From: Darby Weaver (ccie.weaver@gmail.com)
Date: Thu Jan 22 2009 - 22:05:31 ARST
*An expect script to automatiaclly log into cisco routers.*
#!/usr/bin/expect
set timeout 5
set hostname [lindex $argv 0]
set username "username"
set password "password"
set enablepassword "password"
spawn telnet $hostname
expect "Username:" {
send "$username\n"
expect "Password:"
send "$password\n"
expect ">" {
send "en\n"
expect "Password:"
send "$enablepassword\n"
}
interact
}
On Thu, Jan 22, 2009 at 6:58 PM, Darby Weaver <ccie.weaver@gmail.com> wrote:
> I feel like that like from Starship Troopers... Do you want to know more?
>
> Anyone interested let me know.. I got a few examples, a few canned
> scripts, a few executables, and spent way too much time on this topic over
> the years...
>
>
>
>
>
>
> On Thu, Jan 22, 2009 at 6:56 PM, Darby Weaver <ccie.weaver@gmail.com>wrote:
>
>> Don't "expect" much if you don't ask the right people.... :)
>>
>>
>>
>> Not a bad purchase at only $399
>>
>> http://www.net-sense.com/
>>
>> Lots of freebies:
>>
>> Jim Marinelli wrote:
>> > Does anyone know where I can get an SSH application that is a Win32
>> > console application? I am trying to port an Expect script that I wrote
>> > on a Linux box to my Win XP laptop using ActiveTcl/Expect. The script
>> > attempts a Telnet connection to a Cisco devices; if that fails it
>> > attempts to connect with SSH. I have the script working with the XP
>> > Telnet program but I donb??t have an SSH console program to use.
>>
>> I use Msys ssh, and there is also one in Putty.
>>
>> > Incidentally b?? I had to disable DEP for the telnet program to make it
>> > work. I used the Windows Application Compatibility Database Tool from
>> > Microsoft to turn off DEP just for a copy of Telnet that I keep in the
>> > Tcl directory. I had to do the same thing with ping.
>>
>> Did you notice this:
>>
>> http://aspn.activestate.com/ASPN/Mail/Message/expect/3635465
>>
>> Jeff
>>
>>
>> And guys... R-A-N-C-I-D... CiscoWorks, and others... get in and under the
>> covers - never know what you might find there...
>>
>> Exploring Expect by O'Reilly:
>>
>> http://my.safaribooksonline.com/9781565920903?portal=ciscopress
>>
>>
>>
>>
>> #!/usr/local/bin/expect
>> #
>> # rtrcfg.exp -- a script to perform mass configuration changes to
>> # a list of routers using Telnet and Expect
>> #
>> #
>> # Set Behavior
>> set tftp "172.25.1.1"
>> set workingdir /home/cisco/rtr
>> #
>> puts stdout "Enter user name:"
>> gets stdin userid
>> system stty -echo
>> puts stdout "Enter login password:"
>> gets stdin vtypasswd
>> puts stdout "\nEnter enable password:"
>> gets stdin enablepwd
>> system stty echo
>> system "cp $workingdir/NEWCONFIG /tftpboot/NEWCONFIG"
>> set RTR [open "$workingdir/RTR_LIST" r]
>> set LOG [open "$workingdir/RESULT" w]
>> while {[gets $RTR router] != -1} {
>> if {[ string range $router 0 0 ] != "#"} {
>> set timeout 10
>> spawn telnet; expect "telnet>"; send "open $router\n"
>> expect {
>> {Username} { send "$userid\r"
>> expect {
>> {*Password*} { send "$vtypasswd\r"
>> }
>> }
>> }
>> {Password} { send "$vtypasswd\r" }
>> timeout { puts $LOG "$router - telnet failed"
>> close; wait; continue
>> }
>> }
>>
>> expect {
>> {Password} { puts $LOG "$router - vty login failed"
>> close; wait; continue
>> }
>> {Username} { puts $LOG "$router - vty login failed"
>> close; wait; continue
>> }
>> {>} { puts $LOG "$router - vty login ok" }
>>
>> timeout { puts $LOG "$router - vty login failed"
>> close; wait; continue
>> }
>> }
>>
>> send "enable\r"
>> expect "Password"
>> send "$enablepwd\r"
>> #
>> expect {
>> {*#} { puts $LOG "$router - enable login ok" }
>>
>> {*>} { puts $LOG "$router - enable login failed"
>> close; wait; continue
>> }
>>
>> timeout { puts $LOG "$router - enable login failed"
>> close; wait; continue
>> }
>> }
>> # CMDs
>> set timeout 30
>> send "copy tftp://$tftp/NEWCONFIG running-config\r"
>> expect "running-config"
>> send "\r"
>> expect {
>> {OK} { puts $LOG "$router - TFTP successful"}
>> timeout { puts $LOG "$router - TFTP failed"
>> close; wait; continue }
>> }
>> send "copy running-config startup-config\r\r\r"
>> expect {
>> {OK} { puts $LOG "$router - config saved"}
>> timeout { puts $LOG "$router - config failed"
>> close; wait; continue }
>> }
>> #CMDs
>> send "exit\r"; close; wait
>> }
>> }
>> close $RTR; close $LOG
>> system "rm /tftpboot/NEWCONFIG"
>>
>>
>>
>>
>>
>>
>>
>> #! /bin/sh
>> # This is a shell archive, meaning:
>> # 1. Remove everything above the #! /bin/sh line.
