-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSSHIOSPing.pm
368 lines (290 loc) · 10.7 KB
/
SSHIOSPing.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
package Smokeping::probes::SSHIOSPing;
=head1 301 Moved Permanently
This is a Smokeping probe module. Please use the command
C<smokeping -man Smokeping::probes::SSHIOSPing>
to view the documentation or the command
C<smokeping -makepod Smokeping::probes::SSHIOSPing>
to generate the POD document.
=cut
use Data::Dumper;
use Sys::Syslog qw(:standard :macros);
use strict;
use warnings;
use Net::SSH2::Cisco;
use base qw(Smokeping::probes::basefork);
# or, alternatively
# use base qw(Smokeping::probes::base);
use Carp;
binmode(STDOUT, ":encoding(utf8)");
sub pod_hash {
return {
name => <<DOC,
Smokeping::probes::SSHIOSPing - A ping latency Probe that runs on SSH for Cisco devices
DOC
description => <<DOC,
This probe connects to Cisco IOS devices and runs ping commands to arbitrary hosts
using the SSH protocol with password authentication.
Has basic syslog functionality for debug.
DOC
authors => <<'DOC',
João Silva <[email protected]>,
DOC
see_also => <<DOC
L<smokeping_extend>
DOC
};
}
sub new($$$)
{
my $proto = shift;
my $class = ref($proto) || $proto;
my $self = $class->SUPER::new(@_);
# no need for this if we run as a cgi
unless ( $ENV{SERVER_SOFTWARE} ) {
# if you have to test the program output
# or something like that, do it here
# and bail out if necessary
};
return $self;
}
# This is where you should declare your probe-specific variables.
# The example shows the common case of checking the availability of
# the specified binary.
sub probevars {
my $class = shift;
return $class->_makevars($class->SUPER::probevars, {
ping_timeout => {
_doc => "ping command timeout in seconds defaults to 1 second.",
_example => '20',
_default => 1,
_sub => sub {
my $val = shift;
return "ERROR: Ping command timeout must be positive integer." unless $val =~ /^[1-9][0-9]*$/;
return undef;
},
},
debug_level => {
_doc => "syslog logging level [0-7], defaults to LOG_ERR (3).",
_example => '3',
_default => 3,
_sub => sub {
my $val = shift;
return "ERROR: debug level must be between 0 and 7 according to syslog standards." unless ( $val =~ /^[0-7]$/ );
return undef;
},
},
});
}
# Here's the place for target-specific variables
sub targetvars {
my $class = shift;
return $class->_makevars($class->SUPER::probevars, {
_mandatory => [ 'user', 'password', 'enable_secret', 'ios_host' ],
user => {
_doc => "Your IOS username.",
_example => 'johnny.b.good',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
password => {
_doc => "Your IOS user's password.",
_example => 'supergroovalisticprosifunkstication',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
ios_host => {
_doc => "Your IOS device.",
_example => 'my-router.some.domain',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
enable_secret => {
_doc => "Your device's enable password to access exec mode.",
_example => 'supergroovalisticprosifunkstication',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
repeats => {
_doc => "how many pings the probe should send. Defaults to 20.",
_example => '15',
_default => 20,
_sub => sub {
my $val = shift;
return "ERROR: Number of pings must be positive integer" unless $val =~ /[1-9][0-9]*/;
return undef;
},
},
packet_size => {
_doc => "ICMP packet size. Defaults to 100.",
_example => '200',
_default => 100,
_sub => sub {
my $val = shift;
return "ERROR: Packet size must be positive integer" unless $val =~ /[1-9][0-9]*/;
return undef;
},
},
source => {
_doc => "Ping source interface. IP address or interface description.",
_example => '10.10.10.10',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
vrf => {
_doc => "Ping host using specific VRF.",
_example => 'myVRF',
_default => '',
_sub => sub {
my $val = shift;
#return "ERROR: ssh 'binary' does not point to an executable" unless -f $val and -x _;
return undef;
},
},
});
};
sub ProbeDesc($){
my $self = shift;
return "pingpong points";
}
# this is where the actual stuff happens
# you can access the probe-specific variables
# via the $self->{properties} hash and the
# target-specific variables via $target->{vars}
# If you based your class on 'Smokeping::probes::base',
# you'd have to provide a "ping" method instead
# of "pingone"
sub pingone ($){
my $self = shift;
my $target = shift;
