网络设备通常需要自动备份、配置更新的功能,由于自己最讨厌简单机械重复的工作,所以自己就根据网上搜到的文章和参考书上的知识自己加以消化改进,写出了适合自己用的脚本,目前该脚本支持H3C、Netscreen、CISCO、Hillstone设备的相关配置、备份,部署的linux服务器上需要安装expect组件并且能访问yum源,运行脚本后的主界面如下:
脚本做了说明,需要优先运行 "选项7" 来配置在本linux服务器上安装和配置TFTP服务器,否则无法做配置的自动备份,当然也可以在其他机器上安装tftp。该脚本同时会生成一个NETdevice.conf用于存储文件,主界面我已经做了注释。
如果想在linux中自动进行定期备份,可以将backup段的内容拿出来做crontab,但是TFTP的地址建议直接指定,通过变量指定会读不到,我目前自动备份就是这么搞的。
以下为脚本内容:
#!/bin/bash
Daily=`date +%Y%m%d` #读取系统日期
Workdir="/home/config" #设定脚本以及网络设备信息存储目录
Backdir=`cat /etc/xinetd.d/tftp | grep server_args | cut -d ' ' -f 3` #读取配置备份目录(从TFTP服务器中读取)
[ ! -d $Backdir/$Daily ]&&[ `mkdir -p $Backdir/$Daily` ] #按日期建立备份子目录
[ ! -d $Backdir/NETLOG ]&&[ `mkdir -p $Backdir/NETLOG` ] #按日期建立备份日志子目录
[ ! -f $Workdir/NETdevice.conf ]&&[ `touch $Workdir/NETdevice.conf` ] #建立存放设备IP、账号密码信息的文本
TFTP=$(ifconfig | grep -m 1 "inet addr" | sed 's/^.*addr://g' | sed 's/Bcas.*$//g')
(CentOS 7.0下需要换成这个TFTP=`ifconfig | grep -m 1 "inet" | sed 's/^.*inet//g' | awk '{print $1}'`)
#读取本机IP,TFTP建立在本机上,可以直接自定义,如TFTP=192.168.0.1
backup() #备份网络设备配置
{
CISCOlogin() {
expect <"
send "save config from flash to tftp ${TFTP} ${File}\r"
sleep 5
send "exit\r"
interact
EOF
}
H3Clogin() {
expect <"
send "tftp ${TFTP} put startup.cfg ${File}\r"
sleep 5
send "exit\r"
interact
EOF
}
HILLSTONElogin() {
expect <"
send "enable\r"
sleep 1
expect "Password:"
send "enable\r"
sleep 1
expect "*#"
send "copy startup-config tftp: ${TFTP} ${File}\r"
sleep 5
send "exit\r"
interact
EOF
}
for DEV_INFO in `cat $Workdir/NETdevice.conf` #读取网络设备文本中存储信息
do
(
DEV_NAME=`echo $DEV_INFO | awk -F"," '{print $1}' | awk -F"=" '{print $2}'`
DEV_IP=`echo $DEV_INFO | awk -F"," '{print $2}' | awk -F"=" '{print $2}'`
DEV_USER=`echo $DEV_INFO | awk -F"," '{print $3}' | awk -F"=" '{print $2}'`
DEV_PASS=`echo $DEV_INFO | awk -F"," '{print $4}' | awk -F"=" '{print $2}'`
File=${DEV_NAME}.cfg #设定备份配置以主机名区分,如果用IP区分,可替换为File=${DEV_IP}.cfg
if [[ `echo $DEV_NAME|grep "H3C"` != "" ]];then
H3Clogin
elif [[ `echo $DEV_NAME|grep "JUNIPER"` != "" ]];then
JUNIPERlogin
elif [[ `echo $DEV_NAME|grep "HILLSTONE"` != "" ]];then
HILLSTONElogin
elif [[ `echo $DEV_NAME|grep "ARUBA"` != "" ]];then
ARUBAlogin
else
CISCOlogin
fi
sleep 3
) | tee -a $Backdir/${Daily}_switch.log
done
sleep 3
mv $Backdir/*cfg $Backdir/$Daily/
mv $Backdir/*.log $Backdir/NETLOG/
sh confignetwork-adv.sh
#该功能项运行结束后返回主界面,该脚本在我linux的服务器上名称为confignetwork-adv.sh
}
#################################################################
add() #手工录入网络设备名称、IP、账号、密码信息
{
until [ "$ack" == "y" ] #直到ack=y才停止执行以下内容
do
read -p "Please input your net device name(Need contain device model, H3C5560-01 for example): " name #主机名不要重复,因为备份名称以主机名开头
read -p "Please input your net device ip: " ip
read -p "Please input your net device account: " user
read -p "Please input your net device passwd: " passwd
