新增飞塔防火墙支持命令行导出配置随即新增两个脚本做测试(testforti,user1.passwd),同理之前的脚本
DEVICENAME=(`cat /home/Network_Config_Backup/user1.passwd | awk '{print $1}'`)
BACKUP_DATA=`date +%Y%m%d`
devicename=${DEVICENAME}
IPADDR=(`cat /home/Network_Config_Backup/user1.passwd | grep "$devicename" | awk '{print $3}'`)
echo ${IPADDR}
USERNAME=(`cat /home/Network_Config_Backup/user1.passwd | grep "$devicename" | awk '{print $4}'`)
echo ${USERNAME}
PASSWORD=(`cat /home/Network_Config_Backup/user1.passwd | grep "$devicename" | awk '{print $5}'`)
echo ${PASSWORD}
TABLE=(`cat /home/Network_Config_Backup/user1.passwd | grep "$devicename" | awk '{print $2}'`)
echo ${TABLE}
devicename=${devicename}_${BACKUP_DATA}
if [ $TABLE = Forti ]
then
/usr/bin/expect >> /dev/null << EOF
set timeout 100
log_file /data2/SW/$devicename
spawn ssh ${USERNAME}@$IPADDR
expect "*assword:"
send "$PASSWORD\r"
expect "*#"
send "show\r"
while (1) {
expect {
"*--More--" { send " " }
"config router multicast" { break }
}
}
EOF
fi
sleep 3
#判断备份目录中是否存在$devicename,如果存在则检查文件内是否存在字符串end或者return。如果文件不存在视为备份失败,如果不存在end或者return视为备份失败
if [ -f "/data2/SW/$devicename" ];then
grep -E "^end$|^return$|config router multicast" /data2/SW/$devicename
if [ $? -eq 0 ];then
echo "$devicename $IPADDR 备份成功"
echo "/data2/SW/${devicename}"
echo "$devicename $IPADDR 备份成功" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
else
echo "$devicename $IPADDR 备份失败2"
echo "/data2/SW/${devicename}"
echo "$devicename $IPADDR 备份失败2" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
fi
else
echo "$devicename $IPADDR 备份失败1"
echo "$devicename $IPADDR 备份失败1" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
fi
在以往的配置导出时发现飞塔配置的结尾为end但在配置中间还有N多个end,为防止混淆修改了判断以配置倒数第二行的(config router multicast)来判断,
在结果判断处新增判断(grep -E "^end$|^return$|config router multicast" /data2/SW/$devicename)。
在测试成功之后将测试的配置新增至之前的脚本中,做开始将新增的配置放置到Cisco和Huawei的下面去执行,但是在执行中最后会出现奇怪的地方,脚本识别了设备的种类,用户名地址和密码,但是在抓取命令的时候却是执行的华为的命令,经过排查也并未解决,随机我将华为和飞塔的脚本位置调换再去执行则完全成功,以下是完整的执行脚本。
#!/bin/bash
#使用该脚本前需要安装tftp,xinetd,expect
#取时间戳
BACKUP_DATA=`date +%Y%m%d`
#创建时间戳的备份目录
mkdir -p /home/Network_Config_Backup/$BACKUP_DATA
#TFTP服务根目录授权
chmod 777 /home/Network_Config_Backup/$BACKUP_DATA
log=/data/log/start_${BACKUP_DATA}.log
#修改TFTP根目录
sed -i "s/Network_Config_Backup\/......../Network_Config_Backup\/$BACKUP_DATA/" /etc/xinetd.d/tftp
echo
echo
echo
echo ------------------------------------------------------------
echo
echo 该脚本适用于Cisco、Huawei、H3C 网络设备使用
echo Cisco使用tftp方式将配置文件上传到服务器
echo Huawei、H3C使用窗口记录方式获取配置信息
echo
echo ------------------------------------------------------------
echo
echo 备份文件存放位置: /home/Network_Config_Backup/$BACKUP_DATA
echo
echo
echo
systemctl restart xinetd
sleep 4
#账号密码及IP地址存放在user.passwd中,通过awk获取所有IP并存放在数组IPADDR(大写)
