summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/oxidized/config.rb1
-rw-r--r--lib/oxidized/hook/exec.rb1
-rw-r--r--lib/oxidized/hook/githubrepo.rb2
-rw-r--r--lib/oxidized/hook/slackdiff.rb42
-rw-r--r--lib/oxidized/hook/xmppdiff.rb60
-rw-r--r--lib/oxidized/input/ftp.rb4
-rw-r--r--lib/oxidized/model/aosw.rb2
-rw-r--r--lib/oxidized/model/arbos.rb27
-rw-r--r--lib/oxidized/model/aricentiss.rb50
-rw-r--r--lib/oxidized/model/awplus.rb85
-rw-r--r--lib/oxidized/model/br6910.rb2
-rw-r--r--lib/oxidized/model/ciscosmb.rb5
-rw-r--r--lib/oxidized/model/comware.rb4
-rw-r--r--lib/oxidized/model/edgecos.rb47
-rw-r--r--lib/oxidized/model/edgeos.rb6
-rw-r--r--lib/oxidized/model/fiberdriver.rb2
-rw-r--r--lib/oxidized/model/fortios.rb10
-rw-r--r--lib/oxidized/model/gcombnps.rb85
-rw-r--r--lib/oxidized/model/ios.rb1
-rw-r--r--lib/oxidized/model/junos.rb5
-rw-r--r--lib/oxidized/model/netgear.rb2
-rw-r--r--lib/oxidized/model/opnsense.rb21
-rw-r--r--lib/oxidized/model/powerconnect.rb2
-rw-r--r--lib/oxidized/model/procurve.rb9
-rw-r--r--lib/oxidized/model/routeros.rb1
-rw-r--r--lib/oxidized/model/slxos.rb61
-rw-r--r--lib/oxidized/model/supermicro.rb46
-rw-r--r--lib/oxidized/model/vyatta.rb6
-rw-r--r--lib/oxidized/source/csv.rb2
-rw-r--r--lib/oxidized/version.rb2
30 files changed, 524 insertions, 69 deletions
diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb
index 23af9c2..47544fb 100644
--- a/lib/oxidized/config.rb
+++ b/lib/oxidized/config.rb
@@ -37,6 +37,7 @@ module Oxidized
asetus.default.input.default = 'ssh, telnet'
asetus.default.input.debug = false # or String for session log file
asetus.default.input.ssh.secure = false # complain about changed certs
+ asetus.default.input.ftp.passive= true # ftp passive mode
asetus.default.output.default = 'file' # file, git
asetus.default.source.default = 'csv' # csv, sql
diff --git a/lib/oxidized/hook/exec.rb b/lib/oxidized/hook/exec.rb
index a9a5950..3f984c2 100644
--- a/lib/oxidized/hook/exec.rb
+++ b/lib/oxidized/hook/exec.rb
@@ -71,6 +71,7 @@ class Exec < Oxidized::Hook
"OX_NODE_FROM" => ctx.node.from.to_s,
"OX_NODE_MSG" => ctx.node.msg.to_s,
"OX_NODE_GROUP" => ctx.node.group.to_s,
+ "OX_NODE_MODEL" => ctx.node.model.class.name,
"OX_REPO_COMMITREF" => ctx.commitref.to_s,
"OX_REPO_NAME" => ctx.node.repo.to_s,
)
diff --git a/lib/oxidized/hook/githubrepo.rb b/lib/oxidized/hook/githubrepo.rb
index d33e54e..f74b22a 100644
--- a/lib/oxidized/hook/githubrepo.rb
+++ b/lib/oxidized/hook/githubrepo.rb
@@ -51,7 +51,7 @@ class GithubRepo < Oxidized::Hook
else
if cfg.has_key?('publickey') && cfg.has_key?('privatekey')
log "Using ssh auth with key", :debug
- Rugged::Credentials::SshKey.new(username: 'git', publickey: File.expand_path(cfg.publickey), privatekey: File.expand_path(cfg.privatekey))
+ Rugged::Credentials::SshKey.new(username: 'git', publickey: File.expand_path(cfg.publickey), privatekey: File.expand_path(cfg.privatekey), passphrase: ENV["OXIDIZED_SSH_PASSPHRASE"])
else
log "Using ssh auth with agentforwarding", :debug
Rugged::Credentials::SshKeyFromAgent.new(username: 'git')
diff --git a/lib/oxidized/hook/slackdiff.rb b/lib/oxidized/hook/slackdiff.rb
index 61f1743..7cd4465 100644
--- a/lib/oxidized/hook/slackdiff.rb
+++ b/lib/oxidized/hook/slackdiff.rb
@@ -1,5 +1,8 @@
require 'slack'
+# defaults to posting a diff, if messageformat is supplied them a message will be posted too
+# diffenable defaults to true
+
class SlackDiff < Oxidized::Hook
def validate_cfg!
