Why SNMP or SSH prevents the while to loop from iterating? - bash

I'm writing a code in order to capture information about routers thanks to SSH and SNMP. I work on network with 4 different router configurations. In my script bash, a while loop read line by line the IP address of routers then try to know the configuration and finally capture information about my router.
To do so, I use a while loop but it only run for one IP address...
I assume that the problem comes from SNMP or SSH.
I tried the while loop just with
echo $line
The while loop :
while IFS= read -r line
do
echo
echo "line : $line"
echo
typeRouter=""
version=""
# type multitech V4.1
type=$(snmpget -v3 -u Ai -l authpriv -a SHA -A "pass" -x AES -X "pass" "$line" 1.3.6.1.4.1.995.14.1.1.8.3.0 | cut -d\" -f2 | cut -d. -f1 )
if [[ "$type" == "4" ]]; then
typeRouter=2
version=4
fi
# type sierra
type=$(snmpget -v3 -u Ai -l authpriv -a SHA -A "pass" -x AES -X "pass" "$line" iso.3.6.1.4.1.20542.9.1.1.9.7.0 | cut -d\" -f2 )
if [[ "$type" == "LX40" ]]; then
typeRouter=3
fi
case $typeRouter in
2)
echo "Mutlitech"
# version 4.1 et ultérieur
MultiV4 "$line" "$txtfile" "pass" "pass"
;;
3) # TODO PASSWORD
echo "Sierra"
Sierra "$line" "$txtfile" "pass" "pass"
;;
*)
echo
echo "Unknown router model, IP : $line"
echo
;;
esac
done < "file"
The function called
MultiV4 () {
# "$1" : #IP
# $2 : txtfile
# "$3" : mdp snmp
# $4 : mdp ssh
# Files
txtfile=$2
model="Multitech"
MACtxt="ephemere/mac.txt"
MacAddressRouter=$(snmpget -v3 -u Ai -l authpriv -a SHA -A "$3" -x AES -X "$3" "$1" iso.3.6.1.4.1.995.14.1.1.5.1.0 | cut -d\" -f2)
echo "Router MAC address : $MacAddressRouter"
sshpass -p "$4" ssh -o StrictHostKeyChecking=no admin#"$1" "cat /proc/net/arp" > "$MACtxt"
rssiPacket=$(snmpget -v3 -u Ai -l authpriv -a SHA -A "$3" -x AES -X "$3" "$1" iso.3.6.1.4.1.995.14.1.1.3.5.0 | cut -d: -f2 | cut -d\" -f2 | tr -d dBm)
echo "RSSI packet : $rssiPacket"
firmware=$(snmpget -v3 -u Ai -l authpriv -a SHA -A "$3" -x AES -X "$3" "$1" iso.3.6.1.4.1.995.14.1.1.3.4.0 | cut -d: -f2 | cut -d\" -f2)
echo "Firmware version : $firmware"
echo "$MacAddressRouter", "$MacAddressPlayer", "$rssiPacket", "$model", "$firmware", "$imei", "$SIMStatus", "$operator", "$connectionType", "$IPaddress", "$SINR", "$RSRP", "$RSRQ" >> "$txtfile"
}
My file
10.252.144.138
10.252.144.140
10.252.144.23
10.252.144.15
10.252.144.134
Can you help me why the loop running only one time ?

I solved the problem using
ssh -n
Go see this answer for more explanation : Shell script while read line loop stops after the first line

Related

Notify only when IP changes

I use this script to log ext IP changes
host myip.opendns.com resolver1.opendns.com | sed -n -e 's/^\(.*\)\(myip.opendns.com has address \)/\1/p' | sed "s/^/`date` /" » /DataVolume/shares/Public/MyIP.txt
How can I create an alert (maybe creating a separate log file or sending a mail) only when IP changes?
Something along these lines:
#!/bin/bash
previp=
while :; do
ip=$(host myip.opendns.com resolver1.opendns.com |
sed -n '/.* has address \(.*\)/ { s//\1/; p; q; }' )
if [[ $previp != "$ip" ]]; then
msg="$(date): IP change from '$previp' to '$ip'"
echo "$msg" >> logfile
mail -s "IP change" somebody#somewhere <<< "$msg"
previp=$ip
fi
sleep 60
done
If you want it to run one time only (from crontab, for example):
#!/bin/bash
ipfile='/tmp/previous_ip'
ip=$(host myip.opendns.com resolver1.opendns.com |
sed -n '/.* has address \(.*\)/ { s//\1/; p; q; }' )
if ! [[ -f $ipfile ]]; then
echo "$ip" > "$ipfile"
fi
read -r previp < "$ipfile"
if [[ $previp != "$ip" ]]; then
msg="$(date): IP change from '$previp' to '$ip'"
echo "$msg" >> logfile
mail -s "IP change" somebody#somewhere <<< "$msg"
echo "$ip" > "$ipfile"
fi