DEVICENAME=(`cat /home/Network_Config_Backup/user.passwd | awk '{print $1}'`)
#for循环,取出所有设备名称devicename(小写)
for devicename in ${DEVICENAME[@]}
do
#输出备份开始时间戳
echo "`date +%H:%M:%S` 开始备份$devicename"
#根据设备名称devicename取出相应交换机的IP地址、用户、密码
IPADDR=(`cat /home/Network_Config_Backup/user.passwd | grep "$devicename" | awk '{print $3}'`)
echo ${IPADDR}
USERNAME=(`cat /home/Network_Config_Backup/user.passwd | grep "$devicename" | awk '{print $4}'`)
echo ${USERNAME}
PASSWORD=(`cat /home/Network_Config_Backup/user.passwd | grep "$devicename" | awk '{print $5}'`)
echo ${PASSWORD}
TABLE=(`cat /home/Network_Config_Backup/user.passwd | grep "$devicename" | awk '{print $2}'`)
echo ${TABLE}
devicename=${devicename}_${BACKUP_DATA}
if [ $TABLE = Cisco ]
then
/usr/bin/expect >> /home/Network_Config_Backup/$BACKUP_DATA/log << EOF
set timeout 10
spawn telnet $IPADDR
expect "*sername:"
send "$USERNAME\r"
expect "*assword:"
send "$PASSWORD\r"
expect {
"*>" {
send "enable\r"
expect "*assword:"
send "$PASSWORD\r"
expect "*#"
send "copy running-config tftp:\r"
expect "*remote host*"
send "10.20.5.5\r"
expect "*filename*"
send "$devicename\n"
expect "*!*"
send "\n"
}
"*#" {
send "copy running-config tftp:\r"
expect "*remote host*"
send "10.20.5.5\r"
expect "*filename*"
send "$devicename\n"
expect "*!*"
send "\n"
}
}
EOF
elif [ $TABLE = Forti ]
then
/usr/bin/expect >> /dev/null << EOF
set timeout 100
log_file /data2/SW/$devicename
spawn ssh ${USERNAME}@$IPADDR
expect "*assword:"
send "$PASSWORD\r"
expect "*FLC-DFDC-OT-FW01 #"
send "show\r"
while (1) {
expect {
"*--More--" { send " " }
"config router multicast" { break }
}
}
EOF
elif [ $TABLE = Huawei -o H3C ]
then
/usr/bin/expect >> /dev/null << EOF
set timeout 100
log_file /data2/SW/$devicename
spawn ssh ${USERNAME}@$IPADDR
expect "*assword:"
send "$PASSWORD\r"
expect "*>"
send "system-view\r"
expect "*Z."
send "user-interface vty 0 4\r"
send "screen-length 0\r"
send "display current-configuration\r"
while (1) {
expect {
"*--- More ----" { send " " }
"return" { break }
}
}
EOF
fi
sleep 3
#判断备份目录中是否存在$devicename,如果存在则检查文件内是否存在字符串end或者return。如果文件不存在视为备份失败,如果不存在end或者return视为备份失败
if [ -f "/data2/SW/$devicename" ];then
grep -E "^end$|^return$|config router multicast" /data2/SW/$devicename
if [ $? -eq 0 ];then
echo "$devicename $IPADDR 备份成功"
echo "$devicename $IPADDR 备份成功" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
else
echo "$devicename $IPADDR 备份失败2"
echo "$devicename $IPADDR 备份失败2" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
fi
else
echo "$devicename $IPADDR 备份失败1"
echo "$devicename $IPADDR 备份失败1" >> /home/Network_Config_Backup/$BACKUP_DATA/log
echo "-------------------------------"
fi
done
标签:devicename,Network,Backup,备份,飞塔,防火墙,echo,home,Config From: https://www.cnblogs.com/ctdd/p/17009427.html