh "success" + return -1 + } else { + send_user "\nError: unknown connection method: $prog\n" + return 1 + } + sleep 0.3 + + # This helps cleanup each expect clause. + expect_after { + timeout { + send_user "\nError: TIMEOUT reached\n" + catch {close}; catch {wait}; + if { $in_proc} { + return 1 + } else { + continue + } + } eof { + send_user "\nError: EOF received\n" + catch {close}; catch {wait}; + if { $in_proc} { + return 1 + } else { + continue + } + } + } + + # Here we get a little tricky. There are several possibilities: + # the router can ask for a username and passwd and then + # talk to the TACACS server to authenticate you, or if the + # TACACS server is not working, then it will use the enable + # passwd. Or, the router might not have TACACS turned on, + # then it will just send the passwd. + # if telnet fails with connection refused, try ssh + expect { + -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { + catch {close}; catch {wait}; + if !$progs { + send_user "\nError: Connection Refused ($prog): $router\n" + return 1 + } + } + -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { + catch {close}; catch {wait}; + if !$progs { + send_user "\nError: Connection closed ($prog): $router\n" + return 1 + } + } + eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } + -nocase "unknown host\r" { + catch {close}; catch {wait}; + send_user "\nError: Unknown host $router\n"; wait; return 1 + } + "Host is unreachable" { + catch {close}; catch {wait}; + send_user "\nError: Host Unreachable: $router\n"; wait; return 1 + } + "No address associated with name" { + catch {close}; catch {wait}; + send_user "\nError: Unknown host $router\n"; wait; return 1 + } + -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { + send "yes\r" + send_user "\nHost $router added to the list of known hosts.\n" + exp_continue } + -re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" { + send "no\r" + send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" + return 1 } + -re "Offending key for .* \(yes\/no\)\?" { + send "no\r" + send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" + return 1 } + -re "(denied|Sorry)" { + send_user "\nError: Check your passwd for $router\n" + catch {close}; catch {wait}; return 1 + } + "Login failed" { + send_user "\nError: Check your passwd for $router\n" + return 1 + } + -re "% (Bad passwords|Authentication failed)" { + send_user "\nError: Check your passwd for $router\n" + return 1 + } + "Press any key to continue." { + # send_user "Pressing the ANY key\n" + send "\r" + exp_continue + } + -re "Enter Selection: " { + # Catalyst 1900s have some lame menu. Enter + # K to reach a command-line. + send "K\r" + exp_continue; + } + -re "@\[^\r\n]+ $p_prompt" { + # ssh pwd prompt + sleep 1 + send "$userpswd\r" + exp_continue + } + -re "$u_prompt" { + send "$user\r" + set uprompt_seen 1 + exp_continue + } + -re "$p_prompt" { + sleep 1 + if {$uprompt_seen == 1} { + send "$userpswd\r" + } else { + send "$passwd\r" + } + exp_continue + } + -re "$prompt" { break; } + "Login invalid" { + send_user "\nError: Invalid login: $router\n"; + catch {close}; catch {wait}; return 1 + } + } + } + + set in_proc 0 + return 0 +} + +# Enable +proc do_enable { enauser enapasswd } { + global prompt in_proc + global u_prompt e_prompt + set in_proc 1 + + send "enable\r" + expect { + -re "$u_prompt" { send "$enauser\r"; exp_continue} + -re "$e_prompt" { send "$enapasswd\r"; exp_continue} + "#" { set prompt "#" } + "(enable)" { set prompt "> (enable) " } + -re "(denied|Sorry|Incorrect)" { + # % Access denied - from local auth and poss. others + send_user "\nError: Check your Enable passwd\n"; + return 1 + } + "% Error in authentication" { + send_user "\nError: Check your Enable passwd\n" + return 1 + } + "% Bad passwords" { + send_user "\nError: Check your Enable passwd\n" + return 1 + } + } + # We set the prompt variable (above) so script files don't need + # to know what it is. + set in_proc 0 + return 0 +} + +# Run commands given on the command line. +proc run_commands { prompt command } { + global in_proc platform + set in_proc 1 + + # If the prompt is (enable), then we are on a switch and the + # command is "set length 0"; otherwise its "term length 0". + # skip if its an extreme (since the pager can not be disabled on a + # per-vty basis). + if { [ string compare "extreme" "$platform" ] } { + if [ regexp -- ".*> .*enable" "$prompt" ] { + send "set length 0\r" + # This is ugly, but reduces code duplication, allowing the + # subsequent expects to handle everything as normal. + set command "set logging session disable;$command" + } else { + #send "term length 0\r" + send "\r" + } + # escape any parens in the prompt, such as "(enable)" + regsub -all {[)(]} $prompt {\\&} reprompt + # match cisco config mode prompts too, such as router(config-if)#, + # but catalyst does not change in this fashion. + regsub -all {^(.{1,14}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt + expect { + -re $reprompt {} + -re "\[\n\r]+" { exp_continue } + } + } else { + regsub -all "\[)(]" $prompt {\\&} reprompt + } + + # this is the only way i see to get rid of more prompts in o/p..grrrrr + log_user 0 + # Is this a multi-command? + if [ string match "*\;*" "$command" ] { + set commands [split $command \;] + set num_commands [llength $commands] + # the pager can not be turned off on the PIX, so we have to look + # for the "More" prompt. the extreme is equally obnoxious, with a + # global switch in the config. + for {set i 0} {$i < $num_commands} { incr i} { + send "[subst -nocommands [lindex $commands $i]]\r" + expect { + -re "\b+" { exp_continue } + -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" + } + -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[^\r\n]*Press to cont\[^\r\n]*" { + send " " + # bloody ^[[2K after " " + expect { + -re "^\[^\r\n]*\r" {} + } + exp_continue + } + -re "^ *--More--\[^\n\r]*" { + send " " + exp_continue } + -re "^<-+ More -+>\[^\n\r]*" { + send_user -- "$expect_out(buffer)" + send " " + exp_continue } + } + } + } else { + # the pager can not be turned off on the PIX, so we have to look + # for the "More" prompt. the extreme is equally obnoxious, with a + # global switch in the config. + send "[subst -nocommands $command]\r" + expect { + -re "\b+" { exp_continue } + -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" + } + -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[^\r\n]*Press to cont\[^\r\n]*" { + send " " + # bloody ^[[2K after " " + expect { + -re "^\[^\r\n]*\r" {} + } + exp_continue + } + -re "^ *--More--\[^\n\r]*" { + send " " + exp_continue } + -re "^<-+ More -+>\[^\n\r]*" { + send_user -- "$expect_out(buffer)" + send " " + exp_continue } + } + } + log_user 1 + + if { [ string compare "extreme" "$platform" ] } { + send "exit\r" + } else { + send "quit\r" + } + expect { + -re "^\[^\n\r *]*$reprompt" { + # the Cisco CE and Jnx ERX + # return to non-enabled mode + # on exit in enabled mode. + send "exit\r" + exp_continue; + } + "Do you wish to save your configuration changes" { + send "n\r" + exp_continue + } + -re "\[\n\r]+" { exp_continue } + timeout { return 0 } + eof { return 0 } + } + set in_proc 0 +} + +# +# For each router... (this is main loop) +# +source_password_file $password_file +set in_proc 0 +set exitval 0 +foreach router [lrange $argv $i end] { + set router [string tolower $router] + send_user "$router\n" + + # Figure out the prompt. + # autoenable is off by default. If we have it defined, it was done + # on the command line. If it is not specifically set on the command + # line, check the password file. + if $avautoenable { + set autoenable 1 + set enable 0 + set prompt "(#| \\(enable\\))" + } else { + set ae [find autoenable $router] + if { "$ae" == "1" } { + set autoenable 1 + set enable 0 + set prompt "(#| \\(enable\\))" + } else { + set autoenable 0 + set enable $avenable + set prompt ">" + } + } + + # look for noenable option in .cloginrc + if { [find noenable $router] != "" } { + set enable 0 + } + + # Figure out passwords + if { $do_passwd || $do_enapasswd } { + set pswd [find password $router] + if { [llength $pswd] == 0 } { + send_user "\nError: no password for $router in $password_file.\n" + continue + } + if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { + send_user "\nError: no enable password for $router in $password_file.\n" + continue + } + set passwd [join [lindex $pswd 0] ""] + set enapasswd [join [lindex $pswd 1] ""] + } + + # Figure out username + if {[info exists username]} { + # command line username + set ruser $username + } else { + set ruser [join [find user $router] ""] + if { "$ruser" == "" } { set ruser $default_user } + } + + # Figure out username's password (if different from the vty password) + if {[info exists userpasswd]} { + # command line username + set userpswd $userpasswd + } else { + set userpswd [join [find userpassword $router] ""] + if { "$userpswd" == "" } { set userpswd $passwd } + } + + # Figure out enable username + if {[info exists enausername]} { + # command line enausername + set enauser $enausername + } else { + set enauser [join [find enauser $router] ""] + if { "$enauser" == "" } { set enauser $ruser } + } + + # Figure out prompts + set u_prompt [find userprompt $router] + if { "$u_prompt" == "" } { + set u_prompt "(Username|Login|login|user name):" + } else { + set u_prompt [join [lindex $u_prompt 0] ""] + } + set p_prompt [find passprompt $router] + if { "$p_prompt" == "" } { + set p_prompt "(\[Pp]assword|passwd):" + } else { + set p_prompt [join [lindex $p_prompt 0] ""] + } + set e_prompt [find enableprompt $router] + if { "$e_prompt" == "" } { + set e_prompt "\[Pp]assword:" + } else { + set e_prompt [join [lindex $e_prompt 0] ""] + } + + # Figure out cypher type + if {[info exists cypher]} { + # command line cypher type + set cyphertype $cypher + } else { + set cyphertype [find cyphertype $router] + if { "$cyphertype" == "" } { set cyphertype "3des" } + } + + # Figure out connection method + set cmethod [find method $router] + if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } + + # Figure out the SSH executable name + set sshcmd [find sshcmd $router] + if { "$sshcmd" == "" } { set sshcmd {ssh} } + + # Login to the router + if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { + # if login failed or rsh was successful, move on to the next device + incr exitval + continue + } + if { $enable } { + if {[do_enable $enauser $enapasswd]} { + if { $do_command || $do_script } { + incr exitval + catch {close}; catch {wait}; + continue + } + } + } + # we are logged in, now figure out the full prompt + send "\r" + expect { + -re "\[\r\n]+" { exp_continue; } + -re "^(.+:)1 $prompt" { # stoopid extreme cmd-line numbers and + # prompt based on state of config changes, + # which may have an * at the beginning. + set junk $expect_out(1,string) + regsub -all "^\\\* " $expect_out(1,string) {} junk + set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)"; + set platform "extreme" + } + -re "^.+$prompt" { set junk $expect_out(0,string); + regsub -all "\[\]\[]" $junk {\\&} prompt; + } + -re "^.+> \\\(enable\\\)" { + set junk $expect_out(0,string); + regsub -all "\[\]\[]" $junk {\\&} prompt; + } + } + + if { $do_command } { + if {[run_commands $prompt $command]} { + incr exitval + continue + } + } elseif { $do_script } { + # If the prompt is (enable), then we are on a switch and the + # command is "set length 0"; otherwise its "term length 0". + if [ regexp -- ".*> .*enable" "$prompt" ] { + #send "set length 0\r" + #send "set logging session disable\r" + } else { + #send "term length 0\r" + } + expect -re $prompt {} + source $sfile + catch {close}; + } else { + label $router + log_user 1 + interact + } + + # End of for each router + catch {wait}; + sleep 0.3 +} +exit $exitval diff --git a/bin/avorancid.in b/bin/avorancid.in new file mode 100644 index 0000000..511eb80 --- /dev/null +++ b/bin/avorancid.in @@ -0,0 +1,292 @@ +#! @PERLV_PATH@ +## +## $Id$ +## +## @PACKAGE@ @VERSION@ +## Copyright (C) 1997-2007 by Terrapin Communications, Inc. +## All rights reserved. +## +## This software may be freely copied, modified and redistributed +## without fee for non-commerical purposes provided that this license +## remains intact and unmodified with any RANCID distribution. +## +## There is no warranty or other guarantee of fitness of this software. +## It is provided solely "as is". The author(s) disclaim(s) all +## responsibility and liability with respect to this software's usage +## or its effect upon hardware, computer systems, other software, or +## anything else. +## +## Except where noted otherwise, rancid was written by and is maintained by +## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## +# +# RANCID - Really Awesome New Cisco confIg Differ +# +# usage: rancid [-dV] [-l] [-f filename | $host] +# +use Getopt::Std; +getopts('dflV'); +if ($opt_V) { + print "@PACKAGE@ @VERSION@\n"; + exit(0); +} +$log = $opt_l; +$debug = $opt_d; +$file = $opt_f; +$host = $ARGV[0]; +$clean_run = 0; +$found_end = 0; +$found_version = 0; +$found_env = 0; +$found_diag = 0; +$timeo = 90; # avologin timeout in seconds + +my(@commandtable, %commands, @commands);# command lists +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my(%filter_pwds); # password filtering mode + +# This routine is used to print out the router configuration +sub ProcessHistory { + my($new_hist_tag,$new_command,$command_string,@string) = (@_); + if ((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) + && defined %history) { + print eval "$command \%history"; + undef %history; + } + if (($new_hist_tag) && ($new_command) && ($command_string)) { + if ($history{$command_string}) { + $history{$command_string} = "$history{$command_string}@string"; + } else { + $history{$command_string} = "@string"; + } + } elsif (($new_hist_tag) && ($new_command)) { + $history{++$#history} = "@string"; + } else { + print "@string"; + } + $hist_tag = $new_hist_tag; + $command = $new_command; + 1; +} + +sub numerically { $a <=> $b; } + +# This is a sort routine that will sort numerically on the +# keys of a hash as if it were a normal array. +sub keynsort { + local(%lines) = @_; + local($i) = 0; + local(@sorted_lines); + foreach $key (sort numerically keys(%lines)) { + $sorted_lines[$i] = $lines{$key}; + $i++; + } + @sorted_lines; +} + +# This is a sort routine that will sort on the +# keys of a hash as if it were a normal array. +sub keysort { + local(%lines) = @_; + local($i) = 0; + local(@sorted_lines); + foreach $key (sort keys(%lines)) { + $sorted_lines[$i] = $lines{$key}; + $i++; + } + @sorted_lines; +} + +# This is a sort routine that will sort on the +# values of a hash as if it were a normal array. +sub valsort{ + local(%lines) = @_; + local($i) = 0; + local(@sorted_lines); + foreach $key (sort values %lines) { + $sorted_lines[$i] = $key; + $i++; + } + @sorted_lines; +} + +# This is a numerical sort routine (ascending). +sub numsort { + local(%lines) = @_; + local($i) = 0; + local(@sorted_lines); + foreach $num (sort {$a <=> $b} keys %lines) { + $sorted_lines[$i] = $lines{$num}; + $i++; + } + @sorted_lines; +} + +# This is a sort routine that will sort on the +# ip address when the ip address is anywhere in +# the strings. +sub ipsort { + local(%lines) = @_; + local($i) = 0; + local(@sorted_lines); + foreach $addr (sort sortbyipaddr keys %lines) { + $sorted_lines[$i] = $lines{$addr}; + $i++; + } + @sorted_lines; +} + +# These two routines will sort based upon IP addresses +sub ipaddrval { + my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); + $a[3] + 256 * ($a[2] + 256 * ($a[1] +256 * $a[0])); +} +sub sortbyipaddr { + &ipaddrval($a) <=> &ipaddrval($b); +} + +# This routine parses "cat" +sub CatFiles { + print STDERR " In CatFiles: $_" if ($debug); + + $catfile=$1; + $catfile=~s/cat //; + ProcessHistory("COMMENTS","","","! $catfile\n"); + while () { + tr/\015//d; + last if (/^$prompt/); + next if (/^(\s*|\s*$cmd\s*)$/); +# return(1) if /Line has invalid autocommand /; + ProcessHistory("COMMENTS","","","$_"); + } + ProcessHistory("COMMENTS","","","!