diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/oxidized.rb | 5 | ||||
-rw-r--r-- | lib/oxidized/config.rb | 2 | ||||
-rw-r--r-- | lib/oxidized/input/ftp.rb | 2 | ||||
-rw-r--r-- | lib/oxidized/input/ssh.rb | 2 | ||||
-rw-r--r-- | lib/oxidized/input/telnet.rb | 2 | ||||
-rw-r--r-- | lib/oxidized/model/asa.rb | 3 | ||||
-rw-r--r-- | lib/oxidized/model/datacom.rb | 7 | ||||
-rw-r--r-- | lib/oxidized/model/gaiaos.rb | 46 | ||||
-rw-r--r-- | lib/oxidized/model/screenos.rb | 1 | ||||
-rw-r--r-- | lib/oxidized/model/timos.rb | 71 | ||||
-rw-r--r-- | lib/oxidized/node.rb | 18 | ||||
-rw-r--r-- | lib/oxidized/nodes.rb | 54 | ||||
-rw-r--r-- | lib/oxidized/output/git.rb | 50 | ||||
-rw-r--r-- | lib/oxidized/pfsense.rb | 25 | ||||
-rw-r--r-- | lib/oxidized/version.rb | 2 |
15 files changed, 214 insertions, 76 deletions
diff --git a/lib/oxidized.rb b/lib/oxidized.rb index dfd9679..ce48f10 100644 --- a/lib/oxidized.rb +++ b/lib/oxidized.rb @@ -1,3 +1,5 @@ +require 'fileutils' + module Oxidized class OxidizedError < StandardError; end @@ -34,13 +36,14 @@ module Oxidized end def self.setup_logger + FileUtils.mkdir_p(Config::Log) unless File.directory?(Config::Log) self.logger = if config.has_key?('use_syslog') && config.use_syslog require 'syslog/logger' Syslog::Logger.new('oxidized') else require 'logger' if config.has_key?('log') - Logger.new(config.log) + Logger.new(File.expand_path(config.log)) else Logger.new(STDERR) end diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb index 1797be6..b6b5c40 100644 --- a/lib/oxidized/config.rb +++ b/lib/oxidized/config.rb @@ -5,7 +5,7 @@ module Oxidized class Config Root = ENV['OXIDIZED_HOME'] || File.join(ENV['HOME'], '.config', 'oxidized') Crash = File.join Root, 'crash' - Log = File.join Root, 'log' + Log = File.join Root, 'logs' InputDir = File.join Directory, %w(lib oxidized input) OutputDir = File.join Directory, %w(lib oxidized output) ModelDir = File.join Directory, %w(lib oxidized model) diff --git a/lib/oxidized/input/ftp.rb b/lib/oxidized/input/ftp.rb index c6d644c..80de257 100644 --- a/lib/oxidized/input/ftp.rb +++ b/lib/oxidized/input/ftp.rb @@ -18,7 +18,7 @@ module Oxidized def connect node @node = node @node.model.cfg['ftp'].each { |cb| instance_exec(&cb) } - @log = File.open(Oxidized::Config::Log + "-#{@node.ip}-ftp", 'w') if Oxidized.config.input.debug? + @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-ftp", 'w') if Oxidized.config.input.debug? @ftp = Net::FTP.new @node.ip, @node.auth[:username], @node.auth[:password] connected? end diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index 8db5aa4..cd12167 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -21,7 +21,7 @@ module Oxidized @output = '' @node.model.cfg['ssh'].each { |cb| instance_exec(&cb) } secure = Oxidized.config.input.ssh.secure - @log = File.open(Oxidized::Config::Log + "-#{@node.ip}-ssh", 'w') if Oxidized.config.input.debug? + @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-ssh", 'w') if Oxidized.config.input.debug? port = vars(:ssh_port) || 22 if proxy_host = vars(:ssh_proxy) proxy = Net::SSH::Proxy::Command.new("ssh #{proxy_host} -W %h:%p") diff --git a/lib/oxidized/input/telnet.rb b/lib/oxidized/input/telnet.rb index 3446ca2..a5561b9 100644 --- a/lib/oxidized/input/telnet.rb +++ b/lib/oxidized/input/telnet.rb @@ -16,7 +16,7 @@ module Oxidized 'Port' => port.to_i, 'Timeout' => @timeout, 'Model' => @node.model } - opt['Output_log'] = Oxidized::Config::Log + "-#{@node.ip}-telnet" if Oxidized.config.input.debug? + opt['Output_log'] = Oxidized::Config::Log + "/#{@node.ip}-telnet" if Oxidized.config.input.debug? @telnet = Net::Telnet.new opt if @node.auth[:username] and @node.auth[:username].length > 0 diff --git a/lib/oxidized/model/asa.rb b/lib/oxidized/model/asa.rb index 1e45a91..a41348e 100644 --- a/lib/oxidized/model/asa.rb +++ b/lib/oxidized/model/asa.rb @@ -13,6 +13,9 @@ class ASA < Oxidized::Model cmd :secret do |cfg| cfg.gsub! /enable password (\S+) (.