Re: script to log into cisco csm load balancer

From: Darby Weaver (ccie.weaver@gmail.com)
Date: Thu Jan 22 2009 - 21:58:12 ARST

I feel like that like from Starship Troopers... Do you want to know more?

Anyone interested let me know.. I got a few examples, a few canned scripts,
a few executables, and spent way too much time on this topic over the
years...

On Thu, Jan 22, 2009 at 6:56 PM, Darby Weaver <ccie.weaver@gmail.com> wrote:

> Don't "expect" much if you don't ask the right people.... :)
>
>
>
> Not a bad purchase at only $399
>
> http://www.net-sense.com/
>
> Lots of freebies:
>
> Jim Marinelli wrote:
> > Does anyone know where I can get an SSH application that is a Win32
> > console application? I am trying to port an Expect script that I wrote
> > on a Linux box to my Win XP laptop using ActiveTcl/Expect. The script
> > attempts a Telnet connection to a Cisco devices; if that fails it
> > attempts to connect with SSH. I have the script working with the XP
> > Telnet program but I donb??t have an SSH console program to use.
>
> I use Msys ssh, and there is also one in Putty.
>
> > Incidentally b?? I had to disable DEP for the telnet program to make it
> > work. I used the Windows Application Compatibility Database Tool from
> > Microsoft to turn off DEP just for a copy of Telnet that I keep in the
> > Tcl directory. I had to do the same thing with ping.
>
> Did you notice this:
>
> http://aspn.activestate.com/ASPN/Mail/Message/expect/3635465
>
> Jeff
>
>
> And guys... R-A-N-C-I-D... CiscoWorks, and others... get in and under the
> covers - never know what you might find there...
>
> Exploring Expect by O'Reilly:
>
> http://my.safaribooksonline.com/9781565920903?portal=ciscopress
>
>
>
>
> #!/usr/local/bin/expect
> #
> # rtrcfg.exp -- a script to perform mass configuration changes to
> # a list of routers using Telnet and Expect
> #
> #
> # Set Behavior
> set tftp "172.25.1.1"
> set workingdir /home/cisco/rtr
> #
> puts stdout "Enter user name:"
> gets stdin userid
> system stty -echo
> puts stdout "Enter login password:"
> gets stdin vtypasswd
> puts stdout "\nEnter enable password:"
> gets stdin enablepwd
> system stty echo
> system "cp $workingdir/NEWCONFIG /tftpboot/NEWCONFIG"
> set RTR [open "$workingdir/RTR_LIST" r]
> set LOG [open "$workingdir/RESULT" w]
> while {[gets $RTR router] != -1} {
> if {[ string range $router 0 0 ] != "#"} {
> set timeout 10
> spawn telnet; expect "telnet>"; send "open $router\n"
> expect {
> {Username} { send "$userid\r"
> expect {
> {*Password*} { send "$vtypasswd\r" }
> }
> }
> {Password} { send "$vtypasswd\r" }
> timeout { puts $LOG "$router - telnet failed"
> close; wait; continue
> }
> }
>
> expect {
> {Password} { puts $LOG "$router - vty login failed"
> close; wait; continue
> }
> {Username} { puts $LOG "$router - vty login failed"
> close; wait; continue
> }
> {>} { puts $LOG "$router - vty login ok" }
>
> timeout { puts $LOG "$router - vty login failed"
> close; wait; continue
> }
> }
>
> send "enable\r"
> expect "Password"
> send "$enablepwd\r"
> #
> expect {
> {*#} { puts $LOG "$router - enable login ok" }
>
> {*>} { puts $LOG "$router - enable login failed"
> close; wait; continue
> }
>
> timeout { puts $LOG "$router - enable login failed"
> close; wait; continue
> }
> }
> # CMDs
> set timeout 30
> send "copy tftp://$tftp/NEWCONFIG running-config\r"
> expect "running-config"
> send "\r"
> expect {
> {OK} { puts $LOG "$router - TFTP successful"}
> timeout { puts $LOG "$router - TFTP failed"
> close; wait; continue }
> }
> send "copy running-config startup-config\r\r\r"
> expect {
> {OK} { puts $LOG "$router - config saved"}
> timeout { puts $LOG "$router - config failed"
> close; wait; continue }
> }
> #CMDs
> send "exit\r"; close; wait
> }
> }
> close $RTR; close $LOG
> system "rm /tftpboot/NEWCONFIG"
>
>
>
>
>
>
>
> #! /bin/sh
> # This is a shell archive, meaning:
> # 1. Remove everything above the #! /bin/sh line.
> # 2. Save the resulting text in a file.