\n"); + if ( $catfile == "/etc/security.opts" ) { $found_end=1;$clean_run=1;}; + return(0); +} + +# dummy function +sub DoNothing {print STDOUT;} + +# Main +@commandtable = ( + {'cat /etc/hostname' => 'CatFiles'}, + {'cat /etc/domainname.conf' => 'CatFiles'}, + {'cat /etc/resolv.conf' => 'CatFiles'}, + {'cat /etc/portslave/pslave.conf' => 'CatFiles'}, + {'cat /etc/passwd' => 'CatFiles'}, + {'cat /etc/snmp/snmpd.conf' => 'CatFiles'}, + {'cat /etc/network/ifcfg_eth0' => 'CatFiles'}, + {'cat /etc/network/st_routes' => 'CatFiles'}, + {'cat /etc/security.opts' => 'CatFiles'}, +); +# Use an array to preserve the order of the commands and a hash for mapping +# commands to the subroutine and track commands that have been completed. +@commands = map(keys(%$_), @commandtable); +%commands = map(%$_, @commandtable); + +$cisco_cmds=join(";",@commands); +$cmds_regexp=join("|",@commands); + +open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; +select(OUTPUT); +# make OUTPUT unbuffered if debugging +if ($debug) { $| = 1; } + +if ($file) { + print STDERR "opening file $host\n" if ($debug); + print STDOUT "opening file $host\n" if ($log); + open(INPUT,"<$host") || die "open failed for $host: $!\n"; +} else { + print STDERR "executing avologin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug); + print STDOUT "executing avologin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log); + if (defined($ENV{NOPIPE})) { + system "avologin -t $timeo -c \"$cisco_cmds\" $host $host.raw 2>&1" || die "avologin failed for $host: $!\n"; + open(INPUT, "< $host.raw") || die "avologin failed for $host: $!\n"; + } else { + open(INPUT,"avologin -t $timeo -c \"$cisco_cmds\" $host ) { + tr/\015//d; + if (/[>#]\s?exit$/) { + $clean_run=1; + last; + } + if (/^Error:/) { + print STDOUT ("$host avologin error: $_"); + print STDERR ("$host avologin error: $_") if ($debug); + $clean_run=0; + last; + } + while (/#\s*($cmds_regexp)\s*$/) { + $cmd = $1; + if (!defined($prompt)) { + $prompt = ($_ =~ /^([^#]+#)/)[0]; + $prompt =~ s/([][}{)(\\])/\\$1/g; + print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); + } + print STDERR ("HIT COMMAND:$_") if ($debug); + if (! defined($commands{$cmd})) { + print STDERR "$host: found unexpected command - \"$cmd\"\n"; + $clean_run = 0; + last TOP; + } + $rval = &{$commands{$cmd}}; + delete($commands{$cmd}); + if ($rval == -1) { + $clean_run = 0; + last TOP; + } + } +} +print STDOUT "Done $logincmd: $_\n" if ($log); +# Flush History +ProcessHistory("","","",""); +# Cleanup +close(INPUT); +close(OUTPUT); + +if (defined($ENV{NOPIPE})) { + unlink("$host.raw") if (! $debug); +} + +# check for completeness +if (scalar(%commands) || !$clean_run || !$found_end) { + if (scalar(%commands)) { + printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); + printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); + } + if (!$clean_run || !$found_end) { + print STDOUT "$host: End of run not found\n"; + print STDERR "$host: End of run not found\n" if ($debug); + system("/usr/bin/tail -1 $host.new"); + } + unlink "$host.new" if (! $debug); +} diff --git a/bin/blogin.in b/bin/blogin.in index 37c28e8..9851493 100644 --- a/bin/blogin.in +++ b/bin/blogin.in @@ -1,27 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: blogin.in,v 1.36 2006/12/08 21:28:25 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # blogin - Bay Networks(Nortel) login # # Unlike the Cisco's, there is no enable function on the Bay's. Instead @@ -32,7 +52,7 @@ # # Usage line -set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -85,8 +105,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -329,7 +352,7 @@ proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -337,7 +360,7 @@ proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -355,19 +378,19 @@ proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } { # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog)\n"; return 1 } } eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable!\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { @@ -385,7 +408,9 @@ proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } { -re "$u_prompt" { send "$user\r" expect { eof { send_user "\nError: Couldn't login\n"; wait; return 1 } - "Login invalid" { send_user "\nError: Invalid login\n"; vatch {close}; wait; return 1 } + "Login invalid" { send_user "\nError: Invalid login\n"; + catch {close}; catch {wait}; + return 1 } -re "$p_prompt" { send "$userpswd\r" } "$prompt" { set in_proc 0; return 0 } } @@ -406,7 +431,7 @@ proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } { } "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "% Bad passwords" {send_user "\nError: Check your passwd for $router\n"; return 1 } } @@ -476,7 +501,7 @@ proc run_commands { prompt command } { send "logout\r" expect { "\n" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -489,6 +514,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -603,12 +629,14 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $prompt $cmethod $cyphertype]} { + incr exitval continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { - catch {close}; catch {wait} + incr exitval + catch {close}; catch {wait}; continue } } @@ -616,13 +644,14 @@ foreach router [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { send "more off\r" expect $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -630,7 +659,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/brancid.in b/bin/brancid.in index 35f3f2f..27bb0ff 100644 --- a/bin/brancid.in +++ b/bin/brancid.in @@ -1,26 +1,46 @@ #! @PERLV_PATH@ ## -## $Id: brancid.in,v 1.24 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## hacked version of Hank's rancid - this one tries to deal with Bay's. ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -40,7 +60,9 @@ $found_end = 0; $timeo = 90; # blogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -155,7 +177,7 @@ sub ShowConfig { next if (/lock-address .*$/); next if (/^\# *uptime +\d+\s*$/); if (/community label /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { $_ =~ s/community label .*$/community label /; } } @@ -235,16 +257,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: bay\n!\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: baynet\n!\n"); TOP: while() { tr/\015//d; if ( (/\>\s?logout$/) || $found_end ) { diff --git a/bin/cat5rancid.in b/bin/cat5rancid.in index bd13d65..5c8b65d 100644 --- a/bin/cat5rancid.in +++ b/bin/cat5rancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: cat5rancid.in,v 1.47 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -39,7 +59,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode my(%modules); # module info (part from sh ver, part from sh module) # This routine is used to print out the router configuration @@ -681,6 +703,7 @@ sub ShowInventory { last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); + return(1) if (/Unknown command/); # the pager can not be disabled per-session on the PIX s/^<-+ More -+>\s*//; @@ -949,19 +972,19 @@ sub WriteTerm { s/\$(Revision|Id):/ $1:/; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^set arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^set logging server (\d+\.\d+\.\d+\.\d+)/ && @@ -970,7 +993,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^set snmp trap (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERHOST","ipsort","$1","!set snmp trap $1 \n"); } else { ProcessHistory("SNMPSERVERHOST","ipsort","$1","$_"); @@ -978,7 +1001,7 @@ sub WriteTerm { next; } if (/^(set snmp community) (\S+) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $2 \n"); } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") @@ -1085,22 +1108,33 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: cisco-cat\n!\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: cat5\n!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","F0","!\n"); ProcessHistory("COMMENTS","keysort","G0","!\n"); TOP: while() { tr/\015//d; - if (/> \(enable\) ?exit$/) { + if (/> \(enable\) ?exit(?:$|Connection)/) { $clean_run=1; last; } diff --git a/bin/clogin.in b/bin/clogin.in index 99a0874..4431f63 100644 --- a/bin/clogin.in +++ b/bin/clogin.in @@ -1,27 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: clogin.in,v 1.107 2006/12/08 21:28:25 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # clogin - Cisco login # # Most options are intuitive for logging into a Cisco router. @@ -33,7 +53,7 @@ # # Usage line -set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -88,8 +108,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -295,7 +318,7 @@ proc source_password_file { password_file } { # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user userpswd passwd enapasswd cmethod cyphertype } { - global spawn_id in_proc do_command do_script platform + global command spawn_id in_proc do_command do_script platform global prompt u_prompt p_prompt e_prompt sshcmd set in_proc 1 set uprompt_seen 0 @@ -305,7 +328,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { - regexp {telnet(:([^[:space:]]+))*} $prog command suffix port + regexp {telnet(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn telnet $router} reason ] } else { @@ -316,7 +339,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } } elseif [string match "ssh*" $prog] { - regexp {ssh(:([^[:space:]]+))*} $prog command suffix port + regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] @@ -328,8 +351,6 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } } elseif ![string compare $prog "rsh"] { - global command - if { ! $do_command } { if { [llength $cmethod] == 1 } { send_user "\nError: rsh is an invalid method for -x and " @@ -356,24 +377,24 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { # rcmd does not get a pager and no prompts, so we just have to # look for failures & lines. expect { - "Connection refused" { catch {close}; wait; + "Connection refused" { catch {close}; catch {wait}; send_user "\nError: Connection\ Refused ($prog): $router\n" set rshfail 1 } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { - catch {close}; wait; + catch {close}; catch {wait}; send_user "\nError: Connection\ closed ($prog): $router\n" set rshfail 1 } - "Host is unreachable" { catch {close}; wait; + "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable:\ $router\n" set rshfail 1 } "No address associated with" { - catch {close}; wait; + catch {close}; catch {wait}; send_user "\nError: Unknown host\ $router\n" set rshfail 1 @@ -382,11 +403,11 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; send_user "\nError: TIMEOUT reached\n" set rshfail 1 } - eof { catch {close}; wait } + eof { catch {close}; catch {wait}; } } log_user 1 } @@ -411,7 +432,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -419,7 +440,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -437,14 +458,14 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 @@ -452,15 +473,15 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable: $router\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { @@ -477,7 +498,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" @@ -487,7 +508,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { send_user "\nError: Check your passwd for $router\n" return 1 } - "Press any key to continue." { + "Press any key to continue" { # send_user "Pressing the ANY key\n" send "\r" exp_continue @@ -524,7 +545,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { -re "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login: $router\n"; - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } } } @@ -613,7 +634,7 @@ proc run_commands { prompt command } { } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } - -re "^--More--\r\n" { # specific match c1900 pager + -re "^--More--\[\r\n]+" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" @@ -696,7 +717,7 @@ proc run_commands { prompt command } { exp_continue } -re "\[\n\r]+" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -709,6 +730,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. @@ -825,13 +847,15 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { + incr exitval # if login failed or rsh was unsuccessful, move on to the next device continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { - catch {close}; catch {wait} + incr exitval + catch {close}; catch {wait}; continue } } @@ -859,6 +883,7 @@ foreach router [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { @@ -872,7 +897,7 @@ foreach router [lrange $argv $i end] { } expect -re $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -880,7 +905,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/control_rancid.in b/bin/control_rancid.in index 388bbf4..13b15f8 100644 --- a/bin/control_rancid.in +++ b/bin/control_rancid.in @@ -1,25 +1,45 @@ #! /bin/sh ## -## $Id: control_rancid.in,v 1.80 2006/12/07 21:14:06 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # control_rancid $GROUP # @@ -359,7 +379,7 @@ cd $DIR/configs # tailored to the specific installation. echo "" echo "Trying to get all of the configs." -par -q -n $PAR_COUNT -c "rancid-fe \{}" $devlistfile +par -q -n $PAR_COUNT -c "rancid-fe {}" $devlistfile # This section will generate a list of missed routers # and try to grab them again. It will run through diff --git a/bin/cssrancid.in b/bin/cssrancid.in index 294f400..e4614b5 100644 --- a/bin/cssrancid.in +++ b/bin/cssrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: cssrancid.in,v 1.13 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -39,7 +59,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -455,19 +477,19 @@ sub ShowRun { s/\$(Revision|Id):/ $1:/; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && @@ -476,7 +498,7 @@ sub ShowRun { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -498,7 +520,7 @@ sub ShowRun { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -598,16 +620,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: cisco-css\n!\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: css\n!\n"); #ProcessHistory("COMMENTS","keysort","B0","!\n"); #ProcessHistory("COMMENTS","keysort","F0","!\n"); #ProcessHistory("COMMENTS","keysort","G0","!\n"); diff --git a/bin/elogin.in b/bin/elogin.in index d581101..0084a1d 100644 --- a/bin/elogin.in +++ b/bin/elogin.in @@ -1,32 +1,52 @@ #! @EXPECT_PATH@ -- ## -## $Id: elogin.in,v 1.38 2006/12/05 16:50:52 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # elogin - ADC EZT3 login # # Most options are intuitive for logging into an ADC EZT3 mux. # # Usage line -set usage "Usage: $argv0 \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -78,8 +98,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -319,7 +342,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -327,7 +350,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -338,7 +361,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect { "Connection refused" { - close; wait + catch {close}; catch {wait}; sleep 0.3 expect eof send_user "\nError: Connection Refused\n"; wait; return 1 @@ -368,11 +391,11 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { exp_continue } "Password incorrect" { send_user "\nError: Check your password for $router\n"; - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "\r\n" { exp_continue; } } @@ -415,7 +438,7 @@ proc run_commands { prompt command } { send "exit\r" expect { "\n" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -428,6 +451,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -494,18 +518,20 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { + incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { send "screen 0\r" expect $prompt {} source $sfile - close + catch {close} } else { label $router log_user 1 @@ -513,7 +539,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/erancid.in b/bin/erancid.in index a95da84..cfd58b7 100644 --- a/bin/erancid.in +++ b/bin/erancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: erancid.in,v 1.26 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -39,7 +59,9 @@ $found_end = 0; $timeo = 90; # elogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -195,7 +217,7 @@ sub WriteTerm { tr/\015//d; last if(/Active\) >/); chop; - if (/^\s*snmp/ && defined($ENV{'NOCOMMSTR'})) { + if (/^\s*snmp/ && $filter_commstr) { /snmp (getcomm|setcomm|trapcomm)(\s+)(\S*)/ && ProcessHistory("","","","- snmp $1$2\"\"\n") && next; } @@ -252,16 +274,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","- RANCID-CONTENT-TYPE: adc-ezt3\n-\n"); +ProcessHistory("","","","- RANCID-CONTENT-TYPE: ezt3\n-\n"); ProcessHistory("COMMENTS","keysort","B0","-\n"); ProcessHistory("COMMENTS","keysort","F0","-\n"); ProcessHistory("COMMENTS","keysort","G0","-\n"); diff --git a/bin/f10rancid.in b/bin/f10rancid.in index e61d215..d210959 100644 --- a/bin/f10rancid.in +++ b/bin/f10rancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: f10rancid.in,v 1.23 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # This version of rancid tries to deal with Force10s. # # RANCID - Really Awesome New Cisco confIg Differ @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -152,276 +174,98 @@ sub ShowVersion { last if(/^$prompt/); next if(/^(\s*|\s*$cmd\s*)$/); return(-1) if (/command authorization failed/i); - if (/^Slave in slot (\d+) is running/) { - $slave = " Slave:"; - next; - } - /^Cisco Secure PIX /i && - ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; - /^IOS .