SSH to a pix

Nalina has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

As per the suggestions of perl monks, I installed Net::SSH::Perl module and all the prerequired modules properly using ppm.

My script to access pix & execute command to get hit counts is as follows


#!/usr/local/bin/perl -w 

# Steps: 
# 1. login 
# 2. go to enable mode ('en') 
# 3. execute 'no pager' to disable paging 
# 4. execute 'sh access-list access-list-name'
# 5. Get hit counts 
# 6. logout 



$|++; 
use strict; 
use Net::SSH::Perl; 
use Net::SSH::Perl::Constants qw( :msg ); 
use constant SKIP_PROMPT => 1;   # pix prints login prompt twice, skip
+ first  

my $host       = shift || die "Usage: $0 pix_name\n"; 
my $time2login = 10; 
my $time2run   = 20;

my $file = "C:\\hit_cnt.txt"; 
open (DAT, ">>$file") || die "can not open"; 

# modify these in case of prompt (hostname) changes
# assuming alphanumeric characters only:
# [a-zA-Z0-9] is actually \w, but some hosts have '_' or '-' in their 
+names 
my $enb_prompt  = qr/(?:[a-zA-Z0-9]+#)\s*/;  # alphanumeric followed b
+y '#'
my $reg_prompt  = qr/(?:[a-zA-Z0-9]+>)\s*/;  # alphanumeric followed b
+y '>'
my $pass_prompt = qr/Password:\s*/;

my ($prompt_cnt,$save,$done)  = (0,0,0);
my ($ssh, @config); 

# login on the device
eval { 
   local $SIG{'ALRM'} = sub { die 'TimedouT' };
   alarm $time2login;
   $ssh = Net::SSH::Perl->new($host, protocol=>1, cipher=>'DES', port=
+>22);
   $ssh->login('USER-NAME','PASSWD');
   alarm 0;
};

($@)? ( die '[',scalar localtime,'] ', ($@ =~ /TimedouT/)? 
                                       "Takes too long to login on $ho
+st.\n" :
                                       "Unexpected eval err: $@.\n"  
      ) : undef;


# set up handler and intercept everything that goes to STDOUT 

$ssh->register_handler(SSH_SMSG_STDOUT_DATA, sub {
   my($ssh, $packet) = @_; 
   my $str = $packet->get_str;
   print DAT "$str"; 

   if ( $save )  {                       # reading config  

      if ( $str =~ /$enb_prompt$/ ) {    # last line of the config + p
+rompt 
         my $packet = $ssh->packet_start(SSH_CMSG_STDIN_DATA); 
         $packet->put_str('exit ' . "\n"); 
         $packet->send; 
         $done++;
      }

      $str =~ s/\cM//g;
      chomp $str;
       
      # skip echo of the command and logout sequence
      push @config, $str unless ( $done        || $str =~ /^(\w|\s)$/ 
+|| 
                                  $str =~ /^:/ || $str eq '' ); 
    }
    else {                             # login part 
       if ($str =~ /$reg_prompt$/)  {  # go to enable mode
          $prompt_cnt++;               # pix prints login prompt twice
+, remember
          return unless $prompt_cnt > SKIP_PROMPT; 
          my $packet = $ssh->packet_start(SSH_CMSG_STDIN_DATA);
          $packet->put_str('enable' . "\n"); 
          $packet->send; 
          $prompt_cnt = 0;             # will resuse it in enable mode
+ 
       } 
       elsif ( $str =~ /$pass_prompt$/ ) {  
          # going into enable mode.... 
          my $packet = $ssh->packet_start(SSH_CMSG_STDIN_DATA);
          $packet->put_str("PASSWD\n");
          $packet->send; 
       } 
       elsif ( $str =~ /$enb_prompt$/ && !$prompt_cnt ) {  
          # exec first command in enable mode 
          my $packet = $ssh->packet_start(SSH_CMSG_STDIN_DATA); 
          $packet->put_str('no pager' . "\n");
          $packet->send; 
          $prompt_cnt++; 
       } 
       elsif ( $str =~ /$enb_prompt$/ && $prompt_cnt ) { 
          # exec second command in enable mode, ready to rock 
          my $packet = $ssh->packet_start(SSH_CMSG_STDIN_DATA);
          $packet->put_str('sh access-list access-list-name' . "\n");
          $packet->send; 
          $save++; 
       }
       else {  
          # Uncomment this for debug purposes
          # print "Useless data: $str\n";
       }
   } 