*)/, 'enable password <secret hidden> \2' cfg.gsub! /username (\S+) password (\S+) (.*)/, 'username \1 password <secret hidden> \3' + cfg.gsub! /ikev2 pre-shared-key (\S+)/, 'ikev2 pre-shared-key <secret hidden>' + cfg.gsub! /ikev2 (remote|local)-authentication pre-shared-key (\S+)/, 'ikev2 \1-authentication pre-shared-key <secret hidden>' + cfg.gsub! /^(aaa-server TACACS\+ \(\S+\) host.*\n\skey) \S+$/m, '\1 <secret hidden>' cfg end diff --git a/lib/oxidized/model/datacom.rb b/lib/oxidized/model/datacom.rb index 54091ed..5dbc080 100644 --- a/lib/oxidized/model/datacom.rb +++ b/lib/oxidized/model/datacom.rb @@ -24,7 +24,12 @@ class DataCom < Oxidized::Model cfg.cut_head end - cfg :telnet, :ssh do + cfg :ssh do + password /^Password:\s$/ + pre_logout 'exit' + end + + cfg :telnet do username /login:\s$/ password /^Password:\s$/ pre_logout 'exit' diff --git a/lib/oxidized/model/gaiaos.rb b/lib/oxidized/model/gaiaos.rb new file mode 100644 index 0000000..434e774 --- /dev/null +++ b/lib/oxidized/model/gaiaos.rb @@ -0,0 +1,46 @@ +class GaiaOS < Oxidized::Model + + # CheckPoint - Gaia OS Model + + # Gaia Prompt + prompt /^([\[\]\w.@:-]+[#>]\s?)$/ + + # Comment tag + comment '# ' + + + cmd :all do |cfg| + cfg = cfg.each_line.to_a[1..-2].join + end + + cmd :secret do |cfg| + cfg.gsub! /^(set expert-password-hash ).*/, '\1<EXPERT PASSWORD REMOVED>' + cfg.gsub! /^(set user \S+ password-hash ).*/,'\1<USER PASSWORD REMOVED>' + cfg.gsub! /^(set ospf .* secret ).*/,'\1<OSPF KEY REMOVED>' + cfg.gsub! /^(set snmp community )(.*)( read-only.*)/,'\1<SNMP COMMUNITY REMOVED>\3' + cfg.gsub! /^(add snmp .* community )(.*)(\S?.*)/,'\1<SNMP COMMUNITY REMOVED>\3' + cfg.gsub! /(auth|privacy)(-pass-phrase-hashed )(\S*)/,'\1-pass-phrase-hashed <SNMP PASS-PHRASE REMOVED>' + cfg + end + + cmd 'show asset all' do |cfg| + comment cfg + end + + cmd 'show version all' do |cfg| + comment cfg + end + + cmd 'show configuration' do |cfg| + cfg.gsub! /^# Exported by \S+ on .*/, '# ' + cfg + end + + + cfg :ssh do + # User shell must be /etc/cli.sh + post_login 'set clienv rows 0' + pre_logout 'exit' + end + +end diff --git a/lib/oxidized/model/screenos.rb b/lib/oxidized/model/screenos.rb index 7ee9d9f..0258898 100644 --- a/lib/oxidized/model/screenos.rb +++ b/lib/oxidized/model/screenos.rb @@ -20,6 +20,7 @@ class ScreenOS < Oxidized::Model cmd 'get system' do |cfg| cfg.gsub! /^Date\ .*\n/, '' cfg.gsub! /^Up\ .*\n/, '' + cfg.gsub! /(current bw ).*/, '\\1 <removed>' comment cfg end diff --git a/lib/oxidized/model/timos.rb b/lib/oxidized/model/timos.rb index dc28580..d40e845 100644 --- a/lib/oxidized/model/timos.rb +++ b/lib/oxidized/model/timos.rb @@ -1,8 +1,10 @@ class TiMOS < Oxidized::Model - # Alcatel-Lucent TiMOS (Timetra) - # used in SR/ESS/SAS routers - + # + # Nokia SR OS (TiMOS) (formerly TiMetra, Alcatel, Alcatel-Lucent). + # Used in 7705 SAR, 7210 SAS, 7450 ESS, 7750 SR, 7950 XRS, and NSP. + # + comment '# ' prompt /^([-\w\.:>\*]+\s?[#>]\s?)$/ @@ -12,26 +14,81 @@ class TiMOS < Oxidized::Model new_cfg << cfg.each_line.to_a[1..-2].join end + # + # Show the boot options file. + # cmd 'show bof' do |cfg| comment cfg end + # + # Show the system information. + # cmd 'show system information' do |cfg| - # strip uptime + # + # Strip uptime. + # cfg.sub! /^System Up Time.