* Software \(([A-Za-z-0-9]*)\), .*Version\s+(.*)$/ && - ProcessHistory("COMMENTS","keysort","F1", - "!Image:$slave Software: $1, $2\n") && next; - /^([A-Za-z-0-9_]*) Synced to mainline version: (.*)$/ && - ProcessHistory("COMMENTS","keysort","F2", - "!Image:$slave $1 Synced to mainline version: $2\n") && next; - /^Compiled (.*)$/ && - ProcessHistory("COMMENTS","keysort","F3", - "!Image:$slave Compiled: $1\n") && next; - /^ROM: (System )?Bootstrap.*(Version.*)$/ && - ProcessHistory("COMMENTS","keysort","G1", - "!ROM Bootstrap: $2\n") && next; - if (/^Hardware:\s+(.*), (.* RAM), CPU (.*)$/) { - ProcessHistory("COMMENTS","keysort","A1", - "!Chassis type: $1 - a PIX\n"); - ProcessHistory("COMMENTS","keysort","A2", - "!CPU: $3\n"); - ProcessHistory("COMMENTS","keysort","B1", "!Memory: $2\n"); - } - /^Serial Number:\s+(.*)$/ && - ProcessHistory("COMMENTS","keysort","C1", "!$_") && next; - /^Activation Key:\s+(.*)$/ && - ProcessHistory("COMMENTS","keysort","C2", "!$_") && next; - /^ROM: \d+ Bootstrap .*(Version.*)$/ && - ProcessHistory("COMMENTS","keysort","G2", - "!ROM Image: Bootstrap $1\n!\n") && next; - /^ROM: .*(Version.*)$/ && - ProcessHistory("COMMENTS","keysort","G3","!ROM Image: $1\n") && next; - /^BOOTFLASH: .*(Version.*)$/ && - ProcessHistory("COMMENTS","keysort","G4","!BOOTFLASH: $1\n") && next; - /^BOOTLDR: .*(Version.*)$/ && - ProcessHistory("COMMENTS","keysort","G4","!BOOTLDR: $1\n") && next; + + / Type: / && chop && chop && + ProcessHistory("COMMENTS","keysort","A1","!$_\n"); + /^.* Version.*$/ && - ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; + ProcessHistory("COMMENTS","keysort","F1","!Image: $_") && next; + /^Build .*$/ && - ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; - /^System image file is "([^\"]*)", booted via (\S*)/ && -# removed the booted source due to -# CSCdk28131: cycling info in 'sh ver' -# ProcessHistory("COMMENTS","keysort","F4","!Image: booted via $2, $1\n") && - ProcessHistory("COMMENTS","keysort","F4","!Image: booted $1\n") && - next; + ProcessHistory("COMMENTS","keysort","F1","!Image: $_") && next; + /^System image file is "([^\"]*)"$/ && ProcessHistory("COMMENTS","keysort","F5","!Image: $1\n") && next; - if (/(\S+)\s+\((\S+)\)\s+processor.*with (\S+[kK]) bytes/) { - my($proc) = $1; - my($cpu) = $2; - my($mem) = $3; - my($device) = "router"; - if ( $1 eq "CSC") { - $type = "AGS"; - } elsif ( $1 eq "CSC4") { - $type = "AGS+"; - } elsif ( $1 eq "2511" || $1 eq "2524" || $1 eq "AS2511-RJ") { - $type = "2500"; - } elsif ( $1 =~ /261[01]/ || $1 =~ /262[01]/ ) { - $type = "2600"; - } elsif ( $1 eq "3620" || $1 eq "3640") { - $type = "3600"; - } elsif ( $1 eq "RSP7000") { - $type = "7500"; - } elsif ( $1 =~ /RSP\d/) { - $type = "7500"; - } elsif ( $1 eq "RP1") { - $type = "7000"; - } elsif ( $1 eq "RP") { - $type = "7000"; - } elsif ( $1 =~ /720[246]/) { - $type = "7200"; - } elsif ( $1 =~ /1200[48]\/GRP/ || $1 =~ /1201[26]\/GRP/) { - $type = "12000"; - } elsif ( $1 =~ /1201[26]-8R\/GRP/) { - $type = "12000"; - } elsif ( $1 =~ /WS-C29/) { - $type = "2900XL"; - $device = "switch"; - } elsif ( $1 =~ /WS-C35/) { - $type = "3500XL"; - $device = "switch"; - } elsif ( $1 =~ /6000/) { - $type = "6000"; - $device = "switch"; - } else { - $type = $1; - } - print STDERR "TYPE = $type\n" if ($debug); - ProcessHistory("COMMENTS","keysort","A1", - "!Chassis type:$slave $proc - a $type $device\n"); - ProcessHistory("COMMENTS","keysort","B1", - "!Memory:$slave main $mem\n"); - ProcessHistory("COMMENTS","keysort","A3","!CPU:$slave $cpu\n"); - next; - } - if (/^Chassis Type: (.*)$/) { - $type = $1; - } + if (/^(.*\s+Processor)( \d)?:(.*) with (\d+[kK]?) bytes/) { my($cpu) = "$1$2:$3"; - my($mem) = $4; + my($mem) = int($4 / (1024 * 1024)); my($device) = "Force10"; - ProcessHistory("COMMENTS","keysort","A1", - "!Chassis type:$slave - a $device $type\n"); ProcessHistory("COMMENTS","keysort","B1", - "!Memory:$slave main $mem\n"); - ProcessHistory("COMMENTS","keysort","A3","!CPU:$slave $cpu\n"); - next; - } - /^(\S+)\s+processor: part number (\S+), mask (\S+)/ && - ProcessHistory("COMMENTS","keysort","A4","!CPU:$slave $_") && next; - if (/(\S+) Silicon\s*Switch Processor/) { - if (!defined($C0)) { - $C0=1; ProcessHistory("COMMENTS","keysort","C0","!\n"); - } - ProcessHistory("COMMENTS","keysort","C2","!SSP: $1\n"); - $ssp = 1; - $sspmem = $1; + "!Memory: $1$2: $mem" . "M\n"); + ProcessHistory("COMMENTS","keysort","A3","!CPU: $cpu\n"); next; } - /^(\d+[kK]) bytes of multibus/ && - ProcessHistory("COMMENTS","keysort","B2", - "!Memory: multibus $1\n") && next; + + # E-Series and C-Series use NVRAM /^(\d+[kK]) bytes of non-volatile/ && - ProcessHistory("COMMENTS","keysort","B3", - "!Memory: nvram $1\n") && next; - /^(\d+[kK]) bytes of flash memory/ && - ProcessHistory("COMMENTS","keysort","B5","!Memory: flash $1\n") && - next; - /^(\d+[kK]) bytes of .*flash partition/ && - ProcessHistory("COMMENTS","keysort","B6", - "!Memory: flash partition $1\n") && next; - /^(\d+[kK]) bytes of Flash internal/ && - ProcessHistory("COMMENTS","keysort","B4", - "!Memory: bootflash $1\n") && next; - if(/^(\d+[kK]) bytes of (Flash|ATA)?.*PCMCIA .*(slot|disk) ?(\d)/i) { - ProcessHistory("COMMENTS","keysort","B7", - "!Memory: pcmcia $2 $3$4 $1\n"); - next; - } - if(/^WARNING/) { - if (!defined($I0)) { - $I0=1; - ProcessHistory("COMMENTS","keysort","I0","!\n"); - } - ProcessHistory("COMMENTS","keysort","I1","! $_"); - # The line after the WARNING is what to do about it. - $_ = ; tr/\015//d; - ProcessHistory("COMMENTS","keysort","I1","! $_"); - } - if (/^Configuration register is (.*)$/) { - $config_register=$1; + ProcessHistory("COMMENTS","keysort","B3","!Memory: NVRAM $1\n") && next; - } - } - return(0); -} - -# This routine parses "show install active" -sub ShowInstallActive { - print STDERR " In ShowInstallActive: $_" if ($debug); - - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - return(1) if /^\s*\^\s*$/; - return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/command authorization failed/i); - ProcessHistory("COMMENTS","keysort","F5","!Image: $_") && next; - } - return(0); -} - -# This routine parses "show env all" -sub ShowEnv { - # Skip if this is not a 7500, 7200, or 7000. - print STDERR " In ShowEnv: $_" if ($debug); - - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - #return(1) if ($type !~ /^7/); - return(-1) if (/command authorization failed/i); - if (!defined($E0)) { - $E0=1; - ProcessHistory("COMMENTS","keysort","E0","!\n"); - } - if (/^Arbiter type (\d), backplane type (\S+)/) { - if (!defined($C0)) { - $C0=1; ProcessHistory("COMMENTS","keysort","C0","!\n"); - } - ProcessHistory("COMMENTS","keysort","C1", - "!Enviromental Arbiter Type: $1\n"); - ProcessHistory("COMMENTS","keysort","A2", - "!Chassis type: $2 backplane\n"); + # S-Series uses boot flash + /^(\d+[mM]) bytes of .oot..lash/ && + ProcessHistory("COMMENTS","keysort","B3","!Memory: Flash $1\n") && next; - } - /^\s*(Power [^:\n]+)$/ && - ProcessHistory("COMMENTS","keysort","E1","!Power: $1\n") && next; - /^\s*(Lower Power .*)/i && - ProcessHistory("COMMENTS","keysort","E2","!Power: $1\n") && next; - /^\s*(redundant .*)/i && - ProcessHistory("COMMENTS","keysort","E2","!Power: $1\n") && next; } - ProcessHistory("COMMENTS","","","!\n"); return(0); } # This routine parses "show boot" sub ShowBoot { - # Pick up boot variables if 7000/7200/7500/12000/2900/3500; - # otherwise pick up bootflash. print STDERR " In ShowBoot: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); - return(1) if /^\s*\^\s*$/; - return(-1) if (/command authorization failed/i); - return(1) if /Ambiguous command/i; return(1) if /(Invalid input detected|Type help or )/; - return(1) if /(Open device \S+ failed|Error opening \S+:)/; - next if /CONFGEN variable/; - if (!defined($H0)) { - $H0=1; ProcessHistory("COMMENTS","keysort","H0","!\n"); - } - if ($type !~ /^(12[04]|7)/) { - if ($type !~ /^(29|35)00/) { - ProcessHistory("COMMENTS","keysort","H2","!BootFlash: $_"); - } else { - ProcessHistory("COMMENTS","keysort","H1","!Variable: $_"); - } - } elsif (/variable/) { - ProcessHistory("COMMENTS","keysort","H1","!Variable: $_"); - } + return(-1) if (/command authorization failed/i); + + ProcessHistory("COMMENTS","keysort","H0","!Boot Variables: $_"); } ProcessHistory("COMMENTS","","","!\n"); return(0); } -# This routine parses "show flash" -sub ShowFlash { - # skip if this is 7000, 7200, 7500, or 12000; else we end up with - # redundant data from dir /all slot0: - print STDERR " In ShowFlash: $_" if ($debug); +# This routine parses "show chassis" +sub ShowChassis { + print STDERR " In ShowChassis: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); - return(1) if ($type =~ /^(12[40]|7)/); - return(-1) if (/command authorization failed/i); - return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; - ProcessHistory("FLASH","","","!Flash: $_"); + return(-1) if (/command authorization failed/i); + + /-----------------------------/ && next; + # general stuff that changes + /Next Boot/ && next; + /Up Time/ && next; + /Last Restart/ && next; + /Switch Fabric State/ && next; + /active / && next; + /online / && next; + /offline / && next; + # E600 AC PSMs + /Status : up/ && next; + /High line/ && next; + # E600 fan speed + /Status Temp/ && next; + s/(.*)\d\dC.*/ $1/; + # E1200 fan speed + s/Tray Status.*/Tray Status/; + s/ (\d.*)<.*/$1/; + # C300 fan speed + s/FanNumber Speed Status/FanNumber Status/; + s/(.*\d).*\d\d\d\d(.*)/$1 $2/; + ProcessHistory("COMMENTS","keysort","CHASSIS","!Chassis: $_"); } - ProcessHistory("","","","!\n"); - return; + ProcessHistory("COMMENTS","keysort","CHASSIS","!\n"); + return(0); } -# This routine parses "dir /all ((disk|slot)N|bootflash|nvram):" +# This routine parses "dir /all (flash|slotN):" sub DirSlotN { - # Skip if this is not a 3600, 7000, 7200, 7500, or 12000. print STDERR " In DirSlotN: $_" if ($debug); my($dev) = (/\s([^\s]+):/); @@ -434,362 +278,47 @@ sub DirSlotN { return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; return(1) if /No such device/i; - return(1) if /\%Error: No such file or directory/; + return(1) if /\% ?Error: No such file or directory/; + + return(1) if /\% ?Error: The file device is not present/; + return(1) if /\% ?Error: The specified file or directory does not exist/; return(1) if /No space information available/; - return(-1) if /\%Error calling/; - return(-1) if /(: device being squeezed|ATA_Status time out)/i; # busy return(-1) if (/command authorization failed/i); return(1) if /(Open device \S+ failed|Error opening \S+:)/; - ProcessHistory("FLASH","","","!Flash: $dev: $_"); - } - ProcessHistory("","","","!\n"); - return(0); -} -# This routine parses "show controllers" -sub ShowContAll { - # Skip if this is a 70[01]0, 7500, or 12000. - print STDERR " In ShowContAll: $_" if ($debug); + /Directory of/ && next; - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - # return(1) if ($type =~ /^(12[40]|7[05])/); - return(-1) if (/command authorization failed/i); - if (/^Interface ([^ \n(]*)/) { $INT = "$1, "; next; } - /^(BRI unit \d)/ && - ProcessHistory("INT","","","!Interface: $1\n") && next; - /^LANCE unit \d, NIM/ && - ProcessHistory("INT","","","!Interface: $_") && next; - /^(LANCE unit \d)/ && - ProcessHistory("INT","","","!Interface: $1\n") && next; - /(Media Type is \S+),/ && - ProcessHistory("INT","","","!\t$1\n"); - if (/(M\dT[^ :]*:) show controller:$/) { - my($ctlr) = $1; - $_ = ; tr/\015//d; s/ subunit \d,//; - ProcessHistory("INT","","","!Interface: $ctlr $_"); - } - if (/^(\S+) : show controller:$/) { - my($ctlr) = $1; - $_ = ; tr/\015//d; s/ subunit \d,//; - ProcessHistory("INT","","","!Interface: $ctlr: $_"); + # clean up totals line + if (/.* (\d+) bytes total/) { + my($tmp) = int($1 / (1024 * 1024)); + s/.* $1 bytes total/$tmp\M total/; } - /^(HD unit \d), idb/ && - ProcessHistory("INT","","","!Interface: $1\n") && next; - /^HD unit \d, NIM/ && - ProcessHistory("INT","","","!Interface: $_") && next; - /^buffer size \d+ HD unit \d, (.*)/ && - ProcessHistory("INT","","","!\t$1\n") && next; - /^AM79970 / && ProcessHistory("INT","","","!Interface: $_") && next; - /^buffer size \d+ (Universal Serial: .*)/ && - ProcessHistory("INT","","","!\t$1\n") && next; - /^Hardware is (.*)/ && - ProcessHistory("INT","","","!Interface: $INT$1\n") && next; - /^(QUICC Serial unit \d),/ && - ProcessHistory("INT","","","!$1\n") && next; - /^QUICC Ethernet .*/ && - ProcessHistory("INT","","","!$_") && next; - /^DTE .*\.$/ && - ProcessHistory("INT","","","!\t$_") && next; - /^(cable type :.*),/ && - ProcessHistory("INT","","","!\t$1\n") && next; - /^(.* cable.*), received clockrate \d+$/ && - ProcessHistory("INT","","","!\t$1\n") && next; - /^.* cable.*$/ && - ProcessHistory("INT","","","!\t$_") && next; - } - return(0); -} - -# This routine parses "show controllers cbus" -# Some of this is printed out in ShowDiagbus. -sub ShowContCbus { - # Skip if this is not a 7000 or 7500. - print STDERR " In ShowContCbus: $_" if ($debug); - - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - #return(1) if ($type !~ /^7[05]0/); - return(-1) if (/command authorization failed/i); - if (/^\s*slot(\d+): ([^,]+), hw (\S+), sw (\S+), ccb/) { - $slot = $1; - $board{$slot} = $2; - $hwver{$slot} = $3; - $hwucode{$slot} = $4; - } elsif (/^\s*(\S+) (\d+), hardware version (\S+), microcode version (\S+)/) { - $slot = $2; - $board{$slot} = $1; - $hwver{$slot} = $3; - $hwucode{$slot} = $4; - } elsif (/(Microcode .*)/) { - $ucode{$slot} = $1; - } elsif (/(software loaded .*)/) { - $ucode{$slot} = $1; - } elsif (/(\d+) Kbytes of main memory, (\d+) Kbytes cache memory/) { - $hwmemd{$slot} = $1; - $hwmemc{$slot} = $2; - } elsif (/byte buffers/) { - chop; - s/^\s*//; - $hwbuf{$slot} = $_; - } elsif (/Interface (\d+) - (\S+ \S+),/) { - $interface = $1; - ProcessHistory("HW","","", - "!\n!Int $interface: in slot $slot, named $2\n"); next; - } elsif (/(\d+) buffer RX queue threshold, (\d+) buffer TX queue limit, buffer size (\d+)/) { - ProcessHistory("HW","","","!Int $interface: rxq $1, txq $2, bufsize $3\n"); - next; + if (/.*\((\d+) bytes free\)/) { + my($tmp) = int($1 / (1024 * 1024)); + s/$1 bytes free/$tmp\M free/; } + s/ +$//g; + ProcessHistory("FLASH","","","!Flash: $dev: $_"); } + ProcessHistory("","","","!\n"); return(0); } -# This routine parses "show diagbus" -# This will create arrarys for hw info. -sub ShowDiagbus { - # Skip if this is not a 7000, 70[01]0, or 7500. - print STDERR " In ShowDiagbus: $_" if ($debug); - - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - #return(1) if ($type !~ /^7[05]/); - return(-1) if (/command authorization failed/i); - if (/^\s*Slot (\d+):/i) { - $slot = $1; - next; - } elsif (/^\s*Slot (\d+) \(virtual\):/i) { - $slot = $1; - next; - } elsif (/^\s*(.*Processor.*|.*controller|.*Chassis Interface)(, FRU:.*)?, HW rev (\S+), board revision (\S+)/i) { - $board = $1; - $hwver = $3; - $boardrev = $4; - if ($board =~ /Processor/) { - if ($board =~ /7000 Route\/Switch/) { - $board = "RSP7000"; - } elsif ($board =~ /Route\/Switch Processor (\d)/) { - $board = "RSP$1"; - } elsif ($board =~ /Route/) { - $board = "RP"; - } elsif ($board =~ /Silicon Switch/) { - $board = "SSP"; - } elsif ($board =~ /Switch/) { - $board = "SP"; - $board = "SSP $sspmem" if $ssp; - } elsif ($board =~ /ATM/) { - $board = "AIP"; - } - } elsif ($board =~ /(.*) controller/i) { - $board = $1; - } - # hwucode{$slot} defined in ShowContCbus - if (defined $hwucode{$slot}) { - ProcessHistory("SLOT","","","!\n!Slot $slot/$board: hvers $hwver rev $boardrev ucode $hwucode{$slot}\n"); - } else { - ProcessHistory("SLOT","","","!\n!Slot $slot/$board: hvers $hwver rev $boardrev\n"); - } - # These are also from the ShowContCbus - ProcessHistory("SLOT","","","!Slot $slot/$board: $ucode{$slot}\n") if (defined $ucode{$slot}); - ProcessHistory("SLOT","","","!Slot $slot/$board: memd $hwmemd{$slot}, cache $hwmemc{$slot}\n") - if ((defined $hwmemd{$slot}) && (defined $hwmemc{$slot})); - ProcessHistory("SLOT","","","!Slot $slot/$board: $hwbuf{$slot}\n") if (defined $hwbuf{$slot}); - next; - } - /Serial number: (\S+)\s*Part number: (\S+)/ && - ProcessHistory("SLOT","","", - "!Slot $slot/$board: part $2, serial $1\n") && - next; - /^\s*Controller Memory Size: (.