>> # 2. Save the resulting text in a file.
>> # 3. Execute the file with /bin/sh (not csh) to create the files:
>> # ciscocheckpoint
>> # ciscoconfigure
>> # ciscoget
>> # ciscoget.exp
>> # ciscologin.expect
>> # cleanconfig
>> # This archive created: Fri May 3 10:56:52 1991
>> export PATH; PATH=/bin:$PATH
>> if test -f 'ciscocheckpoint'
>> then
>> echo shar: will not over-write existing file "'ciscocheckpoint'"
>> else
>> cat << \SHAR_EOF > 'ciscocheckpoint'
>> #!/usr/local/bin/expect -f
>> #
>> # restart IP accounting statistics
>> #
>> # args: ciscoget router passwd enablepasswd
>> #
>>
>> set router [index $argv 1]
>> set password [index $argv 2]
>> set enablepass [index $argv 3]
>>
>> proc timedout {args} {
>> send_user "Expect timed out" $args \n
>> exit
>> }
>>
>> source ciscologin.expect
>>
>> if {[length $argv] < 4} {
>> print "Invalid number of arguments\n"
>> exit
>> }
>>
>> send_user \n\n\n
>> spawn telnet $router
>> login $enablepass
>> send clear ip accounting\r
>> expect *#*
>> send QUIT\r
>> expect *Closed*
>> exit 0
>> SHAR_EOF
>> chmod +x 'ciscocheckpoint'
>> fi # end of overwriting check
>> if test -f 'ciscoconfigure'
>> then
>> echo shar: will not over-write existing file "'ciscoconfigure'"
>> else
>> cat << \SHAR_EOF > 'ciscoconfigure'
>> #!/usr/local/bin/expect -f
>> #
>> # Fetch configuration information from the specified cisco router
>> #
>> # args: ciscoget router passwd enablepasswd filename
>> #
>> set localhost [exec hostname]
>> set tftpdir /private/tftpboot
>>
>> set router [index $argv 1]
>> set password [index $argv 2]
>> set enablepass [index $argv 3]
>> set filename [index $argv 4]
>>
>> proc timedout {args} {
>> send_user "Expect timed out" $args \n
>> exit
>> }
>>
>> source ciscologin.expect
>>
>> if {[length $argv] < 5} {
>> print "Invalid number of arguments\n"
>> exit
>> }
>>
>> send_user \n\n\n
>> spawn telnet $router
>> login $enablepass
>> send configure network\r
>>
>> expect {*configuration\ file*\?\ } {} \
>> timeout {timedout waiting for config file prompt}
>>
>> send network\r
>> expect {*IP\ address\ of\ remote\ host*\?\ } {} \
>> timeout {timedout waiting for remote host prompt}
>>
>> send $localhost
>>
>> expect {*configuration\ file*?\ } {} \
>> timeout {timedout waiting for filename prompt}
>>
>> send ${filename}\r
>>
>> expect {*Configure\ using*\[confirm\]*} {} \
>> timeout {timedout waiting for confirm}
>>
>> send "Y"
>>
>> expect {*Failed*#} {send_user TFTP get failed\n; exit 1} \
>> {*OK*#} {send_user TFTP get succeeded\n}
>>
>> send "write\r"
>> expect {*\[OK\]*} {} \
>> timeout {send_user Write failed\n; exit 1}
>> send QUIT\r
>> expect *Closed*
>> exit 0
>> SHAR_EOF
>> chmod +x 'ciscoconfigure'
>> fi # end of overwriting check
>> if test -f 'ciscoget'
>> then
>> echo shar: will not over-write existing file "'ciscoget'"
>> else
>> cat << \SHAR_EOF > 'ciscoget'
>> #!/bin/sh
