Commit 80dc2101 authored by O'Reilly Media, Inc.'s avatar O'Reilly Media, Inc.
Browse files

Initial commit

parents
## Example files for the title:
# Cisco IOS Cookbook 2nd Edition, by Kevin Dooley
[![Cisco IOS Cookbook 2nd Edition, by Kevin Dooley](http://akamaicovers.oreilly.com/images/9780596527228/cat.gif)](https://www.safaribooksonline.com/library/view/title/0596527225//)
The following applies to example files from material published by O’Reilly Media, Inc. Content from other publishers may include different rules of usage. Please refer to any additional usage rights explained in the actual example files or refer to the publisher’s website.
O'Reilly books are here to help you get your job done. In general, you may use the code in O'Reilly books in your programs and documentation. You do not need to contact us for permission unless you're reproducing a significant portion of the code. For example, writing a program that uses several chunks of code from our books does not require permission. Answering a question by citing our books and quoting example code does not require permission. On the other hand, selling or distributing a CD-ROM of examples from O'Reilly books does require permission. Incorporating a significant amount of example code from our books into your product's documentation does require permission.
We appreciate, but do not require, attribution. An attribution usually includes the title, author, publisher, and ISBN.
If you think your use of code examples falls outside fair use or the permission given here, feel free to contact us at <permissions@oreilly.com>.
Please note that the examples are not production code and have not been carefully testing. They are provided "as-is" and come with no warranty of any kind.
backup.pl
#!/usr/local/bin/perl
#
# backup.pl -- a script to automatically backup a list of
# router configuraton files on a nightly basis.
#
#
# Set behaviour
$workingdir="/home/cisco/bkup";
$snmprw="ORARW";
$ipaddress="172.25.1.1";
$days="30";
#
#
$rtrlist="$workingdir/RTR_LIST";
$storage="$workingdir/storage";
$latest="$storage/LATEST";
$prev="$storage/PREV";
if (! -d $storage) {mkdir ($storage, 0755)};
if (! -d $prev) {mkdir ($prev, 0755)};
if (! -d $latest) {mkdir ($latest, 0755)};
($sec, $min, $hr, $mday, $mon, $year, @etc) = localtime(time);
$mon++; $year=$year+1900;
$today1=sprintf("%.4d_%.2d_%.2d", $year, $mon, $mday);
$today="$storage/$today1";
system("cp -p $latest/* $prev/");
unlink <$latest/*>;
mkdir ($today, 0755);
open (RTR, "$rtrlist") || die "Can't open $rtrlist file";
open (LOG, ">$workingdir/RESULT") || die "Can't open $workingdir/RESULT file";
print LOG "Router Configuration Backup Report for $year/$mon/$mday\n";
print LOG "======================================================\n";
print LOG "Device Name Status\n";
print LOG "======================================================\n";
while (<RTR>) {
chomp($rtr="$_");
$oid=".1.3.6.1.4.1.9.2.1.55.$ipaddress";
$snmpset ="/usr/local/bin/snmpset -v1 -c $snmprw -t60 -r2 $rtr";
$rtrfile="/tftpboot/$rtr.cfg";
unlink $rtrfile;
open (CFG, ">$rtrfile"); print CFG " ";close CFG;
chmod 0666, $rtrfile;
chop ($status=`$snmpset $oid s $rtr.cfg`);
$status=~/.+ = "(.+)".*$/;
if($1 eq "$rtr.cfg") {
if( -z "$rtrfile" ) {
$result="not ok (File empty)";
unlink $rtrfile;
}
else {
$result="ok";
chmod 0444, $rtrfile;