*)$/ && - ProcessHistory("SLOT","","","!Slot $slot/$board: $1\n") && - next; - if (/PA Bay (\d) Information/) { - $pano = $1; - if ("PA" =~ /$board/) { - ($s,$c) = split(/\//,$board); - $board = "$s/$c/PA $pano"; - } else { - $board =~ s/\/PA \d//; - $board = "$board/PA $pano"; - } - next; - } - /\s+(.*) (IP|PA), (\d) ports?,( \S+,)? (FRU: )?(\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot/$board: type $6, $3 ports\n") && - next; - /\s+(.*) (IP|PA)( \(\S+\))?, (\d) ports?/ && - ProcessHistory("SLOT","","","!Slot $slot/$board: type $1$3, $4 ports\n") && - next; - /^\s*HW rev (\S+), Board revision (\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot/$board: hvers $1 rev $2\n") && - next; - /Serial number: (\S+)\s*Part number: (\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot/$board: part $2, serial $1\n") && next; - } - return(0); -} - -# This routine parses "show diag" for the gsr, 7200, 3600, 2600. -# This will create arrarys for hw info. -sub ShowDiag { - # Skip if this is not a 12000. - print STDERR " In ShowDiag: $_" if ($debug); - - while () { - tr/\015//d; - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - # return(1) if ($type !~ /^(12[40]|720|36|26)/); - return(-1) if (/command authorization failed/i); - /^$/ && next; - s/Port Packet Over SONET/POS/; - if (/^\s*SLOT\s+(\d+)\s+\((.*)\): (.*)/) { - $slot = $1; - ProcessHistory("SLOT","","","!\n!Slot $slot: $3\n"); - next; - } - if (/^\s+MAIN:\s* type \d+,\s+(.*)/) { - ProcessHistory("SLOT","","","!Slot $slot/MAIN: part $1\n") && next; - } - if (/ Engine:\s+(.*)/) { - ProcessHistory("SLOT","","","!Slot $slot/Engine: $1\n"); - } - if (/^\s+PCA:\s+(.*)/) { - local($part) = $1; - $_ = ; - /^\s+HW version (\S+)\s+S\/N (\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot/PCA: part $part, serial $2\n") && - ProcessHistory("SLOT","","","!Slot $slot/PCA: hvers $1\n"); - next; - } - if (/^\s+MBUS: .*\)\s+(.*)/) { - local($tmp) = "!Slot $slot/MBUS: part $1"; - $_ = ; - /^\s+HW version (\S+)\s+S\/N (\S+)/ && - ProcessHistory("SLOT","","","$tmp, serial $2\n") && - ProcessHistory("SLOT","","","!Slot $slot/MBUS: hvers $1\n"); - next; - } - if (/^\s+MBUS Agent Software version (.*)/) { - ProcessHistory("SLOT","","","!Slot $slot/MBUS: software $1\n"); - next; - } - if (/^\s+ROM Monitor version (.*)/) { - ProcessHistory("SLOT","","","!Slot $slot/ROM Monitor: version $1\n"); - next; - } - if (/^\s+Fabric Downloader version used (.*)/) { - ProcessHistory("SLOT","","","!Slot $slot/Fabric Downloader: version $1\n"); - next; - } - if (/^\s+DRAM size: (\d+)/) { - local($dram) = $1 / 1048576; - $_ = ; - if (/^\s+FrFab SDRAM size: (\d+)/) { - ProcessHistory("SLOT","","","!Slot $slot/MBUS: $dram Mbytes DRAM, " - . $1 / 1024 . " Kbytes SDRAM\n"); - } else { - ProcessHistory("SLOT","","","!Slot $slot/MBUS: $dram Mbytes DRAM\n"); - } - next; - } - # 7200 and 3600 stuff - if (/^(Slot)\s+(\d+(\/\d+)?):/ || /^\s+(WIC|VIC) Slot (\d):/) { - if ($1 eq "WIC") { - $WIC = "/$2"; - } elsif ($1 eq "VIC") { - $WIC = "/$2"; - } else { - $slot = $2; - undef($WIC); - } - $_ = ; tr/\015//d; - - # clean up hideous 7200 format to look more like 7500 output - s/Fast-ethernet on C7200 I\/O card/FE-IO/; - s/ with MII or RJ45/-TX/; - s/Fast-ethernet /100Base/; s/[)(]//g; - - /\s+(.*) port adapter,?\s+(\d+)\s+/i && - ProcessHistory("SLOT","","","!\n!Slot $slot: type $1, $2 ports\n"); - # I/O controller with no interfaces - /\s+(.*)\s+port adapter\s*$/i && - ProcessHistory("SLOT","","","!\n!Slot $slot: type $1, 0 ports\n"); - /\s+(.*)\s+daughter card(.*)$/ && - ProcessHistory("SLOT","","","!\n!Slot $slot$WIC: type $1$2\n"); - /\s+(FT1)$/ && - ProcessHistory("SLOT","","","!\n!Slot $slot$WIC: type $1\n"); - next; - } - /revision\s+(\S+).*revision\s+(\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot$WIC: hvers $1 rev $2\n") && - next; - /number\s+(\S+)\s+Part number\s+(\S+)/ && - ProcessHistory("SLOT","","","!Slot $slot$WIC: part $2, serial $1\n") && - next; - } - ProcessHistory("SLOT","","","!\n"); - return(0); -} - -# This routine parses "show module". -sub ShowModule { - print STDERR " In ShowModule: $_" if ($debug); - - my(@lines); - my($slot); - - while () { - tr/\015//d; - return if (/^\s*\^$/); - last if (/^$prompt/); - next if (/^(\s*|\s*$cmd\s*)$/); - return(-1) if (/command authorization failed/i); - - # match slot/card info line - if (/^ *(\d+)\s+(\d+)\s+(.*)\s+(\S+)\s+(\S+)\s*$/) { - $lines[$1] .= "!Slot $1: type $3, $2 ports\n!Slot $1: part $4, serial $5\n"; - $lines[$1] =~ s/\s+,/,/g; - } - # now match the Revs in the second paragraph of o/p and stick it in - # the array with the previous bits...grumble. - if (/^ *(\d+)\s+\S+\s+to\s+\S+\s+(\S+)\s+(\S*)\s+(\S+)(\s+\S+)?\s*$/) { - $lines[$1] .= "!Slot $1: hvers $2, firmware $3, sw $4\n"; - $lines[$1] =~ s/\s+,/,/g; - } - } - foreach $slot (@lines) { - next if ($slot =~ /^\s*$/); - ProcessHistory("Module","","","$slot!\n"); - } - - return(0); -} - -# This routine parses "show vtp status" -sub ShowVTP { - print STDERR " In ShowVTP: $_" if ($debug); +# This routine parses "show inventory" +sub ShowInventory { + print STDERR " In ShowInventory: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); - return(1) if /^\s*\^\s*$/; return(1) if /(Invalid input detected|Type help or )/; - #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); return(-1) if (/command authorization failed/i); - next if (/^Configuration last modified by/); - if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) { - $DO_SHOW_VLAN = 1; - } - ProcessHistory("COMMENTS","keysort","I0","!VTP: $_"); + + /-----------------------------/ && next; + ProcessHistory("COMMENTS","keysort","INVENTORY","!Inventory: $_"); } - ProcessHistory("COMMENTS","keysort","I0","!\n"); + ProcessHistory("COMMENTS","keysort","INVENTORY","!\n"); return(0); } @@ -797,18 +326,15 @@ sub ShowVTP { sub ShowVLAN { print STDERR " In ShowVLAN: $_" if ($debug); - ($_=,return(1)) if (!$DO_SHOW_VLAN); - while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /(Invalid input detected|Type help or )/; - #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); return(-1) if (/command authorization failed/i); - ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_"); + ProcessHistory("COMMENTS","keysort","VLAN","!VLAN: $_"); } - ProcessHistory("COMMENTS","keysort","IO","!\n"); + ProcessHistory("COMMENTS","keysort","VLAN","!\n"); return(0); } @@ -820,26 +346,8 @@ sub WriteTerm { tr/\015//d; last if(/^$prompt/); return(-1) if (/command authorization failed/i); - # the pager can not be disabled per-session on the PIX - s/^<-+ More -+>\s*//; - /Non-Volatile memory is in use/ && return(-1); # NvRAM is locked - # skip the crap - if (/^(##+$|(Building|Current) configuration)/i) { - while () { - next if (/^!?Current configuration\s*:/i); - next if (/^:/); - next if (/^([%!].*|\s*)$/); - next if (/^ip add.*ipv4:/); # band-aid for 3620 12.0S - last; - } - if (defined($config_register)) { - ProcessHistory("","","","!\nconfig-register $config_register\n"); - } - tr/\015//d; - } - # some versions have other crap mixed in with the bits in the - # block above - /^! (Last configuration|NVRAM config last)/ && next; + # skip crap + /^Current Configuration/ && next; # Dog gone Cool matches to process the rest of the config /^tftp-server flash / && next; # kill any tftp remains @@ -881,9 +389,6 @@ sub WriteTerm { ProcessHistory("","","","! neighbor $1 password \n"); next; } - if (/^(ppp .* password) 7 .*/ && $filter_pwds >= 1) { - ProcessHistory("","","","!$1 \n"); next; - } if (/^(ip ftp password) / && $filter_pwds >= 1) { ProcessHistory("","","","!$1 \n"); next; } @@ -894,32 +399,6 @@ sub WriteTerm { if (/^( ip ospf message-digest-key \d+ md5) / && $filter_pwds >= 1) { ProcessHistory("","","","!$1 \n"); next; } - if (/^((crypto )?isakmp key) \S+ / && $filter_pwds >= 1) { - ProcessHistory("","","","!$1 $'"); next; - } - # i am told these are plain-text on the PIX - if (/^(vpdn username \S+ password)/ && $filter_pwds >= 1) { - ProcessHistory("","","","!$1 \n"); next; - } - /fair-queue individual-limit/ && next; - # sort ip explicit-paths. - if (/^ip explicit-path name (\S+)/) { - my($key) = $1; - my($expath) = $_; - while () { - tr/\015//d; - last if (/^$prompt/); - last if (/^$prompt/ || ! /^(ip explicit-path name |[ !])/); - if (/^ip explicit-path name (\S+)/) { - ProcessHistory("EXPATH","keysort","$key","$expath"); - $key = $1; - $expath = $_; - } else { - $expath .= $_; - } - } - ProcessHistory("EXPATH","keysort","$key","$expath"); - } # sort route-maps if (/^route-map (\S+)/) { my($key) = $1; @@ -941,19 +420,19 @@ sub WriteTerm { s/\$(Revision|Id):/ $1:/; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && @@ -962,7 +441,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -984,7 +463,7 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -997,8 +476,6 @@ sub WriteTerm { # order clns host statements /^clns host \S+ (\S+)/ && ProcessHistory("CLNS","keysort","$1","$_") && next; - # order alias statements - /^alias / && ProcessHistory("ALIAS","keysort","$_","$_") && next; # delete ntp auth password - this md5 is a reversable too if (/^(ntp authentication-key \d+ md5) / && $filter_pwds >= 1) { ProcessHistory("","","","!$1 \n"); next; @@ -1012,30 +489,16 @@ sub WriteTerm { # order ip host line statements /^ip host line(\d+)/ && ProcessHistory("IPHOST","numsort","$1","$_") && next; - # order ip nat source static statements - /^ip nat (\S+) source static (\S+)/ && - ProcessHistory("IP NAT $1","ipsort","$2","$_") && next; # order atm map-list statements /^\s+ip\s+(\d+\.\d+\.\d+\.\d+)\s+atm-vc/ && ProcessHistory("ATM map-list","ipsort","$1","$_") && next; - # order ip rcmd lines - /^ip rcmd/ && ProcessHistory("RCMD","keysort","$_","$_") && next; - - # system controller - /^syscon address (\S*) (\S*)/ && - ProcessHistory("","","","!syscon address $1 \n") && - next; - if (/^syscon password (\S*)/ && $filter_pwds >= 1) { - ProcessHistory("","","","!syscon password \n"); - next; - } # catch anything that wasnt matched above. ProcessHistory("","","","$_"); # end of config. the ": " game is for the PIX - if (/^(: +)?end$/) { + if (/^end$/) { $found_end = 1; - return(1); + return(0); } } return(0); @@ -1047,26 +510,11 @@ sub DoNothing {print STDOUT;} # Main @commandtable = ( {'show version' => 'ShowVersion'}, - {'show install active' => 'ShowInstallActive'}, - {'show env all' => 'ShowEnv'}, - {'show boot' => 'ShowBoot'}, {'show bootvar' => 'ShowBoot'}, - {'show variables boot' => 'ShowBoot'}, - {'show flash' => 'ShowFlash'}, - {'dir /all nvram:' => 'DirSlotN'}, - {'dir /all bootflash:' => 'DirSlotN'}, - {'dir /all slot0:' => 'DirSlotN'}, - {'dir /all disk0:' => 'DirSlotN'}, - {'dir /all slot1:' => 'DirSlotN'}, - {'dir /all disk1:' => 'DirSlotN'}, - {'dir /all sup-bootflash:' => 'DirSlotN'}, - {'dir /all sup-microcode:' => 'DirSlotN'}, - {'show controllers' => 'ShowContAll'}, - {'show controllers cbus' => 'ShowContCbus'}, - {'show diagbus' => 'ShowDiagbus'}, - {'show diag' => 'ShowDiag'}, - {'show module' => 'ShowModule'}, - {'show vtp status' => 'ShowVTP'}, + {'dir flash:' => 'DirSlotN'}, + {'dir slot0:' => 'DirSlotN'}, + {'show chassis' => 'ShowChassis'}, + {'show inventory' => 'ShowInventory'}, {'show vlan' => 'ShowVLAN'}, {'show running' => 'WriteTerm'} ); @@ -1107,13 +555,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: force10\n!\n"); diff --git a/bin/flogin.in b/bin/flogin.in index 5c8813d..f15b1ec 100644 --- a/bin/flogin.in +++ b/bin/flogin.in @@ -1,27 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: flogin.in,v 1.47 2006/12/08 21:28:26 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # flogin - foundry login # # Most options are intuitive for logging into a foundry switch. @@ -36,7 +56,7 @@ # # Usage line -set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \ +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \ \[-c command\] \[-Evar=x\] \[-e enable-password\] \[-p user-password\] \ \[-f cloginrc-file\] \[-s script-file\] \[-t timeout\] \[-u user\] \ \[-v vty-password\] \[-w enable-username\]\[-y ssh_cypher_type\] \ @@ -89,8 +109,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -333,7 +356,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -341,7 +364,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -359,21 +382,21 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } -re "Telnet server disabled" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 @@ -381,15 +404,15 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable: $router\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host $router\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { @@ -406,7 +429,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" @@ -439,7 +462,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login: $router\n"; - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } } } @@ -513,7 +536,7 @@ proc run_commands { prompt command } { -re "^\[^ ]+>" { send "exit\r" exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -526,6 +549,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -635,12 +659,14 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { + incr exitval continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { - catch {close}; catch {wait} + incr exitval + catch {close}; catch {wait}; continue } } @@ -648,6 +674,7 @@ foreach router [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { @@ -655,7 +682,7 @@ foreach router [lrange $argv $i end] { send "skip-page-display\r" expect $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -663,7 +690,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/fnrancid.in b/bin/fnrancid.in index b14906a..812d796 100644 --- a/bin/fnrancid.in +++ b/bin/fnrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: fnrancid.in,v 1.11 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # A library built on Stephen Gill's Netscreen stuff to accomodate # the Fortinet product line. [d_pfleger@juniper.net] # @@ -42,7 +62,9 @@ $found_end = 0; $timeo = 90; # nlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -230,16 +252,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: Fortigate\n\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: fortigate\n\n"); TOP: while() { tr/\015//d; if (/^Error:/) { diff --git a/bin/francid.in b/bin/francid.in index 2967a34..66a0e4f 100644 --- a/bin/francid.in +++ b/bin/francid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: francid.in,v 1.42 2006/10/05 05:43:31 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with foundrys and foundrys OEM'd by HP as Procurves. # @@ -42,7 +62,9 @@ $found_end = 0; $timeo = 90; # flogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -198,9 +220,9 @@ sub ShowChassis { $skip = 1; } if (/fan controlled temperature:/i) { - $skip = 1; + $skip = 1; } - if (/THERMAL PLANE/) { + if (/THERMAL PLANE/) { $skip = 1; } if (/temperature:/i) { @@ -274,33 +296,33 @@ sub WriteTerm { # order access-lists /^access-list\s+(\d+)\s+(perm|deny)\s+(\d\S+)(\/\d+)\s*$/ && - ProcessHistory("PACL $1 $2","ipsort","$3","$_") + ProcessHistory("PACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && ProcessHistory("LOGGING","ipsort","$1","$_") && next; # order/prune snmp-server host/community statements if (/^(snmp-server host )(\d+\.\d+\.\d+\.\d+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERHOST","ipsort","$2","!$1 $2 \n") && next; } else { ProcessHistory("SNMPSERVERHOST","ipsort","$2","$_") && next; } } if (/^(snmp-server community )(\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1$'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -417,13 +439,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: foundry\n!\n"); diff --git a/bin/hlogin.in b/bin/hlogin.in index 8777021..1a7722c 100644 --- a/bin/hlogin.in +++ b/bin/hlogin.in @@ -1,27 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: hlogin.in,v 1.40 2006/12/08 21:28:26 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # hlogin - hp login # # Most options are intuitive for logging into a Cisco router. @@ -33,7 +53,7 @@ # # Usage line -set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -90,8 +110,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -343,7 +366,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -351,7 +374,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -373,17 +396,17 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { exp_continue } -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog)\n"; return 1 } } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable!