andre/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init II

Browse Source
This commit is contained in:
Andre Geißler
2024-10-13 23:32:58 +02:00
parent 30627b25b3
commit dbfba56f66
38 changed files with 3897 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
CISCO ACL edit/Vollbild anzeigen.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

BIN
CISCO ACL edit/aedit.exe Normal file
View File

Binary file not shown.

35
CISCO ACL edit/aedit.perlapp Normal file
View File

@@ -0,0 +1,35 @@
#!C:\Program Files (x86)\ActiveState Perl Dev Kit 9.0\bin\perlapp-gui.exe
PAP-Version: 1.0
Packer: C:\Program Files (x86)\ActiveState Perl Dev Kit 9.0\bin\perlapp.exe
Script: aedit.pl
Cwd: G:\Skripte\cisco ACL edit
Bind: editor.exe[file=editor.exe,extract,mode=777]
Clean: 1
Date: 2011-08-12 14:15:50
Debug:
Dependent: 0
Dyndll: 0
Exe: aedit.exe
Force: 1
Gui: 0
Hostname: NETICFSYS03
Icon: cisco.ico
Manifest:
No-Compress: 0
No-Logo: 0
Runlib:
Shared: none
Tmpdir:
Verbose: 0
Version-Comments:
Version-CompanyName:
Version-FileDescription:
Version-FileVersion: 1.1
Version-InternalName: aedit
Version-LegalCopyright: Andre Wisniewski
Version-LegalTrademarks:
Version-OriginalFilename: ACL Editor
Version-ProductName: aedit
Version-ProductVersion: 1.1
Warnings: 0
Xclude: 0

183
CISCO ACL edit/aedit.pl Normal file
View File

@@ -0,0 +1,183 @@
#!/usr/bin/perl
use Net::Telnet::Cisco;
use Digest::MD5::File;
use Env qw(TEMP USERNAME PID);
use strict;
AGAIN:
print "\n\nx beendet\n\n";
print "IP:";
my $HOST=<STDIN>;
chomp $HOST;
exit if ($HOST eq "x");
my $session = Net::Telnet::Cisco->new(Host => "$HOST", Errmode=>'return');
$session->login(Name => "batman", Password => "LTBTTTra25");
my @rcon = $session->cmd('show running');
$session->close;
my @rconfig=(); # führende returns entfernen
foreach my $line (@rcon) {
chomp $line;
if ($line eq "") {next;}
elsif ($line =~ /^\n/) {
my ($l) = $line =~ /\n(.*)/;
push @rconfig,$l;
}
else {
push @rconfig,$line;
}
}
my $inint=0;
my $intname="";
my $inlist="";
my $outlist="";
my @INTERFACES=();
foreach my $line (@rconfig) {
chomp $line;
if ($inint==0) {
if ($line =~ /^[\s]*interface/) {
($intname)=$line=~/interface (.*)/;
$inint=1;
#print "$line\n";
}
}
else {
if ($line =~ /\bip access-group .* in$/) {
($inlist)=$line=~/access-group (.*) in/;
}
if ($line =~ /\bip access-group .* out$/) {
($outlist)=$line=~/access-group (.*) out/;
}
if ($line =~ /^[\s]*!/) {
if ($inlist ne "" or $outlist ne "") {
push @INTERFACES, "$intname#$inlist#$outlist";
}
$intname=""; $inlist=""; $outlist="";
$inint=0;
}
}
}
#printf "%2s %20s %20s %20s\n", "ID", "Interface", "ACL in", "ACL out";
my $i=0;
my @MENU=();
print "\n";
foreach (@INTERFACES) {
my ($int,$in,$out)=split /#/, $_;
if ($in ne "") {
printf "%2d %30s %30s (in)\n", $i, $int, $in;
push @MENU, "$int#$in#in";
$i++;
}
if ($out ne "") {
printf "%2d %30s %30s(out)\n", $i, $int, $out;
push @MENU, "$int#$out#out";
$i++;
}
}
print "\nWhich ACL do you want to edit?";
my $choice=<STDIN>;
chomp $choice;
exit if ($choice eq "x");
print "\n";
my $int;
my $acl;
my $dir;
($int,$acl,$dir)=split/#/,$MENU[$choice];
my $rc;
$rc=join "\n",@rconfig;
my $ACCESS="";
my $CONTENT=""; #[\s]*
($ACCESS,$CONTENT)= $rc =~ /(ip access-list extended $acl\n(([\s]+[permit|deny|remark].*\n)*))/m;
my @CONT=split/\n/,$CONTENT;
open TEMPF, ">temp$$.txt";
foreach (@CONT) {
printf TEMPF "$_\n";
}
close TEMPF;
#print "$TEMP\\pdk-$USERNAME-$$\\"; <STDIN>;
my $olddigest = Digest::MD5::File::file_md5_hex("temp$$.txt");
system "$TEMP\\pdk-$USERNAME-$$\\editor.exe temp$$.txt";
#system "editor.exe temp$$.txt";
my $newdigest = Digest::MD5::File::file_md5_hex("temp$$.txt");
if ($newdigest ne $olddigest) {
print "Save changes? YES saves!";
my $save=<STDIN>;
chomp $save;
if ($save eq "YES") {
print "SAVING\n";
# telnet
$session = Net::Telnet::Cisco->new(Host => "$HOST", Errmode=>'return');
$session->login(Name => "batman", Password => "LTBTTTra25");
# conf t
$session->cmd('conf t');
# int $int
$session->cmd("interface $int");
# no ip access-group $acl $dir
$session->cmd("no ip access-group $acl $dir");
# exit
$session->cmd("exit");
# no ip access-l ext $acl
$session->cmd("no ip access-list extended $acl");
# ip access-l ext $acl
$session->cmd("ip access-list extended $acl");
# <temp.txt
open EDIT, "<temp$$.txt";
my @NEWACL=<EDIT>;
close EDIT;
foreach (@NEWACL) {
$session->cmd("$_");
}
# int $int
$session->cmd("interface $int");
# ip access-group $acl $dir
$session->cmd("ip access-group $acl $dir");
# end
$session->cmd("end");
# wr mem
$session->cmd("wr mem");
$session->close;
print "SAVED";
}
else {
print "CANCELED";
}
}
else {
print "NO CHANGES";
}
unlink "temp$$.txt";
print "\n\nNochmal? (y)";
my $again=<STDIN>;
chomp $again;
exit if ($again ne "y");
goto AGAIN if ($again eq "y");

BIN
CISCO ACL edit/c5d65b9f57bb0eed58907f8e3743554e.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 110 KiB

BIN
CISCO ACL edit/cisco.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 110 KiB

BIN
CISCO ACL edit/editor.exe Normal file
View File

Binary file not shown.

139
CISCO ASA VPN config-parser/asa-vpn-config-parser.sh Normal file
View File

@@ -0,0 +1,139 @@
#!/bin/bash
IFS=
HOSTNAME=/home/rancid/var/rancid/network/configs/$1
pho()
{
echo "<"$1">"
}
phc()
{
echo "</"$1">"
}
get_object()
{
OBJN=$1
egrep -A 100 "$OBJN$" $HOSTNAME | egrep -m2 -B 100 "^[a-z]" | head -n -1 | tail -n +2 | while read -r LINE
do
echo $LINE "<br>"
if [[ "$LINE" =~ "group-object" ]]
then
OBJNN=$(echo $LINE | awk '{print $2}')
get_object $OBJNN
elif [[ "$LINE" =~ "network-object object" ]]
then
OBJNN=$(echo $LINE | awk '{print $3}')
get_object $OBJNN
else
I=1
fi
done
}
pho html
pho head
echo "
<style>
td {
border: 1px solid black;
spacing: 0px;
padding: 10px;
}
table {
border-spacing: 10px;
border-collapse: separate;
}
</style>
"
phc head
pho body
pho "table cellspacing=1 cellpadding=1"
# pick crypto map entry
egrep "crypto map .* set peer" $HOSTNAME | while read -r LINE ; do
NR=$(echo "$LINE" | awk '{print $4}')
CM=$(echo "$LINE" | awk '{print $3}')
pho tr
pho "td valign=top style='white-space: nowrap'"
echo "Tunnel #"$NR
phc td; pho "td valign=top style='white-space: nowrap'"
echo "Crypto Map:<br><br>$CM"
phc td
pho "td valign=top"
#get peer for cm entry
echo "Peer(s):<br><br>"
PEER=$(egrep "crypto map .* $NR set peer" $HOSTNAME | awk '{print $7 " " $8 " " $9}')
PEERIP=$PEER
echo $PEER | sed 's/ /<br>/g'
phc td
pho "td valign=top style='white-space: nowrap'"
#get acl for cm entry
ACL=$(egrep "crypto map .* $NR match address" $HOSTNAME | awk '{print $7}')
echo "ACL:<br><br>" $ACL
phc td
pho "td valign=top"
ACEl=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $6 " " $7}')
echo "Lokal:<br><br>"
echo $ACEl | while read -r LINEl
do
echo $LINEl "<br>"
if [[ "$LINEl" =~ "object" ]]
then
OBJN=$(echo $LINEl | awk '{print $2}')
get_object $OBJN
fi
echo "<br>"
done
phc td
pho "td valign=top style='white-space: nowrap'"
ACEr=$(egrep "access-list $ACL " $HOSTNAME | awk '{print $8 " " $9}')
echo "Remote:<br><br>"
echo $ACEr | while read -r LINEr
do
echo $LINEr "<br>"
if [[ "$LINEr" =~ "object" ]]
then
OBJN=$(echo $LINEr | awk '{print $2}')
get_object $OBJN
fi
echo "<br>"
done
phc td
phc tr
pho tr
pho "td style='border-style: none'"
phc td
pho "td colspan=5"
for IP in `echo $PEERIP | sed 's/ /\n/'`
do
IP=$(echo $IP | sed 's/ //')
grep -A 3 "tunnel-group $IP" $HOSTNAME | grep "isakmp keepalive" && pho br
done
egrep "crypto map .* $NR " $HOSTNAME | grep pfs | awk '{print $6 " " $7 "<br>"}'
egrep "crypto map .* $NR " $HOSTNAME | grep security | awk '{print $6 " " $7i " " $8 " " $9 "<br>"}'
egrep "crypto map .* $NR " $HOSTNAME | grep transform | awk '{print $7 " " $8 "<br>"}'
phc td
phc tr
pho "tr height=20px"
phc tr
done
phc table
phc body
phc html

3
CISCO Config Template Konverter/R6-confg Normal file
View File

@@ -0,0 +1,3 @@
!
end

2
CISCO Config Template Konverter/cisconet.cfg Normal file
View File

@@ -0,0 +1,2 @@
do reload in 1
end

2
CISCO Config Template Konverter/ciscortr.cfg Normal file
View File

@@ -0,0 +1,2 @@
do reload in 1
end

3
CISCO Config Template Konverter/convert.cmd Normal file
View File

@@ -0,0 +1,3 @@
@echo off
cls
perl convert.pl convert.txt network-confg

66
CISCO Config Template Konverter/convert.pl Normal file
View File

@@ -0,0 +1,66 @@
#!/bin/perl
$i=@ARGV;
die "Zu wenige Parameter!\nconvert.pl <Eingabedatei> <Ausgabedatei>" if $i<2;
print "\n";
print "Eingabedatei $ARGV[0]\n";
print "Ausgabedatei $ARGV[1]\n";
open IN, "<$ARGV[0]";
open OUT, ">$ARGV[1]";
@INF=<IN>;
foreach (@INF) {
chomp;
router() if ($_ =~ /^!!ROUTER/);
router() if ($_ =~ /^!!SWITCH/);
router() if ($_ =~ /^!!FIREWALL/);
}
close IN;
close OUT;
sub router {
$read_v=0;
# Variablen lesen
foreach (@INF) {
$read_v=1 if ($_ =~ /^!!VARIABLEN/);
last if ($_ =~ /^!!CONFIG/);
next if ($_ =~ /^!/);
read_var($_) if ($read_v);
}
# Konfig lesen
$read_c=0;
foreach (@INF) {
chomp;
$read_c=1 if ($_ =~ /^!!CONFIG/);
if ($read_c) {
if($_ =~ /<.*>/) {
($vn)=$_=~/(<.*>)/;
$_ =~ s/$vn/$VARS{$vn}/;
next if ($VARS{$vn} eq "");
}
# und schreiben
printf OUT "$_\n";
}
}
}
sub switch {
}
sub firewall {
}
sub read_var {
$l=$_[0];
if ($l=~ /<.*>.*=.*/) {
($vn, $vv) = $l =~/(<.*>).*=[\s]*(.*)/;
$VARS{$vn}=$vv;
}
}

153
CISCO Config Template Konverter/convert.txt Normal file
View File

@@ -0,0 +1,153 @@
Die Zeilen mit zwei Ausrufezeichen sind besondere Zeilen. Diese markieren neue Abschnitte in der Datei.
Diese Zeilen müssen am Anfang einer Zeile stehen und dürfen keine Leerzeichen beinhalten.
Darüberhinaus sind alle Zeichen groß zu schreiben.
Als erstes muss !!ROUTER kommen, diese Zeile markiert den eigentlichen Anfang. Es passiert nichts bis !!VARIABLEN erscheint.
Ab dort erfolgt die Definition der Variablen.
Ab !!CONFIG kommt die eigentliche Konfiguration. Alle im Abschnitt !!VARIABLEN definierten Werte werden im Abschnitt !!CONFIG eingesetzt.
Ansonsten sind Zeilen die mit einem ! beginnen Kommentare (Cisco Syntax).
!!ROUTER
!!VARIABLEN
<HOSTNAME> = R6
<TFTP_HOST_STRING> = tftp://172.23.210.222/x-confg
<INT_NAME> = f0/0
!<INT_IP_MASK> = 192.1.1.2 255.255.255.0
<INT_IP_MASK> = DHCP
<DEF_GW> =
<SNMP_READ> = con
<SNMP_WRITE> = 5NMP-Wr1t3-(0mm
<SYSLOG_FACILITY> = local1
<SYSLOG_SRC_INT> =
<SYSLOG_SEVERITY> = errors
<SYSLOG_SRV> = 10.101.0.11
<LOG_SEVERITY> = informational
<SOMMERZEITVONBIS> = Mar 31 2013 2:00 Oct 27 2013 2:00
<NTP_SRV1> = 90.200.31.21
<NTP_SRV2> = 90.200.31.23
! PTB NTP Server
! ntp server 192.53.103.103
! ntp server 192.53.103.108
! ntp server 192.53.103.104
<DOMAIN> = corp.conet.local
<ADM_PW> = LicherExport
! Netze/IPs zur Administration, AdminText, AdminNetz
<AT1> = extern 1
<AN1> = 195.20.133.6
<AT2> = extern 2
<AN2> = 212.202.166.58
<AT3> = Eschborner Ldstr 1
<AN3> = 192.168.88.0 0.0.0.255
<AT4> = Eschborner Ldstr 2
<AN4> = 172.23.210.0 0.0.0.255
<AT5> = Interxion
<AN5> = 88.205.102.128 0.0.0.127
<ATI> = Initial Netz
<ANI> = 192.1.1.0 0.0.0.255
!!CONFIG
boot network <TFTP_HOST_STRING>
hostname <HOSTNAME>
int <INT_NAME>
ip address <INT_IP_MASK>
no shut
ip route 0.0.0.0 0.0.0.0 <DEF_GW>
! snmp
snmp-server community <SNMP_READ> RO ACL_telnet_ssh_snmp
snmp-server community <SNMP_WRITE> RW ACL_telnet_ssh_snmp
! syslog
logging facility <SYSLOG_FACILITY>
logging source-interface <SYSLOG_SRC_INT>
logging <SYSLOG_SRV>
logging trap <SYSLOG_SEVERITY>
! lokales log
logging buffered 4096 <LOG_SEVERITY>
logging history <LOG_SEVERITY>
logging console <LOG_SEVERITY>
logging monitor <LOG_SEVERITY>
! ntp
clock timezone MEZ 1
clock summer-time MESZ date <SOMMERZEITVONBIS>
ntp server <NTP_SRV1> prefer
ntp server <NTP_SRV2>
! ssh
ip domain name <DOMAIN>
!crypto key generate rsa
!1024
!ip ssh ver 2
username admin priv 15 pass <ADM_PW>
! login
ip access-list standard ACL_telnet_ssh_snmp
remark <AT1>
permit <AN1>
remark <AT2>
permit <AN2>
remark <AT3>
permit <AN3>
remark <AT4>
permit <AN4>
remark <AT5>
permit <AN5>
remark <ATI>
permit <ANI>
line vty 0 4
session-timeout 60
access-class ACL_telnet_ssh_snmp in
exec-timeout 60 0
login local
transport input all
line con 0
login local
line aux 0
login local
! services
service tcp-keepalives-in
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service linenumber
! domain-lookup
no ip domain-lookup
! http
no ip http server
end

1
CISCO Config Template Konverter/getit.conf Normal file
View File

@@ -0,0 +1 @@
no username test password test

89
CISCO Config Template Konverter/network-confg Normal file
View File

@@ -0,0 +1,89 @@
!!CONFIG
boot network tftp://172.23.210.222/x-confg
hostname R6
int f0/0
ip address DHCP
no shut
! snmp
snmp-server community bross RO ACL_telnet_ssh_snmp
snmp-server community 5NMP-Wr1t3-(0mm RW ACL_telnet_ssh_snmp
! syslog
logging facility local1
logging 10.101.2.113
logging trap errors
! lokales log
logging buffered 4096 informational
logging history informational
logging console informational
logging monitor informational
! ntp
clock timezone MEZ 1
clock summer-time MESZ date Mar 31 2013 2:00 Oct 27 2013 2:00
ntp server 90.200.31.21 prefer
ntp server 90.200.31.23
! ssh
ip domain name corp.conet.local
!crypto key generate rsa
!1024
!ip ssh ver 2
username admin priv 15 pass LicherExport
! login
ip access-list standard ACL_telnet_ssh_snmp
remark extern 1
permit 195.20.133.6
remark extern 2
permit 212.202.166.58
remark Eschborner Ldstr 1
permit 192.168.88.0 0.0.0.255
remark Eschborner Ldstr 2
permit 172.23.210.0 0.0.0.255
remark Interxion
permit 88.205.102.128 0.0.0.127
remark Initial Netz
permit 192.1.1.0 0.0.0.255
line vty 0 4
session-timeout 60
access-class ACL_telnet_ssh_snmp in
exec-timeout 60 0
login local
transport input all
line con 0
login local
line aux 0
login local
! services
service tcp-keepalives-in
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service linenumber
! domain-lookup
no ip domain-lookup
! http
no ip http server
end

2
CISCO Config Template Konverter/router-confg Normal file
View File

@@ -0,0 +1,2 @@
do reload in 1
end

138
CISCO Config Template Konverter/x-confg Normal file
View File

@@ -0,0 +1,138 @@
!
version 12.4
service tcp-keepalives-in
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service linenumber
!
hostname R6
!
boot-start-marker
boot network tftp://172.23.210.222/x-confg
boot-end-marker
!
logging buffered 4096 informational
logging console informational
logging monitor informational
!
no aaa new-model
!
resource policy
!
clock timezone MEZ 1
clock summer-time MESZ date Mar 31 2013 2:00 Oct 27 2013 2:00
ip cef
!
!
!
!
no ip domain lookup
ip domain name corp.conet.local
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username admin privilege 15 password 7 00281A050C5E19231731435C1D
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address dhcp
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
no ip http server
no ip http secure-server
!
!
!
ip access-list standard ACL_telnet_ssh_snmp
remark extern 1
permit 195.20.133.6
remark extern 2
permit 212.202.166.58
remark Eschborner Ldstr 1
permit 192.168.88.0 0.0.0.255
remark Eschborner Ldstr 2
permit 172.23.210.0 0.0.0.255
remark Interxion
permit 88.205.102.128 0.0.0.127
remark Initial Netz
permit 192.1.1.0 0.0.0.255
!
logging history informational
logging alarm informational
logging trap errors
logging facility local1
logging 10.101.2.113
snmp-server community bross RO ACL_telnet_ssh_snmp
snmp-server community 5NMP-Wr1t3-(0mm RW ACL_telnet_ssh_snmp
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
login local
stopbits 1
line aux 0
login local
stopbits 1
line vty 0 4
session-timeout 60
access-class ACL_telnet_ssh_snmp in
exec-timeout 60 0
login local
transport input all
!
ntp server 90.200.31.23
ntp server 90.200.31.21 prefer
!
end

44
CISCO Switchport als Access Port/snippet.txt Normal file
View File

@@ -0,0 +1,44 @@
!!!!!!!!!
! Core Switch
INTNAMEC=
VLAN=
conf t
default int $INTNAMEC
!
int $INTNAMEC
shutdown
switchport access vlan $VLAN
switchport trunk encapsulation dot1q
switchport mode access
spanning-tree bpduguard enable
spanning-tree guard root
!
!
!
int $INTNAMEC
no shutdown
!!!!!!!!!
! Access
INTNAMEA=
conf t
default int $INTNAMEA
!
int $INTNAMEA
shutdown
switchport access vlan $VLAN
switchport trunk encapsulation dot1q
switchport mode access
spanning-tree bpdufilter enable
!
!
!
int $INTNAMEA
no shutdown
int vlan $VLAN
ip address ....

25
CISCO acl parse/parse-acl.pl Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/perl
open FILE, "<running.txt";
@running=<FILE>;
close FILE;
#ip access-list extended <NR/NAME>
#ip access-list standard <NR/NAME>
#access-list <NR>
#config durchlaufen und context merken - letzte zeile ohne " " am zeilenanfang.
#ip access-group <NR/NAME> in/out
#access-class <NR/NAME> in/out
#ip nat xxxxxxxxxxxxxxxxxxx list <NAME>
#match ip address <NR/NAME \prefix-lists>
# Konfigurierte ACL finden
foreach (@running) {
chomp;
if (/ip access-list extended ([0-9a-zA-Z]*) /) {

264
CISCO acl parse/running.txt Normal file
View File

@@ -0,0 +1,264 @@
Building configuration...
Current configuration : 8122 bytes
!
! Last configuration change at 10:09:28 sommer Thu Jul 9 2009 by robin
! NVRAM config last updated at 10:09:28 sommer Thu Jul 9 2009 by robin
!
version 12.4
service tcp-keepalives-in
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service linenumber
!
hostname RMT1-FR
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 informational
logging console informational
enable secret 5 $1$QFxG$fNejdJjAg/6SfrBoi1kAS1
!
no aaa new-model
clock timezone utc+1 1
clock summer-time sommer date Mar 29 2009 2:00 Oct 25 2009 2:00
ip cef
!
!
!
!
ip multicast-routing
!
username batman privilege 15 password 7 047727220A031F1D
username robin privilege 0 password 7 13293B3618285572
!
!
!
!
!
interface FastEthernet0/0
description connected to EthernetLAN_ICF
ip address 10.10.10.25 255.255.255.0
ip access-group NO_IGMP_PIM in
ip pim sparse-dense-mode
ip route-cache flow
no ip mroute-cache
speed 100
full-duplex
keepalive 30
no cdp enable
!
interface FastEthernet0/1
description connected to RMT1-FR Telekom 51X/2926
bandwidth 2500
ip address 170.45.1.2 255.255.255.0
ip access-group NO_IGMP_2 in
ip access-group LIST_F0/1 out
ip accounting output-packets
ip pim sparse-dense-mode
ip route-cache flow
no ip mroute-cache
load-interval 30
speed 10
full-duplex
keepalive 2
standby 100 ip 170.45.1.1
standby 100 timers 1 3
standby 100 priority 110
standby 100 preempt
standby 100 track FastEthernet0/0
!
router eigrp 1000
redistribute static
network 10.10.10.0 0.0.0.255
network 170.45.1.0 0.0.0.255
no auto-summary
!
ip route 10.10.0.0 255.255.0.0 10.10.10.1
ip route 10.10.12.42 255.255.255.255 10.10.10.1
ip route 62.80.98.0 255.255.255.0 10.10.10.1
ip route 69.184.0.0 255.255.0.0 10.10.10.1
ip route 130.35.0.0 255.255.255.0 10.10.10.1
ip route 192.165.211.56 255.255.255.255 10.10.10.1
ip route 192.169.1.0 255.255.255.0 10.10.10.1
ip route 193.154.172.0 255.255.255.0 10.10.10.1
ip route 199.105.0.0 255.255.0.0 10.10.10.1
ip route 205.183.246.0 255.255.255.0 10.10.10.1
ip route 208.134.161.0 255.255.255.0 10.10.10.1
ip flow-export source FastEthernet0/0
ip flow-export version 5
ip flow-export destination 10.10.12.36 8887
!
no ip http server
!
ip access-list extended LIST_F0/1
permit ip 170.45.1.0 0.0.0.255 any
remark >> Tradesignal
permit tcp 62.206.134.0 0.0.0.255 eq www any
permit tcp 62.206.134.0 0.0.0.255 eq 443 any
permit tcp 193.154.172.0 0.0.0.255 eq 2088 any
remark << Tradesignal
permit tcp host 10.10.10.32 any
permit tcp host 10.10.10.33 any
permit ip host 10.10.10.32 host 239.10.10.13
permit ip host 10.10.10.32 host 239.10.10.14
permit ip host 10.10.10.33 host 239.10.10.13
permit ip host 10.10.10.33 host 239.10.10.14
permit icmp any any
permit tcp host 130.35.0.95 eq 8080 any
permit tcp host 130.35.0.11 eq 8080 any
permit ip host 130.35.0.77 any
permit tcp host 10.10.10.77 any
permit ip host 130.35.0.205 any
permit ip host 130.35.0.92 any
permit tcp host 130.35.0.222 any
permit tcp host 10.10.30.61 any
permit tcp host 10.10.30.68 any
permit tcp host 130.35.0.114 any
permit tcp host 130.35.0.44 any eq 22
permit tcp host 213.68.166.28 any
permit tcp host 130.35.0.223 any
permit ip host 130.35.0.104 any
permit ip host 130.35.0.85 any
permit tcp 212.162.51.0 0.0.0.255 any
permit ip host 10.10.10.67 any
permit tcp host 130.35.0.208 any
permit tcp host 130.35.0.170 eq 3128 any
permit tcp 199.105.181.0 0.0.0.255 any
permit tcp 199.105.176.0 0.0.0.255 any
permit tcp 199.105.184.0 0.0.0.255 any
permit tcp 208.22.56.0 0.0.0.255 any
permit tcp 160.43.0.0 0.0.0.255 any
permit tcp 206.156.53.0 0.0.0.255 any
permit tcp 205.216.112.0 0.0.0.255 any
permit udp 208.134.161.0 0.0.0.255 any
permit tcp host 130.35.0.134 any
permit tcp host 10.10.30.67 any
permit ip host 10.10.30.79 any
permit ip host 10.10.30.80 any
permit ip host 10.10.30.185 any
permit tcp host 217.110.39.0 eq smtp any
permit tcp host 217.110.39.0 eq pop3 any
permit tcp 62.80.98.64 0.0.0.63 eq smtp any
permit tcp 62.80.98.64 0.0.0.63 eq pop3 any
permit tcp host 212.47.180.32 eq 4800 any
permit tcp host 212.118.231.91 eq 4800 any
permit tcp host 212.47.180.32 eq 4720 any
permit ip 69.184.0.0 0.0.255.255 any
permit ip 199.105.0.0 0.0.255.255 any
permit ip 205.183.246.0 0.0.0.255 any
permit ip 208.134.161.0 0.0.0.255 any
permit tcp 217.5.135.0 0.0.0.255 host 170.45.1.41
permit tcp 217.68.149.0 0.0.0.255 host 170.45.1.41
permit tcp 193.201.94.0 0.0.0.255 host 170.45.1.41
permit tcp 192.165.211.0 0.0.0.255 host 170.45.1.87
permit tcp 192.165.211.0 0.0.0.255 host 170.45.1.22
permit tcp 192.165.211.0 0.0.0.255 host 170.45.1.65
permit tcp host 130.35.0.42 eq ftp any
permit tcp host 130.35.0.43 eq ftp any
permit tcp host 130.35.0.45 eq ftp any
permit tcp host 130.35.0.44 eq 22 any
permit tcp host 130.35.0.130 eq 8080 any
permit ip 10.10.12.32 0.0.0.15 any
permit tcp host 130.35.0.84 any
permit tcp host 10.10.20.40 eq www any
permit ip host 130.35.0.103 any
permit tcp host 130.35.0.160 eq domain any
permit tcp host 130.35.0.161 eq domain any
permit tcp host 130.35.0.162 eq domain any
permit udp host 130.35.0.160 eq domain any
permit udp host 130.35.0.161 eq domain any
permit udp host 130.35.0.162 eq domain any
permit tcp host 130.35.0.35 any range 1024 65535
permit udp host 130.35.0.35 any range 1024 65535
permit tcp host 130.35.0.36 any range 1024 65535
permit udp host 130.35.0.36 any range 1024 65535
permit udp host 130.35.0.35 eq ntp any
permit udp host 130.35.0.36 eq ntp any
permit tcp host 10.10.10.110 any
permit tcp host 10.10.30.90 any
permit tcp host 130.35.0.75 any
permit ip host 10.10.10.71 host 170.45.1.22
permit tcp host 10.10.10.71 host 170.45.1.51 eq 9100
ip access-list extended NO_IGMP_2
permit ip 170.45.1.0 0.0.0.255 host 239.10.10.13
permit ip 170.45.1.0 0.0.0.255 host 239.10.10.14
permit ip host 170.45.1.4 any
deny ip any 224.0.0.0 15.255.255.255
permit ip any any
ip access-list extended NO_IGMP_PIM
permit ip 10.10.10.0 0.0.0.255 host 239.10.10.13
permit ip 10.10.10.0 0.0.0.255 host 239.10.10.14
deny ip any 224.0.0.0 15.255.255.255
permit ip any any
!
logging history informational
logging trap notifications
logging facility local1
logging source-interface FastEthernet0/0
logging 10.10.12.36
logging 10.10.12.42
access-list 99 remark ---- Solarwinds
access-list 99 permit 10.10.12.42
access-list 99 remark ---- skripte
access-list 99 permit 10.10.12.36
access-list 99 remark ---- WUP
access-list 99 permit 10.10.12.33
access-list 99 remark ---- SA
access-list 99 permit 10.10.12.34
access-list 99 remark ---- Zugang ueber Bismarck, Barschel, Hades
access-list 99 permit 62.80.98.68
access-list 99 permit 62.80.98.69
access-list 99 permit 62.80.98.81
access-list 99 remark ---- AW
access-list 99 permit 130.35.0.205
access-list 99 remark ---- ML
access-list 99 permit 130.35.0.77
access-list 99 remark ---- AB
access-list 99 permit 130.35.0.84
access-list 99 remark ---- MN
access-list 99 permit 130.35.0.92
access-list 99 remark ---- Zugriff aus dem Netz in dem Router ist 248 - 254
access-list 99 permit 0.0.0.248 255.255.255.7
access-list 99 remark ---- Zugriff vom DGW
access-list 99 permit 0.0.0.1 255.255.255.0
access-list 99 remark ---- Zugriff aus Transfernetz ueber DDV vom anderen Router
access-list 99 permit 192.168.20.0 0.0.0.255
access-list 99 permit 192.168.21.0 0.0.0.255
snmp-server community public RO
!
control-plane
!
banner login ^CC
*********************************************************************
****
**** Property of ICF Systems AG
**** phone +49(0) 69 - 299 25 - 666
****
****
**** Unauthorized access is prohibited
****
**** You are connected to $(hostname) in Bad Vilbel via line $(line)
****
*********************************************************************
^C
!
line con 0
exec-timeout 0 0
password 7 141B1D080D08
login local
line aux 0
line vty 0 4
session-timeout 60
access-class 99 in
exec-timeout 60 0
password 7 1042061A041B
login local
!
scheduler allocate 20000 1000
ntp clock-period 17178232
ntp server 10.10.30.254
end

86
CISCO add remove vlan to switches/vlan.sh Normal file
View File

@@ -0,0 +1,86 @@
FS="switch-nexus-1,switch-nexus-2,switch-nexus-3,switch-nexus-4,switch-catalyst-1,switch-catalyst-2,switch-catalyst-3,switch-catalyst-4,switch-catalyst-7"
HS="switch-nexus-1,switch-nexus-2,switch-nexus-3,switch-nexus-4,switch-catalyst-5"
function doit {
case $action in
a)
if [ "$vname" == "" ]
then
cmd="echo conf t\nvlan $vlan\nend\ncopy run start\n\nnexit\n"
else
cmd="echo conf t\nvlan $vlan\nname $vname\nend\ncopy run start\n\nexit\n"
fi
;;
r)
cmd="echo conf t\nno vlan $vlan\nend\ncopy run start\n\nexit\n"
;;
esac
$cmd | cmc -n $SW
}
while [ "$action" != "a" ] && [ "$action" != "r" ]
do
read -p "Add or Remove VLAN [a|r]" action
done
if [ "$action" == "a" ]
then
read -p "VLAN name:" vname
fi
if [ "$vname" == "" ]
then
vname="no name"
fi
while [ "$zone" != "f" ] && [ "$zone" != "h" ]
do
read -p "Finance oder Hosting? [f|h]" zone
done
while [ "$vlok" != "1" ]
do
read -p "VLAN [1-4094]" vlan
if [[ $vlan =~ ^[0-9]*$ ]]
then
if [ "$vlan" -gt 0 ] && [ "$vlan" -lt 4095 ]
then
vlok=1
else
echo "VLAN number out of valid range"
fi
else
echo "invalid characters"
fi
done
echo ""
if [ "$action" == "a" ]
then
echo -n "add vlan $vlan ($vname) to "
if [ "$vname" == "no name" ]
then
vname=""
fi
else
echo -n "remove vlan $vlan from "
fi
case $zone in
f)
echo "Finance"
SW=$FS
doit $SW $action $vlan
;;
h)
echo "Hosting"
SW=$HS
doit $SW $action $vlan
;;
*)
echo ""
esac

134
CISCO add user to WLC via Perl SNMP/add_user.pl Normal file
View File

@@ -0,0 +1,134 @@
#!/usr/bin/perl
use strict;
use SNMP_util;
use Net::SMTP;
my $username = $ARGV[0];
my $sponsorname = $ARGV[1];
my $lifetime = $ARGV[2] * 3600 * 100;
my $usernamelength = length($username);
my $userpassword = randomPassword(8);
my @userchar = split("", $username);
my $usernameiso;
my $snmpcommunity = "flw";
my $wlc = "10.140.8.200";
my $snmpversion = "2c";
my $emailending = "geisslermail.de";
my $emailserver = "mscp.agadmin.de";
my $mailfrom = "wireless.andre";
# Note that a email is send to sponsorname@emailending later in this script
# Sponsorname is also used in the comment field of the guest user in the WLC
#OID used
# These are reversed engineered with wireshark.
# Note that each of these OID calls have to be prepended with OID+username_length+username_chars.
# Eg. username ABC will be OID.3.65.66.67
# Make a short break between the OID calls as the WLC seems to need a bit of time to process the user creation
# A undocumented xxx.24, if user exsist it fails, if user is new its okay, TYPE = i, On my WLC this value is 4
my $bsnLocalNetUserUnknownOID = ".1.3.6.1.4.1.14179.2.5.10.1.24";
# TYPE = i, On my WLC this value is 1
my $bsnLocalNetUserWlanId = ".1.3.6.1.4.1.14179.2.5.10.1.2";
# TYPE = s, a description of the user - should be the sponsor's first part of email
my $bsnLocalNetUserDescription = ".1.3.6.1.4.1.14179.2.5.10.1.4";
# TYPE = s, user password, will be generated automatic and send to sponsor's email
my $bsnLocalNetUserPassword = ".1.3.6.1.4.1.14179.2.5.10.1.3";
# TYPE = i, Value on shall be 24h == 8620921
my $bsnLocalNetUserLifetime = ".1.3.6.1.4.1.14179.2.5.10.1.5";
# TYPE = i, Unknown Cisco specific username, On my WLC this value is 1
my $cLWALocalNetUserIsGuest = ".1.3.6.1.4.1.9.9.515.2.3.1.1.2";
# TYPE = s, Cisco specific undocumented OID, Value on CPHGWC01 = default
my $cLWALocalNetUserIsUnknown = ".1.3.6.1.4.1.9.9.515.2.3.1.1.3";
foreach (@userchar) {
$usernameiso .= ".".ord($_);
}
$bsnLocalNetUserUnknownOID = $bsnLocalNetUserUnknownOID.".".$usernamelength.$usernameiso;
$bsnLocalNetUserWlanId = $bsnLocalNetUserWlanId.".".$usernamelength.$usernameiso;
$bsnLocalNetUserDescription = $bsnLocalNetUserDescription.".".$usernamelength.$usernameiso;
$bsnLocalNetUserPassword = $bsnLocalNetUserPassword.".".$usernamelength.$usernameiso;
$bsnLocalNetUserLifetime = $bsnLocalNetUserLifetime.".".$usernamelength.$usernameiso;
$cLWALocalNetUserIsGuest = $cLWALocalNetUserIsGuest.".".$usernamelength.$usernameiso;
$cLWALocalNetUserIsUnknown = $cLWALocalNetUserIsUnknown.".".$usernamelength.$usernameiso;
my ($response) = &snmpget("$snmpcommunity\@$wlc:161:5:1:1:$snmpversion", $bsnLocalNetUserUnknownOID);
if ($response) {
my ($extention) = &snmpset("$snmpcommunity\@$wlc:161:5:1:1:$snmpversion", $bsnLocalNetUserLifetime, "int", "$lifetime",
$bsnLocalNetUserPassword, "string", $userpassword
);
} else {
my (@response) = &snmpset("$snmpcommunity\@$wlc:161:5:1:1:$snmpversion",
$bsnLocalNetUserUnknownOID, "int", "4",
$bsnLocalNetUserWlanId, "int", "1",
$bsnLocalNetUserDescription, "string", $sponsorname,
$bsnLocalNetUserPassword, "string", $userpassword
);
if (@response) {
print "SET part1: OK\n";
} else {
print "$wlc did not respond to SNMP set\n";
}
my (@response) = &snmpset("$snmpcommunity\@$wlc:161:5:1:1:$snmpversion",
$cLWALocalNetUserIsGuest, "int", "1",
$cLWALocalNetUserIsUnknown, "string", "default",
$bsnLocalNetUserLifetime, "int", "$lifetime"
);
if (@response) {
print "SET part2: OK\n";
} else {
print "$wlc did not respond to SNMP set\n";
}
}
#Create a new object with 'new'.
my $smtp = Net::SMTP->new($emailserver);
#Send the MAIL command to the server.
#$smtp->mail("$mailfrom\@$emailending");
$smtp->mail("andre\@geisslermail.de");
#Send the server the 'Mail To' address.
#$smtp->to("$sponsorname\@$emailending");
$smtp->to("andre\@geisslermail.de");
#Start the message.
$smtp->data();
#Send the subject
$smtp->datasend("Subject: regard the wireless user $username\n");
#Send the message.
$smtp->datasend("Hello!\n\nThe user: $username with password: $userpassword\nhave a $ARGV[2]h access to wireless\n\nEnjoy\n\nNetwork Department");
#End the message.
$smtp->dataend();
#Close the connection to your server.
$smtp->quit();
print "The user: $username with password: $userpassword\nhave a $ARGV[2]h access to wireless";
#password generator from the internet
sub randomPassword {
my $password;
my $_rand;
my $password_length = $_[0];
if (!$password_length) {
$password_length = 10;
}
my @chars = split(" ", "a b c d e f g h i j k l m n o p q r s t u v w x y z - _ % # | 0 1 2 3 4 5 6 7 8 9");
srand;
for (my $i=0; $i <= $password_length ;$i++) {
$_rand = int(rand 41);
$password .= $chars[$_rand];
}
return $password;
}