raise KeyError, 'hook.token is required' unless cfg.has_key?('token')
@@ -17,16 +20,35 @@ class SlackDiff < Oxidized::Hook
client = Slack::Client.new
client.auth_test
log "Connected"
- gitoutput = ctx.node.output.new
- diff = gitoutput.get_diff ctx.node, ctx.node.group, ctx.commitref, nil
- title = "#{ctx.node.name.to_s} #{ctx.node.group.to_s} #{ctx.node.model.class.name.to_s.downcase}"
- log "Posting diff as snippet to #{cfg.channel}"
- client.files_upload(channels: cfg.channel, as_user: true,
- content: diff[:patch].lines.to_a[4..-1].join,
- filetype: "diff",
- title: title,
- filename: "change"
- )
+ # diff snippet - default
+ diffenable = true
+ if cfg.has_key?('diff') == true
+ if cfg.diff == false
+ diffenable = false
+ end
+ end
+ if diffenable == true
+ gitoutput = ctx.node.output.new
+ diff = gitoutput.get_diff ctx.node, ctx.node.group, ctx.commitref, nil
+ unless diff == "no diffs"
+ title = "#{ctx.node.name.to_s} #{ctx.node.group.to_s} #{ctx.node.model.class.name.to_s.downcase}"
+ log "Posting diff as snippet to #{cfg.channel}"
+ client.files_upload(channels: cfg.channel, as_user: true,
+ content: diff[:patch].lines.to_a[4..-1].join,
+ filetype: "diff",
+ title: title,
+ filename: "change"
+ )
+ end
+ end
+ # message custom formatted - optional
+ if cfg.has_key?('message') == true
+ log cfg.message
+ msg = cfg.message % {:node => ctx.node.name.to_s, :group => ctx.node.group.to_s, :commitref => ctx.commitref, :model => ctx.node.model.class.name.to_s.downcase}
+ log msg
+ log "Posting message to #{cfg.channel}"
+ client.chat_postMessage(channel: cfg.channel, text: msg, as_user: true)
+ end
log "Finished"
end
end
diff --git a/lib/oxidized/hook/xmppdiff.rb b/lib/oxidized/hook/xmppdiff.rb
new file mode 100644
index 0000000..396d1b3
--- /dev/null
+++ b/lib/oxidized/hook/xmppdiff.rb
@@ -0,0 +1,60 @@
+require 'xmpp4r'
+require 'xmpp4r/muc/helper/simplemucclient'
+
+class XMPPDiff < Oxidized::Hook
+ def validate_cfg!
+ raise KeyError, 'hook.jid is required' unless cfg.has_key?('jid')
+ raise KeyError, 'hook.password is required' unless cfg.has_key?('password')
+ raise KeyError, 'hook.channel is required' unless cfg.has_key?('channel')
+ raise KeyError, 'hook.nick is required' unless cfg.has_key?('nick')
+ end
+
+ def run_hook(ctx)
+ if ctx.node
+ if ctx.event.to_s == "post_store"
+ begin
+ Timeout::timeout(15) do
+ gitoutput = ctx.node.output.new
+ diff = gitoutput.get_diff ctx.node, ctx.node.group, ctx.commitref, nil
+
+ interesting = diff[:patch].lines.to_a[4..-1].any? { |line|
+ ["+", "-"].include?(line[0]) and not ["#", "!"].include?(line[1])
+ }
+ interesting &&= diff[:patch].lines.to_a[5..-1].any? { |line| line[0] == '-' }
+ interesting &&= diff[:patch].lines.to_a[5..-1].any? { |line| line[0] == '+' }
+
+ if interesting
+ log "Connecting to XMPP"
+ client = Jabber::Client.new(Jabber::JID.new(cfg.jid))
+ client.connect
+ sleep 1
+ client.auth(cfg.password)
+ sleep 1
+
+ log "Connected"
+
+ m = Jabber::MUC::SimpleMUCClient.new(client)
+ m.join(cfg.channel + "/" + cfg.nick)
+
+ log "Joined"
+
+ title = "#{ctx.node.name.to_s} #{ctx.node.group.to_s} #{ctx.node.model.class.name.to_s.downcase}"
+ log "Posting diff as snippet to #{cfg.channel}"
+
+ m.say(title + "\n\n" + diff[:patch].lines.to_a[4..-1].join)
+
+ sleep 1
+
+ client.close
+
+ log "Finished"
+
+ end
+ end
+ rescue Timeout::Error
+ log "timed out"
+ end
+ end
+ end
+ end
+end
diff --git a/lib/oxidized/input/ftp.rb b/lib/oxidized/input/ftp.rb
index 80de257..cdf3688 100644
--- a/lib/oxidized/input/ftp.rb
+++ b/lib/oxidized/input/ftp.rb
@@ -19,7 +19,9 @@ module Oxidized
@node = node
@node.model.cfg['ftp'].each { |cb| instance_exec(&cb) }
@log = File.open(Oxidized::Config::Log + "/#{@node.ip}-ftp", 'w') if Oxidized.config.input.debug?
