Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Requirements
- ##############
- Username and password are declared in the top of the script
- Any switches to automatically traverse are listed at the top of the script
- Hunting a MAC address
- (returns a full report of the destination port found)
- cisco_switch_shmac.pl <switch to start from> address <mac address>
- #####################################################################
- perl cisco_switch_shmac.pl es-swcore1 address 0009.0fc6.b299
- ! es-swcore1 Lookup For ; CAM address 0009.0fc6.b299
- 634 0009.0fc6.b299 DYNAMIC Gi2/0/26
- ! es-swcore1 Exit Via ; CDP Gi2/0/26
- bs-swcore1 Gig 2/0/26 175 S I WS-C3750G Gig 1/0/25
- ! es-swcore1 Gi2/0/26 adjacent to bs-swcore1 Gi1/0/25
- ! bs-swcore1 Lookup For ; CAM address 0009.0fc6.b299
- 634 0009.0fc6.b299 DYNAMIC Gi1/0/26
- ! bs-swcore1 Exit Via ; CDP Gi1/0/26
- ho-swcore1 Gig 1/0/26 146 S I WS-C2960S Gig 1/0/25
- ! bs-swcore1 Gi1/0/26 adjacent to ho-swcore1 Gi1/0/25
- ! ho-swcore1 Lookup For ; CAM address 0009.0fc6.b299
- 634 0009.0fc6.b299 DYNAMIC Gi1/0/20
- ! ho-swcore1 Exit Via ; CDP Gi1/0/20
- ho-swcore2 Gig 1/0/20 151 S I WS-C2960S Gig 1/0/20
- ! ho-swcore1 Gi1/0/20 adjacent to ho-swcore2 Gi1/0/20
- ! ho-swcore2 Lookup For ; CAM address 0009.0fc6.b299
- 634 0009.0fc6.b299 DYNAMIC Gi1/0/23
- ! ho-swcore2 Exit Via ; CDP Gi1/0/23
- ho-swaccess2 Gig 1/0/23 166 S I WS-C2950T Gig 0/1
- ! ho-swcore2 Gi1/0/23 adjacent to ho-swaccess2 Gi0/1
- ! ho-swaccess2 Lookup For ; CAM address 0009.0fc6.b299
- 634 0009.0fc6.b299 DYNAMIC Fa0/2
- ! ho-swaccess2 Exit Via ; CDP Fa0/2
- Port Status
- -----------------
- Interface Status Protocol Description
- Fa0/2 up up XXXX
- Port Config
- -----------------
- Building configuration...
- Current configuration : 314 bytes
- !
- interface FastEthernet0/2
- description XXXX
- switchport trunk native vlan 514
- switchport trunk allowed vlan 514,609,634
- switchport mode trunk
- logging event trunk-status
- storm-control broadcast level 5.00
- spanning-tree link-type point-to-point
- spanning-tree cost 399
- hold-queue 2048 in
- hold-queue 2048 out
- end
- Port Stats
- -----------------
- FastEthernet0/2 is up, line protocol is up (connected)
- Hardware is Fast Ethernet, address is 0007.85e0.ac02 (bia 0007.85e0.ac02)
- Description: XXXX
- MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
- reliability 255/255, txload 1/255, rxload 1/255
- Encapsulation ARPA, loopback not set
- Keepalive set (10 sec)
- Full-duplex, 100Mb/s, media type is 100BaseTX
- input flow-control is unsupported output flow-control is unsupported
- ARP type: ARPA, ARP Timeout 04:00:00
- Last input 00:00:44, output 00:00:00, output hang never
- Last clearing of "show interface" counters never
- Input queue: 0/2048/0/0 (size/max/drops/flushes); Total output drops: 0
- Queueing strategy: fifo
- Output queue: 0/2048 (size/max)
- 5 minute input rate 9000 bits/sec, 11 packets/sec
- 5 minute output rate 2000 bits/sec, 3 packets/sec
- 228476171 packets input, 4229837618 bytes, 594674 no buffer
- Received 51266937 broadcasts (24649438 multicast)
- 0 runts, 0 giants, 0 throttles
- 0 input errors, 0 CRC, 0 frame, 0 overrun, 594674 ignored
- 0 watchdog, 24649438 multicast, 0 pause input
- 0 input packets with dribble condition detected
- 243802492 packets output, 143849715 bytes, 0 underruns
- 0 output errors, 0 collisions, 2 interface resets
- 0 babbles, 0 late collision, 0 deferred
- 0 lost carrier, 0 no carrier, 0 PAUSE output
- 0 output buffer failures, 0 output buffers swapped out
- Switching Stats
- -----------------
- FastEthernet0/2
- Switching path Pkts In Chars In Pkts Out Chars Out
- Processor 228476209 4229840805 243802502 143850716
- Route cache 0 0 0 0
- Total 228476209 4229840805 243802502 143850716
- Trunking
- -----------------
- Port Mode Encapsulation Status Native vlan
- Fa0/2 on 802.1q trunking 514
- Port Vlans allowed on trunk
- Fa0/2 514,609,634