system("mv $rtrfile $latest");
}
}
else {
$result="not ok";
unlink $rtrfile;
}
printf LOG ("%-28s %-28s\n", $rtr,$result);
}
system ("cp -p $latest/*cfg $today");
$time=$days*86400;
print "$time\n";
($sec, $min, $hr, $mday, $mon, $year, @etc) = localtime(time-$time);
$mon++; $year=$year+1900;
$rmdir=sprintf("%s/%.4d_%.2d_%.2d",$configs, $year, $mon, $mday);
system ("rm -r -f $storage/$rmdir");
create-configs.pl
#!/usr/local/bin/perl
#
$template_file_name="rtr-template.txt";
while(<>) {
($location, $name, $lo0ip, $frameip, $framedlci, $eth0ip, $x)
= split (/,/);
open(TFILE, "< $template_file_name") || die "config template file $template_file_name: $!\n";
$ofile_name = $name . ".txt";
open(OFILE, "> $ofile_name") || die "output config file $ofile_name: $!\n";
while (<TFILE>) {
s/##location##/$location/;
s/##rtrname##/$name/;
s/##eth0-ip##/$eth0ip/;
s/##loop0-ip##/$lo0ip/;
s/##frame-ip##/$frameip/;
s/##frame-DLCI##/$framedlci/;
printf OFILE $_;
}
}
inventory.sh
#!/bin/sh
#
# inventory.sh -- a script to extract valuable information
# from a list of routers. (Name, Type, IOS version)
#
#
# Set behaviour
public="ORARO"
workingdir="/home/cisco"
#
LOG=$workingdir/RESULT.csv
infile=$workingdir/RTR_LIST
snmp="/usr/local/bin/snmpget -v1 -c $public"
#
while read device
do
$snmp $device sysName.0 > /dev/null
if [ "$?" = "0" ] ; then
rtr=`$snmp $device .1.3.6.1.4.1.9.2.1.3.0 | cut -f2 -d\" `
type2=`$snmp $device .1.3.6.1.4.1.9.9.25.1.1.1.2.3 | cut -f2 -d$ `
ios=`$snmp $device .1.3.6.1.4.1.9.9.25.1.1.1.2.5 | cut -f2 -d$ `
prot=`$snmp $device .1.3.6.1.4.1.9.9.25.1.1.1.2.4 | cut -f2 -d$ `
echo "$device, $rtr, $type2, $ios, $prot" >> $LOG
fi
done < $infile
rtrchg.exp
#!/usr/local/bin/expect
#
# rtrcfg.exp -- a script to perform mass configuration changes to
# a list of routers using telnet and Expect
#
#
# Set Behavior
set tftp "172.25.1.1"
set workingdir /home/cisco/rtr
#
puts stdout "Enter user name:"
gets stdin userid
system stty -echo
puts stdout "Enter login password:"
gets stdin vtypasswd
puts stdout "\nEnter enable password:"
gets stdin enablepwd
system stty echo
system "cp $workingdir/NEWCONFIG /tftpboot/NEWCONFIG"
set RTR [open "$workingdir/RTR_LIST" r]
set LOG [open "$workingdir/RESULT" w]
while {[gets $RTR router] != -1} {
if {[ string range $router 0 0 ] != "#"} {
set timeout 10
spawn telnet; expect "telnet>"; send "open $router\n"
expect {
{Username} { send "$userid\r"
expect {
{*Password*} { send "$vtypasswd\r" }
}
}
{Password} { send "$vtypasswd\r" }
timeout { puts $LOG "$router - telnet failed"
close; wait; continue
}
}
expect {
{Password} { puts $LOG "$router - vty login failed"
close; wait; continue
}
{Username} { puts $LOG "$router - vty login failed"
close; wait; continue
}
{>} { puts $LOG "$router - vty login ok" }
timeout { puts $LOG "$router - vty login failed"
close; wait; continue
}
}
send "enable\r"
expect "Password"
send "$enablepwd\r"
#
expect {
{*#} { puts $LOG "$router - enable login ok" }
{*>} { puts $LOG "$router - enable login failed"
close; wait; continue
}
timeout { puts $LOG "$router - enable login failed"
close; wait; continue
}
}
# CMDs
set timeout 30
send "copy tftp://$tftp/NEWCONFIG running-config\r"
expect "running-config"
send "\r"
expect {
{OK} { puts $LOG "$router - TFTP successful"}
timeout { puts $LOG "$router - TFTP failed"
close; wait; continue }
}
send "copy running-config startup-config\r\r\r"