- @ftp = Net::FTP.new @node.ip, @node.auth[:username], @node.auth[:password]
+ @ftp = Net::FTP.new(@node.ip)
+ @ftp.passive = Oxidized.config.input.ftp.passive
+ @ftp.login @node.auth[:username], @node.auth[:password]
connected?
end
diff --git a/lib/oxidized/model/aosw.rb b/lib/oxidized/model/aosw.rb
index a85ead7..71fde2e 100644
--- a/lib/oxidized/model/aosw.rb
+++ b/lib/oxidized/model/aosw.rb
@@ -11,7 +11,7 @@ class AOSW < Oxidized::Model
# All IAPs connected to a Instant Controller will have the same config output. Only the controller needs to be monitored.
comment '# '
- prompt /^\(?.+\)?\s?[#>]/
+ prompt /^\(?.+\)?\s[#>]/
cmd :all do |cfg|
cfg.each_line.to_a[1..-2].join
diff --git a/lib/oxidized/model/arbos.rb b/lib/oxidized/model/arbos.rb
new file mode 100644
index 0000000..389f3f6
--- /dev/null
+++ b/lib/oxidized/model/arbos.rb
@@ -0,0 +1,27 @@
+class ARBOS < Oxidized::Model
+
+ # Arbor OS model #
+
+ prompt /^[\S\s]+\n([\w.@-]+[:\/#>]+)\s?$/
+ comment '# '
+
+ cmd 'system hardware' do |cfg|
+ cfg.gsub! /^Boot\ time\:\s.+/, '' # Remove boot timer
+ cfg.gsub! /^Load\ averages\:\s.+/, '' # Remove CPU load info
+ cfg = cfg.each_line.to_a[2..-1].join
+ comment cfg
+ end
+
+ cmd 'system version' do |cfg|
+ comment cfg
+ end
+
+ cmd 'config show' do |cfg|
+ cfg
+ end
+
+ cfg :ssh do
+ exec true
+ pre_logout 'exit'
+ end
+end
diff --git a/lib/oxidized/model/aricentiss.rb b/lib/oxidized/model/aricentiss.rb
new file mode 100644
index 0000000..80735c7
--- /dev/null
+++ b/lib/oxidized/model/aricentiss.rb
@@ -0,0 +1,50 @@
+# Developed against:
+# #show version
+# Switch ID Hardware Version Firmware Version
+# 0 SSE-G48-TG4 (P2-01) 1.0.16-9
+
+class AricentISS < Oxidized::Model
+
+ prompt (/^(\e\[27m)?[ \r]*\w+# ?$/)
+
+ cfg :ssh do
+ post_login 'no cli pagination'
+ pre_logout 'exit'
+ end
+
+ cmd :all do |cfg|
+ # * Drop first line that contains the command, and the last line that
+ # contains a prompt
+ # * Strip carriage returns
+ cfg.delete("\r").each_line.to_a[1..-2].join
+ end
+
+ cmd :secret do |cfg|
+ cfg.gsub(/^(snmp community) .*/, '\1 <hidden>')
+ end
+
+ cmd 'show system information' do |cfg|
+ cfg.sub! /^Device Up Time.*\n/, ''
+ cfg.delete! "\r"
+ comment(cfg).gsub(/ +$/, '')
+ end
+
+ cmd 'show running-config' do |cfg|
+ comment_next = 0
+ cfg.each_line.map { |l|
+ next '' if l.match /^Building configuration/
+
+ if l.match /^Switch ID.*Hardware Version.*Firmware Version/ then
+ comment_next = 2
+ end
+
+ if comment_next > 0 then
+ comment_next -= 1
+ next comment(l)
+ end
+
+ l
+ }.join.gsub(/ +$/, '')
+ end
+
+end
diff --git a/lib/oxidized/model/awplus.rb b/lib/oxidized/model/awplus.rb
new file mode 100644
index 0000000..1d8fbcd
--- /dev/null
+++ b/lib/oxidized/model/awplus.rb
@@ -0,0 +1,85 @@
+class AWPlus < Oxidized::Model
+
+ #Allied Telesis Alliedware Plus Model#
+ #https://www.alliedtelesis.com/products/software/AlliedWare-Plus
+
+ prompt /^(\r?[\w.@:\/-]+[#>]\s?)$/
+ comment '! '
+
+ #Avoids needing "term length 0" to display full config file.
