summaryrefslogtreecommitdiff
path: root/lib/oxidized/input
AgeCommit message (Collapse)Author
2016-08-29support terminal and ssh auth for same modelSaku Ytti
Some boxes like prokurwa may authenticate via SSH (proper), or may have no auth on SSH and use terminal auth (improper) Even if SSH is configured for terminal auth, in this change we attempt to detect prompt, so that we won't expect terminal auth, even when requested, if it is not presented.
2016-08-19Disconnect input when expected prompt wasn't foundAndreas Rammhold
2016-07-20create a `logs` dir for all the debug logsDanilo Sousa
2016-07-10move ssh_no_exec exec test into exec definitionNick Hilliard
2016-06-02fix cli specElvin Efendi
2016-06-02cleaner specElvin Efendi
2016-06-02more debug stratementsElvin Efendi
2016-06-02some debug statementsElvin Efendi
2016-02-25fix ssh testSaku Ytti
also fix warning about unused variable
2016-02-24Remove netcat in favor of native ssh tunnelroedie
Newer versions of ssh (>=5.4) support the -W option which makes the use of netcat obsolete. Dropping netcat is useful is you want to hop through a router/switch since they rarely have netcat support.
2016-02-19Made the vars stringsroedie
Tested, and is even better.
2016-02-19Add support to specify cipher and kex for ssh connectionsroedie
Some network equipment exists that does not want to play nice with ssh. This adds the vars ssh_encryption and ssh_kex which can be used to make tell oxidized to use certain encryption and key exchange so it can connect to these devices.
2016-02-06set TERMnopedial
2016-02-05version 0.12.00.12.0nopedial
2016-01-27fixes #288Saku Ytti
2016-01-20option to use ssh proxy commandElvin Efendi
2015-12-13refactor and fix bugs introduced with new changesElvin Efendi
2015-11-13better test framework, more specs and Travis CIElvin Efendi
2015-09-29use different path for debug loggingReinier Schoof
When I try to run oxidized as a different user, I get permission errors for oxidized tries to write debug logs (e.g. true-telnet) in current working directory which in my case is not writable for the non-privileged user. I think this can be improved by this change. 1) Why would you use CFG.input.debug?.to_s (which in this case will always be ‘true’) as a prefix at all 2) let’s use the crash directory for the debug output, as we know this is available and choose a more descriptive name
2015-09-25cleaned up conditionalReinier Schoof
2015-09-25only send username when username is set at allReinier Schoof
Some of my switches don’t expect any username on telnet. This change allows me to leave the username field effectively empty for a switch.
2015-09-06oops, presedence issueSaku Ytti
2015-09-05add support for setting ssh and telnet portSaku Ytti
2015-08-20Added support for Zyxel ZynOSSaku Ytti
Model: SAM1316-22 STU-C ZyNOS version: V3.53(BVE.2)
2015-06-08Add keyboard-interactive as SSH auth method to fix ↵Clay Fiske
Net::SSH::AuthenticationFailed on some Arista devices
2015-05-21accept 'none' authSaku Ytti
used by ciscosmb and one of the wlan controllers. Thansk to @SaaldjorMike for spotting fixes #121
2015-04-20don't use keyboard interactive passwordsSaku Ytti
(new behavior in net-ssh 2.9.3)
2015-03-06Log prompt detection failuresSamer Abdel-Hafez
2014-08-08Support creating session log of telnet/sshSaku Ytti
If you have input: debug: session_log Then session_log-telnet and session_log-ssh will be created showing what the telnet/ssh saw. Helpful in model development.