>> tftpdir=/private/tftpboot
>> export tftpdir
>> ciscoget.exp cschub-gw Password EnablePassword cschub-gw
>> ciscoget.exp dcs1hub-gw Password EnablePassword dcs1hub-gw
>> ciscoget.exp dcs2hub-gw Password EnablePassword dcs2hub-gw
>> ciscoget.exp sdnhub-gw Password EnablePassword sdnhub-gw
>> ciscoget.exp madhub-gw Password EnablePassword madhub-gw
>> ciscoget.exp avwhub-gw Password EnablePassword avwhub-gw
>> ciscoget.exp rchhub-gw Password EnablePassword rchhub-gw
>>
>>
>> SHAR_EOF
>> chmod +x 'ciscoget'
>> fi # end of overwriting check
>> if test -f 'ciscoget.exp'
>> then
>> echo shar: will not over-write existing file "'ciscoget.exp'"
>> else
>> cat << \SHAR_EOF > 'ciscoget.exp'
>> #!/usr/local/bin/expect -f
>> #
>> # Fetch configuration information from the specified cisco router
>> #
>> # args: ciscoget router passwd enablepasswd filename
>> #
>> set localhost [exec hostname]
>> set tftpdir /private/tftpboot
>> set archivedir /n/netmap/HUBS/config
>>
>> set router [index $argv 1]
>> set password [index $argv 2]
>> set enablepass [index $argv 3]
>> set filename [index $argv 4]
>>
>> proc timedout {args} {
>> send_user "Expect timed out" $args \n
>> exit
>> }
>>
>> source ciscologin.expect
>>
>> if {[length $argv] < 5} {
>> print "Invalid number of arguments\n"
>> exit
>> }
>>
>> spawn telnet $router
>> login $enablepass
>> send write network\r
>>
>> expect {*Remote\ host*\?\ } {} \
>> timeout {timedout waiting for Remote host prompt}
>>
>> send ${localhost}
>>
>> expect {*write*?*} {} \
>> timeout {timedout waiting for filename prompt}
>>
>> if {[file ${tftpdir}/${filename} exists]} {
>> if {[file ${tftpdir}/${filename}.old exists]} {
>> if {[file ${tftpdir}/${filename}.old isfile] == 0} {
>> send_user "${tftpdir}/${filename}.old: Not a plain file\n"
>> exit 1
>> }
>> system rm -f ${tftpdir}/${filename}.old
>> }
>> system mv -f ${tftpdir}/${filename} ${tftpdir}/${filename}.old
>> }
>> system touch ${tftpdir}/${filename}
>> system chmod 666 ${tftpdir}/${filename}
>>
>>
>> send ${filename}\r
>> expect {*Write\ file*\[confirm\]*} {} \
>> timeout {timed out waiting for confirm}
>>
>> send "Y"
>> expect {*Failed*#} {set failed 1; send_user \nTFTP Write failed\n} \
>> {*OK*#} {set failed 0; send_user \nTFTP Write succeeded\n}
>>
>> send QUIT\r
>> if {$failed == 0} {
>> system cp ${tftpdir}/${filename} ${archivedir}/${filename}
>> send_user "Saved configuration.. "
>> }
>> system cleanconfig ${tftpdir}/${filename}
>> send_user " cleaned configuration\n"
>> exit
>> SHAR_EOF
>> chmod +x 'ciscoget.exp'
>> fi # end of overwriting check
>> if test -f 'ciscologin.expect'
>> then
>> echo shar: will not over-write existing file "'ciscologin.expect'"
>> else
>> cat << \SHAR_EOF > 'ciscologin.expect'
>>
>> proc login {args} {
>> global password
>> global enablepass
>>
>> expect {*Password:*} {} \
>> timeout {timedout waiting for password prompt}
>> # ugly!