+ expect /--More--/ do |data, re|
+ send ' '
+ data.sub re, ''
+ end
+
+ #Removes gibberish pager output e.g. VT100 escape codes
+ cmd :all do |cfg|
+ cfg.gsub! /\e\[K/, '' # example how to handle pager - cleareol EL0
+ cfg.gsub! /\e\[7m\e\[m/, '' # example how to handle pager - Reverse SGR7
+ cfg.gsub! /\r/, '' # Filters rogue ^M - see issue #415
+ cfg.each_line.to_a[1..-2].join
+ end
+
+ #Remove passwords from config file.
+ #Add vars "remove_secret: true" to global oxidized config file to enable.
+
+ cmd :secret do |cfg|
+ cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
+ cfg.gsub! /^(username \S+ privilege \d+) (\S+).*/, '\\1 <secret hidden>'
+ cfg.gsub! /^(username \S+ password \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(username \S+ secret \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(enable (password|secret) \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(\s+(?:password|secret)) (?:\d )?\S+/, '\\1 <secret hidden>'
+ cfg.gsub! /^(tacacs-server key \d) (\S+)/, '\\1 <secret hidden>'
+ cfg
+ end
+
+ #Adds "Show system" output to start of config.
+
+ cmd 'Show System' do |cfg|
+ comment cfg.insert(0,"--------------------------------------------------------------------------------! \n")
+ #Unhash below to write a comment in the config file.
+ cfg.insert(0,"Starting: Show system cmd \n")
+ cfg << "\n \nEnding: show system cmd"
+ comment cfg << "\n--------------------------------------------------------------------------------! \n \n"
+ #Removes the following lines from "show system" in output file. This ensures oxidized diffs are meaningful.
+ comment cfg.each_line.reject { |line|
+ line.match /^$\n/ or #Remove blank lines in "sh sys"
+ line.match /System Status\s*.*/ or
+ line.match /RAM\s*:.*/ or
+ line.match /Uptime\s*:.*/ or
+ line.match /Flash\s*:.*/ or
+ line.match /Current software\s*:.*/ or
+ line.match /Software version\s*:.*/ or
+ line.match /Build date\s*:.*/ }.join
+ end
+
+ #Actually get the devices running config#
+ cmd 'show running-config' do |cfg|
+ cfg
+ end
+
+ #Config required for telnet to detect username prompt
+ cfg :telnet do
+ username /login:\s/
+ end
+
+ #Main login config
+ cfg :telnet, :ssh do
+ post_login do
+ if vars :enable
+ send "enable\n"
+ expect /^Password:\s/
+ cmd vars(:enable) + "\r\n"
+ else
+ cmd 'enable' # Required for Priv-Exec users without enable PW to be put into "enable mode".
+ end
+# cmd 'terminal length 0' #set so the entire config is output without intervention.
+ end
+ pre_logout do
+# cmd 'terminal no length' #Sets term length back to default on exit.
+ send "exit\r\n"
+ end
+ end
+
+end
diff --git a/lib/oxidized/model/br6910.rb b/lib/oxidized/model/br6910.rb
index b5c9bcf..df93793 100644
--- a/lib/oxidized/model/br6910.rb
+++ b/lib/oxidized/model/br6910.rb
@@ -1,7 +1,7 @@
class BR6910 < Oxidized::Model
- prompt /^Vty-[0-9]\#$/
+ prompt /^([\w.@()-]+[#>]\s?)$/
comment '! '
# not possible to disable paging prior to show running-config
diff --git a/lib/oxidized/model/ciscosmb.rb b/lib/oxidized/model/ciscosmb.rb
index 9453059..deb4768 100644
--- a/lib/oxidized/model/ciscosmb.rb
+++ b/lib/oxidized/model/ciscosmb.rb
@@ -17,6 +17,7 @@ class CiscoSMB < Oxidized::Model
cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
cfg.gsub! /username (\S+) privilege (\d+) (\S+).*/, '<secret hidden>'
cfg.gsub! /^(encrypted radius-server key).*/, '\\1 <configuration removed>'
+ cfg.gsub! /System Up Time.*/, ''
cfg
end
@@ -24,6 +25,10 @@ class CiscoSMB < Oxidized::Model
comment cfg
end
+ cmd 'show system' do |cfg|
+ comment cfg
+ end
+
cmd 'show bootvar' do |cfg|
comment cfg
end
diff --git a/lib/oxidized/model/comware.rb b/lib/oxidized/model/comware.rb
index d926854..a5b7190 100644
--- a/lib/oxidized/model/comware.rb
+++ b/lib/oxidized/model/comware.rb
@@ -1,8 +1,8 @@
class Comware < Oxidized::Model
# HP (A-series)/H3C/3Com Comware
- # sometimes the prompt might have a leading nul
- prompt /^\0*(<[\w.-]+>)$/
+ # sometimes the prompt might have a leading nul or trailing ASCII Bell (^G)
+ prompt /^\0*(<[\w.-]+>).?$/
comment '# '
# example how to handle pager
diff --git a/lib/oxidized/model/edgecos.rb b/lib/oxidized/model/edgecos.rb
new file mode 100644
index 0000000..bc205f5
--- /dev/null