2014-08-05fix ssh close when far end closes disgracefullySaku Ytti
ALU ISAM DSLAM does this
2014-07-24Errno::ETIMEDOUT is normal failureSaku Ytti
2014-07-11add support for retrying failed attemptsSaku Ytti
Looks like this in syslog: Jul 11 21:05:53 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 22" Jul 11 21:05:53 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 23" Jul 11 21:05:54 ytti oxidized[9820]: 10.10.10.10 status no_connection, retry attempt 1 Jul 11 21:05:54 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 22" Jul 11 21:05:54 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 23" Jul 11 21:05:55 ytti oxidized[9820]: 10.10.10.10 status no_connection, retry attempt 2 Jul 11 21:05:55 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 22" Jul 11 21:05:55 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 23" Jul 11 21:05:56 ytti oxidized[9820]: 10.10.10.10 status no_connection, retry attempt 3 Jul 11 21:05:56 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 22" Jul 11 21:05:56 ytti oxidized[9820]: 10.10.10.10 raised Errno::ENETUNREACH with msg "Network is unreachable - connect(2) for "10.10.10.10" port 23" Jul 11 21:05:57 ytti oxidized[9820]: 10.10.10.10 status no_connection, retries exhausted, giving up
2014-06-11Change dynamic discover of file => class nameSaku Ytti
We needed this, because use of 'def inherited' not idempotent, in Oxidized::Script use case we may need to restart Oxidized, even though it's already loaded, and we won't get class names populated via 'def inherited' anymore. There are quite many optiosn to do this a) filename == class name + no discovery/mapping, very clean - user 'source' must give us model name in exactly right capitalization b) add 'self' at end of files, so eval will return class name + deterministic with arbitrary name - DSL cruft, DSL being light is our main value (can we do this via parent class? I couldn't find way) c) load in new module via Module.module_eval X + module will contain only consts we just created - but which one is the one we want? - if we use eval, load errors won't tell line error But at least now we got rid of 'inherited' methods and not adding too much cruft, hope it's better than before.
2014-05-05Introduce node and group level varsAnton Aksola
Variables can now be fed to model from multiple locations. In order of preference: 1) node (from source) 2) group 3) global In a model vars should be accessed via 'vars' helper method though it is not required. Helper method ignores nil values so care needs to taken when designing model behaviour. Support for node level vars is currently available on sql source via 'vars_map' configuration. Following example populates node vars 'enable' and 'somevariable' from sql columns 'var_enable' and 'var_somevariable' sql: adapter: sqlite file: /home/aakso/.config/oxidized/sqrouter.db table: nodes map: name: hostname model: model group: node_group username: username password: password vars_map: enable: var_enablepw somevariable: var_somevariable
2014-04-15Waittime => TimeoutSaku Ytti
Waittime is how long it waits for /more/ input /after/ matching to RE. This has been wrong always in Oxidized but only after changing default timeout to 30, it became apparent. When timeout was 5s, it just gave 5s delay to every command, now it gives 30s delay.
2014-04-14Use 'asetus' for configuration filesSaku Ytti
Main benefits a) we get support for system wide configs b) we don't use symbols in config file, they're confusing to non-rubyist
2014-04-13Subclass all errors from OxidizedErrorSaku Ytti
2014-04-13smarter match for IP address in nodesSaku Ytti
- add 'connnected?' method to ssh/telnet to query if or not we're connected - subclass OxidizedError from StandardError, all future OxidizedErrors should be subclasssed from this.
2014-04-12allow running post_login separatelySaku Ytti
2014-03-28if disconnect_cli does not disconnect us, give upSaku Ytti
If we stay connected on the device (model broken?) give up after timeout, instead of sitting in the model forever
2014-03-05Add AireOS supportSaku Ytti
Crappy Cisco WLC 5k, much quality, very implementation, such secure * stop pre_logout from expecting prompt by default
2014-03-02Give up after timeout on SSH#expectSaku Ytti
2014-03-01Add Model#output methodSaku Ytti
Outputs about what we've seen last in input class. Quite dirty in telnet, so not sure I'm going to support it. Let's see if there is use-case for it.
2014-02-23Migrate to sinatra/puma from webrickSaku Ytti
As I can't do IO#select on sinatra/puma to run it when I have time, I have to run it on separate thread. This means Nodes container needs to be thread safe, it now has ghetto mutex locking, but I probably need to be be more focused what are the external methods that can be called and wrap those in @mutex.synchronize Provide also HTML UI not just JSON for ghetto UI to people who don't want to integrate
2014-02-10Handle exceptions with different log levelsSaku Ytti
2014-02-07Add AOS (ALU OmniSwitch) supportSaku Ytti
Specifically AOS 6, vxworks era, not linux era 7
2014-02-07Ignore ssh keys, change input exceptionsSaku Ytti
Now input ssh has configuration secure which is false by default, meaning we don't care about changing keys. It breaks ssh security model but rancid does it too. Also input models error handling is now mostly moved to node.rb for centralized handling + logging. With input models only defining which errors they want to receover from.
2013-09-06more errors to rescue fromPaul Sherratt
2013-05-12add rescue for Errno::EHOSTUNREACH in input/ssh.rbnopedial
2013-05-01Net::ReadTimeout is ruby 2.0.0 specificSaku Ytti
use TimeoutError for compatibility