>> system sleep 1
>> send ${password}\r
>> expect {*Password:*} {send_user Bad password\n; exit} \
>> {*>} {} \
>> timeout {timedout waiting for login prompt}
>>
>> if {[length $args]} {
>> send enable\r
>> expect {*Password:*} {} \
>> timeout {timedout waiting for enable password prompt; exit}
>> # ugly!
>> system sleep 1
>> send [index $args 0]\r
>> expect {*#} {} \
>> {*Password:*} {send_user Wrong enable password\n; exit} \
>> timeout {timedout waiting for enabled prompt; exit}
>> }
>> }
>>
>> SHAR_EOF
>> fi # end of overwriting check
>> if test -f 'cleanconfig'
>> then
>> echo shar: will not over-write existing file "'cleanconfig'"
>> else
>> cat << \SHAR_EOF > 'cleanconfig'
>> #!/usr/bin/perl
>>
>> $file = $ARGV[0];
>> $newfile = $file . ".new";
>> die "No file specified\n" unless $file;
>>
>> open(CFG, "<$file") || die "Can't open $file\n";
>> open(NEWCFG, ">$newfile") || die "Can't open $newfile\n";
>>
>> print NEWCFG <<"EOM";
>> !
>> ! Note: this file ($file) has had the passwords removed for
>> ! security reasons.
>> !
>> EOM
>> while (<CFG>) {
>> if (/^(enable-password|password)\s+/) {
>> print NEWCFG "! $1 CENSORED\n";
>> next;
>> }
>> print NEWCFG;
>> }
>> close(CFG);
>> close(NEWCFG);
>>
>> rename($newfile, $file) || die "Can't rename $newfile to $file: $!\n";
>>
>> SHAR_EOF
>> chmod +x 'cleanconfig'
>> fi # end of overwriting check
>> # End of shell archive
>> exit 0
>>
>> Look for Matt Crawford of FERMILAB, available from Cisco's ftp.cisco.com.
>> They're in pub/cisco-expect.shar.
>>
>>
>> On Thu, Jan 22, 2009 at 4:16 PM, shiran guez <shiranp3@gmail.com>wrote:
>>
>>> As I say don't "expect" too much :-)
>>>
>>>
>>>
>>>
>>> On Thu, Jan 22, 2009 at 7:36 PM, Tyson Scott <tscott@ipexpert.com>
>>> wrote:
>>>
>>> > testing,
>>> >
>>> > I am going to have to do a little defending here ;-) There is nothing
>>> more
>>> > simple and powerful than expect in network administration. There is a
>>> > reason Cisco put TCL on the routers. And expect is an
>>> extension/improvement
>>> > upon TCL. The downfall of expect, (I will admit), is there are not a
>>> lot of
>>> > good examples out there on it and there is only one reference book,
>>> written
>>> > by Don Libes (The person that developed expect). Over half the people
>>> that
>>> > use expect aren't even familiar with how powerful of a tool it is.
>>> >
>>> >
>>> >
>>> > #!/usr/bin/expect
>>> >
>>> >
>>> >
>>> > spawn telnet <hostname>
>>> >
>>> > expect {
>>> >
>>> > "Username:" {
>>> >
>>> > send "<username>\r"
>>> >
>>> > exp_continue
>>> >
>>> > }
>>> >
>>> > "Password:" {
>>> >
>>> > send "<password>\r"
>>> >
>>> > exp_continue
>>> >
>>> > }
>>> >
>>> > ">" {
>>> >
>>> > send "enable\r<enablepass>\r"
>>> >
>>> > exp_continue
>>> >
>>> > }
>>> >
>>> > "#" {
>>> >
>>> > send "show ip interface brief | exclude
>>> > unav\r"
>>> >
>>> > expect "show ip interface brief |
>>> exclude
>>> > unav"
>>> >
>>> > expect "#" { send "exit\r" }
>>> >
>>> > expect "Connection closed by foreign host"
>>> >
>>> > }
>>> >
>>> > expect eof
>>> >
>>> >
>>> >
>>> > I have shown a very brief and simple expect script. You can build in a
>>> lot
>>> > more error checking functionality into this that would greatly improve
>>> the
>>> > functionality of the script. As is seen it will continue to loop thru
>>> > username/password until it gets to the enable prompt and then it will
>>> issue
>>> > the commands needed.
>>> >
>>> >
>>> >
>>> > Regards,
>>> >
>>> >
>>> >
>>> > Tyson Scott - CCIE #13513 R&S and Security
>>> >
>>> > Technical Instructor - IPexpert, Inc.