expect {
{OK} { puts $LOG "$router - config saved"}
timeout { puts $LOG "$router - config failed"
close; wait; continue }
}
#CMDs
send "exit\r"; close; wait
}
}
close $RTR; close $LOG
system "rm /tftpboot/NEWCONFIG"
eth-tok-mac.pl
#!/usr/local/bin/perl
#
# eth-tok-mac.pl -- a script to convert Ethernet to Token Ring MAC
# addresses when bridging with RSRB or DLSw
#
$convert[0] = "0"; $convert[1] = "8";
$convert[2] = "4"; $convert[3] = "C";
$convert[4] = "2"; $convert[5] = "A";
$convert[6] = "6"; $convert[7] = "E";
$convert[8] = "1"; $convert[9] = "9";
$convert[10] = "5"; $convert[11] = "D";
$convert[12] = "3"; $convert[13] = "B";
$convert[14] = "7"; $convert[15] = "F";
if($#ARGV != 0) {usage();}
$input_MAC = $ARGV[0];
# first split the incoming MAC into bytes
$_ = $input_MAC;
s/[.:-]//g;
for ($i=0; $i*2 < length($_); $i++) {
@input_bytes[$i] = substr($_, $i*2, 2);
}
for ($i=0; $i <= $#input_bytes; $i++) {
$_ = @input_bytes[$i];
# first check that there aren't any illegal characters in this address
if(/[^0-9a-fA-F]/) {
usage();
}
if (length() == 2 ) {
@output_bytes[$i] = $convert[hex(substr($_, 1, 1))]
. $convert[hex(substr($_, 0, 1))];
} else {
usage();
}
}
print "the resulting MAC is: ";
for ($i=0; $i < $#input_bytes; $i++) {
print "@output_bytes[$i]-";
}
print "@output_bytes[$#input_bytes]\n";
sub usage() {
print "usage: eth-tok-mac.pl <MAC>\n";
print " where <MAC> is in the form HH:HH:HH:HH:HH:HH\n";
print " or HH-HH-HH-HH-HH-HH or HHHH.HHHH.HHHH
print " (H is a hex number 0-F)\n";
print "The output is the converted MAC address.\n";
print "Note that this conversion is exactly the same whether converting\n";
print "from Ethernet to Token Ring or Token Ring to Ethernet.\n";
exit;
}
conf.sh
#!/bin/sh
#
# conf -- A compact script to extract router configs to a
# tftp server.
#
#
# Set behaviour
snmprw="ORARW"
tftp="172.25.1.1"
#
#
router=$1
if [ "$router" = "" ]; then
echo "Usage: `basename $0` <hostname | ip address>" >&2 && exit 1
else
rm /tftpboot/$router-auto
touch /tftpboot/$router-auto
chmod 666 /tftpboot/$router-auto
snmpset="snmpset v1 -c $snmprw $router "
$snmpset .1.3.6.1.4.1.9.2.1.55.$tftp s $router-auto
if [ -w /tftpboot/$router-auto -a -s /tftpboot/$router-auto ]; then
echo "Completed Successfully"
else
echo "Operation Failed"
fi
fi
inventory.pl
#!/usr/bin/perl
#
# inventory.pl -- a script to extract valuable information
# from a Router. (Name, Location, Contact, S/N)
#
#
# Set behaviour
$workingdir="/home/nms";
$snmpro="ORARO";
$rtrlist="$workingdir/RTR_LIST";
#
#
open (RTR, "$rtrlist") || die "Can't open $rtrlist file";
open (LOG, ">$workingdir/RESULT") || die "Can't open $workingdir/RESULT file";
printf " Router\t\t Location\t\t\tContact\t\t Serial\n";
printf LOG " Router\t\t; Location\t\t\t;Contact\t\t ;Serial\n";
while (<RTR>) {
chomp($rtr="$_");
$snmpget="/usr/local/bin/snmpget -v1 c $snmpro $rtr ";
$rtr=`$snmpget .1.3.6.1.4.1.9.2.1.3.0`;
$loc=`$snmpget .1.3.6.1.2.1.1.6.0`;
$con=`$snmpget .1.3.6.1.2.1.1.4.0`;
$sin=`$snmpget .1.3.6.1.4.1.9.3.6.3.0`;
chomp(($foo, $RTR) = split (/"/, $rtr));
chomp(($foo, $LOC) = split (/= /, $loc));
chomp(($foo, $CON) = split (/= /, $con));
chomp(($foo, $SIN) = split (/"/, $sin));
printf ("%-12.12s %-30.30s %-25.25s %-12.12s\n", $RTR, $LOC, $CON, $SIN);
printf LOG ("%-12.12s; %-30.30s; %-25.25s; %-12.12s\n", $RTR, $LOC, $CON, $SIN);