read -p "Please input your net device enablepass: " enablepass
if [[ "$enablepass" == "" ]];then #没有enable密码,就不录入"enable="
echo "name=$name,IP=$ip,user=$user,passwd=$passwd" >> $Workdir/NETdevice.conf
else
echo "name=$name,IP=$ip,user=$user,passwd=$passwd,enable=$enablepass" >> $Workdir/NETdevice.conf
fi
read -p "Please tell me is this ok(y or n): " ack
done
sh confignetwork-adv.sh
}
#################################################################
del() #删除某一个网络设备信息,一般用于该设备下线后删除
{
until [ "$ack" == "y" ]
do
read -p "Please input your net device info(ip): " del
sed -i "/.*$del.*/d" $Workdir/NETdevice.conf #删除包含指定删除字符的那一行
read -p "Please tell me is this ok(y or n): " ack
done
sh confignetwork-adv.sh
}
###############################################################
mod() #修改网络设备的信息,若设备IP、账号或密码变更,用此修改
{
until [ "$ack" == "y" ]
do
read -p "Please input the device info before modified): " mod1
read -p "Please input the device info after modified): " mod2
sed -i "s/$mod1/$mod2/g" $Workdir/NETdevice.conf #将所有$mod1内容改为$mod2
read -p "Please tell me is this ok(y or n): " ack
done
sh confignetwork-adv.sh
}
#################################################################
look() #查看当前录入的网络设备信息
{
until [ "$ack" == "y" ]
do
(
read -p "Please input the device info you want to query(No character will show all device info): " query
if [[ "$query" != "" ]];then
if [[ `more "$Workdir/NETdevice.conf" | grep "$query"` != "" ]];then
devinfo=`more $Workdir/NETdevice.conf | grep "$query"`
echo -e "\n$devinfo\n"
else
echo -e "\nDevice not exist\n"
fi
else
more $Workdir/NETdevice.conf
fi
) | tee -a /dev/null
read -p "Please tell me is this ok(y or n): " ack
done
sh confignetwork-adv.sh
}
#################################################################
config() #自动配置本机的TFTP环境
{
(
yum install tftp-server xinetd expect -y
sleep 10
read -p " Please tell me your config backup directory: " backup
if [[ "$backup" != "" ]];then
mkdir -p "$backup"
sed -i "s%-.*%-s $backup -c%g" /etc/xinetd.d/tftp
#本来以sed -i "s/-.*/-s $backup -c/g的,后来发现报错,查了原因后是因为backup变量里
面也含有/,与"s/-.*/"中的"/"冲突,故将"/"换成了"%"
fi
sed -i 's/yes/no/g' /etc/xinetd.d/tftp
chmod 777 $backup
/etc/init.d/xinetd start
iptables -A INPUT -p udp -m state --state NEW -m udp --dport 69 -j ACCEPT
) | tee -a /dev/null
sh confignetwork-adv.sh
}
#################################################################
update() #批量修改同一类型号网络设备的配置
{
until [[ "$ack" == "y" ]]
do
echo -e "This script which used to update config only support these VENDORS
1. H3C
2. CISCO
3. JUNIPER
4. HILLSTONE
5. ARUBA \n"
read -p "Please input the Model you want to execute(H3C|CISCO|JUNIPER|HILLSTONE|ARUBA): " seri
read -p "Please input the commad you want to execute: " cmad1
read -p "Please tell me is this OK: " deal1
if [ "$deal1" == "n" ];then