+++ b/lib/oxidized/model/edgecos.rb
@@ -0,0 +1,47 @@
+class EdgeCOS < Oxidized::Model
+
+ comment '! '
+
+ cmd :secret do |cfg|
+ cfg.gsub!(/password \d+ (\S+).*/, '<secret removed>')
+ cfg.gsub!(/community (\S+)/, 'community <hidden>')
+ cfg
+ end
+
+ cmd :all do |cfg|
+ cfg.each_line.to_a[2..-2].join
+ end
+
+ cmd 'show running-config'
+
+ cmd 'show access-list tcam-utilization' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show memory' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show system' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show version' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show watchdog' do |cfg|
+ comment cfg
+ end
+
+ cfg :telnet do
+ username /^Username:/
+ password /^Password:/
+ end
+
+ cfg :telnet, :ssh do
+ post_login 'terminal length 0'
+ pre_logout 'exit'
+ end
+
+end
diff --git a/lib/oxidized/model/edgeos.rb b/lib/oxidized/model/edgeos.rb
index 2a8d663..aa7a197 100644
--- a/lib/oxidized/model/edgeos.rb
+++ b/lib/oxidized/model/edgeos.rb
@@ -9,11 +9,15 @@ class Edgeos < Oxidized::Model
end
cmd :secret do |cfg|
+ cfg.gsub! /encrypted-password (\S+).*/, 'encrypted-password <secret removed>'
+ cfg.gsub! /plaintext-password (\S+).*/, 'plaintext-password <secret removed>'
+ cfg.gsub! /password (\S+).*/, 'password <secret removed>'
+ cfg.gsub! /pre-shared-secret (\S+).*/, 'pre-shared-secret <secret removed>'
cfg.gsub! /community (\S+) {/, 'community <hidden> {'
cfg
end
- cmd 'show configuration | no-more'
+ cmd 'show configuration commands | no-more'
cfg :telnet do
username /login:\s/
diff --git a/lib/oxidized/model/fiberdriver.rb b/lib/oxidized/model/fiberdriver.rb
index abe8f68..7cfa847 100644
--- a/lib/oxidized/model/fiberdriver.rb
+++ b/lib/oxidized/model/fiberdriver.rb
@@ -13,7 +13,7 @@ class FiberDriver < Oxidized::Model
cfg.each_line.to_a[3..-1].join
cfg.gsub! /^Building configuration.*$/, ''
cfg.gsub! /^Current configuration:.*$$/, ''
- cfg.gsub! /^! Configuration saved on .*$/, ''
+ cfg.gsub! /^! Configuration (saved|generated) on .*$/, ''
cfg
end
diff --git a/lib/oxidized/model/fortios.rb b/lib/oxidized/model/fortios.rb
index 605a596..23370c4 100644
--- a/lib/oxidized/model/fortios.rb
+++ b/lib/oxidized/model/fortios.rb
@@ -15,9 +15,12 @@ class FortiOS < Oxidized::Model
end
cmd :secret do |cfg|
- cfg.gsub! /(set (?:passwd|password|secondary-secret|rsso-secret|psksecret|secret|key ENC)).*/, '\\1 <configuration removed>'
+ cfg.gsub! /(set (?:passwd|password|psksecret|secret|key|group-password|secondary-secret|tertiary-secret|auth-password-l1|auth-password-l2|rsso|history0|history1|inter-controller-key ENC|passphrase ENC|login-passwd ENC)).*/, '\\1 <configuration removed>'
cfg.gsub! /(set private-key).*-+END ENCRYPTED PRIVATE KEY-*"$/m , '\\1 <configuration removed>'
- cfg.gsub! /(IPS Malicious URL Database).*/, '\\1 <configuration removed>'
+ cfg.gsub! /(set ca ).*-+END CERTIFICATE-*"$/m , '\\1 <configuration removed>'
+ cfg.gsub! /(set csr ).*-+END CERTIFICATE REQUEST-*"$/m , '\\1 <configuration removed>'
+ cfg.gsub! /(Virus-DB|Extended DB|IPS-DB|IPS-ETDB|APP-DB|INDUSTRIAL-DB|Botnet DB|IPS Malicious URL Database).*/, '\\1 <configuration removed>'
+ cfg.gsub! /(Cluster uptime:).*/, '\\1 <configuration removed>'
cfg
end
@@ -46,7 +49,7 @@ class FortiOS < Oxidized::Model
cfg << cmd('end') if @vdom_enabled
- cfg << cmd('show')
+ cfg << cmd('show full-configuration')
cfg.join "\n"
end
@@ -60,4 +63,3 @@ cfg << cmd('end') if @vdom_enabled
end
end
-
diff --git a/lib/oxidized/model/gcombnps.rb b/lib/oxidized/model/gcombnps.rb
new file mode 100644
index 0000000..4a97162
--- /dev/null
+++ b/lib/oxidized/model/gcombnps.rb
@@ -0,0 +1,85 @@
+class GcomBNPS < Oxidized::Model
+ # For switches from GCOM Technologies Co.,Ltd. running the "Broadband Network Platform Software"
+ # Author: Frederik Kriewitz <frederik@kriewitz.eu>
+ #
+ # tested with:
+ # - S5330 (aka Fiberstore S3800)
+
+ prompt /^\r?([\w.@()-]+?(\(1-16 chars\))?[#>:]\s?)$/ # also match SSH password promt (post_login commands are sent after the first prompt)
+ comment '! '
+
+# alternative to handle the SSH login, but this breaks telnet
+# expect /^Password\(1-16 chars\):/ do |data|
+# send @node.auth[:password] + "\n"
+# ''
+# end
+
+ # handle pager (can't be disabled?)