}
snmpcfg.pl
#!/usr/bin/perl -w
#
# snmpcfg.pl -- a script to perform mass configuration changes to
# a list of routers using SNMP.
#
#
# Set behaviour
$workingdir="/home/nms";
$snmprw="ORARW";
$tftpsrv="172.25.1.1";
#
#
$rtrlist="$workingdir/RTR_LIST";
open (RTR, "$rtrlist") || die "Can't open $rtrlist file";
open (LOG, ">$workingdir/RESULT") || die "Can't open $workingdir/RESULT file";
#
while (<RTR>) {
chomp($rtr="$_");
print LOG "=================================== \n";
print "=================================== \n";
$snmpset="/usr/local/bin/snmpset -t 20 -r 2 v1 c $snmprw $rtr ";
chomp($result=`$snmpset .1.3.6.1.4.1.9.2.1.50.$tftpsrv s SNMPCFG`);
if ($result=~/.+ = "(.+)"$/ ) {
if( $1 eq SNMPCFG ) {
print LOG "$rtr - Update Successful\n";
print "$rtr - Update Successful\n";
chomp($result=`$snmpset .1.3.6.1.4.1.9.2.1.54.0 i 1`);
if ($result=~/.+ = (.+)$/ ) {
if( $1 == 1 ) {
print LOG "$rtr - Wr Mem Successful\n";
print "$rtr - Wr Mem Successful\n";
}
else {
print LOG "$rtr - Wr Mem Failed\n";
print "$rtr - Wr Mem Failed\n";
}
}
else {
print LOG "$rtr - Wr Mem Failed\n";
print "$rtr - Wr Mem Failed\n";
}
}
else {
print LOG "$rtr - Update Failed\n";
print "$rtr - Update Failed\n";
}
}
else {
print LOG "$rtr - Update Failed\n";
print "$rtr - Update Failed\n";
}
}
rotatelog.sh
#!/bin/sh
#
# rotatelog.sh -- a script to rotate log files and
# compress archived files
#
# Set behaviour
SYSLOGPID=/etc/syslog.pid
LOGDIR=/var/log
LOG=rtrlog
DAYS=7
COMPRESS="/usr/bin/compress -f"
#
# Program body
[ -f $SYSLOGPID ] || echo "Syslog PID file doesn't exist"
if [ -d $LOGDIR ]; then
cd $LOGDIR
[ -f $LOG.1 ] && `$COMPRESS $LOG.1` && sleep 1
while [ $DAYS -gt 1 ]
do
LOW=`expr $DAYS - 1`
[ -f $LOG.$LOW.Z ] && mv $LOG.$LOW.Z $LOG.$DAYS.Z
DAYS=$LOW
done
[ -f $LOG ] || echo "Log file $LOG doesn't exist"
[ -f $LOG ] && mv $LOG $LOG.1
touch $LOG
chmod 644 $LOG
sleep 10
kill -HUP `cat $SYSLOGPID`
#
else
echo "Log directory $LOGDIR is not valid"
fi
testlog.sh
#!/bin/sh
#
# testlog.sh -- a script to test the syslog facility to ensure that
# messages, at various levels, are being forwarded
# to the correct file(s)
#
# Set behaviour
FACILITY=local7
LOGGER="/usr/bin/logger"
#
$LOGGER -p $FACILITY.emerg "This meassage was sent to $FACILITY.emerg (0)"
$LOGGER -p $FACILITY.alert "This meassage was sent to $FACILITY.alert (1)"
$LOGGER -p $FACILITY.crit "This meassage was sent to $FACILITY.crit (2)"