Unix Shell Scripting - Add Extra Column In While Loop

I have a file server.txt containing different hostnames like:
hostname1.com
hostname2.com
My shell script servers.sh is written to get the /etc/passwd and /etc/group files from the list in servers.txt file.
I wish to add the hostname from which the entries came from in my final output file. My script looks something like below:
while read HOST ;
do
sshpass -p $password ssh -n $username#$HOST 'cat /etc/passwd'>>users.txt
sshpass -p $password ssh -n $username#$HOST 'cat /etc/group'>>groups.txt
done < servers.txt
echo -e "UserName;UID;GID;HomeDir;Shell" > final_users.csv
cut -d: -f1,3,4,6,7 users.txt | tr ':' ';'>> final_users.csv
echo -e "GroupName;GID;Members" > final_groups.csv
awk -F '[:,]' '{for(i=4;i<=NF;i++)print$1";"$3";"$i}' groups.txt >> final_groups.csv
The goal is to add another column in both final_users.csv and final_groups.csv like hostname so I can know which servers each entry came from.
Try like this:
while read HOST ;
do
sshpass -p $password ssh -n $username#$HOST 'cat /etc/passwd'>>users.txt
sshpass -p $password ssh -n $username#$HOST 'cat /etc/group'>>groups.txt
done < servers.txt
echo -e "UserName;UID;GID;HomeDir;Shell;Hostname" > final_users.csv
echo "`cut -d: -f1,3,4,6,7 users.txt | tr ':' ';'`;$HOST">> final_users.csv
echo -e "GroupName;GID;Members;Hostname" > final_groups.csv
echo "`awk -F '[:,]' '{for(i=4;i<=NF;i++)print$1";"$3";"$i}' groups.txt`;$HOST" >> final_groups.csv
Think I got it:
while read HOST ;
do
sshpass -p $password ssh -n $username#$HOST 'cat /etc/passwd'>>users_1.txt
while IFS= read -r line; do echo "$line:"$HOST; done < users_1.txt >> users_2.txt
sshpass -p $password ssh -n $username#$HOST 'cat /etc/group'>>groups_1.txt
while IFS= read -r line; do echo "$line:"$HOST; done < groups_1.txt >> groups_2.txt
done < servers.txt
echo -e "UserName;UID;GID;HomeDir;Shell;Hostname" > final_users.csv
cut -d: -f1,3,4,6,7,8 users_2.txt | tr ':' ';'>> final_users.csv
echo -e "GroupName;GID;Members;Hostname" > final_groups.csv
awk -F'[:,]' -v OFS=';' '{for(i=4;i<NF;i++) print $1, $3, $i, $NF}' groups_2.txt >> final_groups.csv