});

eval {
   local $SIG{'ALRM'} = sub { die 'TimedouT' }; 
   alarm $time2run; 
   $ssh->cmd('');              # thaaaat's right, nothing at all
   alarm 0; 
};

($@)? ( die '[',scalar localtime,'] ', ($@ =~ /TimedouT/)? 
                                       "Timed out while pulling from $
+host.\n" :
                                       "Unexpected eval err: $@.\n" 
      ) : undef;
[download]

When I execute this script, I got the following error

Use of uninitialized value in concatenation (.) or string at C:/Perl/s
+ite/lib/Net/SSH/Perl.pm line 111.
Nalina: Reading configuration data /.ssh/config
Nalina: Reading configuration data /etc/ssh_config
Nalina: Connecting to 203.91.132.111, port 22.
Nalina: Remote protocol version 1.5, remote software version Cisco-1.2
+5
Nalina: Net::SSH::Perl Version 1.23_01, protocol version 1.5.
Use of uninitialized value in concatenation (.) or string at C:/Perl/s
+ite/lib/Net/SSH/Perl/SSH1.pm line 31, <GEN0> line 1.
Use of uninitialized value in concatenation (.) or string at C:/Perl/s
+ite/lib/Net/SSH/Perl/SSH1.pm line 37, <GEN0> line 1.
Nalina: No compat match: Cisco-1.25.
[Wed Jun 23 12:37:28 2004] Unexpected eval err: Your vendor has not de
+fined Fcntl macro F_SETFL, used at C:/Perl/site/lib/Net/SSH/Perl.pm l
+ine 218.
[download]

How do I resolve it?

Thanks

Nalina

Comment on SSH to a pix Select or Download Code

Replies are listed 'Best First'.

Re: SSH to a pix
by tachyon (Chancellor) on Jun 23, 2004 at 07:42 UTC

You are on Win32 so you need Net::SSH::W32Perl which is the MSWin32 compatibility layer for Net::SSH::Perl.

cheers

tachyon

[reply]

Re^2: SSH to a pix

by PodMaster (Abbot) on Jun 23, 2004 at 08:36 UTC

-    fcntl($sock, F_SETFL, O_NONBLOCK)
-        or die "Can't set socket non-blocking: $!";
+    defined( $sock->blocking(0) )
+        or die "Can't set socket non-blocking: ${\int$!} : $!";
[download]

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
** The third rule of perl club is a statement of fact: pod is sexy.

[reply]
[d/l]

Re^3: SSH to a pix

by tachyon (Chancellor) on Jun 23, 2004 at 12:52 UTC

All Net::SSH::W32Perl does is override the connect method and set a couple of defaults (port 22 and SSH 2). It uses IO::Socket. Net::SSH::Perl uses a vanilla socket so you can't call blocking() method on it as it does not have one.....

I think protocol => 1 may do the trick.

cheers

tachyon

[reply]

Re^3: SSH to a pix

by Nalina (Monk) on Jun 24, 2004 at 06:59 UTC

fcntl($sock, F_SETFL, O_NONBLOCK)
 or die "Can't set socket non-blocking: $!";
[download]

[reply]
[d/l]

Re^2: SSH to a pix

by Nalina (Monk) on Jun 23, 2004 at 08:27 UTC

use Net::SSH::W32Perl;

 my $host = 'xxx.xxx.xxx.xxx';
 my $ssh = new Net::SSH::W32Perl($host,debug=>1);
 $ssh->login('user-id', 'passw');
[download]

Nalina: Reading configuration data /.ssh/config
Nalina: Reading configuration data /etc/ssh_config
Nalina: Connecting to xxx.xxx.xxx.xxx, port 22.
Nalina: Socket created, turning on blocking...
Nalina: Remote protocol version 1.5, remote software version Cisco-1.2
+5
Protocol major versions differ: 2 vs. 1 at cisco_ssh.pl line 4
[download]

[reply]
[d/l]
[select]

Re^3: SSH to a pix

by tachyon (Chancellor) on Jun 23, 2004 at 10:35 UTC

You PIX looks like it only speaks SSH 1 whereas Net::SSH::W32Perl only speak SSH 2.

cheers

tachyon

[reply]

Re: SSH to a pix
by tachyon (Chancellor) on Jun 23, 2004 at 12:55 UTC

Contrary what I wrote above about Net::SSH::W32Perl only speaking SSH 2 the new constructor will accept protocol => 1 as an option and override the SSH 2 default. That may do the trick

my $ssh = Net::SSH::W32Perl->new( $host, protocol => 1 );
[download]

cheers

tachyon

[reply]
[d/l]