122
CISCO backup config via Perl telnet modul/router.pl Normal file
View File

@@ -0,0 +1,122 @@
#!/bin/perl
use Net::Telnet::Cisco;
$wait="";
open RTR, "<router_list.txt";
while (<RTR>) {
next if ($_ =~ /^#/);
chomp;
($ip,$user,$pass,$enable,$wait)=$_=~/^(.*),(.*),(.*),(.*),(.*)$/i;
$wait=5 if ($wait eq "");
@routers=(@routers,[$ip,$user,$pass,$enable,$wait]);
}
close RTR;
my $session;
my @output;
my ($ss,$mm,$hh,$dd,$mon,$yy,$we,$doy,$st)=localtime;
$mon++;
$yy+=1900;
$dd = '0' . $dd if ($dd < 10);
$mon = '0' . $mon if ($mon < 10);
my $date=$yy . "-" . $mon . "-" . $dd;
mkdir $date;
foreach my $router (@routers) {
print "$$router[0] connect\n";
next unless ($session = Net::Telnet::Cisco->new(Host => "$$router[0]", Errmode=>'return'));
if ($$router[1] eq '') {
print "$$router[0] send pw\n";
$session->login(Password => "$$router[2]");
}
else {
print "$$router[0] send user, pw\n";
$session->login(Name => "$$router[1]", Password => "$$router[2]");
}
print "$$router[0] enable\n";
$session->cmd("enable\n$$router[3]") if ($$router[3] ne "");
print "$$router[0] sh runn\n";
@output = $session->cmd('show running');
open OUT, ">$date\\$$router[0]_running.txt";
print OUT @output;
close OUT;
sleep($$router[4]);
}
#$ok = $obj->login($username, $password);#
#
# $ok = $obj->login([Name => $username,]
# [Password => $password,]
# [Passcode => $passcode,] # for Secur-ID/XTACACS
# [Prompt => $match,]
# [Timeout => $secs,]);
#$session = Net::Telnet::Cisco->new(
# [Autopage => $boolean,] # 1
# [More_prompt => $matchop,] # '/(?m:^\s*--More--)/',
# [Always_waitfor_prompt => $boolean,] # 1
# [Waitfor_pause => $milliseconds,] # 0.1
# [Normalize_cmd => $boolean,] # 1
# [Send_wakeup => $when,] # 0
# [Ignore_warnings => $boolean,] # 0
# [Warnings => $matchop,] # see docs
#
# # Net::Telnet arguments
# [Binmode => $mode,]
# [Cmd_remove_mode => $mode,]
# [Dump_Log => $filename,]
# [Errmode => $errmode,]
# [Fhopen => $filehandle,]
# [Host => $host,]
# [Input_log => $file,]
# [Input_record_separator => $char,]
# [Option_log => $file,]
# [Output_log => $file,]
# [Output_record_separator => $char,]
# [Port => $port,]
# [Prompt => $matchop,] # see docs
# [Telnetmode => $mode,]
# [Timeout => $secs,]
# );
#if ($session->enable("enable_password"))
#$session->errmsg;
# my $protocol = ''; # default value
# my $ip = '10.0.0.1';
# my $repeat = 10;
# my $datagram = 1500;
# my $timeout = ''; # default value
# my $extended = ''; # default value
# my $sweep = ''; # default value
# $session->cmd(
# "ping
# $protocol
# $ip
# $repeat
# $datagram
# $timeout
# $extended
# $sweep
# ");

158
CISCO backup config via Perl telnet modul/router_list.txt Normal file
View File

@@ -0,0 +1,158 @@
10.10.10.3,robin,LTBEsal37,prog,
10.10.10.4,robin,LTBEsal37,prog,
10.10.10.5,robin,LTBEsal37,prog,
10.10.10.6,robin,LTBEsal37,prog,
10.10.10.7,robin,LTBEsal37,prog,
10.10.10.8,robin,LTBEsal37,prog,
10.10.10.9,robin,LTBEsal37,prog,
10.10.10.12,robin,LTBEsal37,prog,
10.10.10.17,robin,LTBEsal37,prog,
10.10.10.18,robin,LTBEsal37,prog,
10.10.10.21,robin,LTBEsal37,prog,
10.10.10.23,robin,LTBEsal37,prog,
10.10.10.25,robin,LTBEsal37,prog,
10.10.10.26,robin,LTBEsal37,prog,
10.10.10.27,robin,LTBEsal37,prog,
10.10.10.29,robin,LTBEsal37,prog,
10.10.10.34,robin,LTBEsal37,prog,
10.10.10.35,robin,LTBEsal37,prog,
10.10.10.37,robin,LTBEsal37,prog,
10.10.10.46,robin,LTBEsal37,prog,
10.10.10.47,robin,LTBEsal37,prog,
10.10.10.48,robin,LTBEsal37,prog,
10.10.10.49,robin,LTBEsal37,prog,
10.10.10.50,robin,LTBEsal37,prog,
10.10.10.101,robin,LTBEsal37,prog,
10.10.10.102,robin,LTBEsal37,prog,
10.10.10.107,robin,LTBEsal37,prog,
10.10.10.108,robin,LTBEsal37,prog,
10.10.10.109,robin,LTBEsal37,prog,
10.10.10.125,robin,LTBEsal37,prog,
10.10.10.177,robin,LTBEsal37,prog,
10.10.10.250,robin,LTBEsal37,prog,
10.10.10.251,robin,LTBEsal37,prog,
10.10.10.252,robin,LTBEsal37,prog,
10.10.12.1,robin,LTBEsal37,prog,
10.10.12.251,robin,LTBEsal37,prog,
10.10.12.252,robin,LTBEsal37,prog,
10.10.12.253,robin,LTBEsal37,prog,
10.10.30.17,robin,LTBEsal37,prog,
10.10.30.97,robin,LTBEsal37,prog,
10.10.30.98,robin,LTBEsal37,prog,
10.10.30.99,robin,LTBEsal37,prog,
10.10.70.21,robin,LTBEsal37,prog,
10.10.70.24,robin,LTBEsal37,prog,
10.10.70.25,robin,LTBEsal37,prog,
10.10.70.27,robin,LTBEsal37,prog,
10.10.70.28,robin,LTBEsal37,prog,
10.10.70.250,robin,LTBEsal37,prog,
10.10.70.251,robin,LTBEsal37,prog,
10.10.70.254,robin,LTBEsal37,prog,
10.60.1.100,robin,LTBEsal37,,
10.80.1.2,robin,LTBEsal37,prog,
10.80.1.253,robin,LTBEsal37,prog,
10.80.1.254,robin,LTBEsal37,prog,
10.80.13.11,robin,LTBEsal37,prog,
10.80.13.12,robin,LTBEsal37,prog,
10.80.13.21,robin,LTBEsal37,prog,
10.80.13.22,robin,LTBEsal37,prog,
10.90.1.1,robin,LTBEsal37,prog,
10.90.1.2,robin,LTBEsal37,prog,
10.90.1.3,robin,LTBEsal37,prog,
130.35.0.1,robin,LTBEsal37,prog,
130.35.0.253,robin,LTBEsal37,prog,
130.35.0.17,robin,LTBEsal37,,
130.35.0.18,robin,LTBEsal37,prog,
130.35.0.19,robin,LTBEsal37,prog,
130.35.0.28,robin,LTBEsal37,prog,
130.35.0.29,robin,LTBEsal37,prog,
192.169.1.13,robin,LTBEsal37,prog,
192.169.1.21,robin,LTBEsal37,prog,
192.169.1.22,robin,LTBEsal37,prog,
192.169.1.23,robin,LTBEsal37,prog,
192.169.1.81,robin,LTBEsal37,prog,
192.169.1.82,robin,LTBEsal37,prog,
192.169.1.83,robin,LTBEsal37,prog,
193.169.55.248,robin,LTBEsal37,prog,
193.169.55.249,robin,LTBEsal37,prog,
170.250.1.22,robin,LTBEsal37,prog,
170.250.1.101,robin,LTBEsal37,prog,
170.250.1.102,robin,LTBEsal37,prog,
170.250.1.253,robin,LTBEsal37,prog,
170.11.1.1,robin,LTBEsal37,prog,
170.11.1.4,robin,LTBEsal37,prog,
170.11.1.5,robin,LTBEsal37,prog,
170.11.1.6,robin,LTBEsal37,prog,
170.11.1.253,robin,LTBEsal37,prog,
170.11.1.254,robin,LTBEsal37,prog,
170.15.1.1,robin,LTBEsal37,prog,
170.20.1.1,robin,LTBEsal37,prog,
170.20.1.2,robin,LTBEsal37,prog,
170.20.1.3,robin,LTBEsal37,prog,
170.20.1.9,robin,LTBEsal37,prog,
170.21.1.1,robin,LTBEsal37,prog,
170.24.1.2,robin,LTBEsal37,prog,
170.24.1.3,robin,LTBEsal37,prog,
170.40.1.1,robin,LTBEsal37,prog,
170.40.1.4,robin,LTBEsal37,prog,
170.40.1.5,robin,LTBEsal37,prog,
170.40.1.253,robin,LTBEsal37,prog,
170.40.1.254,robin,LTBEsal37,prog,
170.43.1.1,robin,LTBEsal37,prog,
170.43.1.2,robin,LTBEsal37,prog,
170.45.1.1,robin,LTBEsal37,prog,
170.45.1.2,robin,LTBEsal37,prog,
170.45.1.4,robin,LTBEsal37,prog,
170.45.2.4,robin,LTBEsal37,prog,
170.45.1.3,robin,LTBEsal37,prog,
170.50.1.1,robin,LTBEsal37,prog,
170.50.1.2,robin,LTBEsal37,prog,
170.50.1.3,robin,LTBEsal37,prog,
170.60.2.1,robin,LTBEsal37,prog,
170.60.2.3,robin,LTBEsal37,prog,
170.60.2.5,robin,LTBEsal37,prog,
170.60.2.7,robin,LTBEsal37,prog,
170.60.2.8,robin,LTBEsal37,prog,
170.60.2.10,robin,LTBEsal37,prog,
170.60.2.14,robin,LTBEsal37,prog,
170.60.2.15,robin,LTBEsal37,prog,
170.60.2.19,robin,LTBEsal37,prog,
170.60.2.20,robin,LTBEsal37,prog,
170.61.3.1,robin,LTBEsal37,prog,
170.61.4.1,robin,LTBEsal37,prog,
170.61.5.1,robin,LTBEsal37,prog,
170.61.6.1,robin,LTBEsal37,prog,
170.61.7.1,robin,LTBEsal37,prog,
170.250.1.22,robin,LTBEsal37,prog,
170.250.1.101,robin,LTBEsal37,prog,
170.250.1.102,robin,LTBEsal37,prog,
170.250.1.253,robin,LTBEsal37,prog,
170.250.2.1,robin,LTBEsal37,prog,
170.250.2.101,robin,LTBEsal37,prog,
170.250.2.102,robin,LTBEsal37,prog,
170.253.4.16,robin,LTBEsal37,prog,
170.253.4.17,robin,LTBEsal37,prog,
192.168.99.25,robin,LTBEsal37,prog,
192.168.104.42,,actissec,actisen,
192.168.104.43,,actissec,actisen,
10.1.6.1,robin,LTBEsal37,prog,
10.1.6.2,robin,LTBEsal37,prog,
10.1.6.3,robin,LTBEsal37,prog,
10.1.7.1,robin,LTBEsal37,prog,
10.1.8.1,robin,LTBEsal37,prog,
10.1.8.254,robin,LTBEsal37,prog,
91.33.211.21,robin,LTBEsal37,prog,
91.33.211.22,robin,LTBEsal37,prog,
91.33.211.31,robin,LTBEsal37,prog,
91.33.211.32,robin,LTBEsal37,prog,
92.254.253.25,robin,LTBEsal37,prog,
92.254.253.26,robin,LTBEsal37,prog,
92.254.253.31,robin,LTBEsal37,prog,
92.254.253.33,robin,LTBEsal37,prog,
92.254.253.253,robin,LTBEsal37,prog,
94.200.15.22,robin,LTBEsal37,prog,
94.200.15.23,robin,LTBEsal37,prog,
90.201.238.21,robin,LTBEsal37,prog,
90.201.238.21,robin,LTBEsal37,prog,
193.169.55.252,mao,peking08,,
193.169.55.253,mao,peking08,,