if statement function to many argumnets

I've overlooked my program for any mistakes and can't find any. Usually when I run into a mistake with BASH the interpreter is off on where the mistake is. I'm trying to customize this script from SANS InfoSec Using Linux Scripts to Monitor Security. Everything is fine until the part where the check function looks at the different protocols. When I uncomment them I get the error: ./report: line 41: [: too many arguments. Here is the program...
#!/bin/bash
if [ "$(id -u)" != "0" ]; then
echo "Must be root to run this script!"
exit 1
fi
##### CONSTANTS -
report=/home/chron/Desktop/report.log
#router=/home/chron/Desktop/router.log
red=`tput bold;tput setaf 1`
yellow=`tput bold;tput setaf 3`
green=`tput bold;tput setaf 2`
blue=`tput bold;tput setaf 4`
magenta=`tput bold;tput setaf 5`
cyan=`tput bold;tput setaf 6`
white=`tput sgr0`
##### FUNCTIONS -
pingtest() {
ping=`ping -c 3 localhost | tail -2`
loss=`echo $ping | cut -d"," -f3 | cut -d" " -f2`
delay=`echo $ping | cut -d"=" -f2 | cut -d"." -f1`
if [ "$loss" = "100%" ]; then
echo -n $red$1$white is not responding at all | mail -s'REPORT' localhost
echo 'You have mail in /var/mail!'
echo `date` $1 is not responding at all >> $report
elif [ "$loss" != "0%" ]; then
echo $yellow$1$white is responding with some packet loss
else
if [ "$delay" -lt 100 ]; then
echo $green$1$white is responding normally
else
echo $yellow$1$white is responding slow
fi
fi
}
check() {
if [ "$2" != "" -a "$2" $3 ] ; then
echo -n $green$1$white' '
else
echo -n $red$1$white' '
echo `date` $1 was not $3 >> $report
fi
}
##### __MAIN__ -
pingtest localhost # hostname or ip
echo "Server Configuration:"
check hostname `hostname -s` '= localhost'
check domain `hostname -d` '= domain.com'
check ipaddress `hostname -I | cut -d" " -f1` '= 10.10.0.6'
check gateway `netstat -nr | grep ^0.0.0.0 | cut -c17-27` '= 10.10.0.1'
echo
echo "Integrity of Files:"
check hostsfile `md5sum /etc/hosts | grep 7c5c6678160fc706533dc46b95f06675 | wc -l` '= 1'
check passwd `md5sum /etc/passwd | grep adf5a9f5a9a70759aef4332cf2382944 | wc -l` '= 1'
#/etc/inetd.conf is missing...
echo
#echo "Integrity of Website:"
#check www/index.html `lynx -reload -dump http://<LOCALIP> 2>&1 | md5sum | cut -d" " -f1 '=<MD5SUM>'
#echo
echo "Incoming attempts:"
#lynx -auth user:password -dump http://10.10.0.1 >> $router 2>&1
check telnet `grep \ 23$ $PWD/router.log | wc -l` '= 0'
check ftp `grep \ 21$ $PWD/router.log | wc -l` '= 0'
check ssh `grep \ 22$ $PWD/router.log | wc -l` '=0'
check smtp `grep \ 25$ $PWD/router.log | wc -l` '=0'
check dns `grep \ 53$ $PWD/router.log | wc -l` '=0'
echo
Some of the lines are commented out for later tweaking. Right now my problem is with the protocols. Not sure what's wrong because it looks like to me there are 3 arguments for the function.
In your last three calls to check, you are missing the required space between the operator and the operand.
check ssh `grep \ 22$ $PWD/router.log | wc -l` '=0'
check smtp `grep \ 25$ $PWD/router.log | wc -l` '=0'
check dns `grep \ 53$ $PWD/router.log | wc -l` '=0'
The final argument to all of these should be '= 0'.
However, this is not a good way to structure your code. If you really need to parameterize the comparison fully (all your calls use = as the operation), pass the operator as a separate argument. Further, written correctly, there is no need to pre-check that $2 is a non-empty string.
check() {
if [ "$2" "$3" "$4" ] ; then
printf '%s%s%s ' "$green" "$1" "$white"
else
printf '%s%s%s ' "$red" "$1" "$white"
printf '%s %s was not %s\n' "$(date)" "$1" "$3" >> "$report"
fi
}
Then your calls to check should look like
check hostname "$(hostname -s)" = localhost
check domain "$(hostname -d)" = domain.com
check ipaddress "$(hostname -I | cut -d" " -f1)" = 10.10.0.6
check gateway "$(netstat -nr | grep ^0.0.0.0 | cut -c17-27)" = 10.10.0.1
etc
Run your code through http://shellcheck.net; there are a lot of things you can correct.
Here is my other problem. I changed it up a bit just to see what's going on.
router=/home/chron/Desktop/router.log
check() {
if [ "$2" "$3" "$4" ]; then
printf "%s%s%s" "$green" "$1" "$white"
else
printf "%s%s%s" "$red" "$1" "$white"
printf "%s %s was not %s\n" "$(date)" "$1" $3" >> report.log
fi
check gateway "$(route | grep 10.10.0.1 | cut -c17-27)" = 10.10.0.1
check telnet "$(grep -c \ 23$ $router)" = 0
check ftp "$(grep -c \ 21$ $router)" = 0
check ssh "$(grep -c \ 22$ $router)" = 0
check smtp "$(grep -c \ 25$ $router)" = 0
check dns "$(grep -c \ 53$ $router)" = 0