>>> >
>>> >
>>> > Telephone: +1.810.326.1444
>>> > Cell: +1.248.504.7309
>>> > Fax: +1.810.454.0130
>>> > Mailto: tscott@ipexpert.com
>>> >
>>> >
>>> >
>>> >
>>> >
>>> > *From:* shiran guez [mailto:shiranp3@gmail.com]
>>> > *Sent:* Thursday, January 22, 2009 11:02 AM
>>> > *To:* Tyson Scott
>>> > *Cc:* testing testing123; ccielab@groupstudy.com
>>> > *Subject:* Re: script to log into cisco csm load balancer
>>> >
>>> >
>>> >
>>> > I use python as it is more flexible then expect and much easy syntax
>>> then
>>> > perl here is an real small exmple but you can actually do what you
>>> described
>>> > you need in not much more code lines:
>>> >
>>> > ============================================================
>>> >
>>> > #!/usr/bin/python
>>> >
>>> >
>>> >
>>> > import getpass
>>> > import sys
>>> > import telnetlib
>>> >
>>> >
>>> >
>>> > HOST = raw_input("Enter your remote address: ")
>>> > user = "user"
>>> > password = "pass"
>>> > enable = "enapass"
>>> >
>>> > tn = telnetlib.Telnet(HOST)
>>> >
>>> > tn.read_until("Username: ")
>>> > tn.write(user + "\n")
>>> > if password:
>>> > tn.read_until("Password: ")
>>> > tn.write(password + "\n")
>>> >
>>> > tn.write("enable\n")
>>> > if password:
>>> > tn.read_until("Password: ")
>>> > tn.write(enable + "\n")
>>> > tn.write("show ip int b | ex una\n")
>>> > tn.write("exit\n")
>>> >
>>> > print tn.read_all()
>>> >
>>> > ========================================================
>>> >
>>> >
>>> >
>>> >
>>> >
>>> > Good luck
>>> >
>>> > On Wed, Jan 21, 2009 at 1:02 AM, Tyson Scott <tscott@ipexpert.com>
>>> wrote:
>>> >
>>> > Perl or Expect will provide you the greatest functionality and
>>> > customization
>>> > in my opinion. Perl has a lot more examples that you can easily obtain
>>> off
>>> > of the internet. Expect is a great tool for network admins.
>>> >
>>> > Regards,
>>> >
>>> > Tyson Scott - CCIE #13513 R&S and Security
>>> > Technical Instructor - IPexpert, Inc.
>>> >
>>> > Telephone: +1.810.326.1444
>>> > Cell: +1.248.504.7309
>>> > Fax: +1.810.454.0130
>>> > Mailto: tscott@ipexpert.com
>>> >
>>> >
>>> >
>>> > -----Original Message-----
>>> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>>> Of
>>> > testing testing123
>>> > Sent: Tuesday, January 20, 2009 5:27 PM
>>> > To: ccielab@groupstudy.com
>>> > Subject: script to log into cisco csm load balancer
>>> >
>>> > What language should I use to write a script to log into my cisco csm
>>> > load balancer and check the usage ? The place I work for doesn't have
>>> > any industry tools like HP Openview, CIscoworks, solarwinds, or
>>> > anything like that. I want it to log into the csm once every half
>>> > hour and check the connections of the serverfarms and export it to a
>>> > spreadsheet that will automatically graph that data.
>>> >
>>> > thanks
>>> >
>>> >
>>> > Blogs and organic groups at http://www.ccie.net
>>> >
>>> > _______________________________________________________________________
>>> > Subscription information may be found at:
>>> > http://www.groupstudy.com/list/CCIELab.html
>>> >
>>> >
>>> > Blogs and organic groups at http://www.ccie.net
>>> >
>>> >
>>> _______________________________________________________________________
>>> > Subscription information may be found at:
>>> > http://www.groupstudy.com/list/CCIELab.html
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> > --
>>> > Shiran Guez
>>> > MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>>> > http://cciep3.blogspot.com
>>> > http://www.linkedin.com/in/cciep3
>>> >
>>>
>>>
>>>
>>> --
>>> Shiran Guez
>>> MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>>> http://cciep3.blogspot.com
>>> http://www.linkedin.com/in/cciep3
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:39 ARST