read -p "Please input the commad you want to execute: " cmad2
read -p "Please tell me is this OK: " deal2
if [ "$deal2" == "n" ];then
read -p "Please input the commad you want to execute: " cmad3
read -p "Please tell me is this OK: " deal3
if [ "$deal3" == "n" ];then
read -p "Please input the commad you want to execute: " cmad4
read -p "Please tell me is this OK: " deal4
if [ "$deal4" == "n" ];then
read -p "Please input the commad you want to execute: " cmad5
fi
fi
fi
fi
CISCOlogin() {
expect <"
send "$cmad1\r"
sleep 1
send "$cmad2\r"
sleep 1
send "$cmad3\r"
sleep 1
send "$cmad4\r"
sleep 1
send "$cmad5\r"
sleep 1
send "exit\r"
interact
EOF
}
H3Clogin() {
expect <"
send "system-view\r"
sleep 1
send "$cmad1\r"
sleep 1
send "$cmad2\r"
sleep 1
send "$cmad3\r"
sleep 1
send "$cmad4\r"
sleep 1
send "$cmad5\r"
sleep 1
send "exit\r"
interact
EOF
}
HILLSTONElogin() {
expect <"
send "enable\r"
sleep 1
expect "Password:"
send "enable\r"
sleep 1
expect "*#"
send "config terminal\r"
sleep 1
send "$cmad1\r"
sleep 1
send "$cmad2\r"
sleep 1
send "$cmad3\r"
sleep 1
send "$cmad4\r"
sleep 1
send "$cmad5\r"
sleep 1
send "exit\r"
interact
EOF
}
for DEV_INFO in `cat $Workdir/NETdevice.conf | grep "$seri"`
do
(
DEV_NAME=`echo $DEV_INFO | awk -F"," '{print $1}' | awk -F"=" '{print $2}'`
DEV_IP=`echo $DEV_INFO | awk -F"," '{print $2}' | awk -F"=" '{print $2}'`
DEV_USER=`echo $DEV_INFO | awk -F"," '{print $3}' | awk -F"=" '{print $2}'`
DEV_PASS=`echo $DEV_INFO | awk -F"," '{print $4}' | awk -F"=" '{print $2}'`
if [[ `echo $DEV_NAME|grep "H3C"` != "" ]];then
H3Clogin
elif [[ `echo $DEV_NAME|grep "JUNIPER"` != "" ]];then
JUNIPERlogin
elif [[ `echo $DEV_NAME|grep "HILLSTONE"` != "" ]];then
HILLSTONElogin
elif [[ `echo $DEV_NAME|grep "ARUBA"` != "" ]];then
ARUBAlogin
elif [[ `echo $DEV_NAME|grep "CISCO"` != "" ]];then
CISCOlogin
else
echo -e "Device Not Support"
fi
sleep 3
) | tee -a /dev/null
done
sleep 3
read -p "Please tell me is this ok(y or n): " ack
done
sh confignetwork-adv.sh
}
################################################################
echo -e "
##########################################
### 1. Update your network config ###
### 2. Backup your network config ###
### 3. Add your network device info ###
### 4. Delete your network device info ###
### 5. Modify your network device info ###
### 6. Query your network device info ###
### 7. Config your network enviroment ###
### 8. exit ###
##########################################
Please run N0.7 first,otherwise NO.2 will not be act.\n
A file named 'NETdevice.conf' will be create in this directory,which will be used to store device info\n"
read -p "Input your choice: " choice
case $choice in
"1")
update
;;
"2")
backup
;;
"3")
add
;;
"4")
del
;;
"5")
mod
;;
"6")
look
;;
"7")
config
;;
"8")
exit 0
;;
*)
echo "Usage $0 {1|2|3|4|5|6|7|8}"
;;
esac