$LOGGER -p $FACILITY.err "This meassage was sent to $FACILITY.err (3)"
$LOGGER -p $FACILITY.warning "This meassage was sent to $FACILITY.warning (4)"
$LOGGER -p $FACILITY.notice "This meassage was sent to $FACILITY.notice (5)"
$LOGGER -p $FACILITY.info "This meassage was sent to $FACILITY.info (6)"
$LOGGER -p $FACILITY.debug "This meassage was sent to $FACILITY.debug (7)"
logscan.pl
#!/usr/local/bin/perl
#
# logscan.pl -- a script to extract ACL logs from a syslog file.
#
# Set behaviour
$log=/var/log/cisco.log;
$ntop=10;
#
chomp ($acl=$ARGV[0]);
if ($acl == "") { $acl=".*"};
open(LOG , "<$log") or die;
while (<LOG>) {
if (/IPACCESSLOGP: list $acl denied ([tcpud]+) ([0-9.]+)\(([0-9]+)\) -> ([0-9.]+)\(([0-9]+)\), ([0-9]+) /) {
$x=$6;
$srca{$2}+=$x;
$foo=sprintf("%16s -> %16s %3s port %-6s",$2,$4,$1,$5);
$moo=sprintf("%3s port %-6s",$1,$5);
$quad{$foo}+=$x;
$port{$moo}+=$x;
}
}
$n=0;
printf ("Connection Summary:\n");
foreach $i (sort { $quad{$b} <=> $quad{$a} } keys %quad) {
if ($n++ >= $ntop) { last };
printf ("%6s:%s\n", $quad{$i},$i);
}
$n=0;
printf ("\nDestination Port Summary:\n");
foreach $i ( sort { $port{$b} <=> $port{$a} } keys %port) {
if ($n++ >= $ntop) { last };
printf ("%6s: %s\n", $port{$i},$i);
}
$n=0;
printf ("\nSource Address Summary:\n");
foreach $i ( sort { $srca{$b} <=> $srca{$a} } keys %srca) {
if ($n++ >= $ntop) { last };
printf ("%6s: %s\n", $srca{$i},$i);
}
arpt.pl
#!/usr/local/bin/perl
#
# arpt.pl -- a script to extract the ARP cache from a router.
#
#Set behavour
$snmpro="ORARO";
#
$snmpwalk="/usr/local/bin/snmpwalk -v 1 -c $snmpro";
$snmpget="/usr/local/bin/snmpget -v 1 -c $snmpro";
chomp ($rtr=$ARGV[0]);
if ( $rtr eq "" ) {die "$0: Must specify a router \n"};
@iftable=`$snmpwalk $rtr ifDescr`;
for $ifnum (@iftable) {
chomp (($intno, $intname) = split (/ = /, $ifnum));
$intno=~s/.*ifDescr\.//;
$intname=~s/"//gi;
$arpint{$intno}=$intname;
}
printf ("%-22.22s %-10.10s %-25.25s\n", Address, MAC, Interface);
@atTable=`$snmpwalk $rtr .1.3.6.1.2.1.3.1.1.1`;
for $atnum (@atTable) {
chomp (($atip, $atint) = split (/ = /, $atnum));
$atip =~ s/.*atIfIndex\.[0-9]+\.1\.//;
$atphys=`$snmpget $rtr atPhysAddress.$atint.1.$atip`;
chomp(($foo, $phys) = split(/: /, $atphys));
$phys=~s/ /-/gi; chop ($phys);
$phys=~tr/A-Z/a-z/;
$int=$arpint{$atint};
printf ("%-15.15s %17.17s %-25.25s\n", $atip, $phys, $int);
