X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fagentlessd%2Fscripts%2Fssh_asa-fwsmconfig_diff;fp=src%2Fagentlessd%2Fscripts%2Fssh_asa-fwsmconfig_diff;h=a5c27902939692c55ee2c5a2c2f34cffb96103ef;hp=7e69b63330e3bb4deac6987aac81ea83659c4606;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff b/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff index 7e69b63..a5c2790 100755 --- a/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff +++ b/src/agentlessd/scripts/ssh_asa-fwsmconfig_diff @@ -1,32 +1,28 @@ #!/usr/bin/env expect -# @(#) $Id: ./src/agentlessd/scripts/ssh_asa-fwsmconfig_diff, 2011/09/08 dcid Exp $ - # Agentless monitoring # # Copyright (C) 2009 Trend Micro Inc. # All rights reserved. -# +# # This program is a free software; you can redistribute it # and/or modify it under the terms of the GNU General Public # License (version 2) as published by the FSF - Free Software # Foundation. - if {$argc < 1} { send_user "ERROR: ssh_asa-fwsmconfig_diff \n"; send_user "ERROR: Must be run from /var/ossec\n"; exit 1; } - -# NOTE: this script must be called from within /var/ossec for it to work. +# NOTE: this script must be called from within /var/ossec for it to work set passlist "agentless/.passlist" set hostname [lindex $argv 0] set commands [lrange $argv 1 end] set pass "x" set addpass "x" -set timeout 20 +set timeout 20 if {[string compare $hostname "test"] == 0} { if {[string compare $commands "test"] == 0} { @@ -34,7 +30,7 @@ if {[string compare $hostname "test"] == 0} { } } -# Reading the password list. +# Read the password list if [catch { set in [open "$passlist" r] } loc_error] { @@ -46,7 +42,7 @@ while {[gets $in line] != -1} { set me [string first "|" $line] set me2 [string last "|" $line] set length [string length $line] - + if {$me == -1} { continue; } @@ -56,10 +52,10 @@ while {[gets $in line] != -1} { if {$me == $me2} { continue; } - + set me [expr $me-1] set me2 [expr $me2-1] - + set host_list [string range $line 0 $me] set me [expr $me+2] set pass_list [string range $line $me $me2] @@ -74,14 +70,12 @@ while {[gets $in line] != -1} { } close $in - if {[string compare $pass "x"] == 0} { send_user "ERROR: Password for '$hostname' not found.\n" exit 1; } - -# SSHing to the box and passing the directories to check. +# SSH to the box and pass the directories to check if [catch { spawn ssh -c des $hostname } loc_error] { @@ -132,7 +126,7 @@ expect { } "* password:*" { send "$pass\r" - + expect { "Permission denied" { send_user "ERROR: Incorrect password to remote host: $hostname .\n" @@ -153,7 +147,7 @@ expect { } } -# Going into enable mode. +# Go into enable mode send "enable\r" expect { "Password:" { @@ -183,15 +177,13 @@ expect { } } - - -# Sending commands -set timeout 60 +# Send commands +set timeout 60 send_user "\nSTORE: now\n" send "term pager 0\r" -# Excluding uptime from the output +# Exclude uptime from the output send "show version | grep -v Configuration last| up\r" send "show running-config\r" send "$commands\r"