Автоматическая конфигурация Alkatel посредством expect-скрипта

21.12.2013
 |  Комментариев нет

Изменение ACL на клиентских портах

NOC, /usr/local/scripts/qtelnet/change_config
запускается скрипт changecfg_alkatel.sh

#!/usr/local/bin/bash

    # FILE: testmac.sh
    # (C) Kuznetsov D.V. 2013
    # Version by 2013.12.20
    # telnet to list of network devices and send the configuration commands

# variables
    RUNDIR=/usr/local/scripts/qtelnet/change_config

# run
    echo "start changecfg_alkatel.sh" 
    export PATH=/bin:/sbin:/usr/bin
    cat ${RUNDIR}/switch_list|xargs -n 1 ${RUNDIR}/expchange.sh
    echo "stop changecfg_alkatel.sh" 
# EOF

внутренний exp-скрипт:

#!/usr/local/bin/expect -f

set timeout 200
set ipaddr [lindex $argv 0]
log_user 1
spawn telnet $ipaddr
expect "Password:" {send "pass\r"}
send "en\r" 
expect "Password:" {send "pass\r"}
send "configure\r" 
send "ip access-list securityACL\r" 
send "deny-udp any 67 any any\r" 
send "deny-tcp any any any 42\r" 
send "deny-tcp any any any 135\r" 
send "deny-tcp any any any 139\r" 
send "deny-tcp any any any 369\r" 
send "deny-tcp any any any 445\r" 
send "deny-tcp any any any 593\r" 
send "deny-tcp any any any 2869\r" 
send "deny-tcp any any any 5000\r" 
send "deny-udp any any any 42\r" 
send "deny-udp any any any 137\r" 
send "deny-udp any any any 138\r" 
send "deny-udp any any any 445\r" 
send "deny-udp any any any 1025\r" 
send "permit udp any any\r" 
send "permit igmp any any\r" 
send "permit icmp any any\r" 
send "permit gre any any\r" 
send "permit tcp any any\r" 
send "exit\r" 
send "no ip access-list denyDLINK\r" 
send "no ip access-list denyDHCP\r" 
send "interface ethernet e1\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e2\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e3\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e4\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e5\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e6\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e7\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e8\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e9\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e10\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e11\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e12\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e13\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e14\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e15\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e16\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e17\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e18\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e19\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e20\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e21\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e22\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e23\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "interface ethernet e24\r" 
send "no service-acl input\r" 
send "service-acl input securityACL\r" 
send "exit\r" 
send "no ip access-list defaultACL\r" 
send "exit\r" 
send "copy running-config startup-config\r" 
send "y\r" 
send "\r" 
send "exit\r" 
expect eof
Коммутаторы
Метки: , ,