r4308 JunOS 10 802.1q gateway
authorAlexey Andriyanov <alan@al-an.info>
Thu, 10 Mar 2011 09:31:04 +0000 (09:31 +0000)
committerAlexey Andriyanov <alan@al-an.info>
Thu, 10 Mar 2011 09:31:04 +0000 (09:31 +0000)
new deviceconfig connector jun10.connector written in Perl, supporting telnet and ssh
functions ***TranslatePushQueue now accepts additional parameter - vlan_names array
setDevice8021QConfig: added additional vlan_names param into function call
exportSwitch8021QConfig: idem
exec8021QDeploy: idem

jun10Read8021QConfig: new gateway function
jun10TranslatePushQueue: idem

gateways/deviceconfig/jun10.connector [new file with mode: 0755]
gateways/deviceconfig/switch.secrets.php-sample

diff --git a/gateways/deviceconfig/jun10.connector b/gateways/deviceconfig/jun10.connector
new file mode 100755 (executable)
index 0000000..1205baf
--- /dev/null
@@ -0,0 +1,126 @@
+#!/usr/bin/perl
+
+use strict;
+use File::FnMatch qw(:fnmatch);
+use Net::Telnet::Cisco;
+@ARGV == 3 or @ARGV == 4 or die "usage: $0 endpoint command workfile";
+
+my ($endpoint, $command, $workfile, $sudo_call) = @ARGV;
+
+$0 =~ m,^(.*)/[^/]+$,;
+my $mydir = $1;
+open(SECRETS, "<$mydir/switch.secrets.php") || die "switch.secrets.php: $!";
+my $skip = 1;
+my ($protocol, $username, $password, $enable_password, $sudo_username);
+while (<SECRETS>) {
+    chomp;
+    if ($skip && ($_ eq "# S-T-A-R-T")) {
+        $skip = 0;
+        next;
+    }
+    if (!$skip && ($_ eq "# S-T-O-P")) {
+        $skip = 1;
+        next;
+    }
+    next if ($skip);
+    next if m,^\s*(#.*)?$,;
+    my @f = split;
+    if (fnmatch($f[0], $endpoint)) {
+               $protocol = $f[1];
+        $username = $f[4];
+        $password = $f[5];
+        $enable_password = $f[6];
+               $sudo_username = $f[7];
+        last;
+    }
+}
+
+if (!defined($username)) {
+    exit(3);
+}
+
+my $is_reader = ($command =~ /deploy/);
+my $is_writer = ($command =~ /get8021q/);
+
+my $current_user = scalar getpwuid $<;
+if ($sudo_username and $sudo_username ne '-' and $current_user ne $sudo_username) {
+       if ($sudo_call) {
+               die "cant sudo as $sudo_username";
+       }
+       else {
+               my $child_command = "sudo -u '$sudo_username' '$0' @ARGV sudo_call";
+               my $code;
+               if ($is_reader) {
+                       $code = system("$child_command <'$workfile'");
+               }
+               elsif ($is_writer) {
+                       $code = system("$child_command >'$workfile'");
+               }
+               exit ($code >> 8);
+       }
+}
+
+if ($is_reader) {
+       if ($sudo_call) {
+               open (WORKFILE, "<&STDIN");
+       }
+       else {
+               open(WORKFILE, "<$workfile") || die "$workfile: $!";
+       }
+}
+elsif ($is_writer) {   
+       if ($sudo_call) {
+               open(WORKFILE, ">&STDOUT");
+       }
+       else {
+               open(WORKFILE, ">$workfile") || die "$workfile: $!";
+       }
+}
+
+if ($protocol eq 'telnet') {
+       my $session = Net::Telnet->new('Host' => $endpoint, 
+         Prompt => '/\S+\@\S+[>#] $/',
+         Timeout => 40,
+       );
+       $session->login($username, $password);
+       if ($command eq "get8021q") {
+               $session->cmd ('set cli screen-length 0');
+               print WORKFILE $session->cmd ('show vlans detail'), "# END OF VLAN LIST\n";
+               print WORKFILE $session->cmd ('show configuration groups'), "# END OF GROUP LIST\n";
+               print WORKFILE $session->cmd ('show configuration interfaces'), "# END OF CONFIG\n";
+               exit(0);
+       }
+       elsif ($command eq "deploy") {
+               while (my $cmd = <WORKFILE>) {
+                       $cmd =~ s/[\r\n]//g;
+                       my $result = join '', $session->cmd ($cmd);
+                       if ($result =~ /\berror:\b/si) {
+                               die "error saving configuration";
+                       }
+               }
+               exit(0);
+       }
+}
+elsif ($protocol eq 'ssh') {
+       # open filehandles
+       if ($is_writer and ! $sudo_call) {
+               close STDOUT;
+               open (STDOUT, ">&WORKFILE");
+       }
+       open(SSH, "| ssh -T -o StrictHostKeyChecking=no '$username'\@'$endpoint'" . ($is_reader ? ' >/dev/null' : '')) or die "cant run ssh: $!";
+
+       if ($command eq "get8021q") {
+               print SSH "set cli screen-length 0\n";
+               print SSH "show vlans detail\n", "# END OF VLAN LIST\n";
+               print SSH "show configuration groups\n", "# END OF GROUP LIST\n";
+               print SSH "show configuration interfaces\n", "# END OF CONFIG\n";
+               exit(0);
+       }
+       elsif ($command eq "deploy") {
+               while (my $cmd = <WORKFILE>) {
+                       $cmd =~ s/[\r\n]//g;
+                       print SSH $cmd, "\n";
+               }
+               exit(0);
+       }
+}
index e716f54..dcbd519 100644 (file)
@@ -1,13 +1,14 @@
 <?php ob_start(); ?>
 
 # Syntax:
-# <endpoint|*> <telnet> <hostname|-> <port|-> <username|-> <line password> <enable password>
+# <endpoint|*> <telnet|ssh> <hostname|-> <port|-> <username|-> <line password> <enable password> <sudo username|->
+# Note: ssh protocol is only availible with JunOS10 devices
 # FIXME: <endpoint|*> <rsh> <username>
 
 # S-T-A-R-T
-switch1 telnet - - - password2 enablepassword
-switch2 telnet - - - password enablepassword
-switch3 telnet - - username3 password3 enablepassword3
+switch1 telnet - - - password2 enablepassword -
+switch2 telnet - - - password enablepassword -
+switch3 telnet - - username3 password3 enablepassword3 -
 # S-T-O-P
 
 <?php ob_end_clean(); ?>