#!/usr/bin/env expect # @(#) $Id: ./src/agentlessd/scripts/ssh_pixconfig_diff, 2011/09/08 dcid Exp $ # Agentless monitoring # # Copyright (C) 2009 Trend Micro Inc. # All rights reserved. # # This program is a free software; you can redistribute it # and/or modify it under the terms of the GNU General Public # License (version 2) as published by the FSF - Free Software # Foundation. if {$argc < 1} { send_user "ERROR: ssh_pixconfig_diff \n"; exit 1; } # NOTE: this script must be called from within /var/ossec for it to work. set passlist "agentless/.passlist" set hostname [lindex $argv 0] set commands [lrange $argv 1 end] set pass "x" set addpass "x" set timeout 20 if {[string compare $hostname "test"] == 0} { if {[string compare $commands "test"] == 0} { exit 0; } } # Reading the password list. if [catch { set in [open "$passlist" r] } loc_error] { send_user "ERROR: Password list not present (use \"register_host\" first).\n" exit 1; } while {[gets $in line] != -1} { set me [string first "|" $line] set me2 [string last "|" $line] set length [string length $line] if {$me == -1} { continue; } if {$me2 == -1} { continue; } if {$me == $me2} { continue; } set me [expr $me-1] set me2 [expr $me2-1] set host_list [string range $line 0 $me] set me [expr $me+2] set pass_list [string range $line $me $me2] set me2 [expr $me2+2] set addpass_list [string range $line $me2 $length] if {[string compare $host_list $hostname] == 0} { set pass "$pass_list" set addpass "$addpass_list" break } } close $in if {[string compare $pass "x"] == 0} { send_user "ERROR: Password for '$hostname' not found.\n" exit 1; } # SSHing to the box and passing the directories to check. if [catch { spawn ssh -c des $hostname } loc_error] { send_user "ERROR: Opening connection: $loc_error.\n" exit 1; } expect { "WARNING: REMOTE HOST" { send_user "ERROR: RSA host key for '$hostname' has changed. Unable to access.\n" exit 1; } "*sure you want to continue connecting*" { send "yes\r" expect "* password:*" { send "$pass\r" expect { "Permission denied" { send_user "ERROR: Incorrect password to remote host: $hostname .\n" exit 1; } timeout { send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n" exit 1; } "*>" { send_user "\nINFO: Starting.\n" } } } } "ssh: connect to host*" { send_user "ERROR: Unable to connect to remote host: $hostname .\n" exit 1; } "no address associated with name" { send_user "ERROR: Unable to connect to remote host: $hostname .\n" exit 1; } "*Connection refused*" { send_user "ERROR: Unable to connect to remote host: $hostname .\n" exit 1; } "*Connection closed by remote host*" { send_user "ERROR: Unable to connect to remote host: $hostname .\n" exit 1; } "*Password:*" { send "$pass\r" expect { "Permission denied" { send_user "ERROR: Incorrect password to remote host: $hostname .\n" exit 1; } timeout { send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n" exit 1; } "*>" { send_user "INFO: Starting.\n" } } } timeout { send_user "ERROR: Timeout while connecting to host: $hostname . \n" exit 1; } } # Going into enable mode. send "enable\r" expect { "Password:" { send "$addpass\r" expect { "*asswor*" { send_user "ERROR: Incorrect enable password to remote host: $hostname .\n" exit 1; } "*rror in authenticatio*" { send_user "ERROR: Incorrect enable password to remote host: $hostname .\n" exit 1; } timeout { send_user "ERROR: Timeout while going to enable mode on host: $hostname .\n" exit 1; } "*#" { send_user "ok on enable pass\n" } } } timeout { send_user "ERROR: Timeout while running enable on host: $hostname .\n" exit 1; } } # Sending commands set timeout 60 send_user "\nSTORE: now\n" send "no pager\r" send "term len 0\r" send "terminal pager 0\r" # Excluding uptime from the output send "show version | grep -v Configuration last| up\r" send "show running-config\r" send "$commands\r" send "exit\r" expect { timeout { send_user "ERROR: Timeout while running commands on host: $hostname .\n" exit 1; } eof { send_user "\nINFO: Finished.\n" exit 0; } } send_user "ERROR: Unable to finish properly.\n" exit 1;