+ expect /^\.\.\.\.press ENTER to next line, CTRL_C to quit, other key to next page\.\.\.\.$/ do |data, re|
+ send ' '
+ data.sub re, ''
+ end
+
+ cmd :all do |cfg|
+ cfg = cfg.gsub " \e[73D\e[K", '' # remove garbage remaining from the pager
+ cfg.each_line.to_a[1..-2].join
+ end
+
+ cmd :secret do |cfg|
+ cfg.gsub! /^(snmp-server community)\s+[^\s]+\s+(.*)/, '\\1 <community hidden> \\2'
+ cfg
+ end
+
+ cmd 'show running-config' do |cfg|
+ cfg
+ end
+
+ cmd 'show interface sfp' do |cfg|
+ out = []
+ cfg.each_line do |line|
+ next if line.match /^ Temperature/
+ next if line.match /^ Voltage\(V\)/
+ next if line.match /^ Bias Current\(mA\)/
+ next if line.match /^ RX Power\(dBM\)/
+ next if line.match /^ TX Power\(dBM\)/
+ out << line
+ end
+
+ comment out.join
+ end
+
+
+ cmd 'show version' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show system' do |cfg|
+ out = []
+ cfg.each_line do |line|
+ next if line.match /^system run time :/
+ next if line.match /^switch temperature :/
+ out << line
+ end
+
+ comment out.join
+ end
+
+ cfg :telnet do
+ username /^Username\(1-32 chars\):/
+ password /^Password\(1-16 chars\):/
+ end
+
+ cfg :ssh do
+ # the switch blindy accepts the SSH connection without password validation and then spawns a telnet login prompt
+ # first thing we've to send is the password
+ post_login do
+ send @node.auth[:password] + "\n"
+ end
+ end
+
+ cfg :telnet, :ssh do
+ pre_logout 'exit'
+ end
+
+end
+
diff --git a/lib/oxidized/model/ios.rb b/lib/oxidized/model/ios.rb
index 0cb2f3a..4e7d223 100644
--- a/lib/oxidized/model/ios.rb
+++ b/lib/oxidized/model/ios.rb
@@ -26,6 +26,7 @@ class IOS < Oxidized::Model
cmd :secret do |cfg|
cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
+ cfg.gsub! /^(snmp-server host \S+( vrf \S+)?( version (1|2c|3))?)\s+\S+((\s+\S*)*)\s*/, '\\1 <secret hidden> \\5'
cfg.gsub! /^(username \S+ privilege \d+) (\S+).*/, '\\1 <secret hidden>'
cfg.gsub! /^(username \S+ password \d) (\S+)/, '\\1 <secret hidden>'
cfg.gsub! /^(username \S+ secret \d) (\S+)/, '\\1 <secret hidden>'
diff --git a/lib/oxidized/model/junos.rb b/lib/oxidized/model/junos.rb
index 2f59414..2ea0179 100644
--- a/lib/oxidized/model/junos.rb
+++ b/lib/oxidized/model/junos.rb
@@ -13,7 +13,10 @@ class JunOS < Oxidized::Model
end
cmd :secret do |cfg|
- cfg.gsub!(/encrypted-password (\S+).*/, '<secret removed>')
+ cfg.gsub!(/encrypted-password (\S+).*/, 'encrypted-password <secret removed>')
+ cfg.gsub!(/pre-shared-key ascii-text (\S+).*/, 'pre-shared-key ascii-text <secret removed>')
+ cfg.gsub!(/pre-shared-key hexadecimal (\S+).*/, 'pre-shared-key hexadecimal <secret removed>')
+ cfg.gsub!(/authentication-key (\S+).*/, 'authentication-key <secret removed>')
cfg.gsub!(/community (\S+) {/, 'community <hidden> {')
cfg
end
diff --git a/lib/oxidized/model/netgear.rb b/lib/oxidized/model/netgear.rb
index 38aaca7..0ab1349 100644
--- a/lib/oxidized/model/netgear.rb
+++ b/lib/oxidized/model/netgear.rb
@@ -1,7 +1,7 @@
class Netgear < Oxidized::Model
comment '!'