104
CISCO change ASA VPN peer/change_vpn_peer.sh Normal file
View File

@@ -0,0 +1,104 @@
#!/bin/bash
echo ""
if [ "$4" == "a" ];
then
ACTION=a
elif [ "$4" == "d" ];
then
ACTION=d
else
echo "$./change_vpn_peer.sh <hostname> <oldpeer> <newpeer> <action>"
echo ""
echo " hostname is firewall name as used in observium"
echo ""
echo " oldpeer|newpeer are IP addresses of remote gateway"
echo ""
echo " action can be a or d"
echo " a applies configuration to firewall"
echo " d just displays configuration"
echo ""
exit
fi
ASA=$1
OLDPEER=$2
NEWPEER=$3
CONF=/home/rancid/var/rancid/network/configs/$ASA
CONFIG=/scripts/rancid/changepeer_$ASA_$OLDPEER_$NEWPEER.txt
echo "UPDATE Konfigfile via rancid to have the latest config file"
/home/rancid/bin/rancid-run -r asa-hosting
echo ""
echo "CHECK for old peer IP in config file"
grep "tunnel-group $OLDPEER" $CONF || ( echo "tunnel group not found" && exit ) > /dev/null 2>&1
echo "Old peer found"
echo ""
echo "GET crypto map name for old peer IP"
CMNAME=`grep "crypto map" $CONF | grep "set peer $OLDPEER" | awk '{print $3}'` > /dev/null 2>&1
echo " ~ $CMNAME"
echo ""
echo "GET crypto map entry for old peer IP"
CMENTRY=`grep "crypto map" $CONF | grep "set peer $OLDPEER" | awk '{print $4}'` > /dev/null 2>&1
echo " ~ $CMENTRY"
echo ""
echo "GET old PSK"
PSK=`egrep -A2 "tunnel-group $OLDPEER ipsec-att" $CONF | grep pre` > /dev/null 2>&1
echo " ~ $PSK"
echo ""
echo "GET old GroupPolicy"
GROUP=`egrep -A1 "tunnel-group $OLDPEER general-att" $CONF | grep default-group-policy` > /dev/null 2>&1
echo " ~ $GROUP"
echo ""
echo "WRITE configuration file"
echo "
config t
!Remove old tunnel-group
no tunnel-group $OLDPEER ipsec-attributes
!Re-Configure new tunnel-group
tunnel-group $NEWPEER type ipsec-l2l
tunnel-group $NEWPEER ipsec-attributes
$PSK
exit
tunnel-group $NEWPEER general-attributes
$GROUP
exit
!Remove Old Peer from Crypto map
no crypto map $CMNAME $CMENTRY set peer $OLDPEER
!Create New Peer on Crypto Map
crypto map $CMNAME $CMENTRY set peer $NEWPEER
clear config tunnel-group $OLDPEER
!Save Config
end
wr mem
" > $CONFIG
echo ""
if [ "$ACTION" == "a" ];
then
echo "APPLY configuration file"
/home/rancid/bin/clogin -x $CONFIG $ASA
elif [ "$ACTION" == "d" ];
then
echo "DISPLAY configuration file"
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
cat $CONFIG
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
fi
echo ""
echo " ~~~ THE END ~~~"
echo ""

139
CISCO clear nat/router.pl Normal file
View File

@@ -0,0 +1,139 @@
#!/bin/perl
use Net::Telnet::Cisco;
open RTR, "<router_list.txt";
while (<RTR>) {
if ($_ =~ /^#/) {
print $_;
next;
}
chomp;
($ip,$user,$pass,$enable,$wait)=$_=~/^(.*),(.*),(.*),(.*),(.*)$/i;
$wait=60 if ($wait eq "");
# print "$ip,$user,$pass,$enable,$wait\n";
@routers=(@routers,[$ip,$user,$pass,$enable,$wait]);
}
close RTR;
my $session;
my @output;
my ($ss,$mm,$hh,$dd,$mon,$yy,$we,$doy,$st)=localtime;
$mon++;
$yy+=1900;
$dd = '0' . $dd if ($dd < 10);
$mon = '0' . $mon if ($mon < 10);
my $date=$yy . "-" . $mon . "-" . $dd;
my @commands;
open CMD, "<router_config.txt";
foreach (<CMD>) {
if ($_ =~ /^#/) {
print $_;
next;
}
chomp unless ($_ =~ /^\n$/);
@commands=(@commands,$_);
}
close CMD;
foreach my $router (@routers) {
print "$$router[0] connect\n";
next unless ($session = Net::Telnet::Cisco->new(Host => "$$router[0]", Errmode=>'return'));
if ($$router[1] eq '') {
print "$$router[0] send pw\n";
$session->login(Password => "$$router[2]");
}
else {
print "$$router[0] send user, pw\n";
$session->login(Name => "$$router[1]", Password => "$$router[2]");
}
print "$$router[0] enable\n";
$session->cmd("enable\n$$router[3]");
foreach (@commands) {
print "$$router[0] $_\n";
@output = $session->cmd("$_");
}
$session->cmd("end");
$session->cmd("wr");
sleep ($$router[4]);
print "\n\n";
}
#$ok = $obj->login($username, $password);#
#
# $ok = $obj->login([Name => $username,]
# [Password => $password,]
# [Passcode => $passcode,] # for Secur-ID/XTACACS
# [Prompt => $match,]
# [Timeout => $secs,]);
#$session = Net::Telnet::Cisco->new(
# [Autopage => $boolean,] # 1
# [More_prompt => $matchop,] # '/(?m:^\s*--More--)/',
# [Always_waitfor_prompt => $boolean,] # 1
# [Waitfor_pause => $milliseconds,] # 0.1
# [Normalize_cmd => $boolean,] # 1
# [Send_wakeup => $when,] # 0
# [Ignore_warnings => $boolean,] # 0
# [Warnings => $matchop,] # see docs
#
# # Net::Telnet arguments
# [Binmode => $mode,]
# [Cmd_remove_mode => $mode,]
# [Dump_Log => $filename,]
# [Errmode => $errmode,]
# [Fhopen => $filehandle,]
# [Host => $host,]
# [Input_log => $file,]
# [Input_record_separator => $char,]
# [Option_log => $file,]
# [Output_log => $file,]
# [Output_record_separator => $char,]
# [Port => $port,]
# [Prompt => $matchop,] # see docs
# [Telnetmode => $mode,]
# [Timeout => $secs,]
# );
#if ($session->enable("enable_password"))
#$session->errmsg;
# my $protocol = ''; # default value
# my $ip = '10.0.0.1';
# my $repeat = 10;
# my $datagram = 1500;
# my $timeout = ''; # default value
# my $extended = ''; # default value
# my $sweep = ''; # default value
# $session->cmd(
# "ping
# $protocol
# $ip
# $repeat
# $datagram
# $timeout
# $extended
# $sweep
# ");

18
CISCO clear nat/router_config.txt Normal file
View File

@@ -0,0 +1,18 @@
#Alle Befehle wie auf der Router Konsole eingeben
#Für ip accounting auf f0/0 aktivierung also
#conf t
#int f0/0
#ip acco
#
#Abschließend wird ein automatisches 'end' 'write' durchgeführt
#
#Benötigt ein Befehl eine besondere Bestätigung wie z.b. reload, clear count
#einfach eine leerzeile (keine leerzeichen) eingeben
#bsp
#clear count
#LEERZEILE
#reload
#Hier auch nur eine neue Zeile
clear ip nat trans *

4
CISCO clear nat/router_list.txt Normal file
View File

@@ -0,0 +1,4 @@
10.10.10.107,robin,LTBEsal37,prog,
10.10.10.109,robin,LTBEsal37,prog,
170.11.1.5,robin,LTBEsal37,prog,
170.11.1.6,robin,LTBEsal37,prog,