\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { @@ -400,13 +423,15 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } -re "$u_prompt" { send "$user\r" expect { eof { send_user "\nError: Couldn't login\n"; wait; return 1 } - "Login invalid" { send_user "\nError: Invalid login\n"; vatch {close}; wait; return 1 } + "Login invalid" { send_user "\nError: Invalid login\n"; + catch {close}; catch {wait}; + return 1 } -re "$p_prompt" { send "$userpswd\r" } "$prompt" { set in_proc 0; return 0 } "Press any key to continue" { @@ -440,7 +465,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "% Bad passwords" {send_user "\nError: Check your passwd for $router\n"; return 1 } } @@ -480,7 +505,8 @@ proc run_commands { prompt command } { # Turn off the pager and escape regex meta characters in the $prompt send "no page\r" - regsub -all "\[)(]" $prompt {\\&} reprompt + regsub -all {[)(]} $prompt {\\&} reprompt + regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } @@ -488,63 +514,41 @@ proc run_commands { prompt command } { # this is the only way i see to get rid of more prompts in o/p..grrrrr log_user 0 # Is this a multi-command? - if [ string match "*\;*" "$command" ] { - set commands [split $command \;] - set num_commands [llength $commands] - # the pager can not be turned off on the PIX, so we have to look - # for the "More" prompt. the extreme is equally obnoxious, with a - # global switch in the config. - for {set i 0} {$i < $num_commands} { incr i} { - send "[subst -nocommands [lindex $commands $i]]\r" - expect { - -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" - } - -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" - exp_continue } - -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" - exp_continue } - -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " - expect { - # gag, 2 more prompts - -re "\[\r\n]*\r" {} - -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " "; exp_continue } - } - exp_continue - } - -re "^<-+ More -+>\[^\n\r]*" { send " " - exp_continue } - -re "^-+ MORE -+\[^\n\r]*" { send " " - exp_continue } - -re "^-+More-+\[^\n\r]*" { send " " - exp_continue } - -re "\b+" { exp_continue } - } - } - } else { - # the pager can not be turned off on the PIX, so we have to look - # for the "More" prompt. the extreme is equally obnoxious, with a - # global switch in the config. - send "[subst -nocommands $command]\r" + set commands [split $command \;] + set num_commands [llength $commands] + # if the pager can not be turned off, we have to look for the "More" + # prompt. + for {set i 0} {$i < $num_commands} { incr i} { + send "[subst -nocommands [lindex $commands $i]]\r" expect { - -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" - } - -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" - exp_continue } - -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" - exp_continue } - -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " - expect { - -re "\[\r\n]*\r\r" {} - } - exp_continue - } - -re "^<-+ More -+>\[^\n\r]*" { send " " - exp_continue } - -re "^-+ MORE -+\[^\n\r]*" { send " " - exp_continue } - -re "^-+More-+\[^\n\r]*" { send " " - exp_continue } - -re "\b+" { exp_continue } + -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } + -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" + exp_continue } + -re "\[^\r\n]*Press to cont\[^\r\n]*" { + send " " + expect { + # gag, 2 more prompts + -re "\[\r\n]*\r" {} + -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " "; exp_continue } + } + exp_continue + } + -re "^<-+ More -+>\[^\n\r]*" { send " " + exp_continue } + -re "^-+ MORE -+\[^\n\r]*" { send " " + exp_continue } + # 3 flavours of the more prompt, first -More-, then --More-- (for + # cisco/riverhead AGM), then with more dashes. + -re "^-More-\[^\n\r-]*" { send " " + exp_continue } + -re "^--More--\[^\n\r-]*" { send " " + exp_continue } + -re "^---+More---+\[^\n\r]*" { + send " " + exp_continue } + -re "\b+" { exp_continue } } } log_user 1 @@ -567,7 +571,7 @@ proc run_commands { prompt command } { send -h "exit\r" exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -580,6 +584,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -700,12 +705,14 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { + incr exitval continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { - catch {close}; catch {wait} + incr exitval + catch {close}; catch {wait}; continue } } @@ -719,6 +726,7 @@ foreach router [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { @@ -726,7 +734,7 @@ foreach router [lrange $argv $i end] { send "no page\r" expect -re $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -734,7 +742,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/hpuifilter.c b/bin/hpuifilter.c index c278a3f..38b4223 100644 --- a/bin/hpuifilter.c +++ b/bin/hpuifilter.c @@ -1,26 +1,43 @@ /* - * $Id: hpuifilter.c,v 1.36 2006/11/29 01:02:27 heas Exp $ + * $Id$ * - * Copyright (C) 1997-2006 by Terrapin Communications, Inc. + * Copyright (c) 1997-2007 by Terrapin Communications, Inc. * All rights reserved. * - * This software may be freely copied, modified and redistributed - * without fee for non-commerical purposes provided that this license - * remains intact and unmodified with any RANCID distribution. + * This code is derived from software contributed to and maintained by + * Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, + * Pete Whiting, Austin Schutz, and Andrew Fort. * - * There is no warranty or other guarantee of fitness of this software. - * It is provided solely "as is". The author(s) disclaim(s) all - * responsibility and liability with respect to this software's usage - * or its effect upon hardware, computer systems, other software, or - * anything else. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Terrapin Communications, + * Inc. and its contributors for RANCID. + * 4. Neither the name of Terrapin Communications, Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * 5. It is requested that non-binding fixes and modifications be contributed + * back to Terrapin Communications, Inc. * - * Except where noted otherwise, rancid was written by and is maintained by - * Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. + * THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. * - * Run telnet or ssh to connect to device specified on the command line. The - * point of hpfilter is to filter all the bloody vt100 (curses) escape codes - * that the HP procurve switches belch out, which are a real bitch to handle - * in hlogin. * * Modified openpty() from NetBSD: * Copyright (c) 1990, 1993, 1994 @@ -59,6 +76,9 @@ # include #endif +#if HAVE_CTYPE_H +# include +#endif #include #include #include @@ -89,26 +109,28 @@ #endif #define BUFSZ (LINE_MAX * 2) +#define ESC 0x1b char **environ, *progname; -int child, - debug, - drain, - timeo = 5; /* default timeout */ - -int filter __P((char *, int)); -RETSIGTYPE reapchild __P((void)); +int debug, + sigrx, + timeo = 5; /* default timeout */ +pid_t child; + +int expectmore(char *buf, int len); +int filter(char *, int); +RETSIGTYPE reapchild(int); #if !HAVE_OPENPTY int openpty(int *, int *, char *, struct termios *, struct winsize *); #endif -RETSIGTYPE sighdlr __P((int)); +RETSIGTYPE sighdlr(int); #if !HAVE_UNSETENV -int unsetenv __P((const char *)); +int unsetenv(const char *); #endif -void usage __P((void)); -void vers __P((void)); +void usage(void); +void vers(void); int main(int argc, char **argv, char **ev) @@ -119,13 +141,14 @@ main(int argc, char **argv, char **ev) hbuf[BUFSZ], /* hlogin buffer */ ptyname[FILENAME_MAX + 1], tbuf[BUFSZ], /* telnet/ssh buffer */ - *tbufp; + tbufstr[4] = {ESC, '\r', '\n', '\0'}; int bytes, /* bytes read/written */ devnull, rval = EX_OK, ptym, /* master pty */ ptys; /* slave pty */ - ssize_t hlen = 0, /* len of hbuf */ + ssize_t idx, /* strcspan span */ + hlen = 0, /* len of hbuf */ tlen = 0; /* len of tbuf */ struct pollfd pfds[3]; struct termios tios; @@ -166,8 +189,8 @@ main(int argc, char **argv, char **ev) unsetenv("DISPLAY"); - for (child = 3; child < 10; child++) - close(child); + for (sigrx = 3; sigrx < 10; sigrx++) + close(sigrx); /* allocate pty for telnet/ssh, then fork and exec */ if (openpty(&ptym, &ptys, ptyname, NULL, NULL)) { @@ -221,7 +244,7 @@ main(int argc, char **argv, char **ev) memset(tbuf, 0, BUFSZ); /* reap our children, must be set-up *after* openpty() */ - signal(SIGCHLD, (void *) reapchild); + signal(SIGCHLD, reapchild); if ((child = fork()) == -1) { fprintf(stderr, "%s: fork() failed: %s\n", progname, strerror(errno)); @@ -280,9 +303,9 @@ main(int argc, char **argv, char **ev) /* parent */ if (debug) - fprintf(stderr, "child %d\n", child); + fprintf(stderr, "child %d\n", (int)child); - signal(SIGHUP, (void *) sighdlr); + signal(SIGHUP, sighdlr); /* close the slave pty */ close(ptys); @@ -303,15 +326,18 @@ main(int argc, char **argv, char **ev) pfds[0].fd = fileno(stdin); pfds[0].events = POLLIN | POLLEXP; pfds[1].fd = fileno(stdout); + pfds[1].events = POLLEXP; pfds[2].fd = ptym; pfds[2].events = POLLIN | POLLEXP; + /* shuffle data across the pipes until we see EOF or a read/write error */ + sigrx = 0; while (1) { bytes = poll(pfds, 3, (timeo * 1000)); if (bytes == 0) { - if (drain) + if (sigrx) break; - /* timeout */ + /* timeout */ continue; } if (bytes == -1) { @@ -328,18 +354,15 @@ main(int argc, char **argv, char **ev) /* * write buffers first - * write hbuf (stdin) -> ptym + * write hbuf (aka hlogin/stdin/pfds[0]) -> telnet (aka ptym/pfds[2]) */ if ((pfds[2].revents & POLLOUT) && hlen) { if ((bytes = write(pfds[2].fd, hbuf, hlen)) < 0 && errno != EINTR && errno != EAGAIN) { fprintf(stderr, "%s: write() failed: %s\n", progname, strerror(errno)); - hbuf[0] = '\0'; hlen = 0; - drain = 1; - pfds[2].events &= ~POLLOUT; - + hbuf[0] = '\0'; break; } else if (bytes > 0) { strcpy(hbuf, hbuf + bytes); @@ -347,51 +370,71 @@ main(int argc, char **argv, char **ev) if (hlen < 1) pfds[2].events &= ~POLLOUT; } - } else if (pfds[2].revents & POLLEXP) { - hbuf[0] = '\0'; + } + if (pfds[2].revents & POLLEXP) { hlen = 0; - pfds[2].events &= POLLIN; + hbuf[0] = '\0'; break; } - /* write tbuf -> stdout */ + /* write tbuf (aka telnet/ptym/pfds[2]) -> hlogin (stdout/pfds[1]) */ if ((pfds[1].revents & POLLOUT) && tlen) { /* * if there is an escape char that didnt get filter()'d, * we need to write only up to that point and wait for * the bits that complete the escape sequence. if at least - * two bytes follow it, write it anyway as filter() didnt - * match it. + * two bytes follow it and it doesn't look like we should expect + * more data, write it anyway as filter() didnt match it. */ bytes = tlen; - if ((tbufp = index(tbuf, 0x1b)) != NULL) - if (tlen - (tbufp - tbuf) < 2) - bytes = tbufp - tbuf; + idx = strcspn(tbuf, tbufstr); + if (idx) { + if (tbuf[idx] == ESC) { + if (tlen - idx < 2 || expectmore(&tbuf[idx], tlen - idx)) { + bytes = idx; + } + } + if (tbuf[idx] == '\r' || tbuf[idx] == '\n') { + bytes = ++idx; + if (tbuf[idx] == '\r' || tbuf[idx] == '\n') + bytes++; + } + } else { + if (tbuf[0] == ESC) { + if (tlen < 2 || expectmore(tbuf, tlen)) { + bytes = 0; + } + } + if (tbuf[0] == '\r' || tbuf[0] == '\n') { + bytes = 1; + if (tbuf[1] == '\r' || tbuf[1] == '\n') + bytes++; + } + } if ((bytes = write(pfds[1].fd, tbuf, bytes)) < 0 && errno != EINTR && errno != EAGAIN) { fprintf(stderr, "%s: write() failed: %s\n", progname, strerror(errno)); - break; - tbuf[0] = '\0'; + /* dont bother trying to flush tbuf */ tlen = 0; - drain = 1; - pfds[1].events = 0; + tbuf[0] = '\0'; + break; } else if (bytes > 0) { strcpy(tbuf, tbuf + bytes); tlen -= bytes; if (tlen < 1) pfds[1].events &= ~POLLOUT; } - } else if (pfds[1].revents & POLLEXP) { - break; - tbuf[0] = '\0'; + } + if (pfds[1].revents & POLLEXP) { + /* dont bother trying to flush tbuf */ tlen = 0; - pfds[1].fd = devnull; - pfds[1].events = 0; + tbuf[0] = '\0'; + break; } - /* read stdin -> hbuf */ + /* read hlogin (aka stdin/pfds[0]) -> hbuf */ if (pfds[0].revents & POLLIN) { if (BUFSZ - hlen > 1) { bytes = read(pfds[0].fd, hbuf + hlen, (BUFSZ - 1) - hlen); @@ -399,22 +442,16 @@ main(int argc, char **argv, char **ev) hlen += bytes; hbuf[hlen] = '\0'; pfds[2].events |= POLLOUT; - } else if (bytes == 0 && errno != EAGAIN && errno != EINTR) { + } else if (bytes < 0 && errno != EAGAIN && errno != EINTR) { + /* read error */ break; - /* EOF or read error */ - drain = 1; - pfds[0].fd = devnull; - pfds[0].events = 0; } } - } else if (pfds[0].revents & POLLEXP) { - break; - drain = 1; - pfds[0].fd = devnull; - pfds[0].events = 0; } + if (pfds[0].revents & POLLEXP) + break; - /* read telnet/ssh -> tbuf, then filter */ + /* read telnet/ssh (aka ptym/pfds[2]) -> tbuf, then filter */ if (pfds[2].revents & POLLIN) { if (BUFSZ - tlen > 1) { bytes = read(pfds[2].fd, tbuf + tlen, (BUFSZ - 1) - tlen); @@ -424,47 +461,74 @@ main(int argc, char **argv, char **ev) tlen = filter(tbuf, tlen); if (tlen > 0) pfds[1].events |= POLLOUT; - } else if (bytes == 0 && errno != EAGAIN && errno != EINTR) { - /* EOF or read error */ + } else if (bytes < 0 && errno != EAGAIN && errno != EINTR) { + /* read error */ break; - drain = 1; - pfds[2].fd = devnull; - pfds[2].events = 0; } } - } else if (pfds[2].revents & POLLEXP) { - break; - drain = 1; - pfds[2].fd = devnull; - pfds[2].events = 0; } + if (pfds[2].revents & POLLEXP) + break; } - /* try to flush buffers */ + /* try to flush any remaining data from our buffers */ if (hlen) { - (void) write(pfds[2].fd, hbuf, hlen); + (void)write(pfds[2].fd, hbuf, hlen); hlen = 0; } if (tlen) { - (void) write(pfds[1].fd, tbuf, tlen); + (void)write(pfds[1].fd, tbuf, tlen); tlen = 0; } if ((bytes = read(pfds[2].fd, tbuf, (BUFSZ - 1))) > 0) { tbuf[bytes] = '\0'; tlen = filter(tbuf, bytes); - (void) write(pfds[1].fd, tbuf, tlen); + (void)write(pfds[1].fd, tbuf, tlen); } tcdrain(pfds[1].fd); if ((hlen = read(pfds[0].fd, hbuf, (BUFSZ - 1))) > 0) { - (void) write(pfds[2].fd, hbuf, hlen); + (void)write(pfds[2].fd, hbuf, hlen); } tcdrain(pfds[2].fd); if (child && ! kill(child, SIGINT)) - reapchild(); + reapchild(SIGCHLD); return(rval); } +/* + * return non-zero if the escape sequence beginning with buf appears to be + * incomplete (and the caller should wait for more data). + */ +int +expectmore(char *buf, int len) +{ + int i; + + if (buf[1] == '[' || isdigit((int)buf[1])) { + /* look for a char that ends the sequence */ + for (i = 2; i < len; i++) { + if (isalpha((int)buf[i])) + return(0); + } + return(1); + } + if (buf[1] == '#') { + /* look for terminating digit */ + for (i = 2; i < len; i++) { + if (isdigit((int)buf[i])) + return(0); + } + return(1); + } + + return(0); +} + +/* + * Remove/replace vt100/220 screen manipulation escape sequences so they do + * not litter the output. + */ int filter(char *buf, int len) { @@ -472,25 +536,25 @@ filter(char *buf, int len) #define N_REG 14 /* number of regexes in reg[][] */ static regex_t preg[N_REG]; static char reg[N_REG][50] = { /* vt100/220 escape codes */ - "\e7\e\\[1;24r\e8", /* ds */ - "\e8", /* fs */ + "\x1B""7\x1B\\[1;24r\x1B""8", /* ds */ + "\x1B""8", /* fs */ - "\e\\[2J", - "\e\\[2K", /* kE */ + "\x1B\\[2J", + "\x1B\\[2K", /* kE */ - "\e\\[[0-9]+;[0-9]+r", /* cs */ - "\e\\[[0-9]+;[0-9]+H", /* cm */ + "\x1B\\[[0-9]+;[0-9]+r", /* cs */ + "\x1B\\[[0-9]+;[0-9]+H", /* cm */ - "\e\\[\\?6l", - "\e\\[\\?7l", /* RA */ - "\e\\[\\?25h", /* ve */ - "\e\\[\\?25l", /* vi */ - "\e\\[K", /* ce */ - "\e\\[7m", /* mr - ansi */ + "\x1B\\[\\?6l", + "\x1B\\[\\?7l", /* RA */ + "\x1B\\[\\?25h", /* ve */ + "\x1B\\[\\?25l", /* vi */ + "\x1B\\[K", /* ce */ + "\x1B\\[7m", /* mr - ansi */ /* replace these with CR */ - "\e\\[0m", /* me */ - "\eE", + "\x1B\\[0m", /* me */ + "\x1B""E", }; char ebuf[256]; size_t nmatch = 1; @@ -498,7 +562,7 @@ filter(char *buf, int len) x; static int init = 0; - if (index(buf, 0x1b) == 0 || len == 0) + if (index(buf, ESC) == 0 || len == 0) return(len); for (x = 0; x < N_REG - 2; x++) { @@ -518,11 +582,12 @@ filter(char *buf, int len) } } else { strcpy(buf + pmatch[0].rm_so, buf + pmatch[0].rm_eo); - x = 0; + /* start over with the first regex */ + x = -1; } } - /* replace \eE w/ CR NL */ + /* no the CR NL replacements */ if (! init++) { for (x = N_REG - 2; x < N_REG; x++) if ((err = regcomp(&preg[x], reg[x], REG_EXTENDED))) { @@ -543,25 +608,32 @@ filter(char *buf, int len) *(buf + pmatch[0].rm_so) = '\r'; *(buf + pmatch[0].rm_so + 1) = '\n'; strcpy(buf + pmatch[0].rm_so + 2, buf + pmatch[0].rm_eo); - x = N_REG - 2; + /* start over with the first CR regex */ + x = N_REG - 3; } } + return(strlen(buf)); } RETSIGTYPE -reapchild(void) +reapchild(int sig) { int status; pid_t pid; - /* XXX this needs to deal with/without wait3 via HAVE_WAIT3 */ - while ((pid = wait3(&status, WNOHANG, 0)) > 0) - if (debug) - fprintf(stderr, "reap child %d\n", pid); - if (pid == child) - child = 0; + if (debug) + fprintf(stderr, "GOT SIGNAL %d\n", sig); + while ((pid = wait3(&status, WNOHANG, NULL)) > 0) { + if (debug) + fprintf(stderr, "reap child %d\n", (int)pid); + if (pid == child) { + child = 0; + sigrx = 0; + break; + } + } return; } @@ -570,7 +642,7 @@ sighdlr(int sig) { if (debug) fprintf(stderr, "GOT SIGNAL %d\n", sig); - drain = 1; + sigrx = 1; return; } @@ -691,11 +763,11 @@ openpty(int *amaster, int *aslave, char *name, struct termios *term, line[9] = *cp2; if ((master = open(line, O_RDWR, 0)) == -1) { if (errno != ENOENT) - continue; /* busy */ + continue; /* busy */ if (cp2 - cp + 1 < sizeof(TTY_OLD_SUFFIX)) - return -1; /* out of ptys */ + return -1; /* out of ptys */ else - break; /* out of ptys in this group */ + break; /* out of ptys in this group */ } line[5] = 't'; linep = line; diff --git a/bin/hrancid.in b/bin/hrancid.in index 0feefd0..5be2c8d 100644 --- a/bin/hrancid.in +++ b/bin/hrancid.in @@ -1,24 +1,44 @@ #! @PERLV_PATH@ ## -## $Id: hrancid.in,v 1.27 2006/10/05 04:27:42 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # Amazingly hacked version of Hank's rancid - this one tries to # deal with HP procurves. @@ -42,7 +62,9 @@ $found_end = 0; # unused - hp lacks an end-of-config tag $timeo = 90; # hlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -285,7 +307,7 @@ sub WriteTerm { } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_", ";$1 $'") && next; } else { @@ -297,7 +319,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -337,10 +359,10 @@ sub WriteTerm { # order arp lists /^ip arp\s+(\d+\.