用Perl语言登录Cisco PIX防火墙修改配置
发布时间:2020-12-16 00:19:18 所属栏目:大数据 来源:网络整理
导读:################################################### Open the internet connection for an ip address.# Usage: inet_conn.pl [-e | -d ] ip_address################################################### 应该对IP地址进行测试sub print_usage{print "Us
################################################## # Open the internet connection for an ip address. # Usage: inet_conn.pl [-e | -d ] ip_address ################################################## # 应该对IP地址进行测试 sub print_usage{ print "Usage: inet_conn.pl [-e | -d ] ip_address n"; } sub check_ip_address_valid{ my $h = shift; # verify if ip address is valid. my $re='^([0-9]{1,3}).([0-9]{1,3})$'; if(!($h =~ /$re/)){ print "The ip address '$h' is not valid.n"; exit 1; } if($1 < 0 || $2 < 0 || $3 < 0 || $4 < 0 || $1 > 255 || $2 > 255 || $3 > 255 || $4 > 255 ){ print "The ip address '$h' is not valid.n"; exit 1; } } sub get_conf{ my $abc; $t->open("10.10.10.1"); $t->waitfor('/PIX passwd:.*$/'); $t->print('pwd1'); $t->waitfor('/out-pix> .*$/'); $t->print('enable'); $t->waitfor('/Password:.*$/'); $t->print('pwd2'); $t->waitfor('/out-pix#.*$/'); $t->print('pager lines 0'); $t->waitfor('/out-pix#.*$/'); $t->print('show config'); ($abc) = $t->waitfor('/out-pix#.*$/'); return $abc; } # Main program begins. $argc = scalar(@ARGV); if ( $argc > 2 || $argc < 1){ print_usage; exit 1; } # login to the pix firewall and get the configuration. use Net::Telnet (); $t = new Net::Telnet (Timeout => 10,Prompt => '/PIX passwd:.*$/',Errmode => 'return'); my $abc; # check if the ip address is already opened. if($argc == 1){ # display status $h = $ARGV[0]; check_ip_address_valid($h); $abc = get_conf(); $ip="nat (inside) 1 $h 255.255.255.255 0 0"; $ip =~ s/././g; $ip =~ s/(/(/g; $ip =~ s/)/)/g; if ($abc =~ ?$ip?){ print "The ip address '$h' is OPENED." ; }else{ print "The ip address '$h' is CLOSED." ; } $t->print('exit'); exit 0; } if($argc == 2){ $s = $ARGV[0]; $h=$ARGV[1]; if($s eq "-e"){ check_ip_address_valid($h); $abc = get_conf(); # open the internet connection $ip="nat (inside) 1 $h 255.255.255.255 0 0"; $ip =~ s/././g; $ip =~ s/(/(/g; $ip =~ s/)/)/g; if ($abc =~ ?$ip?){ print "The ip address '$h' is ALREADY OPENED!" ; exit 0; } $t->print('conf t'); $t->waitfor('/out-pix(config)#.*$/'); $cmd="nat (inside) 1 $h 255.255.255.255 0 0"; $t->print($cmd); $t->waitfor('/out-pix(config)#.*$/'); $t->print('exit'); $t->waitfor('/out-pix#.*$/'); $t->print('wr mem'); $t->waitfor('/out-pix#.*$/'); $t->print('exit'); print "The ip address '$h' is OPENED SUCCESSFULLY.n" ; exit 0; }elsif($s eq "-d"){ check_ip_address_valid($h); # close the internet connection $abc = get_conf(); $ip="nat (inside) 1 $h 255.255.255.255 0 0"; $ip =~ s/././g; $ip =~ s/(/(/g; $ip =~ s/)/)/g; # the internet connection must be 'open'. if (!($abc =~ ?$ip?)){ print "The ip address '$h' is NOT PENED." ; exit 0; } $t->print('conf t'); $t->waitfor('/out-pix(config)#.*$/'); $cmd="no nat (inside) 1 $h 255.255.255.255 0 0"; $t->print($cmd); $t->waitfor('/out-pix(config)#.*$/'); $t->print('exit'); $t->waitfor('/out-pix#.*$/'); $t->print('wr mem'); $t->waitfor('/out-pix#.*$/'); $t->print('exit'); print "The ip address '$h' is CLOSED SUCCESSFULLY.n" ; $t->print('exit'); exit 0; }else{ print('exit'); print_usage; exit 1; } } exit 0; (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |