E
erik
This code runs great when I pass CLI param's to the script. As soon as
I try to make it into a CGI, I get 500 errors. Now when I comment out
all the sub-functions except for print report, it works fine. The CGI
side does NOT like something I am doing in the first 3 sub-functions. I
can't figure out why. I even tried doing a "chmod 777 on the telnet
executable" thinking maybe the nobody apache user could not telnet, but
that did not do it. Can anyone tell me why CGI does not like my first 3
sub-functions?? I am pulling my hair out, and I don't have much to
spare.
Here is my code:
#!/usr/bin/perl
#################################################################
# Global Variables #
#################################################################
use warnings;
use Expect;
use CGI(":standard");
#$Expect::Log_Stdout = 0;
$device = param("device");
$username = param("username");
$password = param("password");
$enable = "enable";
$enable_password = param("enable_password");
#################################################################
# Create Session with router #
#################################################################
sub spawn_session
{
my $timeout ="4";
#open session with router
$command = Expect->spawn("telnet $device");
#Wait for password prompt or send error.
$command->expect($timeout, -re => "Username:") or do
{
print "\nFailed to get username prompt\n";
exit 2;
};
#Send Tacacs Username to router, exit if Username is incorrect
print $command "$username\r";
$command->expect($timeout, -re => "Password:") or do
{
print "\nFailed to get password prompt\n";
exit 3;
};
#Send password to router, exit if password is incorrect
print $command "$password\r";
$command->expect($timeout, -re => ">") or do
{
print "\nDid not get a \> in prompt\n";
exit 4;
};
#Send enable pass to router, exit if password is incorrect
print $command "$enable\r";
$command->expect($timeout, -re => "assword") or do
{
print "\nDid not get a \> in prompt\n";
exit 5;
};
#Send enable pass to router, exit if password is incorrect
print $command "$enable_password\r";
}#end sub
#################################################################
# Ensures Logging #
#################################################################
sub check_logging_settings
{
$timeout ="4";
my $logging = "You have logging to 199.11.1.22";
my $no_logging = "You are missing logging 199.11.1.22";
my $bandwidth = "You have a bandwidth statement";
my $no_bandwidth = "You are missing a bandwidth statement";
my $vtypass = "You have passwords on vty\,con\,and aux";
my $no_vtypass = "You are missing a password on either vty\,con\, or
aux";
my $aaa = "You have 'aaa new model' setup";
my $no_aaa = "You are missing 'aaa new model'";
my $voyence = "You have the voyence SNMP trap setup correctly";
my $no_voyence = "You are missing the voyence SNMP trap";
my $servicepass = "You have 'service password-encryption' setup
correctly";
my $no_servicepass = "You are missing 'service password-encryption'
";
my $access_class = "You have an access-class on the vty";
my $no_access_class = "You are missing the access-class on the vty
";
my $tacacs = "You have tacacs setup properly";
my $no_tacacs = "You are missing the 'tacacs-server host
199.x.x.41'";
$command->clear_accum();
print $command "show config\r";
unless ($command->expect($timeout, -re, 'end')) {
return "Never got telnet prompt".$command->exp_error()."\n";
}
my $read = $command->exp_before();
my @read = split ('\n', $read);
$arrayLENGTH = scalar(@read);
print "Array Length = $arrayLENGTH\n";
#HERE WE CHECK for the TACACS server command
if ($read =~ /tacacs-server host 199.x.x.41.*/)
{
push (@tacacs_tests, $tacacs);
$tacacs_action = "OK";
}
else{
push (@tacacs_tests, $no_tacacs);
$tacacs_action = "FAIL";
}
}
#################################################################
# Exits the Telnet Session #
#################################################################
sub exit_session
{
print $command "exit\r";
$command->soft_close();
}#end sub
#################################################################
# Prints the failed test error descriptions #
#################################################################
sub print_error_report
{
print <<html1
Content-type: text/html\n\n
<html><head><title>QA REPORT</title></head>
<body bgcolor="#ffffff">
<p>
<h2>QA Results</h2>
<ul>
<body>
<b>$device</b><br>
<b> @tacacs_tests .......... $tacacs_action </b><br>
</body>
</html>
html1
}
#################################################################
# Main Program Module #
#################################################################
spawn_session(); (If I comment out here CGI WORKS)
check_logging_settings(); (If I comment out here CGI WORKS)
exit_session(); (If I comment out here CGI WORKS)
print_error_report();
I try to make it into a CGI, I get 500 errors. Now when I comment out
all the sub-functions except for print report, it works fine. The CGI
side does NOT like something I am doing in the first 3 sub-functions. I
can't figure out why. I even tried doing a "chmod 777 on the telnet
executable" thinking maybe the nobody apache user could not telnet, but
that did not do it. Can anyone tell me why CGI does not like my first 3
sub-functions?? I am pulling my hair out, and I don't have much to
spare.
