[j-nsp] ERX1440, how to limit login to be able to "show conf" only

Scott Weeks surfer at mauigateway.com
Tue Jul 1 21:37:16 EDT 2008 



Looks like a lot of those line wrapped.  The crontab is all one line and the ones below use Net::Telnet all start with "$telnet->" and are one line long.  email me for more details...

scott


--- surfer at mauigateway.com wrote:

From: "Scott Weeks" <surfer at mauigateway.com>
To: <juniper-nsp at puck.nether.net>
Subject: Re: [j-nsp] ERX1440,	how to limit login to be able to "show conf"  only
Date: Tue, 1 Jul 2008 17:39:25 -0700



--- sj_hznm at yahoo.com.cn wrote:
From: Joe Shen <sj_hznm at yahoo.com.cn>

  Or, is it possible to fetch configuation file by RO
SNMP community?   
----------------------------------------------------


You could always use the Net::Telnet PERL module and download it to a directory on a server and control access using permissions.  The way I do it is to put a current .scr and .cnf on the flash card and then copy them to the UNIX server each night during low traffic using a crontab entry.  My router in this case is called HNLLHIMN16W.

bash-3.00$ crontab -l
0       0       *       *       *       /export/home/router/backup-programs/16w-backup.pl



>less /export/home/router/backup-programs/16w-backup.pl


#! /usr/bin/perl

use POSIX qw(strftime);
$today = strftime "%m-%d-%Y", localtime;

use Net::Telnet;
  $telnet = new Net::Telnet (Timeout => 2000, input_log => "/usr/router-backups/juniper/16W-log.txt", Errmode => 'die');

  $telnet->open('IP_HERE');
  $telnet->waitfor('/password:/');

  $telnet->print('PASSWD_HERE');
  $telnet->waitfor('/HNLLHIMN.*>$/');

  $telnet->print('en');
  $telnet->waitfor('/Password: $/');

  $telnet->print('PASSWD_HERE');
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print('del 16W.cnf');
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print('del 16W.scr');
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print('copy running-configuration 16W.cnf');
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print('show config > 16W.scr');
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print("copy 16W.cnf erx:/usr/router-backups/juniper/16W_$today.cnf");
  $telnet->waitfor('/HNLLHIMN.*#$/');

  $telnet->print("copy 16W.scr erx:/usr/router-backups/juniper/16W_$today.scr");
  $telnet->waitfor('/HNLLHIMN.*#$/');


scott
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list