}
host.pl
#!/usr/local/bin/perl
#
# host.pl -- a script to build a detailed host file from
# information gathered from a router list.
#
#Set behavour
$workingdir="/home/cisco/net";
$snmpro="ORARO";
#
$rtrlist="$workingdir/RTR_LIST";
$snmpwalk="/usr/local/bin/snmpwalk -v 1 -c $snmpro";
$snmpget="/usr/local/bin/snmpget -v 1 -c $snmpro";
open (RTR, "$rtrlist") || die "Can't open $rtrlist file";
open (RESULT, ">$workingdir/RESULT") || die "Can't open RESULT file";
while (<RTR>) {
chomp($rtr="$_");
@ifIndex=`$snmpwalk $rtr ipAdEntIfIndex`;
@ipAddress=`$snmpwalk $rtr ipAdEntAddr`;
$rtr1=`$snmpget $rtr .1.3.6.1.4.1.9.2.1.3.0`;
chomp(($foo, $RTR) = split (/"/, $rtr1));
$arraynum=0;
for $ifnumber (@ifIndex) {
chomp(($foo, $ifnum) = split(/= /, $ifnumber));
$ifDescription=`$snmpget $rtr ifName.$ifnum`;
chomp(($foo, $ipaddr) = split(/: /, $ipAddress[$arraynum]));
chomp(($foo, $ifdes) = split(/= /, $ifDescription));
$name="$RTR-$ifdes";
#$name=~s/\//-/;
if ( $ifdes eq "Lo0" ) { $name=$RTR };
print RESULT "$ipaddr\t\t$name\n";
$arraynum++;
}
}
close(RTR);
close(RESULT);
netstat.pl
#!/usr/local/bin/perl
#
# netstat.pl -- a script to build a detailed IP interface
# listing directly from a list of routers.
#
#Set behavour
$workingdir="/home/cisco/net";
$snmpro="ORARO";
#
$rtrlist="$workingdir/RTR_LIST";
$snmpwalk="/usr/local/bin/snmpwalk -v 1 -c $snmpro";
$snmpget="/usr/local/bin/snmpget -v 1 -c $snmpro";
open (RTR, "$rtrlist") || die "Can't open $rtrlist file";
open (CSV, ">$workingdir/RESULT.csv") || die "Can't open RESULT.csv file";
while (<RTR>) {
chomp($rtr="$_");
@ifIndex=`$snmpwalk $rtr .1.3.6.1.2.1.4.20.1.2`;
@ipAddress=`$snmpwalk $rtr .1.3.6.1.2.1.4.20.1.1`;
@ipMask=`$snmpwalk $rtr .1.3.6.1.2.1.4.20.1.3`;
$arraynum=0;
print CSV "\n$rtr\n";
print CSV "Interface, IP-Address, Mask, MTU, Speed, Admin, Operational\n";
for $ifnumber (@ifIndex) {
chomp(($foo, $ifnum) = split(/= /, $ifnumber));
$ifDescription=`$snmpget $rtr ifDescr.$ifnum`;
$ifMTU=`$snmpget $rtr ifMtu.$ifnum`;
$ifSpeed=`$snmpget $rtr ifSpeed.$ifnum`;
$ifAdminstatus=`$snmpget $rtr ifAdminStatus.$ifnum`;
$ifOperstatus=`$snmpget $rtr ifOperStatus.$ifnum`;
chomp(($foo, $ipaddr) = split(/: /, $ipAddress[$arraynum]));
chomp(($foo, $mask) = split(/: /, $ipMask[$arraynum]));
chomp(($foo, $ifdes, $foo) = split(/"/, $ifDescription));
chomp(($foo, $mtu) = split (/= /, $ifMTU));