#!/bin/expect -f # # fix-qos-snmp.exp # # Rev 1.0 February 12, 2014 BLL # # The work this expect script does is as follows: # # 1. Reverts to old legacy snmp single host # 2. Creates two new string host combos # 3. Set snmp-server contact Network Operations 602-506-0033 # 4. Partially sets snmp-server communities and hosts like the following # # Store command line arguments in expect variables # set hostip [lindex $argv 0] set username [lindex $argv 1] set password [lindex $argv 2] set enablepassword [lindex $argv 2] set logfile [lindex $argv 3] # Announce which device we are working on and at what time send_user "\n" send_user ">>>>> Working on $hostip @ [exec date] <<<<<\n" send_user "\n" # Don't check keys spawn ssh -o StrictHostKeyChecking=no $username\@$hostip # Log results log_file -a $logfile # Allow this script to handle ssh connection issues expect { timeout { send_user "\nTimeout Exceeded - Check Host\n"; exit 1 } eof { send_user "\nSSH Connection To $hostip Failed\n"; exit 1 } "*#" {} "*assword:" { send "$password\n" } } # If we're not already in enable mode, get us there expect { default { send_user "\nEnable Mode Failed - Check Password\n"; exit 1 } "*#" {} "*>" { send "enable\n" expect "*assword" send "$enablepassword\n" expect "*#" } } # Let's go to configure mode send "conf t\r" expect "(config)#" # look for acl 21 if it is not there bail out send "ip access-list standard 21\r" expect { "ERROR:" { send_user "\n$hostip ERROR: at (config-std-nacl#)\n" ; log_file ; exit 1} "(config-std-nacl#)" { send "exit\r" } } # # Legacy SNMP # dacrspopenview.maricopa.gov 156.42.79.200 leller RO 12 # dacrspciscowrks.maricopa.gov 156.42.4.10 escriber RW 12 # New Management # dacrpcqpm.maricopa.gov 10.3.66.21 D0wnT@wn RW 21 # orion.enterprise.maricopa.gov 10.3.66.23 Tm02tbG RW 21 # dacrspprime01.maricopa.gov 10.3.66.51 C0Y0t35 RW 21 # # legacy snmp community string # snmp-server community D0wnT@wn RO 21 # snmp-server community Tm02tbG RW 21 # snmp-server community C0Y0t35 RO 21 # snmp-server community leller RO 12 # snmp-server community escrebir RW 12 # # # proposed changed community strings # snmp-server community le3rle RO 12 # snmp-server community escrlb1r RW 12 # snmp-server community D0wnToVVn RW 21 # snmp-server community T0mAt2 RW 21 # # proposed new community strings # snmp-server community CoY0t35 RW 21 # snmp-server community leer3m0s RW 21 # snmp-server community Prim0leer1a RW 21 # # proposed string to legacy host association # snmp-server host 156.42.79.200 le3rle # snmp-server host 156.42.4.10 escrlb1r # # proposed string to new host association # snmp-server host 10.3.66.21 Coy0t35 # snmp-server host 10.3.66.23 leer3m0s # snmp-server host 10.3.66.51 Prim0leer1a # # As of February 14, 2014 WhatsUpGold has myriad # RO and RW strings in its configuration so 2 new # strings will be applied to the hosts for QPM and Prime # We'll get Solarwinds later # # # revert to old snmp host list expect "(config)#" send "no snmp-server host 10.3.66.51 C0Y0t35\r" expect "(config)#" send "no snmp-server host 10.3.66.21 D0wnT@wn\r" expect "(config)#" send "no snmp-server host 10.3.66.23 Tm02tbG\r" expect "(config)#" send "no snmp-server host 156.42.4.10 escr3b1r\r" # # new limited list expect "(config)#" send "snmp-server community CoY0t35 RW 21\r" expect "(config)#" send "snmp-server host 10.3.66.21 Coy0t35\r" # # skip 23 solarwinds for now # #expect "(config)#" #send "snmp-server community leer3m0s RW 21\r" #expect "(config)#" #send "snmp-server host 10.3.66.23 leer3m0s\r" expect "(config)# send "snmp-server community Prim0leer1a RW 21\r" expect "(config)#" send "snmp-server host 10.3.66.51 Prim0leer1a\r" expect "(config)#" send "snmp-server contact Network Operations 602-506-0033\r" # # snmp update should be done by this point # # write to memory expect "(config)#" send "end\r" expect "*#" send "write mem\r" # copy running to startup expect "*#" send "copy runn start\r" expect "?" send "\r" # # start the copy of running config to QPM tftp # expect "*#" send -- "copy running-config tftp:\r" # # it asks for the address to send it to expect "Address or name of remote host" send -- "156.42.4.24\r" # # confirm it expect "?" send -- "\r" # # the copy to QPM tftp server is all done # # # start the copy of running config to QPM tftp # expect "*#" send -- "copy running-config tftp:\r" # # it asks for the address to send it to expect "Address or name of remote host" send -- "156.42.10.184\r" # # confirm it expect "?" send -- "\r" # # the copy to Main tftp server is all done # # # start the copy of running config to Cisco Works tftp #expect "*#" #send -- "copy running-config tftp:\r" # # it asks for the address to send it to #expect "Address or name of remote host" #send -- "156.42.4.10\r" # # confirm it #expect "?" #send -- "\r" # # the copy to Cisco Works tftp server is all done # # # retrieves the hostname #expect "*#" #send "sh conf | in hostname\n" expect "*#" # retrieve the prompt send "sh conf | in prompt\n" expect "*#" # this get the loopback...if zero exists send "sh int Loopback0 | in Internet\n" expect "*#" # this gets the acl 12 send "sh access-list 12\r" expect "*#" log_file send "exit\n" expect ":~\$" exit