- Port Vlans allowed and active in management domain
- Fa0/2 514,609,634
- Port Vlans in spanning tree forwarding state and not pruned
- Fa0/2 514,609,634
- Spanning Tree
- -----------------
- Mst Instance Role Sts Cost Prio.Nbr Type
- ---------------- ---- --- --------- -------- --------------------------------
- MST00 Desg FWD 399 128.2 P2p Bound(PVST)
- MST01 Boun FWD 399 128.2 P2p Bound(PVST)
- Storm-Control Broadcast
- -----------------
- Interface Filter State Trap State Upper Lower Current Traps Sent
- --------- ------------- ------------- ------- ------- ------- ----------
- Fa0/2 Forwarding inactive 5.00% 5.00% 0.00% 0
- Storm-Control Multicast
- -----------------
- Interface Filter State Trap State Upper Lower Current Traps Sent
- --------- ------------- ------------- ------- ------- ------- ----------
- Fa0/2 inactive inactive 100.00% 100.00% N/A 0
- ---------------------
- Hunting a Vlan
- (returns a summary report of all the destination ports found)
- cisco_switch_shmac.pl <switch to start from> vlan <vlan id>
- #####################################################################
- cisco_switch_shmac.pl es-swcore1 vlan 306
- ! es-swcore1 Lookup For ; CAM vlan 306
- 306 0013.5ff7.e41b DYNAMIC Gi2/0/10
- 306 fcfb.fb93.02c2 DYNAMIC Gi1/0/28
- ! es-swcore1 Lookup For ; CAM address 0013.5ff7.e41b vlan 306
- 306 0013.5ff7.e41b DYNAMIC Gi2/0/10
- ! es-swcore1 Exit Via ; CDP Gi2/0/10
- Port Status
- -----------------
- Interface Status Protocol Description
- Gi2/0/10 up up es-corp-gp3 CUSTOMER bearer
- ! es-swcore1 Lookup For ; CAM address fcfb.fb93.02c2 vlan 306
- 306 fcfb.fb93.02c2 DYNAMIC Gi1/0/28
- ! es-swcore1 Exit Via ; CDP Gi1/0/28
- cs-swcore1 Gig 1/0/28 134 S I WS-C2960- Gig 0/1
- ! es-swcore1 Gi1/0/28 adjacent to cs-swcore1 Gi0/1
- ! cs-swcore1 Lookup For ; CAM address fcfb.fb93.02c2
- 306 fcfb.fb93.02c2 DYNAMIC Fa0/12
- ! cs-swcore1 Exit Via ; CDP Fa0/12
- Port Status
- -----------------
- Interface Status Protocol Description
- Fa0/12 up up XXXXXXXXXXXXXXX
- Summary of ports found
- ----------------------
- es-swcore1 Gi2/0/10 up up es-corp-gp3 CUSTOMER bearer
- cs-swcore1 Fa0/12 up up XXXXXXXXXXXXXXX
- -----------------------------
- cisco_switch_shmac.pl
- #!/usr/bin/perl
- #
- # SCRIPT TO FIND A MAC ADDRESS OR VLAN ON THE NETWORK
- #
- # MATT CARTER
- #
- ##########################################################
- $|=1;
- use Net::Telnet;
- ##########################################################
- # cisco username and password
- $cisco_username = 'user';
- $cisco_password = 'pass';
- # declare infrastructure switches to step through via CDP here
- # done this way to avoid hitting CDP learned customer switches
- %devicetypes = (
- 'es-swcore1', 'es-sw',
- 'cs-swcore1', 'cs-sw',
- 'bs-swcore1', 'bs-sw',
- 'ho-swcore1', 'ho-sw',
- 'ho-swcore2', 'ho-sw',
- 'ho-swaccess2', 'ho-sw',
- );
- # nothing to modify below here
- ##########################################################
- $device = shift;
- chomp($device);
- $type = shift;
- chomp($type);
- $object = shift;
- chomp($object);
- main();
- sub main {
- if (!$device || !$type || !$object) {
- print "$0 <device> <address|vlan> <object>";
- }
- if ($type eq "address" ) {
- address_hunt($device,$type,$object);
- $portdetail = 1;
- }
- if ($type eq "vlan" ) {
- vlan_hunt($device,$type,$object);
- print "\nSummary of ports found\n";
- print "----------------------\n";
- print @offenders;
- }
- }
- sub vlan_hunt {
- my ($device,$type,$vlan) = @_;
- print "\n! $device Lookup For ; CAM $type $vlan\n";
- telnet_open($device);
- sleep 2;
- my $command = "sh mac address-table vlan $vlan | i DYNAMIC";
- my (@results) = $telnet->cmd($command);
- telnet_close($device);
- foreach my $result (@results) {
- print $result;
- }
- foreach my $result (@results) {
- $result =~ s/^\s+//g;
- my @line = split(/\s+/, $result);
- my $dmac = $line[1];
- address_hunt($device,"address",$dmac,$vlan);
- }
- }
- sub address_hunt {