> # 3. Execute the file with /bin/sh (not csh) to create the files:
> # ciscocheckpoint
> # ciscoconfigure
> # ciscoget
> # ciscoget.exp
> # ciscologin.expect
> # cleanconfig
> # This archive created: Fri May 3 10:56:52 1991
> export PATH; PATH=/bin:$PATH
> if test -f 'ciscocheckpoint'
> then
> echo shar: will not over-write existing file "'ciscocheckpoint'"
> else
> cat << \SHAR_EOF > 'ciscocheckpoint'
> #!/usr/local/bin/expect -f
> #
> # restart IP accounting statistics
> #
> # args: ciscoget router passwd enablepasswd
> #
>
> set router [index $argv 1]
> set password [index $argv 2]
> set enablepass [index $argv 3]
>
> proc timedout {args} {
> send_user "Expect timed out" $args \n
> exit
> }
>
> source ciscologin.expect
>
> if {[length $argv] < 4} {
> print "Invalid number of arguments\n"
> exit
> }
>
> send_user \n\n\n
> spawn telnet $router
> login $enablepass
> send clear ip accounting\r
> expect *#*
> send QUIT\r
> expect *Closed*
> exit 0
> SHAR_EOF
> chmod +x 'ciscocheckpoint'
> fi # end of overwriting check
> if test -f 'ciscoconfigure'
> then
> echo shar: will not over-write existing file "'ciscoconfigure'"
> else
> cat << \SHAR_EOF > 'ciscoconfigure'
> #!/usr/local/bin/expect -f
> #
> # Fetch configuration information from the specified cisco router
> #
> # args: ciscoget router passwd enablepasswd filename
> #
> set localhost [exec hostname]
> set tftpdir /private/tftpboot
>
> set router [index $argv 1]
> set password [index $argv 2]
> set enablepass [index $argv 3]
> set filename [index $argv 4]
>
> proc timedout {args} {
> send_user "Expect timed out" $args \n
> exit
> }
>
> source ciscologin.expect
>
> if {[length $argv] < 5} {
> print "Invalid number of arguments\n"
> exit
> }
>
> send_user \n\n\n
> spawn telnet $router
> login $enablepass
> send configure network\r
>
> expect {*configuration\ file*\?\ } {} \
> timeout {timedout waiting for config file prompt}
>
> send network\r
> expect {*IP\ address\ of\ remote\ host*\?\ } {} \
> timeout {timedout waiting for remote host prompt}
>
> send $localhost
>
> expect {*configuration\ file*?\ } {} \
> timeout {timedout waiting for filename prompt}
>
> send ${filename}\r
>
> expect {*Configure\ using*\[confirm\]*} {} \
> timeout {timedout waiting for confirm}
>
> send "Y"
>
> expect {*Failed*#} {send_user TFTP get failed\n; exit 1} \
> {*OK*#} {send_user TFTP get succeeded\n}
>
> send "write\r"
> expect {*\[OK\]*} {} \
> timeout {send_user Write failed\n; exit 1}
> send QUIT\r
> expect *Closed*
> exit 0
> SHAR_EOF
> chmod +x 'ciscoconfigure'
> fi # end of overwriting check
> if test -f 'ciscoget'
> then
> echo shar: will not over-write existing file "'ciscoget'"
> else
> cat << \SHAR_EOF > 'ciscoget'
> #!/bin/sh
> tftpdir=/private/tftpboot
> export tftpdir
> ciscoget.exp cschub-gw Password EnablePassword cschub-gw
> ciscoget.exp dcs1hub-gw Password EnablePassword dcs1hub-gw
> ciscoget.exp dcs2hub-gw Password EnablePassword dcs2hub-gw
> ciscoget.exp sdnhub-gw Password EnablePassword sdnhub-gw
> ciscoget.exp madhub-gw Password EnablePassword madhub-gw
> ciscoget.exp avwhub-gw Password EnablePassword avwhub-gw
> ciscoget.exp rchhub-gw Password EnablePassword rchhub-gw
>
>
> SHAR_EOF
> chmod +x 'ciscoget'
> fi # end of overwriting check
> if test -f 'ciscoget.exp'
> then
> echo shar: will not over-write existing file "'ciscoget.exp'"
> else
> cat << \SHAR_EOF > 'ciscoget.exp'
> #!/usr/local/bin/expect -f
> #
> # Fetch configuration information from the specified cisco router
> #
> # args: ciscoget router passwd enablepasswd filename
> #
> set localhost [exec hostname]
> set tftpdir /private/tftpboot
> set archivedir /n/netmap/HUBS/config
>
> set router [index $argv 1]
> set password [index $argv 2]
> set enablepass [index $argv 3]
> set filename [index $argv 4]
>
> proc timedout {args} {
> send_user "Expect timed out" $args \n
> exit
> }
>
> source ciscologin.expect