Unable to assign command output in expect script

I want to execute the below command in an expect script.
`netstat -nr | while read line;do flag=$(echo $line | cut -d' ' -f4); if [[ $flag == "UG" ]];then gateway=$(echo $line | cut -d' ' -f2);echo $gateway;fi;done`
The aim of the script is to login to a host and get the gateway of the hots to create another ip ( eth0 ) with ifcong eth0:0 <ip> and add a IP route thereafter with-- ip route add <ip> via <gateway ip>.
i have tried the below possibilities:
1)
`expect -c '
spawn bash -c "ssh user#host"
expect {
// password provided
}
expect "*?$*"
send "\$cmd"
expect EOF
'`
For this i get the error: missing )
while executing
"set cmd "netstat -nr | while read line;do flag=$(echo $line | cut -d"
couldn't read file " -f4); if [[ $flag == "UG" ]];then gateway=$(echo $line | cut -d": no such file or directory
2)
`expect -c
spawn bash -c "ssh user#host"
expect {
// password provided
}
expect "*?$*"
send "netstat -nr | while read line;do flag=\$(echo \$line | cut -d' ' -f4); if [[ \$flag == "UG" ]];then gateway=\$(echo \$line | cut -d' ' -f2);echo \$gateway;fi;done\r"
expect EOF
'`
For this i get error as: couldn't read file " -f4); if [[ $flag == "UG" ]];then gateway=$(echo $line | cut -d": no such file or directory
Is there no way to execute bash commands inside an expect script and register the out to a variable so that it can be used subsequently in the expect script.
I have tried out the way of set output $expect_out(buffer) but it does not register the output at all.
foreach {whole gw f} [regexp -all -inline {\S+\s+(\S+)\s+\S+\s+(\S+)} [exec netstat -nr]] {
if {$f eq "UG"} {
puts "Gateway : $gw"
}
}
Output :
Gateway : 192.xx.xx.1

replacing some commands in an existing BASH script

I have the following script which sends the results of an iwlist scan via OSC:
#!/bin/bash
NUM_BANKS=20
while [[ "$input" != "\e" ]] ; do
networks=$(iwlist wlan0 scanning | awk 'BEGIN{ FS="[:=]"; OFS = " " }
/ESSID/{
#gsub(/ /,"\\ ",$2)
#gsub(/\"/,"",$2)
essid[c++]=$2
}
/Address/{
gsub(/.*Address: /,"")
address[a++]=$0
}
/Encryption key/{ encryption[d++]=$2 }
/Quality/{
gsub(/ dBm /,"")
signal[b++]=$3
}
END {
for( c in essid ) { print "/wlan_scan ",essid[c],signal[c],encryption[c] }
}'
)
read -t 0.1 input
echo "$networks" | while read network; do
set $network
hash=` echo "$2" | md5sum | awk '{ print $1 }'| tr '[:lower:]' '[:upper:]'`
bank=`echo "ibase=16;obase=A; $hash%$NUM_BANKS " | bc`
echo "$1$bank $2 $3 $4"
echo "$1$bank $2 $3 $4" | sendOSC -h localhost 9997
done
#echo "$networks" | sendOSC -h localhost 9997
done
An example of the output from this is '/wlan_scan13 BTHomehub757 -85 On', which is then sent via the sendOSC program.
I basically need to replace the iwlist scan data with the results of this tshark scan:
sudo tshark -I -i en1 -T fields -e wlan.sa_resolved -e wlan_mgt.ssid -e radiotap.dbm_antsignal type mgt subtype probe
which similarly outputs two strings and an int, outputting a result like:
'Hewlett-_91:fa:xx EE-BrightBox-mjmxxx -78'.
So eventually I want the script to give me an output in this instance of
'/wlan13 Hewlett-_91:fa:xx EE-BrightBox-mjmxxx -78'.
Both scans constantly generate results in this format at about the same rate, updating as new wifi routers are detected, and these are sent out as soon as they arrive over the sendOSC program.
This is probably a pretty simple edit for an experienced coder, but I've been trying to work this out for days and I figured I should ask for help!
If someone could clarify what needs to stay and what needs to go here I'd really appreciate it.
Many thanks.
Do you really want to replace commands? The sane approach would seem to be to add an option to the script to specify which piece of code to run, and include them both.
# TODO: replace with proper option parsing
case $1 in
--tshark) command=tshark_networks; shift;;
*) command=iwlist_networks;;
esac
tshark_networks () {
sudo tshark -I -i en1 -T fields \
-e wlan.sa_resolved \
-e wlan_mgt.ssid \
-e radiotap.dbm_antsignal type mgt subtype probe
}
iwlist_networks () {
iwlist wlan0 scanning | awk .... long Awk script here ....
}
while [[ "$input" != "\e" ]] ; do
networks=$($command)
read -t 0.1 input
echo "$networks" | while read network; do
: the rest as before, except fix your indentation
This also has the nice side effect that the hideous iwlist command is encapsulated in its own function, outside of the main loop.
... Well, in fact, I might refactor the main loop to
while true; do
$command |
while read a b c d; do
hash=$(echo "$b" | md5sum | awk '{ print toupper($1) }')
bank=$(echo "ibase=16;obase=A; $hash%$NUM_BANKS " | bc)
echo "$a$bank $b $c $d"
echo "$a$bank $b $c $d" | sendOSC -h localhost 9997
done
read -t 0.1 input
case $input in '\e') break;; esac
done

Resources