Merge pull request #2969 from sharteeya/fix/extend_zynos.rb

Extend zynos.rb content
ytti · Jan 29, 2024 · 7d0589e · 7d0589e
2 parents 94f308f + c106283
commit 7d0589e
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -30,6 +30,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 - fortios: only perform a "show" instead of a "show full-configuration" when retrieving configs from fortios. fixes timeouts and avoids extraneous defaulted config information. (@jforeman)
 - opengear: support newer Opengear CM* and OM* models (@matej_v)
 - edgecos: improve system temperature removal (@freddy36)
+- zynos: Rewrite the script to properly collect config via ssh/telnet. Backup with FTP is not working atm, feel free to open an issue if needed. (@sharteeya)
 - pfsense: exclude autogenerated firewall rule timestamps to reduce change churn from use of stuff like PFBlockerNG #2985 (@anthonysomerset)
 
 ## Fixed

diff --git a/docs/Model-Notes/XGS4600-Zyxel.md b/docs/Model-Notes/XGS4600-Zyxel.md
@@ -5,6 +5,11 @@
 FTP access is only possible as admin, other users can login but cannot pull the files.
 For the XGS4600 series the config file is _config_ and not _config-0_
 
+To enable FTP backup, uncomment the following line in _oxidized/lib/oxidized/model/zynos.rb_
+```text
+  # cmd 'config-0'
+```
+
 The following line in _oxidized/lib/oxidized/model/zynos.rb_ will need changing
 
 ```text

diff --git a/lib/oxidized/model/zynos.rb b/lib/oxidized/model/zynos.rb
@@ -1,12 +1,76 @@
 class ZyNOS < Oxidized::Model
   using Refinements
 
-  # Used in Zyxel DSLAMs, such as SAM1316
+  prompt /^([\w.@()-<]+[#>]\s?)$/
+  # if there is something you can not identify after prompt, uncomment next line and comment previous line
+  # prompt /^([\w.@()-<]+[#>]\s?).*$/
 
   comment '! '
 
-  cmd 'config-0'
+  # Used in Zyxel DSLAMs, such as SAM1316. Uncomment next line to enable ftp.
+  # cmd 'config-0'
 
-  cfg :ftp do
+  # replace next line control sequence with a new line
+  expect /(\e\[1M\e\[\??\d+(;\d+)*[A-Za-z]\e\[1L)|(\eE)/ do |data, re|
+    data.gsub re, "\n"
+  end
+
+  # replace all used vt100 control sequences
+  expect /\e\[\??\d+(;\d+)*[A-Za-z]/ do |data, re|
+    data.gsub re, ''
+  end
+
+  # ignore copyright motd
+  expect /^(Copyright .*)\n^([\w.@()-<]+[#>]\s?)$/ do
+    send '\n'
+    ""
+  end
+
+  cmd :all do |cfg|
+    cfg = cfg.gsub /^\r/, ''
+    # Additional filtering for elder switches sending vt100 control chars via telnet
+    cfg.gsub! /\e\[\??\d+(;\d+)*[A-Za-z]/, ''
+    cfg
+  end
+
+  # remove snmp community, username, password and admin-password
+  cmd :secret do |cfg|
+    cfg.gsub! /^(snmp-server get-community) \S+(.*)/, '\\1 <secret hidden> \\2'
+    cfg.gsub! /^(snmp-server set-community) \S+(.*)/, '\\1 <secret hidden> \\2'
+    cfg.gsub! /^(logins username) \S+(.*) (password) \S+(.*)/, '\\1 <secret hidden> \\2 \\3 <secret hidden> \\4'
+    cfg.gsub! /^(admin-password) \S+(.*)/, '\\1 <secret hidden> \\2'
+    cfg.gsub! /^(password) \S+(.*) (privilege \S+)/, '\\1 <secret hidden> \\2 \\3'
+    cfg
+  end
+
+  cmd 'show version' do |cfg|
+    comment cfg
+  end
+
+  cmd 'show system-information' do |cfg|
+    cfg.gsub! /^([Ss]ystem up [Tt]ime\s*:)(.*)/, '\\1 <time removed>'
+    comment cfg
+  end
+
+  cmd 'show running-config' do |cfg|
+    cfg = cfg.split("\n")[4..-2].join("\n")
+    cfg
+  end
+
+  cfg :telnet do
+    username /^User name:/i
+    password /^Password:/i
+  end
+
+  cfg :telnet, :ssh do
+    post_login do
+      if vars(:enable) == true
+        cmd "enable"
+      elsif vars(:enable)
+        cmd "enable", /^[pP]assword:/
+        cmd vars(:enable)
+      end
+    end
+    pre_logout 'exit'
   end
 end