>
> if {[length $argv] < 5} {
> print "Invalid number of arguments\n"
> exit
> }
>
> spawn telnet $router
> login $enablepass
> send write network\r
>
> expect {*Remote\ host*\?\ } {} \
> timeout {timedout waiting for Remote host prompt}
>
> send ${localhost}
>
> expect {*write*?*} {} \
> timeout {timedout waiting for filename prompt}
>
> if {[file ${tftpdir}/${filename} exists]} {
> if {[file ${tftpdir}/${filename}.old exists]} {
> if {[file ${tftpdir}/${filename}.old isfile] == 0} {
> send_user "${tftpdir}/${filename}.old: Not a plain file\n"
> exit 1
> }
> system rm -f ${tftpdir}/${filename}.old
> }
> system mv -f ${tftpdir}/${filename} ${tftpdir}/${filename}.old
> }
> system touch ${tftpdir}/${filename}
> system chmod 666 ${tftpdir}/${filename}
>
>
> send ${filename}\r
> expect {*Write\ file*\[confirm\]*} {} \
> timeout {timed out waiting for confirm}
>
> send "Y"
> expect {*Failed*#} {set failed 1; send_user \nTFTP Write failed\n} \
> {*OK*#} {set failed 0; send_user \nTFTP Write succeeded\n}
>
> send QUIT\r
> if {$failed == 0} {
> system cp ${tftpdir}/${filename} ${archivedir}/${filename}
> send_user "Saved configuration.. "
> }
> system cleanconfig ${tftpdir}/${filename}
> send_user " cleaned configuration\n"
> exit
> SHAR_EOF
> chmod +x 'ciscoget.exp'
> fi # end of overwriting check
> if test -f 'ciscologin.expect'
> then
> echo shar: will not over-write existing file "'ciscologin.expect'"
> else
> cat << \SHAR_EOF > 'ciscologin.expect'
>
> proc login {args} {
> global password
> global enablepass
>
> expect {*Password:*} {} \
> timeout {timedout waiting for password prompt}
> # ugly!
> system sleep 1
> send ${password}\r
> expect {*Password:*} {send_user Bad password\n; exit} \
> {*>} {} \
> timeout {timedout waiting for login prompt}
>
> if {[length $args]} {
> send enable\r
> expect {*Password:*} {} \
> timeout {timedout waiting for enable password prompt; exit}
> # ugly!
> system sleep 1
> send [index $args 0]\r
> expect {*#} {} \
> {*Password:*} {send_user Wrong enable password\n; exit} \
> timeout {timedout waiting for enabled prompt; exit}
> }
> }
>
> SHAR_EOF
> fi # end of overwriting check
> if test -f 'cleanconfig'
> then
> echo shar: will not over-write existing file "'cleanconfig'"
> else
> cat << \SHAR_EOF > 'cleanconfig'
> #!/usr/bin/perl
>
> $file = $ARGV[0];
> $newfile = $file . ".new";
> die "No file specified\n" unless $file;
>
> open(CFG, "<$file") || die "Can't open $file\n";
> open(NEWCFG, ">$newfile") || die "Can't open $newfile\n";
>
> print NEWCFG <<"EOM";
> !
> ! Note: this file ($file) has had the passwords removed for
> ! security reasons.
> !
> EOM
> while (<CFG>) {
> if (/^(enable-password|password)\s+/) {
> print NEWCFG "! $1 CENSORED\n";
> next;
> }
> print NEWCFG;
> }
> close(CFG);
> close(NEWCFG);
>
> rename($newfile, $file) || die "Can't rename $newfile to $file: $!\n";
>
> SHAR_EOF
> chmod +x 'cleanconfig'
> fi # end of overwriting check
> # End of shell archive
> exit 0
>
> Look for Matt Crawford of FERMILAB, available from Cisco's ftp.cisco.com.
> They're in pub/cisco-expect.shar.
>
>
> On Thu, Jan 22, 2009 at 4:16 PM, shiran guez <shiranp3@gmail.com> wrote:
>
>> As I say don't "expect" too much :-)
>>
>>
>>
>>
>> On Thu, Jan 22, 2009 at 7:36 PM, Tyson Scott <tscott@ipexpert.com> wrote:
>>
>> > testing,
>> >
>> > I am going to have to do a little defending here ;-) There is nothing
>> more
>> > simple and powerful than expect in network administration. There is a
>> > reason Cisco put TCL on the routers. And expect is an
>> extension/improvement
>> > upon TCL. The downfall of expect, (I will admit), is there are not a
>> lot of
>> > good examples out there on it and there is only one reference book,
>> written
>> > by Don Libes (The person that developed expect). Over half the people
>> that
>> > use expect aren't even familiar with how powerful of a tool it is.
