diff options
-rw-r--r-- | LICENSE | 201 | ||||
-rw-r--r-- | docs/Configuration.md | 9 | ||||
-rw-r--r-- | docs/Model-Notes/EOS.md | 9 | ||||
-rw-r--r-- | docs/Model-Notes/README.md | 3 | ||||
-rw-r--r-- | docs/Model-Notes/XGS4600-Zyxel.md | 14 | ||||
-rw-r--r-- | lib/oxidized/input/ssh.rb | 5 | ||||
-rw-r--r-- | lib/oxidized/model/xos.rb | 5 | ||||
-rw-r--r-- | lib/oxidized/model/zynoscli.rb | 36 | ||||
-rw-r--r-- | lib/oxidized/nodes.rb | 3 | ||||
-rw-r--r-- | lib/oxidized/source/http.rb | 8 | ||||
-rw-r--r-- | lib/oxidized/source/sql.rb | 7 | ||||
-rw-r--r-- | lib/oxidized/worker.rb | 6 | ||||
-rw-r--r-- | spec/input/ssh_spec.rb | 2 |
13 files changed, 299 insertions, 9 deletions
@@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/docs/Configuration.md b/docs/Configuration.md index 661e65a..1d16c91 100644 --- a/docs/Configuration.md +++ b/docs/Configuration.md @@ -62,6 +62,15 @@ vars: ssh_no_exec: true ``` +## SSH Auth Methods + +By default, Oxidized registers the following auth methods: `none`, `publickey` and `password`. However you can configure this globally, by groups, models or nodes. + +``` +vars: + auth_methods: none, publickey, password, keyboard-interactive +``` + ## SSH Proxy Command Oxidized can `ssh` through a proxy as well. To do so we just need to set `ssh_proxy` variable with the proxy host information. diff --git a/docs/Model-Notes/EOS.md b/docs/Model-Notes/EOS.md new file mode 100644 index 0000000..66287e3 --- /dev/null +++ b/docs/Model-Notes/EOS.md @@ -0,0 +1,9 @@ +Arista EOS Configuration +======================== + +By default EOS requires keyboard-interactive to be added to your Oxidized config. You can avoid having to do this by configuring the following on the EOS device: + +``` +management ssh + authentication mode password +``` diff --git a/docs/Model-Notes/README.md b/docs/Model-Notes/README.md index fd1298e..993eb77 100644 --- a/docs/Model-Notes/README.md +++ b/docs/Model-Notes/README.md @@ -10,9 +10,10 @@ Vendor | Model |Updated 3COM|[Comware](Comware.md)|15 Feb 2018 AireOS|[AireOS](AireOS.md)|29 Nov 2017 Arbor Networks|[ArbOS](ArbOS.md)|27 Feb 2018 +Arista|[EOS](EOS.md)|05 Feb 2018 Huawei|[VRP](VRP-Huawei.md)|17 Nov 2017 Juniper|[MX/QFX/EX/SRX/J Series](JunOS.md)|18 Jan 2018 Netgear|[Netgear](Netgear.md)|11 Apr 2018 -Zyxel|[XGS4600 Series](XGS4600-Zyxel.md)|23 Jan 2018 +Zyxel|[XGS4600 Series](XGS4600-Zyxel.md)|1 Feb 2018 If you discover additional caveats or problems please make sure to consult the [GitHub issues for oxidized](https://github.com/ytti/oxidized/issues) known issues. diff --git a/docs/Model-Notes/XGS4600-Zyxel.md b/docs/Model-Notes/XGS4600-Zyxel.md index 17cb2b5..8b58ed8 100644 --- a/docs/Model-Notes/XGS4600-Zyxel.md +++ b/docs/Model-Notes/XGS4600-Zyxel.md @@ -20,6 +20,20 @@ input: passive: false ``` + +## SSH/TelNet + +Below is the table from the XGS4600 CLI Reference Guide (Version 3.79~4.50 Edition 1, 07/2017) +Take this table with a pinch of salt, level 3 will not allow _show running-config_! + +Privilege Level | Types of commands at this privilege level +----------------|------------------------------------------- +0|Display basic system information. +3|Display configuration or status. +13|Configure features except for login accounts, SNMP user accounts, the authentication method sequence and authorization settings, multiple logins, administrator and enable passwords, and configuration information display. +14|Configure login accounts, SNMP user accounts, the authentication method sequence and authorization settings, multiple logins, and administrator and enable passwords, and display configuration information. + + Oxidized can now retrieve your configuration! Back to [Model-Notes](README.md) diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index dc1eb27..6e86d13 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -29,11 +29,14 @@ module Oxidized port: port.to_i, paranoid: secure, keepalive: true, - auth_methods: %w(none publickey password keyboard-interactive), password: @node.auth[:password], :timeout => Oxidized.config.timeout, number_of_password_prompts: 0, } + auth_methods = vars(:auth_methods) || %w(none