183
CISCO copy config via snmp and tftp/StartTftpDownload.pl Normal file
View File

@@ -0,0 +1,183 @@
#!/bin/perl
use strict;
use warnings;
use Net::SNMP;
my $i=@ARGV;
die "\nZu wenige Parameter!\n\nStartTftpDownload.pl <Router-IP> <TFTP-IP> <community> <Source> <Destination> <File>\n
Source
1: networkFile
3: startupConfig
4: runningConfig
Destination
1: networkFile
3: startupConfig
4: runningConfig
Example
C:\\>StartTftpDownload.pl 172.23.210.151 172.23.210.222 5NMP-Wr1t3-(0mm 1 4 getit.conf
" if $i<6;
print "\n";
my $ROUT = $ARGV[0];
my $TFTP = $ARGV[1];
my $COMM = $ARGV[2];
my $SOUR = $ARGV[3];
my $DEST = $ARGV[4];
my $FILE = $ARGV[5];
my ($session, $error) = Net::SNMP->session(
-hostname => $ROUT,
-version => 'snmpv2',
-community => $COMM,
);
if (!defined $session) {
printf "ERROR: %s.\n", $error;
exit 1;
}
my $SES=".111";
my $OID="1.3.6.1.4.1.9.9.96.1.1.1.1.2" . $SES;
$session->set_request(-varbindlist => [ $OID, INTEGER, '1' ], ); #The ConfigCopyProtocol is set to TFTP
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.3" . $SES;
$session->set_request(-varbindlist => [ $OID, INTEGER, $SOUR ], ); #Set the SourceFileType to networkfile #running-config
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.4" . $SES;
$session->set_request(-varbindlist => [ $OID, INTEGER, $DEST ], ); #Set the DestinationFileType to running-config #networkfile
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.5" . $SES;
$session->set_request(-varbindlist => [ $OID, IPADDRESS, $TFTP ], ); #Sets the ServerAddress to the IP address of the TFTP server
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.6" . $SES;
$session->set_request(-varbindlist => [ $OID, OCTET_STRING, $FILE ], ); #Sets the CopyFilename to your desired file name.
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.14" . $SES;
$session->set_request(-varbindlist => [ $OID, INTEGER, '1' ], ); #Sets the CopyStatus to active which starts the copy process.
$OID="1.3.6.1.4.1.9.9.96.1.1.1.1.14" . $SES;
$session->set_request(-varbindlist => [ $OID, INTEGER, '6' ], ); #Sets the CopyStatus to delete which cleans all saved informations out of the MIB
exit;
#
#ccConfigCopyProtocol
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.2
#Type: INTEGER
#Options:tftp(1)
#ftp(2)
#rcp(3)
#scp(4)
#sftp(5)
#Description: Defines whicn protocol is used for the copy process. TFTP is default
#ccCopySourceFileType
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.3
#Type: INTEGER
#Options: networkFile(1)
#iosFile(2)
#startupConfig(3)
#runningConfig(4)
#terminal(5)
#Descripton: Defines the source. Either the Source or the DestinatioFileType have to be set to startupConfig or runningConfig. Furthermore the SourceFileType has to be different to the DestinationFileType.
#ccCopyDestFileType
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.4
#Type: INTEGER
#Options: networkFile(1)
#iosFile(2)
#startupConfig(3)
#runningConfig(4)
#terminal(5)
#Description: Defines the destination.Either the Source or the DestinatioFileType have to be set to startupConfig or runningConfig. Furthermore the SourceFileType has to be different to the DestinationFileType.
#ccCopyServerAddress
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.5
#Type: IP Address
#Description: Sets the address of the server to which the file will be copied to. Values like 0.0.0.0 or FF.FF.FF.FF are not allowed for this OID.
#ccCopyFileName
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.6
#Type: STRING
#Description: Sets the name of the destination or source file. This OID has to be set as far as the destination or sourceFileType are set to networkFile or iosFile.
#ccCopyUserName
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.7
#Type: STRING
#Description: Sets a username for FTP, RCP, SFTP or SCP. This will overwrite the user name which might have been set over the rcmd remote-username <username> command if RCP is used as protocol.
#ccCopyUserPassword
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.8
#Type: STRING
#Description: Sets the password for FTP, RCP, SFTP or SCP
#ccCopyNotificationOnCompletion
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.9
#Type: INTEGER
#Description: Defines if a notification has to be sent after the process has ended.
#ccCopyState
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.10
#Type: INTEGER
#Options: waiting(1)
#running(2)
#successful(3)
#failed(4)
#Description: Shows the copy process status. This value will be set after the COPYEntryRowStatus has been set to active.
#ccCopyTimeStarted
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.11
#Type: TimeStamp
#Description: Shows the last start time of the process or zero if the process never changed the status to running.
#ccCopyTimeCompleted
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.12
#Type: TimeStamp
#Description: Shows the last time after the process changed from running to successful or failed.
#ccCopyFailCause
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.13
#Type: INTEGER
#Options: unknown(1)
#badFileName(2)
#timeout(3)
#noMem(4)
#noConfig(5)
#unsupportedProtocol(6)
#someConfigApplyFailed(7)
#Description: Shows why the process failed
#ccCopyEntryRowStatus
#OID: 1.3.6.1.4.1.9.9.96.1.1.1.1.14
#Type: INTEGER
#Options: active(1)
#notInService(2)
#createAndGo(4)
#createAndWait(5)
#destroy(6)
#Description: Shows the process status
#

1302
CISCO read config via Perl telnet modul/config.txt Normal file
View File

File diff suppressed because it is too large Load Diff

145
CISCO read config via Perl telnet modul/read_config.pl Normal file
View File

@@ -0,0 +1,145 @@
#!/bin/perl
use Net::Telnet();
use strict;
#my $IP="10.60.1.100";
my $IP="192.168.100.2";
# read config
#my @config=read_cisco_config($IP, "batman", "LTBTTTra25", "local", "prog");
my $version=read_devicetype($IP, "awisniewski", "peter", "local", "peter");
print "$version\n";
sub read_cisco_config {
my ($host, $user, $pass, $login, $enable) = @_;
my $t = new Net::Telnet (Timeout => 5, Prompt => '/#$/');
my $found_proper_method=0;
$t->errmode("return");
$t->open($host);
if ($t->waitfor('/>/i') == 1) {
# 1 wenn ok
# '' wenn n ok
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$pass");
$t->waitfor('/#/i');
$found_proper_method=1;
}
if ($found_proper_method==0) {
if ($t->waitfor('/#/i') == 1) {
$found_proper_method=1;
}
}
if ($found_proper_method==0) {
if ($t->waitfor('/username/i') == 1) {
$t->print("$user");
$t->waitfor('/password/i');
$t->print("$pass");
if ($t->waitfor('/>/i') == 1) {
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$enable");
}
if ($t->waitfor('/#/i') == '1') {
$found_proper_method=1;
}
}
}
if ($found_proper_method==0) {
if ($t->waitfor('/password/i') == 1 and $found_proper_method==0) {
$t->print("$login");
if ($t->waitfor('/>/i') == 1) {
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$enable");
}
if ($t->waitfor('/#/i') == '1') {
$found_proper_method=1;
}
}
}
if ($found_proper_method==1) {
#$t->put(Timeout=>20);
$t->cmd("terminal length 0");
$t->waitfor('/#/');
(@config) = $t->cmd("show running");
}
else {
@config=("Kein Login möglich.");
}
return @config;
}
sub read_devicetype {
my ($host, $user, $pass, $login, $enable) = @_;
my $t = new Net::Telnet (Timeout => 2, Prompt => '/#[\s]*$/');
my @version;
my $devicetype;
my $found_proper_method=0;
$t->errmode("return");
$t->open($host);
if ($t->waitfor('/>/i') == 1) {
# 1 wenn ok
# '' wenn n ok
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$pass");
$t->waitfor('/#/i');
$found_proper_method=1;
}
if ($found_proper_method==0) {
if ($t->waitfor('/#/i') == 1) {
$found_proper_method=1;
}
}
if ($found_proper_method==0) {
if ($t->waitfor('/username/i') == 1) {
$t->print("$user");
$t->waitfor('/password/i');
$t->print("$pass");
if ($t->waitfor('/>/i') == 1) {
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$enable");
}
if ($t->waitfor('/#/i') == '1') {
$found_proper_method=1;
}
}
}
if ($found_proper_method==0) {
if ($t->waitfor('/password/i') == 1 and $found_proper_method==0) {
$t->print("$login");
if ($t->waitfor('/>/i') == 1) {
$t->print("enable");
$t->waitfor('/password/i');
$t->print("$enable");
}
if ($t->waitfor('/#/i') == '1') {
$found_proper_method=1;
}
}
}
if ($found_proper_method==1) {
#$t->put(Timeout=>20);
$t->cmd("terminal length 0");
$t->waitfor('/#/');
$t->cmd("terminal pager 500");
$t->waitfor('/#/');
(@version) = $t->cmd("show version");
## Hier erfolgt die Auswertung des Gerätetyps
}
else {
$devicetype="Kein Login möglich";
}
return $devicetype;
}

16
CISCO read config via Perl telnet modul/version.txt Normal file
View File

@@ -0,0 +1,16 @@
Cisco Adaptive Security Appliance Software Version 8.3(1)
Hardware: ASA
Cisco IOS Software
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Image stamp: /sw/code/build/alpmo(alp11)
Jan 7 2009 17:55:29
E.11.10
53
Boot Image: Primary

20
CISCO reboot via Perl telnet modul/reboot.pl Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/perl
use Net::Telnet::Cisco;
print "10.10.10.253 connect\n";
$session = Net::Telnet::Cisco->new(Host => "10.10.10.253", Errmode=>'return');
sleep(2);
$session->cmd("enable");
sleep(2);
$session->cmd("batman");
sleep(2);
$session->cmd("LTBTTTra25");
sleep(2);
$session->cmd("reload");
sleep(2);
$session->cmd("y");
sleep(2);

121
CISCO versionsinfo via Perl telnet modul/router.pl Normal file
View File

@@ -0,0 +1,121 @@
#!/bin/perl
use Net::Telnet::Cisco;
$wait="";
open RTR, "<router_list.txt";
while (<RTR>) {
chomp;
($ip,$user,$pass,$enable,$wait)=$_=~/^(.*),(.*),(.*),(.*),(.*)$/i;
$wait=5 if ($wait eq "");
@routers=(@routers,[$ip,$user,$pass,$enable,$wait]);
}
close RTR;
my $session;
my @output;
my ($ss,$mm,$hh,$dd,$mon,$yy,$we,$doy,$st)=localtime;
$mon++;
$yy+=1900;
$dd = '0' . $dd if ($dd < 10);
$mon = '0' . $mon if ($mon < 10);
my $date=$yy . "-" . $mon . "-" . $dd;
mkdir $date;
foreach my $router (@routers) {
print "$$router[0] connect\n";
next unless ($session = Net::Telnet::Cisco->new(Host => "$$router[0]", Errmode=>'return'));
if ($$router[1] eq '') {
print "$$router[0] send pw\n";
$session->login(Password => "$$router[2]");
}
else {
print "$$router[0] send user, pw\n";
$session->login(Name => "$$router[1]", Password => "$$router[2]");
}
print "$$router[0] enable\n";
$session->cmd("enable\n$$router[3]") if ($$router[3] ne "");
print "$$router[0] sh version\n";
@output = $session->cmd('show version');
open OUT, ">$date\\$$router[0]_version.txt";
print OUT @output;
close OUT;
sleep($$router[4]);
}
#$ok = $obj->login($username, $password);#
#
# $ok = $obj->login([Name => $username,]
# [Password => $password,]
# [Passcode => $passcode,] # for Secur-ID/XTACACS
# [Prompt => $match,]
# [Timeout => $secs,]);
#$session = Net::Telnet::Cisco->new(
# [Autopage => $boolean,] # 1
# [More_prompt => $matchop,] # '/(?m:^\s*--More--)/',
# [Always_waitfor_prompt => $boolean,] # 1
# [Waitfor_pause => $milliseconds,] # 0.1
# [Normalize_cmd => $boolean,] # 1
# [Send_wakeup => $when,] # 0
# [Ignore_warnings => $boolean,] # 0
# [Warnings => $matchop,] # see docs
#
# # Net::Telnet arguments
# [Binmode => $mode,]
# [Cmd_remove_mode => $mode,]
# [Dump_Log => $filename,]
# [Errmode => $errmode,]
# [Fhopen => $filehandle,]
# [Host => $host,]
# [Input_log => $file,]
# [Input_record_separator => $char,]
# [Option_log => $file,]
# [Output_log => $file,]
# [Output_record_separator => $char,]
# [Port => $port,]
# [Prompt => $matchop,] # see docs
# [Telnetmode => $mode,]
# [Timeout => $secs,]
# );
#if ($session->enable("enable_password"))
#$session->errmsg;
# my $protocol = ''; # default value
# my $ip = '10.0.0.1';
# my $repeat = 10;
# my $datagram = 1500;
# my $timeout = ''; # default value
# my $extended = ''; # default value
# my $sweep = ''; # default value
# $session->cmd(
# "ping
# $protocol
# $ip
# $repeat
# $datagram
# $timeout
# $extended
# $sweep
# ");