*\n/, '' comment cfg end + # + # Show the card state. + # cmd 'show card state' do |cfg| comment cfg end - cmd 'show boot-messages' do |cfg| - cfg.gsub! /\r/, "" + # + # Show the boot log. + # + cmd 'file type bootlog.txt' do |cfg| + # + # Strip carriage returns and backspaces. + # + cfg.gsub! /\r/, '' + cfg.gsub! /[\b][\b][\b]/, "\n" + comment cfg + end + + # + # Show the running debug configuration. + # + cmd 'show debug' do |cfg| comment cfg end - cmd 'admin display-config' + # + # Show the saved debug configuration (admin debug-save). + # + cmd 'file type config.dbg' do |cfg| + # + # Strip carriage returns. + # + cfg.gsub! /\r/, '' + comment cfg + end + + # + # Show the running persistent indices. + # + cmd 'admin display-config index' do |cfg| + # + # Strip carriage returns. + # + cfg.gsub! /\r/, '' + comment cfg + end + + # + # Show the running configuration. + # + cmd 'admin display-config' do |cfg| + # + # Strip carriage returns. + # + cfg.gsub! /\r/, '' + end cfg :telnet do username /^Login: / diff --git a/lib/oxidized/node.rb b/lib/oxidized/node.rb index 9f729ed..f2b125a 100644 --- a/lib/oxidized/node.rb +++ b/lib/oxidized/node.rb @@ -22,7 +22,7 @@ module Oxidized @vars = opt[:vars] @stats = Stats.new @retry = 0 - @repo = resolve_repo + @repo = resolve_repo opt # model instance needs to access node instance @model.node = self @@ -171,15 +171,25 @@ module Oxidized Oxidized.mgr.model[model].new end - def resolve_repo + def resolve_repo opt + return unless is_git? opt + remote_repo = Oxidized.config.output.git.repo - if Oxidized.config.output.git.single_repo? || @group.nil? || remote_repo.is_a?(String) - remote_repo + if remote_repo.is_a?(::String) + if Oxidized.config.output.git.single_repo? || @group.nil? + remote_repo + else + File.join(File.dirname(remote_repo), @group + '.git') + end else remote_repo[@group] end end + def is_git? opt + (opt[:output] || Oxidized.config.output.default) == 'git' + end + end end diff --git a/lib/oxidized/nodes.rb b/lib/oxidized/nodes.rb index cd67007..f5a1ad0 100644 --- a/lib/oxidized/nodes.rb +++ b/lib/oxidized/nodes.rb @@ -56,11 +56,8 @@ module Oxidized end end - def fetch node, group - with_lock do - i = find_node_index node - output = self[i].output.new - raise Oxidized::NotSupported unless output.respond_to? :fetch + def fetch node_name, group + yield_node_output(node_name) do |node, output| output.fetch node, group end end @@ -94,6 +91,24 @@ module Oxidized find_index node or raise Oxidized::NodeNotFound, "unable to find '#{node}'" end + def version node_name, group + yield_node_output(node_name) do |node, output| + output.version node, group + end + end + + def get_version node_name, group, oid + yield_node_output(node_name) do |node, output| + output.get_version node, group, oid + end + end + + def get_diff node_name, group, oid1, oid2 + yield_node_output(node_name) do |node, output| + output.get_diff node, group, oid1, oid2 + end + end + private def initialize opts={} @@ -151,34 +166,13 @@ module Oxidized sort_by! { |x| x.last.nil? ? Time.new(0) : x.last.end } end - public - - def version node, group + def yield_node_output(node_name) with_lock do - i = find_node_index node - output = self[i].output.new + node = find { |n| n.name == node_name } + output = node.output.new raise Oxidized::NotSupported unless output.respond_to? :fetch - output.version node, group - end - end - - def get_version node, group, oid - with_lock do - i = find_node_index node - output = self[i].output.new - raise Oxidized::NotSupported unless output.respond_to? :fetch - output.get_version node, group, oid + yield node, output end end - - def get_diff node, group, oid1, oid2 - with_lock do - i = find_node_index node - output = self[i].output.new - raise Oxidized::NotSupported unless output.respond_to? :fetch - output.get_diff node, group, oid1, oid2 - end - end - end end diff --git a/lib/oxidized/output/git.rb b/lib/oxidized/output/git.rb index 8d9dae1..fee0ab6 100644 --- a/lib/oxidized/output/git.rb +++ b/lib/oxidized/output/git.rb @@ -41,7 +41,7 @@ class Git < Output outputs.types.each do |type| type_cfg = '' - type_repo = File.join File.dirname(repo), type + '.git' + type_repo = File.join(File.dirname(repo), type + '.git') outputs.type(type).each do |output| (type_cfg << output; next) if not output.name type_file = file + '--' + output.name @@ -60,29 +60,21 @@ class Git < Output def fetch node, group begin - repo = @cfg.repo - repo = File.join File.dirname(repo), group + '.git' if group and not @cfg.single_repo? + repo, path = yield_repo_and_path(node, group) repo = Rugged::Repository.new repo index = repo.index index.read_tree repo.head.target.tree unless repo.empty? - file = node - file = File.join(group, node) if group and @cfg.single_repo? - repo.read(index.get(file)[:oid]).data + repo.read(index.get(path)[:oid]).data rescue 'node not found' end end - #give a hash of all oid revision for the given node, and the date of the commit + # give a hash of all oid revision for the given node, and the date of the commit def version node, group begin - repo = @cfg.repo - path = node - if group and @cfg.single_repo? - path = "#{group}/#{node}" - elsif group - repo = File.join File.dirname(repo), group + '.git' - end + repo, path = yield_repo_and_path(node, group) + repo = Rugged::Repository.new repo walker = Rugged::Walker.new(repo) walker.sorting(Rugged::SORT_DATE) @@ -109,14 +101,9 @@ class Git < Output #give the blob of a specific revision def get_version node, group, oid begin - repo = @cfg.repo - if group && group != '' && !@cfg.single_repo? - repo = File.join File.dirname(repo), group + '.git' - elsif group && group != '' - node = File.join group, node - end + repo, path = yield_repo_and_path(node, group) repo = Rugged::Repository.new repo - repo.blob_at(oid,node).content + repo.blob_at(oid,path).content rescue 'version not found' end @@ -125,30 +112,27 @@ class Git < Output #give a hash with the patch of a diff between 2 revision and the stats (added and deleted lines) def get_diff node, group, oid1, oid2 begin - repo = @cfg.repo diff_commits = nil - if group && group != '' && !@cfg.single_repo? - repo = File.join File.dirname(repo), group + '.git' - end + repo, _ = yield_repo_and_path(node, group) repo = Rugged::Repository.new repo commit = repo.lookup(oid1) - #if the second revision is precised + if oid2 commit_old = repo.lookup(oid2) diff = repo.diff(commit_old, commit) diff.each do |patch| - if /#{node}\s+/.match(patch.to_s.lines.first) + if /#{node.name}\s+/.match(patch.to_s.lines.first) diff_commits = {:patch => patch.to_s, :stat => patch.stat} break end end - #else gives the diffs between the first oid and his first parrent else stat = commit.parents[0].diff(commit).stat stat = [stat[1],stat[2]] patch = commit.parents[0].diff(commit).patch diff_commits = {:patch => patch, :stat => stat} end + diff_commits rescue 'no diffs' @@ -157,6 +141,16 @@ class Git < Output private + def yield_repo_and_path(node, group) + repo, path = node.repo, node.name + + if group and @cfg.single_repo? + path = "#{group}/#{node.name}" + end + + [repo, path] + end + def update repo, file, data return if data.empty? diff --git a/lib/oxidized/pfsense.rb b/lib/oxidized/pfsense.rb new file mode 100644 index 0000000..cd6885c --- /dev/null +++ b/lib/oxidized/pfsense.rb @@ -0,0 +1,25 @@ +class PfSense < Oxidized::Model + + comment '# ' + + #add a comment in the final conf + def add_comment comment + "\n###### #{comment} ######\n" + end + + cmd :all do |cfg| + cfg.each_line.to_a[1..-2].join + end + + #show the persistent configuration + pre do + cfg = add_comment 'Configuration' + cfg += cmd 'cat /cf/conf/config.xml' + end + + cfg :ssh do + exec true + pre_logout 'exit' + end + +end diff --git a/lib/oxidized/version.rb b/lib/oxidized/version.rb index db52c3b..40996a8 100644 --- a/lib/oxidized/version.rb +++ b/lib/oxidized/version.rb @@ -1,3 +1,3 @@ module Oxidized - VERSION = '0.15.0' + VERSION = '0.16.1' end |