>> >
>> >
>> >
>> > #!/usr/bin/expect
>> >
>> >
>> >
>> > spawn telnet <hostname>
>> >
>> > expect {
>> >
>> > "Username:" {
>> >
>> > send "<username>\r"
>> >
>> > exp_continue
>> >
>> > }
>> >
>> > "Password:" {
>> >
>> > send "<password>\r"
>> >
>> > exp_continue
>> >
>> > }
>> >
>> > ">" {
>> >
>> > send "enable\r<enablepass>\r"
>> >
>> > exp_continue
>> >
>> > }
>> >
>> > "#" {
>> >
>> > send "show ip interface brief | exclude
>> > unav\r"
>> >
>> > expect "show ip interface brief |
>> exclude
>> > unav"
>> >
>> > expect "#" { send "exit\r" }
>> >
>> > expect "Connection closed by foreign host"
>> >
>> > }
>> >
>> > expect eof
>> >
>> >
>> >
>> > I have shown a very brief and simple expect script. You can build in a
>> lot
>> > more error checking functionality into this that would greatly improve
>> the
>> > functionality of the script. As is seen it will continue to loop thru
>> > username/password until it gets to the enable prompt and then it will
>> issue
>> > the commands needed.
>> >
>> >
>> >
>> > Regards,
>> >
>> >
>> >
>> > Tyson Scott - CCIE #13513 R&S and Security
>> >
>> > Technical Instructor - IPexpert, Inc.
>> >
>> >
>> > Telephone: +1.810.326.1444
>> > Cell: +1.248.504.7309
>> > Fax: +1.810.454.0130
>> > Mailto: tscott@ipexpert.com
>> >
>> >
>> >
>> >
>> >
>> > *From:* shiran guez [mailto:shiranp3@gmail.com]
>> > *Sent:* Thursday, January 22, 2009 11:02 AM
>> > *To:* Tyson Scott
>> > *Cc:* testing testing123; ccielab@groupstudy.com
>> > *Subject:* Re: script to log into cisco csm load balancer
>> >
>> >
>> >
>> > I use python as it is more flexible then expect and much easy syntax
>> then
>> > perl here is an real small exmple but you can actually do what you
>> described
>> > you need in not much more code lines:
>> >
>> > ============================================================
>> >
>> > #!/usr/bin/python
>> >
>> >
>> >
>> > import getpass
>> > import sys
>> > import telnetlib
>> >
>> >
>> >
>> > HOST = raw_input("Enter your remote address: ")
>> > user = "user"
>> > password = "pass"
>> > enable = "enapass"
>> >
>> > tn = telnetlib.Telnet(HOST)
>> >
>> > tn.read_until("Username: ")
>> > tn.write(user + "\n")
>> > if password:
>> > tn.read_until("Password: ")
>> > tn.write(password + "\n")
>> >
>> > tn.write("enable\n")
>> > if password:
>> > tn.read_until("Password: ")
>> > tn.write(enable + "\n")
>> > tn.write("show ip int b | ex una\n")
>> > tn.write("exit\n")
>> >
>> > print tn.read_all()
>> >
>> > ========================================================
>> >
>> >
>> >
>> >
>> >
>> > Good luck
>> >
>> > On Wed, Jan 21, 2009 at 1:02 AM, Tyson Scott <tscott@ipexpert.com>
>> wrote:
>> >
>> > Perl or Expect will provide you the greatest functionality and
>> > customization
>> > in my opinion. Perl has a lot more examples that you can easily obtain
>> off
>> > of the internet. Expect is a great tool for network admins.
>> >
>> > Regards,
>> >
>> > Tyson Scott - CCIE #13513 R&S and Security
>> > Technical Instructor - IPexpert, Inc.
>> >
>> > Telephone: +1.810.326.1444
>> > Cell: +1.248.504.7309
>> > Fax: +1.810.454.0130
>> > Mailto: tscott@ipexpert.com
>> >
>> >
>> >
>> > -----Original Message-----
>> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>> > testing testing123
>> > Sent: Tuesday, January 20, 2009 5:27 PM
>> > To: ccielab@groupstudy.com
>> > Subject: script to log into cisco csm load balancer
>> >
>> > What language should I use to write a script to log into my cisco csm
>> > load balancer and check the usage ? The place I work for doesn't have
>> > any industry tools like HP Openview, CIscoworks, solarwinds, or
>> > anything like that. I want it to log into the csm once every half
>> > hour and check the connections of the serverfarms and export it to a
>> > spreadsheet that will automatically graph that data.
>> >
>> > thanks
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> >
>> _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > --
>> > Shiran Guez
>> > MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>> > http://cciep3.blogspot.com
>> > http://www.linkedin.com/in/cciep3
>> >
>>
>>
>>
>> --
>> Shiran Guez
>> MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>> http://cciep3.blogspot.com
>> http://www.linkedin.com/in/cciep3
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:39 ARST