#!/usr/local/bin/expect -f# This script needs 5 arguments to connect to remote

1. #!/usr/local/bin/expect -f
2. # This script needs 5 arguments to connect to remote ASA:
3. # username = asa username
4. # password = Password of ASA
5. # ipaddr = IP Addreess of ASA
6. # ipshun = ip being shunned on the ASA
7. # firewallpass = the password to enable on the ASA
8. #------------------------------
9. # SET VARIABLES
10. set username USERNAME
11. set password PASSWORD
12. set ipaddr IP
13. set ipshun [lindex $argv 1]
14. set no [lindex $argv 2]
15. set timeout -1
16. set firewallpass ENABLE
17. # CONNECTION ATTEMPT
18. spawn ssh $username@$ipaddr
19. match_max 100000
20. # LOOK FOR PASSWORD PROMPT
21. expect "*?assword:*"
22. # SEND PASSWORD $password
23. send -- "$password\r"
24. #LOOK FOR PROMPT
25. expect "ASA-FW>"
26. #GO INTO ENABLE MODE
27. send -- "enable\r"
28. #GET ENABLE PASSWORD PROMPT
29. expect "*?assword:*"
30. #SEND ENABLE PASSWORD
31. send -- "$firewallpass\r"
32. #LOOK FOR PROMPT
33. expect "ASA-FW#"
34. #GO INTO CONFIG MODE
35. send -- "config t\r"
36. #LOOK FOR PROMPT
37. expect "ASA-FW"
38. #SHUN IP ADDRESS DECLARED OR UNSHUNNED
39. send -- "$no $ipshun\r"
40. #LOOK FOR PROMPT
41. expect "ASA-FW"
42. #WRITE CONFIG
43. send -- "wr mem\r"
44. #LOOK FOR PROMPT
45. expect "ASA-FW"
46. #WRITE TO BACKUP
47. send -- "wr net\r"
48. #LOOK FOR PROMPT
49. expect "ASA-FW#"
50. #EXIT
51. send -- "exit\r"
52. #LOOK FOR PROMPT
53. expect "ASA-FW"
54. #EXIT
55. send -- "exit\r"
56. #SHUNNING IS COMPLETE
57. expect eof