publickey password) + ssh_opts[:auth_methods] = auth_methods + Oxidized.logger.info "AUTH METHODS::#{auth_methods}" + if proxy_host = vars(:ssh_proxy) proxy_command = "ssh " proxy_command += "-o StrictHostKeyChecking=no " unless secure diff --git a/lib/oxidized/model/xos.rb b/lib/oxidized/model/xos.rb index e862596..5ce8017 100644 --- a/lib/oxidized/model/xos.rb +++ b/lib/oxidized/model/xos.rb @@ -26,7 +26,10 @@ class XOS < Oxidized::Model comment cfg.each_line.reject { |line| line.match /Time:/ or line.match /boot/i }.join end - cmd 'show configuration' + cmd 'show configuration' do |cfg| + cfg = cfg.each_line.reject { |line| line.match /^#(\s[\w]+\s)(Configuration generated)/ }.join + cfg + end cmd 'show policy detail' do |cfg| comment cfg diff --git a/lib/oxidized/model/zynoscli.rb b/lib/oxidized/model/zynoscli.rb new file mode 100644 index 0000000..ae64b04 --- /dev/null +++ b/lib/oxidized/model/zynoscli.rb @@ -0,0 +1,36 @@ +class ZyNOSCLI < Oxidized::Model + # Used in Zyxel DSLAMs, such as SAM1316 + + # Typical prompt "XGS4600#" + prompt /^([\w.@()-]+[#>]\s\e7)$/ + comment ';; ' + + cmd :all do |cfg| + cfg.gsub! /^.*\e7/, '' + end + cmd 'show stacking' + + cmd 'show version' + + cmd 'show running-config' + + cfg :telnet do + username /^User name:/i + password /^Password:/i + end + + cfg :telnet, :ssh do + if vars :enable + post_login do + send "enable\n" + # Interpret enable: true as meaning we won't be prompted for a password + unless vars(:enable).is_a? TrueClass + expect /[pP]assword:\s?$/ + send vars(:enable) + "\n" + end + expect /^.+[#]$/ + end + end + pre_logout 'exit' + end +end diff --git a/lib/oxidized/nodes.rb b/lib/oxidized/nodes.rb index 84766f0..a159b48 100644 --- a/lib/oxidized/nodes.rb +++ b/lib/oxidized/nodes.rb @@ -12,7 +12,8 @@ module Oxidized @source = Oxidized.config.source.default Oxidized.mgr.add_source @source Oxidized.logger.info "lib/oxidized/nodes.rb: Loading nodes" - Oxidized.mgr.source[@source].new.load.each do |node| + nodes = Oxidized.mgr.source[@source].new.load node_want + nodes.each do |node| # we want to load specific node(s), not all of them next unless node_want? node_want, node begin diff --git a/lib/oxidized/source/http.rb b/lib/oxidized/source/http.rb index 4480cbb..55dcd4c 100644 --- a/lib/oxidized/source/http.rb +++ b/lib/oxidized/source/http.rb @@ -15,7 +15,7 @@ module Oxidized require "uri" require "json" - def load + def load node_want = nil nodes = [] uri = URI.parse(@cfg.url) http = Net::HTTP.new(uri.host, uri.port) @@ -28,7 +28,11 @@ module Oxidized headers[header] = value end - request = Net::HTTP::Get.new(uri.request_uri, headers) + req_uri = uri.request_uri + if node_want + req_uri = "#{req_uri}/#{node_want}" + end + request = Net::HTTP::Get.new(req_uri, headers) if (@cfg.user? && @cfg.pass?) request.basic_auth(@cfg.user, @cfg.pass) end diff --git a/lib/oxidized/source/sql.rb b/lib/oxidized/source/sql.rb index 5737c93..c5fe650 100644 --- a/lib/oxidized/source/sql.rb +++ b/lib/oxidized/source/sql.rb @@ -18,11 +18,16 @@ module Oxidized end end - def load + def load node_want = nil nodes = [] db = connect query = db[@cfg.table.to_sym] query = query.with_sql(@cfg.query) if @cfg.query? + + if node_want + query = query.where(@cfg.map.name.to_sym => node_want) + end + query.each do |node| # map node parameters keys = {} diff --git a/lib/oxidized/worker.rb b/lib/oxidized/worker.rb index 7eaa888..692b060 100644 --- a/lib/oxidized/worker.rb +++ b/lib/oxidized/worker.rb @@ -80,7 +80,11 @@ module Oxidized private def is_cycle_finished? - @jobs_done > 0 && @jobs_done % @nodes.count == 0 + if @jobs_done > @nodes.count + true + else + @jobs_done > 0 && @jobs_done % @nodes.count == 0 + end end def run_done_hook diff --git a/spec/input/ssh_spec.rb b/spec/input/ssh_spec.rb index 9e08cea..3c33cd8 100644 --- a/spec/input/ssh_spec.rb +++ b/spec/input/ssh_spec.rb @@ -34,7 +34,7 @@ describe Oxidized::SSH do proxy: proxy, password: 'armud', number_of_password_prompts: 0, - auth_methods: ['none', 'publickey', 'password', 'keyboard-interactive']) + auth_methods: %w[none publickey password]) ssh.instance_variable_set("@exec", true) ssh.connect(@node) |