# Configuration obtained from smokeping config file
# probe variables
my $debug_level = $self->{properties}{debug_level} ;
my $ping_timeout = $self->{properties}{ping_timeout} ;
my $packet_size = $target->{properties}{packet_size} ;
# target variables
my $enable_secret = $target->{vars}{enable_secret} ;
my $user = $target->{vars}{user} ;
my $password = $target->{vars}{password} ;
my $ios_host = $target->{vars}{ios_host};
my $repeats = $target->{vars}{repeats} ;
my $source = $target->{vars}{source} ;
my $vrf = $target->{vars}{vrf} ;
my $host = $target->{vars}{host};
# syslog functions receive macros
my %maskHash = (
0 => LOG_EMERG,
1 => LOG_ALERT,
2 => LOG_CRIT,
3 => LOG_ERR,
4 => LOG_WARNING,
5 => LOG_NOTICE,
6 => LOG_INFO,
7 => LOG_DEBUG
);
# initialize syslog functionality
setlogmask( LOG_UPTO ( $maskHash{ $debug_level } ) );
openlog( "SSHIOSPing", "ndelay", "user" );
syslog( LOG_INFO, "Starting logging to syslog with priority: " . $maskHash{ $debug_level } );
# specify all the supported options to create a valid ping IOS command
my %pingOptions = (
"timeout" => $ping_timeout,
"source" => $source,
"repeat" => "1",
"vrf" => $vrf,
"size" => $packet_size
);
my $pingCommand = _buildPingCommand( $host, %pingOptions );
my @pingValues = ();
syslog( LOG_INFO, "Returned Ping Command: $pingCommand" );
syslog( LOG_INFO, "Connecting to $ios_host" );
my $session = Net::SSH2::Cisco->new();
# We don't want a failed connection to kill the whole script:
$session->errmode( 'return' );
# Seems like a reasonable connection timeout
$session->timeout( 20 );
my $host_session = $session->connect( $ios_host ) or syslog( LOG_ERR, "failed to connect to $ios_host" );
$session->login( $user, $password ) or syslog( LOG_ERR, "failed to authenticate \"$user\"") and die ;
syslog( LOG_INFO, "Trying to reach exec mode on \"$ios_host\"" );
if ( ! $session->is_enabled() and $enable_secret ) {
$session->enable( $enable_secret ) or syslog( LOG_ERR, "Could not reach exec mode to run ping command on $ios_host" ) and die ;
} elsif ( ! $session->is_enabled() ) {
syslog( LOG_ERR, "User \"$user\" requires Exec mode to on $ios_host to run ping command properly" ) and die ;
};
#$session->input_log('/root/admin_sandbox/perl.log');
syslog( LOG_INFO, "Running command : \"$pingCommand\" on $ios_host $repeats times");
# run $repeats ping commands, smokeping will perform all statistical computations
for my $count ( 1 .. $repeats ) {
my @output = $session->cmd( $pingCommand ) or syslog( LOG_ERR, "Could not run ping command on $ios_host" );
# logging is done on the subroutine
my $result = _parsePingCommand( $ios_host, @output ) or syslog( LOG_ERR, "Could not validate ping command output from $ios_host") ;
push @pingValues, $result if $result or next;
#print Dumper( \%result );
};
syslog( LOG_INFO, "From $ios_host I got: " . scalar @pingValues . " out of $repeats to $host\n") ;
syslog( LOG_INFO, "Closing connection to $ios_host");
$session->close;
return "@pingValues";
}
# That's all, folks!
sub _buildPingCommand {
my $_host = shift ;
my %_pingOptions = @_ ;
my @pingCommand = () ;
#syslog( LOG_INFO, "vrf : $_pingOptions{vrf}") ;
if ( $_pingOptions{vrf} eq '' ) {
@pingCommand = ( 'ping', $_host ) ;
} else {
@pingCommand = ( 'ping', 'vrf', $_pingOptions{vrf}, $_host );
};
delete $_pingOptions{vrf};
while ( my ( $param, $value ) = each %_pingOptions ) {
if ( $value ) {
syslog( LOG_INFO, "$param : $value") ;
push @pingCommand, $param, $value;
}
}
my $result = join(' ', @pingCommand );
syslog( LOG_INFO, "ping Command: $result") ;
return $result;
};
sub _parsePingCommand {
local $" = "";
my $_host = shift;
my @pingOutput = @_;
my @infoLine ;
my $successTest = '^success rate is 100 percent';
my $pattern = '/(\d+) (\w+)$';
# we will return nothing if we cannot validate the output
@infoLine = grep {/^Success/} @pingOutput ;
if ( ! @infoLine ) {
syslog( LOG_ERR, "Could not validate ping command output on host $_host") ;
return ();
};
my $line = "@infoLine";
#squeeze all spaces
$line =~ s/\s+/ /g;
#trim
$line =~ s/^\s+|\s+$//g;
$line = lc $line;
syslog( LOG_INFO, "Matched information line: $line" );
$line =~ m|$successTest| or syslog( LOG_ERR, "Metrics pattern was not matched") and return ();
my ( $time, $unit ) = ( $line =~ m|$pattern| ) or syslog( LOG_ERR, "Could not get time and units") and return ();
syslog( LOG_INFO, "Ping RTT time: $time $unit" ) ;
return $time;
};
1;