158
CISCO versionsinfo via Perl telnet modul/router_list.txt Normal file
View File

@@ -0,0 +1,158 @@
10.10.10.3,robin,LTBEsal37,prog,
10.10.10.4,robin,LTBEsal37,prog,
10.10.10.5,robin,LTBEsal37,prog,
10.10.10.6,robin,LTBEsal37,prog,
10.10.10.7,robin,LTBEsal37,prog,
10.10.10.8,robin,LTBEsal37,prog,
10.10.10.9,robin,LTBEsal37,prog,
10.10.10.12,robin,LTBEsal37,prog,
10.10.10.17,robin,LTBEsal37,prog,
10.10.10.18,robin,LTBEsal37,prog,
10.10.10.21,robin,LTBEsal37,prog,
10.10.10.23,robin,LTBEsal37,prog,
10.10.10.25,robin,LTBEsal37,prog,
10.10.10.26,robin,LTBEsal37,prog,
10.10.10.27,robin,LTBEsal37,prog,
10.10.10.29,robin,LTBEsal37,prog,
10.10.10.34,robin,LTBEsal37,prog,
10.10.10.35,robin,LTBEsal37,prog,
10.10.10.37,robin,LTBEsal37,prog,
10.10.10.46,robin,LTBEsal37,prog,
10.10.10.47,robin,LTBEsal37,prog,
10.10.10.48,robin,LTBEsal37,prog,
10.10.10.49,robin,LTBEsal37,prog,
10.10.10.50,robin,LTBEsal37,prog,
10.10.10.101,robin,LTBEsal37,prog,
10.10.10.102,robin,LTBEsal37,prog,
10.10.10.107,robin,LTBEsal37,prog,
10.10.10.108,robin,LTBEsal37,prog,
10.10.10.109,robin,LTBEsal37,prog,
10.10.10.125,robin,LTBEsal37,prog,
10.10.10.177,robin,LTBEsal37,prog,
10.10.10.250,robin,LTBEsal37,prog,
10.10.10.251,robin,LTBEsal37,prog,
10.10.10.252,robin,LTBEsal37,prog,
10.10.12.1,robin,LTBEsal37,prog,
10.10.12.251,robin,LTBEsal37,prog,
10.10.12.252,robin,LTBEsal37,prog,
10.10.12.253,robin,LTBEsal37,prog,
10.10.30.17,robin,LTBEsal37,prog,
10.10.30.97,robin,LTBEsal37,prog,
10.10.30.98,robin,LTBEsal37,prog,
10.10.30.99,robin,LTBEsal37,prog,
10.10.70.21,robin,LTBEsal37,prog,
10.10.70.24,robin,LTBEsal37,prog,
10.10.70.25,robin,LTBEsal37,prog,
10.10.70.27,robin,LTBEsal37,prog,
10.10.70.28,robin,LTBEsal37,prog,
10.10.70.250,robin,LTBEsal37,prog,
10.10.70.251,robin,LTBEsal37,prog,
10.10.70.254,robin,LTBEsal37,prog,
10.60.1.100,robin,LTBEsal37,,
10.80.1.2,robin,LTBEsal37,prog,
10.80.1.253,robin,LTBEsal37,prog,
10.80.1.254,robin,LTBEsal37,prog,
10.80.13.11,robin,LTBEsal37,prog,
10.80.13.12,robin,LTBEsal37,prog,
10.80.13.21,robin,LTBEsal37,prog,
10.80.13.22,robin,LTBEsal37,prog,
10.90.1.1,robin,LTBEsal37,prog,
10.90.1.2,robin,LTBEsal37,prog,
10.90.1.3,robin,LTBEsal37,prog,
130.35.0.1,robin,LTBEsal37,prog,
130.35.0.253,robin,LTBEsal37,prog,
130.35.0.17,robin,LTBEsal37,,
130.35.0.18,robin,LTBEsal37,prog,
130.35.0.19,robin,LTBEsal37,prog,
130.35.0.28,robin,LTBEsal37,prog,
130.35.0.29,robin,LTBEsal37,prog,
192.169.1.13,robin,LTBEsal37,prog,
192.169.1.21,robin,LTBEsal37,prog,
192.169.1.22,robin,LTBEsal37,prog,
192.169.1.23,robin,LTBEsal37,prog,
192.169.1.81,robin,LTBEsal37,prog,
192.169.1.82,robin,LTBEsal37,prog,
192.169.1.83,robin,LTBEsal37,prog,
193.169.55.248,robin,LTBEsal37,prog,
193.169.55.249,robin,LTBEsal37,prog,
170.250.1.22,robin,LTBEsal37,prog,
170.250.1.101,robin,LTBEsal37,prog,
170.250.1.102,robin,LTBEsal37,prog,
170.250.1.253,robin,LTBEsal37,prog,
170.11.1.1,robin,LTBEsal37,prog,
170.11.1.4,robin,LTBEsal37,prog,
170.11.1.5,robin,LTBEsal37,prog,
170.11.1.6,robin,LTBEsal37,prog,
170.11.1.253,robin,LTBEsal37,prog,
170.11.1.254,robin,LTBEsal37,prog,
170.15.1.1,robin,LTBEsal37,prog,
170.20.1.1,robin,LTBEsal37,prog,
170.20.1.2,robin,LTBEsal37,prog,
170.20.1.3,robin,LTBEsal37,prog,
170.20.1.9,robin,LTBEsal37,prog,
170.21.1.1,robin,LTBEsal37,prog,
170.24.1.2,robin,LTBEsal37,prog,
170.24.1.3,robin,LTBEsal37,prog,
170.40.1.1,robin,LTBEsal37,prog,
170.40.1.4,robin,LTBEsal37,prog,
170.40.1.5,robin,LTBEsal37,prog,
170.40.1.253,robin,LTBEsal37,prog,
170.40.1.254,robin,LTBEsal37,prog,
170.43.1.1,robin,LTBEsal37,prog,
170.43.1.2,robin,LTBEsal37,prog,
170.45.1.1,robin,LTBEsal37,prog,
170.45.1.2,robin,LTBEsal37,prog,
170.45.1.4,robin,LTBEsal37,prog,
170.45.2.4,robin,LTBEsal37,prog,
170.45.1.3,robin,LTBEsal37,prog,
170.50.1.1,robin,LTBEsal37,prog,
170.50.1.2,robin,LTBEsal37,prog,
170.50.1.3,robin,LTBEsal37,prog,
170.60.2.1,robin,LTBEsal37,prog,
170.60.2.3,robin,LTBEsal37,prog,
170.60.2.5,robin,LTBEsal37,prog,
170.60.2.7,robin,LTBEsal37,prog,
170.60.2.8,robin,LTBEsal37,prog,
170.60.2.10,robin,LTBEsal37,prog,
170.60.2.14,robin,LTBEsal37,prog,
170.60.2.15,robin,LTBEsal37,prog,
170.60.2.19,robin,LTBEsal37,prog,
170.60.2.20,robin,LTBEsal37,prog,
170.61.3.1,robin,LTBEsal37,prog,
170.61.4.1,robin,LTBEsal37,prog,
170.61.5.1,robin,LTBEsal37,prog,
170.61.6.1,robin,LTBEsal37,prog,
170.61.7.1,robin,LTBEsal37,prog,
170.250.1.22,robin,LTBEsal37,prog,
170.250.1.101,robin,LTBEsal37,prog,
170.250.1.102,robin,LTBEsal37,prog,
170.250.1.253,robin,LTBEsal37,prog,
170.250.2.1,robin,LTBEsal37,prog,
170.250.2.101,robin,LTBEsal37,prog,
170.250.2.102,robin,LTBEsal37,prog,
170.253.4.16,robin,LTBEsal37,prog,
170.253.4.17,robin,LTBEsal37,prog,
192.168.99.25,robin,LTBEsal37,prog,
192.168.104.42,,actissec,actisen,
192.168.104.43,,actissec,actisen,
10.1.6.1,robin,LTBEsal37,prog,
10.1.6.2,robin,LTBEsal37,prog,
10.1.6.3,robin,LTBEsal37,prog,
10.1.7.1,robin,LTBEsal37,prog,
10.1.8.1,robin,LTBEsal37,prog,
10.1.8.254,robin,LTBEsal37,prog,
91.33.211.21,robin,LTBEsal37,prog,
91.33.211.22,robin,LTBEsal37,prog,
91.33.211.31,robin,LTBEsal37,prog,
91.33.211.32,robin,LTBEsal37,prog,
92.254.253.25,robin,LTBEsal37,prog,
92.254.253.26,robin,LTBEsal37,prog,
92.254.253.31,robin,LTBEsal37,prog,
92.254.253.33,robin,LTBEsal37,prog,
92.254.253.253,robin,LTBEsal37,prog,
94.200.15.22,robin,LTBEsal37,prog,
94.200.15.23,robin,LTBEsal37,prog,
90.201.238.21,robin,LTBEsal37,prog,
90.201.238.21,robin,LTBEsal37,prog,
193.169.55.252,mao,peking08,,
193.169.55.253,mao,peking08,,

38
CISCO vpn connect/vpnconnect.bat Normal file
View File

@@ -0,0 +1,38 @@
@echo off
cls
c:
cd \program files\cisco systems\vpn client\
echo Verbindungsversuch
:LOOP
vpnclient connect AW user Andre pwd K01v1kk0!>vpnconnect.log
type vpnconnect.log | find "already exists"
if errorlevel 1 goto NEXT1
if errorlevel 0 goto EXISTS
:NEXT1
type vpnconnect.log | find "is secure"
if errorlevel 1 goto NEXT2
if errorlevel 0 goto ESTABLISHED
:NEXT2
echo Neuer Verbindungsversuch
goto LOOP
:EXISTS
echo Verbindung bereits aufgebaut
goto ENDE
:ESTABLISHED
echo Verbindung erfolgreich aufgebaut
goto ENDE
:ENDE
cd \
goto QUIT
:QUIT
pause

0
CISCO vpn connect/vpnconnect.log Normal file
View File