\d+\.\d+\.\d+)/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # blech!!!! @@ -396,14 +418,14 @@ sub WriteTerm { } # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order alias statements /^alias / && ProcessHistory("ALIAS","keysort","$_","$_") && next; @@ -481,16 +503,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","",";RANCID-CONTENT-TYPE: hp-procurve\n;\n"); +ProcessHistory("","","",";RANCID-CONTENT-TYPE: hp\n;\n"); ProcessHistory("COMMENTS","keysort","B0",";\n"); # memory info ProcessHistory("COMMENTS","keysort","C0",";\n"); # showversion ProcessHistory("COMMENTS","keysort","D0",";\n"); # showflash diff --git a/bin/htlogin.in b/bin/htlogin.in index 213f028..2c04e6a 100644 --- a/bin/htlogin.in +++ b/bin/htlogin.in @@ -1,34 +1,54 @@ #! @EXPECT_PATH@ -- ## -## $Id: htlogin.in,v 1.18 2006/12/05 16:50:52 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # htlogin - Hitachi router login # # Most options are intuitive for logging into an Hitachi router login. # # Usage line -set usage "Usage: $argv0 \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -80,8 +100,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -321,7 +344,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -329,7 +352,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -340,7 +363,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect { "Connection refused" { - close; wait + catch {close}; catch {wait}; sleep 0.3 expect eof send_user "\nError: Connection Refused\n"; wait; return 1 @@ -370,11 +393,11 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { exp_continue } "Password incorrect" { send_user "\nError: Check your password for $router\n"; - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "\r\n" { exp_continue; } } @@ -412,7 +435,7 @@ proc run_commands { prompt command } { send "exit\r" expect { "\n" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -425,6 +448,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -491,16 +515,18 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { + incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -508,7 +534,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/htrancid.in b/bin/htrancid.in index d15d569..6819162 100644 --- a/bin/htrancid.in +++ b/bin/htrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: htrancid.in,v 1.13 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # hacked version of Hank's rancid - this one tries to deal with Hitachi's. # # RANCID - Really Awesome New Cisco confIg Differ @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # htlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -213,13 +235,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: hitachi\n!\n"); diff --git a/bin/jerancid.in b/bin/jerancid.in index c0fb33e..84d59ec 100644 --- a/bin/jerancid.in +++ b/bin/jerancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: jerancid.in,v 1.36 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # jerancid - tries to deal with Juniper ERXs. # # RANCID - Really Awesome New Cisco confIg Differ @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -446,10 +468,10 @@ sub WriteTerm { # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; @@ -457,7 +479,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -480,7 +502,7 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'"); next; } else { @@ -588,16 +610,27 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: Juniper_ERX\n!\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: erx\n!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","F0","!\n"); ProcessHistory("COMMENTS","keysort","G0","!\n"); diff --git a/bin/jlogin.in b/bin/jlogin.in index 729afa7..e155d10 100644 --- a/bin/jlogin.in +++ b/bin/jlogin.in @@ -1,26 +1,46 @@ #! @EXPECT_PATH@ -- ## -## $Id: jlogin.in,v 1.56 2006/12/05 16:50:52 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. # # jlogin - juniper login # @@ -29,8 +49,8 @@ # # Usage line -set usage "Usage: $argv0 \[-c command\] \[-Evar=x\] \[-f cloginrc-file\] \ -\[-p user-password\] \[-r passphrase\] \[-s script-file\] \ +set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \ +\[-f cloginrc-file\] \[-p user-password\] \[-r passphrase\] \[-s script-file\] \ \[-u username\] \[-t timeout\] \[-x command-file\] \[-y ssh_cypher_type\] \ router \[router...\]\n" @@ -85,6 +105,9 @@ for {set i 0} {$i < $argc} {incr i} { set command [ lindex $argv $i ] } set do_command 1 + # Expect debug mode + } -d* { + exp_internal 1 # Environment variable to pass to -s scripts } -E* { @@ -312,7 +335,7 @@ proc login { router user passwd cmethod cyphertype identfile} { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -320,7 +343,7 @@ proc login { router user passwd cmethod cyphertype identfile} { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -337,25 +360,25 @@ proc login { router user passwd cmethod cyphertype identfile} { # then it will just send the passwd. expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog)\n"; return 1 } } eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r\n" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable!\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } "Login incorrect" { send_user "\nError: Check your password for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } -re "Enter passphrase.*: " { # sleep briefly to allow time for stty -echo @@ -384,7 +407,7 @@ proc login { router user passwd cmethod cyphertype identfile} { } -re "$prompt" { break; } denied { send_user "\nError: Check your password for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } } } @@ -436,7 +459,7 @@ proc run_commands { prompt command } { send "quit\r" expect { "\n" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -449,6 +472,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -511,11 +535,13 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $loginname $passwd $cmethod $cyphertype $identfile]} { + incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { @@ -524,7 +550,7 @@ foreach router [lrange $argv $i end] { send "set cli screen-length 0\r" expect -re $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -532,7 +558,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/jrancid.in b/bin/jrancid.in index 252b1a3..309cef9 100644 --- a/bin/jrancid.in +++ b/bin/jrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: jrancid.in,v 1.80 2006/12/05 17:14:27 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with Junipers. # @@ -43,7 +63,9 @@ $found_end = 0; $timeo = 120; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode my($ShowChassisSCB); # Only run ShowChassisSCB() once # This routine is used to print out the router configuration @@ -181,6 +203,11 @@ sub ShowChassisClocks { $x = sprintf(" MHz%".length($2)."s", " "); substr($_, $leadlen, length($2)+4, $x); } + # filter timestamps + next if (/selected for/i); + next if (/selected since/i); + + next if (/deviation/i); ProcessHistory("","","","# $_"); } return(0); @@ -195,6 +222,7 @@ sub ShowChassisEnvironment { while () { tr/\015//d; last if (/^$prompt/); + return 1 if (/^aborted!/i); next if (/^system (shutdown message from|going down )/i); next if (/^\{(master|backup)}/); @@ -228,6 +256,7 @@ sub ShowChassisFirmware { while () { tr/\015//d; last if (/^$prompt/); + return 1 if (/^aborted!/i); next if (/^system (shutdown message from|going down )/i); next if (/^\{(master|backup)}/); @@ -252,6 +281,7 @@ sub ShowChassisFpcDetail { while () { tr/\015//d; last if (/^$prompt/); + return 1 if (/^aborted!/i); next if (/^system (shutdown message from|going down )/i); next if (/^\{(master|backup)}/); @@ -279,6 +309,7 @@ sub ShowChassisHardware { while () { tr/\015//d; last if (/^$prompt/); + return 1 if (/^aborted!/i); next if (/^system (shutdown message from|going down )/i); next if (/^\{(master|backup)}/); @@ -547,7 +578,7 @@ sub ShowConfiguration { /^snmp/ && $snmp++; /^}/ && ($snmp = 0); if ($snmp && /^(\s*)(community|trap-group) [^ ;]+(\s?[;{])$/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { $_ = "$1$2 \"\"$3\n"; } } @@ -563,6 +594,11 @@ sub ShowConfiguration { ProcessHistory("","","","#$1$'"); next; } + # don't filter this one - there is no secret here. + if (/^\s*permissions .* secret /) { + ProcessHistory("","","","$_"); + next; + } if (/^(.*\ssecret )[^ ;]+/ && $filter_pwds >= 1) { ProcessHistory("","","","#$1$'"); next; @@ -660,13 +696,24 @@ if ($file) { } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","# RANCID-CONTENT-TYPE: juniper\n#\n"); diff --git a/bin/lg.cgi.in b/bin/lg.cgi.in index 4ad6fdd..d1efaea 100644 --- a/bin/lg.cgi.in +++ b/bin/lg.cgi.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: lg.cgi.in,v 1.54 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # The original original lookingglass s/w was written by Ed Kern. It was # a single script that used to be available at http://nitrous.digex.net/. # Provided by permission and modified beyond recognition. diff --git a/bin/lgform.cgi.in b/bin/lgform.cgi.in index 774d104..18f1c54 100644 --- a/bin/lgform.cgi.in +++ b/bin/lgform.cgi.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: lgform.cgi.in,v 1.31 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # The original original lookingglass s/w was written by Ed Kern. It was # a single script that used to be available at http://nitrous.digex.net/. # Provided by permission and modified beyond recognition. diff --git a/bin/mrancid.in b/bin/mrancid.in index f77779e..19ffadb 100644 --- a/bin/mrancid.in +++ b/bin/mrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: mrancid.in,v 1.19 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with MRTd. # @@ -42,7 +62,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -233,19 +255,19 @@ sub WriteTerm { next; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && @@ -254,7 +276,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -276,7 +298,7 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -351,13 +373,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: mrtd\n!\n"); diff --git a/bin/nlogin.in b/bin/nlogin.in index 53e8812..73b0e5a 100644 --- a/bin/nlogin.in +++ b/bin/nlogin.in @@ -1,26 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: nlogin.in,v 1.33 2006/12/08 21:28:26 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # Netscreen hacks implemented by Stephen Gill . # # nlogin - netscreen login @@ -32,8 +53,8 @@ # users permissions can not change. # Usage line -set usage "Usage: $argv0 \[-c command\] \[-Evar=x\] \[-f cloginrc-file\] \ -\[-p user-password\] \ +set usage "Usage: $argv0 \[-dV\] \[-c command\] \[-Evar=x\] \ +\[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-x command-file\] \ \[-y ssh_cypher_type\] router \[router...\]\n" @@ -80,8 +101,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -295,7 +319,7 @@ cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -303,7 +327,7 @@ cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -350,7 +374,7 @@ cyphertype } { send_user "\nError: host key mismatch for $firewall. Update the SSH known_hosts file accordingly.\n" return 1 } denied { send_user "\nError: Check your passwd for $firewall\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } " ### Login failed" {send_user "\nError: Check your passwd for $firewall\n"; return 1 } -re "(login:)" { @@ -425,7 +449,7 @@ proc run_commands { prompt command } { send "n\r" exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -438,6 +462,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach firewall [lrange $argv $i end] { set firewall [string tolower $firewall] send_user "$firewall\n" @@ -496,6 +521,7 @@ foreach firewall [lrange $argv $i end] { # Login to the firewall if {[login $firewall $ruser $userpswd $passwd $enapasswd $prompt $cmethod $cyphertype]} { + incr exitval continue } @@ -512,13 +538,14 @@ foreach firewall [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { send "set console page 0\r" expect -re $prompt {} source $sfile - close + catch {close}; } else { label $firewall log_user 1 @@ -526,7 +553,7 @@ foreach firewall [lrange $argv $i end] { } # End of for each firewall - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/nrancid.in b/bin/nrancid.in index 940bdc8..c4fe9f1 100644 --- a/bin/nrancid.in +++ b/bin/nrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: nrancid.in,v 1.28 2006/11/10 21:40:48 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with Netscreen firewalls # @@ -43,7 +63,9 @@ $found_end = 0; $timeo = 90; # nlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -283,6 +305,17 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 0; diff --git a/bin/nslogin.in b/bin/nslogin.in index 6cf4188..9e9e354 100644 --- a/bin/nslogin.in +++ b/bin/nslogin.in @@ -1,27 +1,47 @@ #! @EXPECT_PATH@ -- ## -## $Id: nslogin.in,v 1.22 2006/12/08 21:28:26 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # nslogin - Netscaler login # # Hacks from Anshuman Kanwar. @@ -35,7 +55,7 @@ # # Usage line -set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ @@ -47,7 +67,7 @@ set usage "Usage: $argv0 \[-autoenable\] \[-noenable\] \[-c command\] \ # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router -set do_command 1 +set do_command 0 set do_script 0 # The default is to automatically enable set avenable 0 @@ -90,8 +110,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -330,7 +353,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -338,7 +361,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -356,22 +379,22 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" { - catch {close}; wait + catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog)\n"; return 1 } } eof { send_user "\nError: Couldn't login\n"; wait; return 1 } -nocase "unknown host\r" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } "Host is unreachable" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Host Unreachable!\n"; wait; return 1 } "No address associated with name" { - catch {close}; + catch {close}; catch {wait}; send_user "\nError: Unknown host\n"; wait; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { @@ -388,7 +411,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" @@ -398,7 +421,9 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { send_user "\nError: Check your passwd for $router\n" return 1 } - -re "@\[^\r\n]+ $p_prompt" { + # newer netscaler code (NS8.0: Build 47.8) the password prompt is + # "Password:" not "user@hosts's password:" + -re "(@\[^\r\n]+ )?