- prompt /^(\([\w-]+\)\s[#>])$/
+ prompt /^(\([\w\-.]+\)\s[#>])$/
cmd :secret do |cfg|
cfg.gsub!(/password (\S+)/, 'password <hidden>')
diff --git a/lib/oxidized/model/opnsense.rb b/lib/oxidized/model/opnsense.rb
new file mode 100644
index 0000000..b874fca
--- /dev/null
+++ b/lib/oxidized/model/opnsense.rb
@@ -0,0 +1,21 @@
+class OpnSense < Oxidized::Model
+
+ # minimum required permissions: "System: Shell account access"
+ # must enable SSH and password-based SSH access
+
+ cmd :all do |cfg|
+ cfg.each_line.to_a[1..-1].join
+ end
+
+ cmd 'cat /conf/config.xml' do |cfg|
+ cfg.gsub! /\s<revision>\s*<time>\d*<\/time>\s*.*\s*.*\s*<\/revision>/, ''
+ cfg.gsub! /\s<last_rule_upd_time>\d*<\/last_rule_upd_time>/, ''
+ cfg
+ end
+
+ cfg :ssh do
+ exec true
+ pre_logout 'exit'
+ end
+
+end
diff --git a/lib/oxidized/model/powerconnect.rb b/lib/oxidized/model/powerconnect.rb
index 61e1cf2..f602a36 100644
--- a/lib/oxidized/model/powerconnect.rb
+++ b/lib/oxidized/model/powerconnect.rb
@@ -14,7 +14,7 @@ class PowerConnect < Oxidized::Model
end
cmd :secret do |cfg|
- cfg.gsub! /^username (\S+) password \S+ (.*)/, 'username \1 password <hidden> \2'
+ cfg.gsub! /^(username \S+ password (?:encrypted )?)\S+(.*)/, '\1<hidden>\2'
cfg
end
diff --git a/lib/oxidized/model/procurve.rb b/lib/oxidized/model/procurve.rb
index 180b703..444fb5b 100644
--- a/lib/oxidized/model/procurve.rb
+++ b/lib/oxidized/model/procurve.rb
@@ -21,6 +21,11 @@ class Procurve < Oxidized::Model
""
end
+ expect /Enter switch number/ do
+ send "\n"
+ ""
+ end
+
cmd :all do |cfg|
cfg = cfg.each_line.to_a[1..-2].join
cfg = cfg.gsub /^\r/, ''
@@ -42,6 +47,10 @@ class Procurve < Oxidized::Model
comment cfg
end
+ cmd 'show system power-supply' do |cfg|
+ comment cfg
+ end
+
cmd 'show interfaces transceiver' do |cfg|
comment cfg
end
diff --git a/lib/oxidized/model/routeros.rb b/lib/oxidized/model/routeros.rb
index f391fb9..6717446 100644
--- a/lib/oxidized/model/routeros.rb
+++ b/lib/oxidized/model/routeros.rb
@@ -19,6 +19,7 @@ class RouterOS < Oxidized::Model
cmd run_cmd do |cfg|
cfg.gsub! /\x1B\[([0-9]{1,3}((;[0-9]{1,3})*)?)?[m|K]/, '' # strip ANSI colours
cfg.gsub! /\\\r\n\s+/, '' # strip new line
+ cfg.gsub! /# inactive time\r\n/, '' # Remove time based system comment
cfg = cfg.split("\n").select { |line| not line[/^\#\s\w{3}\/\d{2}\/\d{4}.*$/] }
cfg.join("\n") + "\n"
end
diff --git a/lib/oxidized/model/slxos.rb b/lib/oxidized/model/slxos.rb
new file mode 100644
index 0000000..934da5b
--- /dev/null
+++ b/lib/oxidized/model/slxos.rb
@@ -0,0 +1,61 @@
+class SLXOS < Oxidized::Model
+
+ prompt /^.*[>#]\s?$/i
+ comment '! '
+
+ cmd 'show version' do |cfg|
+ cfg.gsub! /(^((.*)[Ss]ystem [Uu]ptime(.*))$)/, '' #remove unwanted line system uptime
+ cfg.gsub! /[Uu]p\s?[Tt]ime is .*/,''
+
+ comment cfg
+ end
+
+ cmd 'show chassis' do |cfg|
+ cfg.encode!("UTF-8", :invalid => :replace, :undef => :replace) #sometimes ironware returns broken encoding
+ cfg.gsub! /.*Power Usage.*/, '' #remove unwanted lines power usage
+ cfg.gsub! /Time A(live|wake).*/, '' #remove unwanted lines time alive/awake
+ cfg.gsub! /([\[]*)1([\]]*)<->([\[]*)2([\]]*)(<->([\[]*)3([\]]*))*/, ''
+
+ comment cfg
+ end
+
+ cmd 'show system' do |cfg|
+ cfg.gsub! /Up Time.*/, '' #removes uptime line
+ cfg.gsub! /Current Time.*/, '' #remove current time line