- my ($device,$type,$mac,$vlan) = @_;
- if ($vlan) {
- print "\n! $device Lookup For ; CAM $type $mac vlan $vlan\n";
- }
- else {
- print "\n! $device Lookup For ; CAM $type $mac\n";
- }
- telnet_open($device);
- sleep 2;
- my $command;
- if ($vlan) {
- $command = "sh mac address-table address $mac | i ^ $vlan";
- }
- elsif ($poison) {
- $command = "sh mac address-table address $mac | e $poison\$";
- }
- else {
- $command = "sh mac address-table address $mac";
- }
- #print "Command: $command\n";
- my (@results) = $telnet->cmd($command);
- telnet_close($device);
- foreach my $result (@results) {
- if ($result =~ /$mac/) {
- print $result;
- }
- }
- foreach my $result (@results) {
- if ($result =~ /$mac/) {
- $result =~ s/^\s//g;
- $result =~ s/^\s+//g;
- my ($vlan,$smac,$state,$port) = split(/\s+/, $result);
- #print "PORT $port\n";
- my $proc = "$device:$port:$mac\n";
- if (!$proced{$proc}) {
- cdp_hunt($device,$port,$type,$mac);
- }
- $proced{$proc}++;
- }
- }
- }
- sub cdp_hunt {
- my ($device,$port,$type,$mac) = @_;
- print "! $device Exit Via ; CDP $port\n";
- my $found;
- telnet_open($device);
- sleep 2;
- my $command = "sh cdp neigh $port";
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- #print $result;
- my $result2 = $result;
- $result2 =~ s/^\s//g;
- $result2 =~ s/^\s+//g;
- $result2 =~ s/Gig /Gi/g;
- my (@line) = split(/\s+/, $result2);
- $ddevice = $line[0];
- $dport = $line[-1];
- $sport = $line[1];
- if ($sport eq $port && $devicetypes{$ddevice}) {
- print $result;
- $found++;
- #print "ADJACENCY $ddevice $dport\n";
- print "\n! $device $port adjacent to $ddevice $dport\n";
- telnet_close($device);
- $poison = $dport;
- address_hunt($ddevice,$type,$mac);
- }
- }
- if (!$found) {
- print "\nPort Status\n";
- print "-----------------\n";
- my $command = "sh int $port desc";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- if ($result =~ /$port/) {
- my $offender = "$device $result";
- push (@offenders, $offender);
- }
- }
- if ($portdetail) {
- stats($port);
- }
- telnet_close($device);
- }
- }
- sub stats {
- my ($port) = @_;
- print "\nPort Config\n";
- print "-----------------\n";
- my $command = "sh run int $port";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nPort Stats\n";
- print "-----------------\n";
- my $command = "sh int $port";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nSwitching Stats\n";
- print "-----------------\n";
- my $command = "sh int $port stats";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nTrunking\n";
- print "-----------------";
- my $command = "sh int $port trunk";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nSpanning Tree\n";
- print "-----------------";
- my $command = "sh spanning-tree int $port";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nStorm-Control Broadcast\n";
- print "-----------------\n";
- my $command = "sh storm $port broad";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- print "\nStorm-Control Multicast\n";
- print "-----------------\n";
- my $command = "sh storm $port multi";
- sleep 2;
- my (@results) = $telnet->cmd($command);
- foreach my $result (@results) {
- print $result;
- }
- my $porta = substr($port,0,2);
- my $portb = substr($port,2);
- #print "\nLog Buffer\n";
- #print "-----------------\n";
- #my $command = "sh log | i $porta".'.*'."$portb ";
- #sleep 2;
- #my (@results) = $telnet->cmd($command);
- #foreach my $result (@results) {
- # print $result;
- #}
- }
- sub telnet_open {
- my ($device) = (@_);
- $telnet = new Net::Telnet ( Timeout=>60,
- Errmode=>'die',
- #Dump_log=>'/tmp/dump.log',
- #Input_log=>'/tmp/input.log',
- Prompt => "/$device(\>|\#)/");
- my $prev = $telnet->max_buffer_length(16777216);
- my $telnet_ok = $telnet->open($device);
- $telnet_ok = $telnet->login($cisco_username, $cisco_password);
- $telnet->cmd('enable');
- $telnet->cmd('term length 0');
- }
- sub telnet_close {
- $telnet->close;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