$p_prompt" { # ssh pwd prompt sleep 1 send "$userpswd\r" @@ -408,7 +433,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } { "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login\n"; - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } } } @@ -504,7 +529,7 @@ proc run_commands { prompt command } { exp_continue } "\n" { exp_continue } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -519,6 +544,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -617,6 +643,7 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { + incr exitval continue } @@ -639,6 +666,7 @@ foreach router [lrange $argv $i end] { if { $do_command } { if {[run_commands $prompt $command]} { + incr exitval continue } } elseif { $do_script } { @@ -652,7 +680,7 @@ foreach router [lrange $argv $i end] { } expect -re $prompt {} source $sfile - close + catch {close}; } else { label $router log_user 1 @@ -660,7 +688,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/nsrancid.in b/bin/nsrancid.in index a74cce6..bd159b7 100644 --- a/bin/nsrancid.in +++ b/bin/nsrancid.in @@ -1,24 +1,44 @@ #! @PERLV_PATH@ ## -## $Id: nsrancid.in,v 1.14 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # hacked version of Hank's rancid - this one tries to deal with Netscalers. # Hacks from Anshuman Kanwar. @@ -42,7 +62,9 @@ $found_end = 0; $timeo = 90; # nslogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode @temp1 = split (/\./,$host); $prompt = "$temp1[0]#"; @@ -161,7 +183,7 @@ sub ShowConfig { next if (/lock-address .*$/); next if (/^\# *uptime +\d+\s*$/); if (/community label /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { $_ =~ s/community label .*$/community label /; } } @@ -251,6 +273,17 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 0; diff --git a/bin/par.in b/bin/par.in index 408b36b..e7559f0 100644 --- a/bin/par.in +++ b/bin/par.in @@ -1,24 +1,44 @@ #! @PERLV_PATH@ ## -## $Id: par.in,v 1.14 2006/11/28 21:21:28 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # PAR - parallel processing of command # diff --git a/bin/prancid.in b/bin/prancid.in index 4777675..5228da7 100755 --- a/bin/prancid.in +++ b/bin/prancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: prancid.in,v 1.35 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # This version of rancid tries to deal with Prockets. # # RANCID - Really Awesome New Cisco confIg Differ @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode my($platform); # platform/cpu type # This routine is used to print out the router configuration @@ -351,19 +373,19 @@ sub WriteTerm { # # order access-lists # /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && -# ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; +# ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # # order extended access-lists # /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && -# ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; +# ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; # /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && -# ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; +# ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; # /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && -# ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; +# ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # # order arp lists # /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && -# ProcessHistory("ARP","ipsort","$1","$_") && next; +# ProcessHistory("ARP","$aclsort","$1","$_") && next; # /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && -# ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") +# ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") # && next; # order logging statements @@ -374,7 +396,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -396,7 +418,7 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -510,13 +532,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: procket\n!\n"); diff --git a/bin/rancid-cvs.in b/bin/rancid-cvs.in index 24d555a..86ca065 100644 --- a/bin/rancid-cvs.in +++ b/bin/rancid-cvs.in @@ -1,25 +1,45 @@ #! /bin/sh ## -## $Id: rancid-cvs.in,v 1.19 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Create all of the misc files & dirs needed for each group and import them # into CVS or Subversion. # @@ -77,7 +97,7 @@ if [ ! -d $CVSROOT ]; then if [ $RCSSYS = cvs ]; then cvs -d $CVSROOT init else - svnadmin create $CVSROOT + svnadmin create $CVSROOT @SVN_FSTYPE@ fi fi diff --git a/bin/rancid-fe.in b/bin/rancid-fe.in index bed4129..d5c68c2 100644 --- a/bin/rancid-fe.in +++ b/bin/rancid-fe.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: rancid-fe.in,v 1.45 2007/01/13 22:01:53 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # rancid-FE - front-end to rancid/jrancid/etc. for use with par. # # usage: rancid-fe : @@ -31,9 +51,10 @@ require 5; $vendor =~ tr/[A-Z]/[a-z]/; %vendortable = ( - 'agm' => 'agmrancid', 'alteon' => 'arancid', + 'avocent' => 'avorancid', 'baynet' => 'brancid', + 'bigip' => 'f5rancid', 'cat5' => 'cat5rancid', 'cisco' => 'rancid', 'css' => 'cssrancid', @@ -42,6 +63,7 @@ $vendor =~ tr/[A-Z]/[a-z]/; 'extreme' => 'xrancid', 'ezt3' => 'erancid', 'force10' => 'f10rancid', + 'fortigate' => 'fnrancid', 'foundry' => 'francid', 'hitachi' => 'htrancid', 'hp' => 'hrancid', @@ -51,6 +73,7 @@ $vendor =~ tr/[A-Z]/[a-z]/; 'netscreen' => 'nrancid', 'procket' => 'prancid', 'redback' => 'rrancid', + 'riverhead' => 'agmrancid', 'riverstone' => 'rivrancid', 'smc' => 'srancid', 'tnt' => 'tntrancid', diff --git a/bin/rancid-run.in b/bin/rancid-run.in index 42e387a..ae24912 100644 --- a/bin/rancid-run.in +++ b/bin/rancid-run.in @@ -1,25 +1,45 @@ #! /bin/sh ## -## $Id: rancid-run.in,v 1.35 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Run rancid for each of the rancid groups defined by $LIST_OF_GROUPS in # @sysconfdir@/rancid.conf or those specified on the command-line. # diff --git a/bin/rancid.in b/bin/rancid.in index 4b5b12a..45baa5c 100644 --- a/bin/rancid.in +++ b/bin/rancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: rancid.in,v 1.218 2006/10/05 04:27:43 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -34,6 +54,7 @@ $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; +$ios = "IOS"; $clean_run = 0; $found_end = 0; $found_version = 0; @@ -42,7 +63,9 @@ $found_diag = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -155,8 +178,8 @@ sub ShowVersion { next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/command authorization failed/i); return(0) if ($found_version); # Only do this routine once + return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); @@ -168,6 +191,7 @@ sub ShowVersion { $slaveslot = ", slot $1"; next; } + if (/cisco ios xr /i) { $ios = "XR"; } if (/^Application and Content Networking Software/) { $type="CE"; } /^Application and Content Networking Software Release /i && ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; @@ -177,7 +201,7 @@ sub ShowVersion { # license." PIX 7 as "his platform has ..." /^This (PIX|platform) has an?\s+(.*)$/ && ProcessHistory("COMMENTS","keysort","D1", "!$_") && next; - /^(Cisco )?IOS .* Software,? \(([A-Za-z-0-9_]*)\), .*Version\s+(.*)$/ && + /^(Cisco )?IOS .* Software,? \(([A-Za-z0-9_-]*)\), .*Version\s+(.*)$/ && ProcessHistory("COMMENTS","keysort","F1", "!Image:$slave Software: $2, $3\n") && next; /^([A-Za-z-0-9_]*) Synced to mainline version: (.*)$/ && @@ -276,30 +300,13 @@ sub ShowVersion { $type = "AGS"; } elsif ($proc eq "CSC4") { $type = "AGS+"; + } elsif ($proc =~ /1900/) { + $type = "1900"; + $device = "switch"; } elsif ($proc =~ /^(AS)?25[12][12]/) { $type = "2500"; } elsif ($proc =~ /261[01]/ || $proc =~ /262[01]/ ) { $type = "2600"; - } elsif ($proc =~ /^36[0246][0-9]/) { - $type = "3600"; - } elsif ($proc =~ /^37/) { - $type = "3700"; - } elsif ($proc =~ /^38/) { - $type = "3800"; - } elsif ($proc eq "RSP7000") { - $type = "7500"; - } elsif ($proc =~ /RSP\d/) { - $type = "7500"; - } elsif ($proc eq "RP1") { - $type = "7000"; - } elsif ($proc eq "RP") { - $type = "7000"; - } elsif ($proc =~ /720[246]/) { - $type = "7200"; - } elsif ($proc =~ /1200[48]\/GRP/ || $proc =~ /1201[26]\/GRP/) { - $type = "12000"; - } elsif ($proc =~ /1201[26]-8R\/GRP/) { - $type = "12000"; } elsif ($proc =~ /WS-C29/) { $type = "2900XL"; $device = "switch"; @@ -309,23 +316,52 @@ sub ShowVersion { } elsif ($proc =~ /WS-C35/) { $type = "3500XL"; $device = "switch"; + } elsif ($proc =~ /^36[0246][0-9]/) { + $type = "3600"; + } elsif ($proc =~ /^37/) { + $type = "3700"; + } elsif ($proc =~ /^38/) { + $type = "3800"; } elsif ($proc =~ /WS-C45/) { $type = "4500"; $device = "switch"; + } elsif ( $proc =~ /^AS5300/) { + $type = "AS5300"; + } elsif ( $proc =~ /^AS5350/) { + $type = "AS5350"; + } elsif ( $proc =~ /^AS5400/) { + $type = "AS5400"; } elsif ($proc =~ /6000/) { $type = "6000"; $device = "switch"; - } elsif ($proc =~ /CISCO76/) { - $type = "7600"; - $device = "router"; - } elsif ($proc =~ /1900/) { - $type = "1900"; - $device = "switch"; + } elsif ($proc eq "WK-C65") { + $type = "6500"; + } elsif ($proc eq "RP") { + $type = "7000"; + } elsif ($proc eq "RP1") { + $type = "7000"; + } elsif ($proc =~ /720[246]/) { + $type = "7200"; } elsif ( $proc =~ /^73/) { $type = "7300"; + } elsif ($proc eq "RSP7000") { + $type = "7500"; + } elsif ($proc =~ /RSP\d/) { + $type = "7500"; + } elsif ($proc =~ /OSR-76/) { + $type = "7600"; + } elsif ($proc =~ /CISCO76/) { + $type = "7600"; + } elsif ($proc =~ /1200[48]\/(GRP|PRP)/ || $proc =~ /1201[26]\/(GRP|PRP)/) { + $type = "12000"; + } elsif ($proc =~ /1201[26]-8R\/(GRP|PRP)/) { + $type = "12000"; + } elsif ($proc =~ /1240[48]\/(GRP|PRP)/ || $proc =~ /1241[06]\/(GRP|PRP)/) { + $type = "12400"; } else { $type = $proc; } + print STDERR "TYPE = $type\n" if ($debug); ProcessHistory("COMMENTS","keysort","A1", "!Chassis type:$slave $proc - a $type $device\n"); @@ -401,7 +437,13 @@ sub ShowRedundancy { s/^$1\s{$len}//; } - /^IOS .* Software \(([A-Za-z-0-9_]*)\), .*Version\s+(.*)$/ && + if (/^Version information for secondary in slot (\d+):/) { + $slave = " Slave:"; + $slaveslot = ", slot $1"; + next; + } + + /^IOS .* Software \(([A-Za-z0-9_-]*)\), .*Version\s+(.*)$/ && ProcessHistory("COMMENTS","keysort","F1", "!Image:$slave Software: $1, $2\n") && next; /^Compiled (.*)$/ && @@ -480,8 +522,8 @@ sub ShowEnv { #return(1) if ($type !~ /^7/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/command authorization failed/i); return(0) if ($found_env); # Only do this routine once + return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); @@ -526,6 +568,7 @@ sub ShowRSP { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); # return(1) if ($type !~ /^12[40]/); # the pager can not be disabled per-session on the PIX @@ -558,6 +601,7 @@ sub ShowGSR { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; return(-1) if (/command authorization failed/i); # return(1) if ($type !~ /^12[40]/); # the pager can not be disabled per-session on the PIX @@ -620,7 +664,7 @@ sub ShowBoot { } else { ProcessHistory("COMMENTS","keysort","H1","!Variable: $_"); } - } elsif (/variable/) { + } elsif (/(variable|register)/) { ProcessHistory("COMMENTS","keysort","H1","!Variable: $_"); } } @@ -678,6 +722,10 @@ sub DirSlotN { return(-1) if /(: device being squeezed|ATA_Status time out)/i; # busy return(-1) if (/command authorization failed/i); return(1) if /(Open device \S+ failed|Error opening \S+:)/; + if (/.*\((\d+) bytes free\)/ && $ios eq "XR") { + my($tmp) = int($1 / (1024 * 1024)); + s/$1 bytes free/$tmp MB free/; + } # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); @@ -699,6 +747,7 @@ sub ShowContAll { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; # return(1) if ($type =~ /^(12[40]|7[05])/); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX @@ -763,6 +812,7 @@ sub ShowContCbus { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; #return(1) if ($type !~ /^7[05]0/); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX @@ -939,8 +989,8 @@ REDUX: tr/\015//d; # return(1) if ($type !~ /^(12[40]|720|36|26)/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/command authorization failed/i); return(0) if ($found_diag); # Only do this routine once + return(-1) if (/command authorization failed/i); /^$/ && next; # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { @@ -1119,14 +1169,26 @@ REDUX: tr/\015//d; ProcessHistory("SLOT","","","!\n"); /\s+(.*) port adapter,?\s+(\d+)\s+/i && - ProcessHistory("SLOT","keysort","B","!Slot $slot: type $1, $2 ports\n") && next; + ProcessHistory("SLOT","keysort","B", + "!Slot $slot: type $1, $2 ports\n") && next; # I/O controller with no interfaces /\s+(.*)\s+port adapter\s*$/i && - ProcessHistory("SLOT","keysort","B","!Slot $slot: type $1, 0 ports\n") && next; + ProcessHistory("SLOT","keysort","B", + "!Slot $slot: type $1, 0 ports\n") && next; /\s+(.*)\s+daughter card(.*)$/ && - ProcessHistory("SLOT","keysort","B","!Slot $slot$WIC: type $1$2\n") && next; + ProcessHistory("SLOT","keysort","B", + "!Slot $slot$WIC: type $1$2\n") && next; /\s+(FT1)$/ && - ProcessHistory("SLOT","keysort","B","!Slot $slot$WIC: type $1\n") && next; + ProcessHistory("SLOT","keysort","B", + "!Slot $slot$WIC: type $1\n") && next; + # AS5300/5400 handling + /^Hardware is\s+(.*)$/i && + ProcessHistory("SLOT","keysort","B","!Slot $slot: type $1\n") + && next; + /^DFC type is\s+(.*)$/i && + ProcessHistory("SLOT","keysort","B","!Slot $slot: type $1\n") + && next; + # # handle WICs lacking "daughter card" in the 2nd line of their # show diag o/p if (defined($WIC)) { @@ -1165,8 +1227,18 @@ REDUX: tr/\015//d; if (/part number\s+:\s+(\S+)/i) { $pn = $1; } if (/board revision\s+:\s+(\S+)/i) { $rev = $1; } if (/pcb serial number\s+:\s+(\S+)/i) { $sn = $1; } + # fru/pid bits, true Cisco evolving "standard", hopefully + # "show inventory" will be "the way" soon. + # + if (/product \(fru\) number\s+:\s+(\S+)/i) { $fn = $1; } + if (/product number\s+:\s+(\S+)/i) { $fn = $1; } + if (/product\s+identifier\s+\(PID\)\s+:\s+(\S+)/i) { $fn = $1; } + if (/fru\s+part\s+number\s+(\S+)/i) { $fn = $1; } } PerlSucks: + # fru/pid bits + ProcessHistory("SLOT","keysort","AG","!Slot $slot$WIC: fru $fn\n"); + # ProcessHistory("SLOT","keysort","B","!Slot $slot$WIC: hvers $hw rev $rev\n"); ProcessHistory("SLOT","keysort","C","!Slot $slot$WIC: part $pn, serial $sn\n"); } @@ -1176,6 +1248,17 @@ PerlSucks: /number\s+(\S+)\s+Part number\s+(\S+)/ && ProcessHistory("SLOT","keysort","D","!Slot $slot$WIC: part $2, serial $1\n") && next; + # AS5x00 bits + /^\ Board Revision\s+(\S+),\s+Serial Number\s+(\S+),/ && + ProcessHistory("SLOT","keysort","D", + "!Slot $slot$WIC: rev $1, serial $2\n") && next; + /^\ Board Hardware Version\s+(\S+),\s+Item Number\s+(\S+),/ && + ProcessHistory("SLOT","keysort","D", + "!Slot $slot$WIC: hvers $1, part $2\n") && next; + /^Motherboard Info:/ && + ProcessHistory("SLOT","keysort","D", + "!Slot $slot$WIC: Motherboard\n") && next; + # } ProcessHistory("SLOT","","","!\n"); return(0); @@ -1301,6 +1384,7 @@ sub ShowC7200 { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); + return(1) if /(Invalid input detected|Type help or )/; #return(1) if ($type !~ /^72/); return(-1) if (/command authorization failed/i); /^$/ && next; @@ -1374,7 +1458,7 @@ sub ShowVTP { sub ShowVLAN { print STDERR " In ShowVLAN: $_" if ($debug); - ($_=,return(1)) if (!$DO_SHOW_VLAN); + ($_ = , return(1)) if (!$DO_SHOW_VLAN); while () { tr/\015//d; @@ -1386,7 +1470,7 @@ sub ShowVLAN { return(1) if /Ambiguous command/i; # newer releases (~12.1(9)) place the vlan config in the normal # configuration (write term). - return(1) if ($type =~ /^(3550|4500|7600)$/); + return(1) if ($type =~ /^(3550|4500)$/); #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX @@ -1411,6 +1495,7 @@ sub WriteTerm { last if (/^$prompt/); return(1) if /Line has invalid autocommand /; return(1) if (/(Invalid input detected|Type help or )/i); + return(0) if ($found_end); # Only do this routine once return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { @@ -1419,7 +1504,6 @@ sub WriteTerm { } /Non-Volatile memory is in use/ && return(-1); # NvRAM is locked - return(0) if ($found_end); # Only do this routine once $linecnt++; $lineauto = 0 if (/^[^ ]/); # skip the crap @@ -1605,19 +1689,19 @@ sub WriteTerm { s/\$(Revision|Id):/ $1:/; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order extended access-lists /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ && - ProcessHistory("EACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next; /^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ && - ProcessHistory("EACL $1 $2","ipsort","0.0.0.0","$_") && next; + ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next; # order arp lists /^arp\s+(\d+\.