+ cfg.gsub! /.*speed is.*/, '' #removes fan speed lines
+
+ comment cfg
+ end
+
+ cmd 'show slots' do |cfg|
+ cfg.gsub! /^-*^$/, '' # some slx devices are fixed config
+ cfg.gsub! /syntax error: element does not exist/, '' # same as above
+
+ comment cfg
+ end
+
+ cmd 'show running-config' do |cfg|
+ arr = cfg.each_line.to_a
+ arr[2..-1].join unless arr.length < 2
+ end
+
+ cfg :telnet do
+ # match expected prompts
+ username /^(Please Enter Login Name|Username):/
+ password /^(Please Enter Password ?|Password):/
+ end
+
+ #handle pager with enable
+ cfg :telnet, :ssh do
+ if vars :enable
+ post_login do
+ send "enable\n"
+ cmd vars(:enable)
+ end
+ end
+ post_login ''
+ post_login 'terminal length 0'
+ pre_logout 'exit'
+ end
+
+end
diff --git a/lib/oxidized/model/supermicro.rb b/lib/oxidized/model/supermicro.rb
index 361244c..518ae41 100644
--- a/lib/oxidized/model/supermicro.rb
+++ b/lib/oxidized/model/supermicro.rb
@@ -1,45 +1,9 @@
-class Supermicro < Oxidized::Model
- comment '! '
+# Backward compatibility shim for deprecated model `supermicro`.
+# Migrate your source from `supermicro` to `edgecos`.
- cmd :secret do |cfg|
- cfg.gsub!(/password \d+ (\S+).*/, '<secret removed>')
- cfg.gsub!(/community (\S+)/, 'community <hidden>')
- cfg
- end
+require_relative 'edgecos.rb'
- cmd :all do |cfg|
- cfg.each_line.to_a[2..-2].join
- end
+Supermicro = EdgeCOS
- cmd 'show running-config'
+Oxidized.logger.warn "Using deprecated model supermicro, use edgecos instead."
- cmd 'show access-list tcam-utilization' do |cfg|
- comment cfg
- end
-
- cmd 'show memory' do |cfg|
- comment cfg
- end
-
- cmd 'show system' do |cfg|
- comment cfg
- end
-
- cmd 'show version' do |cfg|
- comment cfg
- end
-
- cmd 'show watchdog' do |cfg|
- comment cfg
- end
-
- cfg :telnet do
- username /^Username:/
- password /^Password:/
- end
-
- cfg :telnet, :ssh do
- post_login 'terminal length 0'
- pre_logout 'exit'
- end
-end \ No newline at end of file
diff --git a/lib/oxidized/model/vyatta.rb b/lib/oxidized/model/vyatta.rb
index 8d977aa..57ec9d3 100644
--- a/lib/oxidized/model/vyatta.rb
+++ b/lib/oxidized/model/vyatta.rb
@@ -9,11 +9,15 @@ class Vyatta < Oxidized::Model
end
cmd :secret do |cfg|
+ cfg.gsub! /encrypted-password (\S+).*/, 'encrypted-password <secret removed>'
+ cfg.gsub! /plaintext-password (\S+).*/, 'plaintext-password <secret removed>'
+ cfg.gsub! /password (\S+).*/, 'password <secret removed>'
+ cfg.gsub! /pre-shared-secret (\S+).*/, 'pre-shared-secret <secret removed>'
cfg.gsub! /community (\S+) {/, 'community <hidden> {'
cfg
end
- cmd 'show configuration | no-more'
+ cmd 'show configuration commands | no-more'
cfg :telnet do
username /login:\s/
diff --git a/lib/oxidized/source/csv.rb b/lib/oxidized/source/csv.rb
index c1e310a..4814bd7 100644
--- a/lib/oxidized/source/csv.rb
+++ b/lib/oxidized/source/csv.rb
@@ -23,7 +23,7 @@ class CSV < Source
file = File.expand_path(@cfg.file)
file = if @cfg.gpg?
crypto = GPGME::Crypto.new password: @cfg.gpg_password
- crypto.decrypt(file).to_s
+ file = crypto.decrypt(File.open(file)).to_s
else
open(file)
end
diff --git a/lib/oxidized/version.rb b/lib/oxidized/version.rb
index 221cffa..9a92133 100644
--- a/lib/oxidized/version.rb
+++ b/lib/oxidized/version.rb
@@ -1,3 +1,3 @@
module Oxidized
- VERSION = '0.20.0'
+ VERSION = '0.21.0'
end