verinec.adaptation.snmp
Class DistCisco

java.lang.Object
  verinec.adaptation.snmp.DistCisco

All Implemented Interfaces:

IDistributor

public class DistCisco
extends Object
implements IDistributor

Put new configuration to cisco device. Modifies the running-config, changes are lost after rebooting the router. (todo: should modify startup-config as well)

For the transfer, a TFTP server is launched. To configure the server port, the property adaptation.distribution.tftp.port is used. If it is set to 0, a tftp server is expected to be running outside of Verinec = no server is started. If the property is not set, the default port 69 is used (note that on most systems, Verinec needs to run with administrator privileges to be allowed to open ports below 1024). Unfortunately, Cisco does not have a parameter for the tftp server port. It will always try port 69. Either you have to start the server from outside on that port, run Verinec as root, or redirect port 69 to the high port of your choice. On Linux, this can be done with iptables -t nat -A PREROUTING -p tcp --dport 69 -j REDIRECT --to-port <port>
adaptation.distribution.tftp.localpath can be used to define where the root directory of the tftp server is. If the port is 0, it must be set, otherwise it is optional, and java.io.tmpdir is used as default.

Hint: Cisco has the bad habit of sending requests from IP 10.10.10.1 even if Ethernet0 interface is set to a different IP. If cisco is not your default gateway (you will notice that communication times out, you can add a route for this. On Windows, open a shell and type route add 10.10.0.0 mask 255.255.0.0 172.16.1.254 metric 1 where 172.16.1.254 is the IP you assigned the cisco router (or your gateway to reach the cisco router).

Note: If the internal tftp server is used, this class is not thread save and can not be used to distribute two configurations at the same time.

Version:

1.0

Author:

christoph.ehret at unifr.ch

See Also:

IDistributor

Field Summary

private String	communityName
private String	hostIP Our own ip.
private File	localpath Root directory for the tftp server.
private Logger	log
private int	port Port for the tftp server to start.
(package private) String	prepend Text to prepend to the configuration file.
private static String	prop_tftppath
private static String	prop_tftpport
private String	snmpVersion
private String	targetAddress

Constructor Summary

DistCisco()

Method Summary

private void	communityProcess(Element comElem)
private static String	determineLocalIP(String remoteHost) Determine which IP is used when connecting to the remote host.
void	distribute(Element config) Execute the distribution action, that is sending the configuration file to a Cisco router
String	execute(Element command) Supports special commands: cisco-delete-all-acl: download running-config from target, parse it for existing access lists and delete them all.
void	setTarget(Element target) Set the target for snmp operation, i.e for sending the configuration file to Cisco router.
private void	snmpv3Process(Element snmpv3Elem) Collects the different information in the snmpv3 Element, according to the schema.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private Logger log

prop_tftpport

private static final String prop_tftpport

See Also:

Constant Field Values

prop_tftppath

private static final String prop_tftppath

See Also:

Constant Field Values

targetAddress

private String targetAddress

hostIP

private String hostIP

Our own ip. (Which is the server address for tftp)

communityName

private String communityName

snmpVersion

private String snmpVersion

prepend

String prepend

Text to prepend to the configuration file. (coming from execute mechanism)

localpath

private File localpath

Root directory for the tftp server.

port

private int port

Port for the tftp server to start. If 0, no server is started.

Constructor Detail

DistCisco

public DistCisco()

Method Detail

setTarget

public void setTarget(Element target)
               throws VerinecException

Set the target for snmp operation, i.e for sending the configuration file to Cisco router.

Specified by:

setTarget in interface IDistributor

Parameters:

target - a cisco target according to the schema.

Throws:

VerinecException - If the target type is not supported or invalid.

distribute

public void distribute(Element config)
                throws VerinecException

Execute the distribution action, that is sending the configuration file to a Cisco router

Specified by:

distribute in interface IDistributor

Parameters:

config - A result-file according to the schema.

Throws:

VerinecException - If the config is not a result-file or if could not write to temp File

execute

public String execute(Element command)
               throws VerinecException

Supports special commands:

• cisco-delete-all-acl: download running-config from target, parse it for existing access lists and delete them all.

Specified by:

execute in interface IDistributor

Parameters:

command - The command to execute

Returns:

null or error string

Throws:

VerinecException - If temporary file can not be created.

determineLocalIP

private static String determineLocalIP(String remoteHost)
                                throws VerinecException

Determine which IP is used when connecting to the remote host. The code builds a UDP socket to determine the information without actually sending any traffic. Under normal circumstances, the remote host can use this IP to connect back to us.

Parameters:

remoteHost -

Returns:

The IP that will be used on this when connecting to the remoteHost

Throws:

VerinecException

communityProcess

private void communityProcess(Element comElem)

snmpv3Process

private void snmpv3Process(Element snmpv3Elem)

Collects the different information in the snmpv3 Element, according to the schema. Although, snmpv3 is not yet implemented.

Parameters:

snmpv3Elem - The parameters element for SNMPv3.