Here is my code:
#!/usr/bin/perl
#################################################################
# Global Variables #
#################################################################
use warnings;
use Expect;
use CGI(":standard");
#$Expect::Log_Stdout = 0;
$device = param("device");
$username = param("username");
$password = param("password");
$enable = "enable";
$enable_password = param("enable_password");
#################################################################
# Create Session with router #
#################################################################
sub spawn_session
{
my $timeout ="4";
#open session with router
$command = Expect->spawn("telnet $device");
#Wait for password prompt or send error.
$command->expect($timeout, -re => "Username:") or do
{
print "\nFailed to get username prompt\n";
exit 2;
};
#Send Tacacs Username to router, exit if Username is incorrect
print $command "$username\r";
$command->expect($timeout, -re => "Password:") or do
{
print "\nFailed to get password prompt\n";
exit 3;
};
#Send password to router, exit if password is incorrect
print $command "$password\r";
$command->expect($timeout, -re => ">") or do
{
print "\nDid not get a \> in prompt\n";
exit 4;
};
#Send enable pass to router, exit if password is incorrect
print $command "$enable\r";
$command->expect($timeout, -re => "assword") or do
{
print "\nDid not get a \> in prompt\n";
exit 5;
};
#Send enable pass to router, exit if password is incorrect
print $command "$enable_password\r";
}#end sub
#################################################################
# Ensures Logging #
#################################################################
sub check_logging_settings
{
$timeout ="4";
my $logging = "You have logging to 199.11.1.22";
my $no_logging = "You are missing logging 199.11.1.22";
my $bandwidth = "You have a bandwidth statement";
my $no_bandwidth = "You are missing a bandwidth statement";
my $vtypass = "You have passwords on vty\,con\,and aux";
my $no_vtypass = "You are missing a password on either vty\,con\, or
aux";
my $aaa = "You have 'aaa new model' setup";
my $no_aaa = "You are missing 'aaa new model'";
my $voyence = "You have the voyence SNMP trap setup correctly";
my $no_voyence = "You are missing the voyence SNMP trap";
my $servicepass = "You have 'service password-encryption' setup
correctly";
my $no_servicepass = "You are missing 'service password-encryption'
";
my $access_class = "You have an access-class on the vty";
my $no_access_class = "You are missing the access-class on the vty
";
my $tacacs = "You have tacacs setup properly";
my $no_tacacs = "You are missing the 'tacacs-server host
199.x.x.41'";
$command->clear_accum();
print $command "show config\r";
unless ($command->expect($timeout, -re, 'end')) {
return "Never got telnet prompt".$command->exp_error()."\n";
}
my $read = $command->exp_before();
my @read = split ('\n', $read);
$arrayLENGTH = scalar(@read);
print "Array Length = $arrayLENGTH\n";
#HERE WE CHECK for the TACACS server command
if ($read =~ /tacacs-server host 199.x.x.41.*/)
{
push (@tacacs_tests, $tacacs);
$tacacs_action = "OK";
}
else{
push (@tacacs_tests, $no_tacacs);
$tacacs_action = "FAIL";
}
}
#################################################################
# Exits the Telnet Session #
#################################################################
sub exit_session
{
print $command "exit\r";
$command->soft_close();
}#end sub
#################################################################
# Prints the failed test error descriptions #
#################################################################
sub print_error_report
{
print <<html1
Content-type: text/html\n\n
<html><head><title>QA REPORT</title></head>
<body bgcolor="#ffffff">
<p>
<h2>QA Results</h2>
<ul>
<body>
<b>$device</b><br>
<b> @tacacs_tests .......... $tacacs_action </b><br>
</body>
</html>
html1
}
#################################################################
# Main Program Module #
#################################################################
spawn_session(); (If I comment out here CGI WORKS)
check_logging_settings(); (If I comment out here CGI WORKS)
exit_session(); (If I comment out here CGI WORKS)
print_error_report();