\d+\.\d+\.\d+)\s+/ && - ProcessHistory("ARP","ipsort","$1","$_") && next; + ProcessHistory("ARP","$aclsort","$1","$_") && next; /^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ && - ProcessHistory("PACL $1 $3","ipsort","$4","ip prefix-list $1 $3 $4$5\n") + ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && @@ -1626,7 +1710,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -1653,15 +1737,15 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; } } # prune tacacs/radius server keys - if (/^((tacacs-server|radius-server)\s(\w*[-\s(\s\S+])*\s?key) \d \w+/ - && $filter_pwds >= 1) { + if (/^((tacacs|radius)-server\s(\w*[-\s(\s\S+])*\s?key) (\d )?\w+/ + && $filter_pwds >= 1) { ProcessHistory("","","","!$1 $'"); next; } # order clns host statements @@ -1705,7 +1789,7 @@ sub WriteTerm { # end of config. the ": " game is for the PIX if (/^(: +)?end$/) { $found_end = 1; - return(1); + return(0); } } # The ContentEngine lacks a definitive "end of config" marker. If we @@ -1713,7 +1797,7 @@ sub WriteTerm { # o/p, we can be reasonably sure that we got the config. if ($type =~ /^CE$/ && $linecnt > 5) { $found_end = 1; - return(1); + return(0); } return(0); @@ -1822,6 +1906,17 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 0; diff --git a/bin/rivlogin.in b/bin/rivlogin.in index 2d80217..7a65986 100644 --- a/bin/rivlogin.in +++ b/bin/rivlogin.in @@ -1,26 +1,46 @@ #! @EXPECT_PATH@ -- ## -## $Id: rivlogin.in,v 1.26 2006/12/08 21:28:26 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # -# The login expect scripts were based on Erik Sherk's gwtn, by permission. +# The expect login scripts were based on Erik Sherk's gwtn, by permission. # # rivlogin - Riverstone (and Enterasys SSR) login # @@ -32,7 +52,7 @@ # Returned to the RANCID crowd by andrew fort # Usage line -set usage "Error: Usage: $argv0 \[-noenable\] \ +set usage "Error: Usage: $argv0 \[-dV\] \[-noenable\] \ \[-f cloginrc-file\] \[-c command\] \[-Evar=x\] \[-s script-file\] \ \[-x command-file\] \[-t timeout\] \[-o output-file\] \ router \[router...\]\n" @@ -781,7 +801,6 @@ for {set idx 0} {$idx < $argc} {incr idx} { set arg [lindex $argv $idx] switch -glob -- $arg { - -c* - -C* { if {! [ regexp .\[cC\](.+) $arg ignore command]} { @@ -789,6 +808,9 @@ for {set idx 0} {$idx < $argc} {incr idx} { set command [ lindex $argv $idx ] } set do_command 1 + # Expect debug mode + } -d* { + exp_internal 1 # Environment variable to pass to -s scripts } -E* { @@ -877,8 +899,10 @@ if { $idx == $argc } { } # main loop +set exitval 0 foreach router [lrange $argv $idx end] { -set router [string tolower $router] + set router [string tolower $router] + send_user -- "$router\n" # Figure out passwords if {$verbose == 1} { @@ -940,6 +964,7 @@ set router [string tolower $router] # Login to the router, set my_prompt to router's cmd prompt if {[login $router $user $userpswd $passwd $enapasswd ]} { + incr exitval if { $verbose == 1 } { puts "DEBUG: login to $router failed\n" } @@ -952,6 +977,7 @@ set router [string tolower $router] if { $enable == 1 } { if { [do_enable $enauser $enapasswd $userpswd] == 1} { + incr exitval if { $verbose == 1 } { puts "DEBUG: switch to enable mode on $router failed\n" } @@ -969,7 +995,8 @@ set router [string tolower $router] } if {[ run_commands $my_prompt $command ]} { - log_file + incr exitval + log_file exit 1 } else { logout $my_prompt @@ -1010,7 +1037,9 @@ set router [string tolower $router] log_file strip_log $output_file $router } -} -# puts "\n" -exit 0 + # End of for each router + catch {wait}; + sleep 0.3 +} +exit $exitval diff --git a/bin/rivrancid.in b/bin/rivrancid.in index d6625b6..0e86994 100644 --- a/bin/rivrancid.in +++ b/bin/rivrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: rivrancid.in,v 1.17 2006/10/05 04:27:44 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Amazingly hacked version of Hank's rancid - this one tries to # deal with Cabletron, Riverstone and Enterasys routers/switches # @@ -45,7 +65,9 @@ $found_end = 0; $timeo = 90; # rivlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -219,7 +241,7 @@ sub ShowActive { next; } - if (/^(snmp set community )\S+/ && defined($ENV{'NOCOMMSTR'})) { + if (/^(snmp set community )\S+/ && $filter_commstr) { ProcessHistory("","","","! $1$'"); next; } @@ -276,13 +298,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: riverstone\n!\n"); diff --git a/bin/rrancid.in b/bin/rrancid.in index 87ea7c4..78eb000 100644 --- a/bin/rrancid.in +++ b/bin/rrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: rrancid.in,v 1.26 2006/10/05 04:27:44 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # hacked version of Hank's rancid - this one tries to deal with redbacks. # # RANCID - Really Awesome New Cisco confIg Differ @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -251,10 +273,10 @@ sub WriteTerm { s/\$(Revision|Id):/ $1:/; # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # prune snmp community statements if (/^snmp (group|community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort","$_","!snmp $1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next; @@ -337,13 +359,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: redback\n!\n"); diff --git a/bin/srancid.in b/bin/srancid.in index 63c2e92..b59917c 100755 --- a/bin/srancid.in +++ b/bin/srancid.in @@ -1,23 +1,47 @@ #! @PERLV_PATH@ ## -## Pretty huge hack to take care of Dell Switch configs -## d_pfleger@juniper.net +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Henry Kilmer. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## fee for non-commerical purposes provided that this copyright notice -## preserved intact on all copies and modified copies. -## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# Pretty huge hack to take care of Dell (aka. SMC) Switch configs; started by +# d_pfleger@juniper.net # # RANCID - Really Awesome New Cisco confIg Differ # @@ -37,7 +61,9 @@ $found_end = 0; $timeo = 90; # hlogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -262,7 +288,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^(snmp-server host) (\d+\.\d+\.\d+\.\d+) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERHOST","ipsort", "$2","!$1 $2 $'"); } else { @@ -271,9 +297,9 @@ sub WriteTerm { next; } if (/^(snmp-server community) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSERVERCOMM","keysort", - "$_","!$1 $'") && next; + "$_","!$1 $'") && next; } else { ProcessHistory("SNMPSERVERCOMM","keysort","$2","$_") && next; } @@ -337,6 +363,17 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 0; @@ -346,7 +383,7 @@ if ($ENV{"FILTER_PWDS"} =~ /no/i) { $filter_pwds = 1; } -ProcessHistory("","","","!RANCID-CONTENT-TYPE: dell\n!\n"); +ProcessHistory("","","","!RANCID-CONTENT-TYPE: smc\n!\n"); ProcessHistory("COMMENTS","keysort","A0","!\n"); ProcessHistory("COMMENTS","keysort","B0","!\n"); ProcessHistory("COMMENTS","keysort","C0","!\n"); diff --git a/bin/tntlogin.in b/bin/tntlogin.in index 57fbfc0..16a742e 100644 --- a/bin/tntlogin.in +++ b/bin/tntlogin.in @@ -1,31 +1,51 @@ #! @EXPECT_PATH@ -- ## -## $Id: tntlogin.in,v 1.22 2006/12/05 16:50:53 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# -# The login expect scripts were based on Erik Sherk's gwtn, by permission. -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# +# The expect login scripts were based on Erik Sherk's gwtn, by permission. +# # Modified by P B Matthews. # Usage line -set usage "Usage: $argv0 \[-c command\] \ +set usage "Usage: $argv0 \[-dV\] \[-c command\] \ \[-Evar=x\] \[-f cloginrc-file\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-x command-file\] \ @@ -77,8 +97,11 @@ for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { + # Expect debug mode + -d* { + exp_internal 1 # Username - -u* - + } -u* - -U* { if {! [ regexp .\[uU\](.+) $arg ignore user]} { incr i @@ -310,7 +333,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect_after { timeout { send_user "\nError: TIMEOUT reached\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -318,7 +341,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { } } eof { send_user "\nError: EOF received\n" - catch {close}; wait + catch {close}; catch {wait}; if { $in_proc} { return 1 } else { @@ -329,7 +352,7 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { expect { "Connection refused" { - close; wait + catch {close}; catch {wait}; sleep 0.3 expect eof send_user "\nError: Connection Refused\n"; wait; return 1 @@ -376,10 +399,10 @@ proc login { router user userpswd passwd prompt cmethod cyphertype } { exp_continue } "Password incorrect" { send_user "\nError: Check your password for $router\n"; - catch {close}; wait; return 1 } + catch {close}; catch {wait}; return 1 } -re "$prompt" { break; } denied { send_user "\nError: Check your passwd for $router\n" - catch {close}; wait; return 1 + catch {close}; catch {wait}; return 1 } "\r\n" { exp_continue; } } @@ -428,7 +451,7 @@ proc run_commands { prompt command } { } "\n" { exp_continue } "\[^\n\r *]*Session terminated" { return 0 } - timeout { catch {close}; wait + timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } @@ -441,6 +464,7 @@ proc run_commands { prompt command } { # source_password_file $password_file set in_proc 0 +set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" @@ -513,19 +537,20 @@ foreach router [lrange $argv $i end] { # Login to the router if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { + incr exitval continue } if { $do_command } { if {[run_commands $prompt $command]} { - continue + incr exitval + continue } } elseif { $do_script } { -# send "lines 0\r" expect -re $prompt {} source $sfile send "y\r" - close + catch {close}; } else { label $router log_user 1 @@ -533,7 +558,7 @@ foreach router [lrange $argv $i end] { } # End of for each router - wait + catch {wait}; sleep 0.3 } -exit 0 +exit $exitval diff --git a/bin/tntrancid.in b/bin/tntrancid.in index e16d57b..748f532 100644 --- a/bin/tntrancid.in +++ b/bin/tntrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: tntrancid.in,v 1.17 2006/10/05 04:27:44 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # Modified by Paul B Matthews & Richard Vander Reyden. # I'm suprised it still works.... # @@ -44,7 +64,9 @@ $prompt = "admin> "; $always_y = "y"; # cause its a pain. my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -229,13 +251,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","#RANCID-CONTENT-TYPE: tnt\n#\n"); diff --git a/bin/xrancid.in b/bin/xrancid.in index 96b99ef..130bf06 100644 --- a/bin/xrancid.in +++ b/bin/xrancid.in @@ -1,25 +1,45 @@ #! @PERLV_PATH@ ## -## $Id: xrancid.in,v 1.41 2006/10/05 04:27:44 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. -## -# +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. +# # RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-dV] [-l] [-f filename | hostname] @@ -39,7 +59,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -274,6 +296,7 @@ sub ShowSwitch { # This routine processes a "write term" sub WriteTerm { + my($lines) = 0; print STDERR " In WriteTerm: $_" if ($debug); my($comment) = 1; # strip extra comments, esp to preserve chassis type @@ -301,6 +324,7 @@ sub WriteTerm { } else { $comment = 0; } + $lines++; # Dog gone Cool matches to process the rest of the config # some chassis report their chassis type in show diag...oh, but @@ -342,7 +366,7 @@ sub WriteTerm { # configure snmp add trapreceiver a.b.c.d if (/^(configure snmp add trapreceiver )(\d+\.\d+\.\d+\.\d+) (community) \S+/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSVRHOST","ipsort","$2","# $1$2 $3 $'\n"); } else { ProcessHistory("SNMPSVRHOST","ipsort","$2","$_\n"); @@ -350,7 +374,7 @@ sub WriteTerm { next; } if (/^(configure snmp community (readonly|readwrite)( encrypted)?) (\S+)/) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { ProcessHistory("SNMPSVRCOMM","keysort","$_","#$1 $'"); next; } else { @@ -372,6 +396,13 @@ sub WriteTerm { return(0); } } + + if ($lines < 3) { + printf(STDERR "ERROR: $host configuration appears to be truncated.\n"); + $found_end = 0; + return(-1); + } + return(0); } @@ -425,13 +456,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","#RANCID-CONTENT-TYPE: extreme\n#\n"); @@ -462,7 +504,7 @@ TOP: while() { if (!defined($prompt)) { $prompt = ($_ =~ /^([^#]+#)/)[0]; $prompt =~ s/([][}{)(\\])/\\$1/g; - $prompt =~ s/[:.](\d+ ?)#/:\\d+ ?#/; + $prompt =~ s/[:.](\d+ ?)#/[:.]\\d+ ?#/; $prompt =~ s/\*/\\\*/; print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); } diff --git a/bin/zrancid.in b/bin/zrancid.in index c8a926f..197c323 100755 --- a/bin/zrancid.in +++ b/bin/zrancid.in @@ -1,24 +1,44 @@ #! @PERLV_PATH@ ## -## $Id: zrancid.in,v 1.14 2006/10/05 04:27:44 heas Exp $ +## $Id$ ## ## @PACKAGE@ @VERSION@ -## Copyright (C) 1997-2006 by Terrapin Communications, Inc. +## Copyright (c) 1997-2007 by Terrapin Communications, Inc. ## All rights reserved. ## -## This software may be freely copied, modified and redistributed -## without fee for non-commerical purposes provided that this license -## remains intact and unmodified with any RANCID distribution. +## This code is derived from software contributed to and maintained by +## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, +## Pete Whiting, Austin Schutz, and Andrew Fort. ## -## There is no warranty or other guarantee of fitness of this software. -## It is provided solely "as is". The author(s) disclaim(s) all -## responsibility and liability with respect to this software's usage -## or its effect upon hardware, computer systems, other software, or -## anything else. -## -## Except where noted otherwise, rancid was written by and is maintained by -## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by Terrapin Communications, +## Inc. and its contributors for RANCID. +## 4. Neither the name of Terrapin Communications, Inc. nor the names of its +## contributors may be used to endorse or promote products derived from +## this software without specific prior written permission. +## 5. It is requested that non-binding fixes and modifications be contributed +## back to Terrapin Communications, Inc. ## +## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS +## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS +## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +## POSSIBILITY OF SUCH DAMAGE. # # This version of rancid tries to deal with zebra s/w. # @@ -41,7 +61,9 @@ $found_end = 0; $timeo = 90; # clogin timeout in seconds my(@commandtable, %commands, @commands);# command lists -my(%filter_pwds); # password filtering mode +my($aclsort) = ("ipsort"); # ACL sorting mode +my($filter_commstr); # SNMP community string filtering +my($filter_pwds); # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { @@ -232,7 +254,7 @@ sub WriteTerm { # order access-lists /^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ && - ProcessHistory("ACL $1 $2","ipsort","$3","$_") && next; + ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next; # order logging statements /^logging (\d+\.\d+\.\d+\.\d+)/ && @@ -242,7 +264,7 @@ sub WriteTerm { # we only prune lines of the form # snmp-server host a.b.c.d if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) { - if (defined($ENV{'NOCOMMSTR'})) { + if ($filter_commstr) { my($ip) = $1; my($line) = "snmp-server host $ip"; my(@tokens) = split(' ', $'); @@ -353,13 +375,24 @@ if ($file) { } } +# determine ACL sorting mode +if ($ENV{"ACLSORT"} =~ /no/i) { + $aclsort = ""; +} +# determine community string filtering mode +if (defined($ENV{"NOCOMMSTR"}) && + ($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) { + $filter_commstr = 1; +} else { + $filter_commstr = 0; +} # determine password filtering mode if ($ENV{"FILTER_PWDS"} =~ /no/i) { - $filter_pwds = 0; + $filter_pwds = 0; } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { - $filter_pwds = 2; + $filter_pwds = 2; } else { - $filter_pwds = 1; + $filter_pwds = 1; } ProcessHistory("","","","!RANCID-CONTENT-TYPE: zebra\n!\n"); -- cgit