Archive for category perl
Parsing IP Access Lists with Cisco::Reconfig without the dreaded died at /cisco/reconfig.pm line 212 message
Since making a few posts about using Cisco::Reconfig, two of the top search results that brings people here is “died at cisco/reconfig.pm line 212″ or “died at cisco/reconfig.pm line 103″. I’ll show you what causes these as I demonstrate how to compare standard and extended ip access-lists with Cisco::Reconfig.
rtrcommander: Using scripts to push out configurations or retrieve output
rtrcommander is a script I wrote to push out configurations to multiple routers, as well as to retrieve output from the cli. It’s a part of Mr Audit (the release of Mr Audit is delayed while I prepare for the CCIE lab).
rtrcommander can be downloaded here: http://www.synacknetworks.com/scripts/rtrcommander.txt
Using NfSen and NfDump to identify DoS/DDoS attacks
If you work for any sort of provider (hosting, isp, etc), chances are that you’ve experienced a DoS/DDoS against a customer or internal system. If so, you know how frustrating it can be to track down the source of the attack unless you have an expensive platform such as from Arbor Networks.
Parsing cisco router configurations with Cisco::Reconfig
Cisco::Reconfig is probably my favorite Perl module, with Quantum::Superpositions being not very far behind. In this post, I’ll show you how using both of these can allow you to compare ACLs with very few lines of perl.
Backing up Cisco routers with perl
Here is a useful perl script to backup your routers. Configurations are gzipped and stored in per-hostname directories with a datestamp on each filename. This is meant to be run from cron daily. Change the database user info and the tacacs/radius user info to whatever you use internally.
Perl script to check customer interface status on Cisco routers
Overview
This utility is a simple perl script that checks all interfaces in a Cisco router. It is useful to run before and after router maintenance to ensure customers that were up prior, are up after. This script checks both VRF and non-VRF customers. It also supports /30 and /31 interface addresses.
Read the rest of this entry »