http://www.perlmonks.org?node_id=14876
activeblock
on May 31, 2009 at 03:28 UTC
by sflitman
Root-executed code scans logfiles or waits as a daemon for new log entries to actively block invalid access attempts using iptables. IPs are logged in a small database and once there are 5 invalid attempts bada boom they're outta there. Has ability to list the ipchain, unblock/allow an IP, or block a specified IP from the command line. This is Linux (probably Debian/Ubuntu) specific, but might work on Red Hat systems too. Verify which log files to scan by looking for typical phrases like 'invalid user' and 'failed login' or my favorite, POSSIBLE BREAK-IN ATTEMPT. /var/log/auth.log and /var/log/secure are the most common.

For daemon use, put activeblock in /root and this line in root's crontab:

0,30 * * * * cd $HOME; ./activeblock -cu /var/log/auth.log 2>>/root/ac +tiveblock.log &
Cisco Router Action Performing Perl Script
on Mar 11, 2009 at 12:50 UTC
by VinsWorldcom

Script will interface with Cisco router via SNMP or Telnet, supporting regular login or username, and perform actions. SNMP supports a get config, put config and a save config ("wr mem" for IOS). SNMP mode also supports get and clear VTY line function and a get interface list and monitor interface utilization function, including CPU, memory and proxy ping.

Telnet mode supports the issuing of commands from a file. The only default command issued in TELNET mode is "terminal length 0" for IOS or "set length 0" for CatOS. Therefore, show commands can be in the commands file along with config commands (on IOS, as long as preceded by a "config term" and followed by an "end" and "wr mem" if save is desired). Telnet mode supports log file of session transcript.

Password decrypt and encrypt mode is provided for Cisco passwords. Type 7 (not "enable secret") are decrypted or encrypted to the 16 possible encryptions. Type 5 ("enable secret") are encrypted or decrypted by dictionary brute force.

Server mode is provided for simple service listening mode.

Server to Server irc channels retranslator (xchat style)
on Nov 11, 2008 at 03:59 UTC
by motzi
You have to choose one source server to copy all talks from (OUT_SERVER in %cfg) and other server to paste (IN_SERVER in %cfg) all from source. Looks like some irc 'spy'.
See code's %cfg to understand it better.

You can use some commands on IN_CHANNEL:
!say bla # will say bla to OUT_CHANNEL
!me bla # action say on OUT_CHANNEL
!sayto nick bla # will say bla to nick on OUT_SERVER
!list # will list all OUT_CHANNEL users
!whois nick # whois nick on OUT_SERVER
!nick newnick # change nick on OUT_SERVER


* can transcode between various codepages
* use local IP addr

########### FIXED BUGS ###############
№01: '!sayto nick message' is delivering receiver's nick instead of message
402: elsif($_[0] =~ /^sayto\s+([^\s]+)\s+(.+)/i) 403: { -404: print $out_sock "PRIVMSG ",$1," :",$1,"\r\n"; +404: print $out_sock "PRIVMSG ",$1," :",$2,"\r\n";
№02: wrong color handling on external msg echos
397: elsif($_[0] =~ /^say\s+(.+)/i) 398: { 399: print $out_sock "PRIVMSG ",$cfg{OUT_CHAN}," :",$1,"\r\n"; -400: print $in_sock "PRIVMSG ",$cfg{IN_CHAN}," :",$color{'graylight'} +,"<",$color{'blue'},$cfg{OUT_NICK},$color{'graylight'},"> ",$clr,$1," +\r\n"; +400: print $in_sock "PRIVMSG ",$cfg{IN_CHAN}," :",$color{'graylight'} +,"<",$color{'blue'},$cfg{OUT_NICK},$color{'graylight'},">",$clr,' ',$ +1,"\r\n";
Using SOCKS via Net::SSH::Perl
on Sep 25, 2008 at 20:11 UTC
by cmv
If you want to use Net::SSH::Perl to setup an SSH connection to a far-end target, via another machine running SOCKS.

This is a prime example of standing on the shoulders of giants. I basically copied the Net::SSH::W32Perl code, which overloads Net::SSH::Perl to fix a windows compatibility problem, and added the ability to create the outgoing socket by using the Net::SOCKS module. I created new entries for the Net::SSH::Perl::Config data structure (socks_proxy, socks_port, and socks_protocol) to pass in the data for Net::SOCKS.

The code as-is should be saved into a file called mySSH.pm, and you should do a use mySSH from your perl script.

I'm not convinced this is the best way to solve this problem, but it was the way that occurred to me at the time I needed it. Please feel free to comment, and maybe we can have this put into CPAN officially.

-craig

UPDATE 1: Minor update to comments

UPDATE 2: Contacted Module Author who asked for a feature request: rt://39798

Simple bi-directional forking commandline client
on Sep 05, 2008 at 19:39 UTC
by zentara
About as simple a forking bi-directional client as you can get. Use with Glib based forking server with root messaging
Glib based forking server with root messaging
on Sep 05, 2008 at 19:26 UTC
by zentara
This is a forking server to handle multiple connections, as well as 1 way root messaging to all connected clients. If you need a bi-directional client for testing, try Gtk2 Interactive Chat client or get the super simple commandline forking client at Simple bi-directional forking commandline client

The code will allow root messages to be sent to all clients (or you can disable this feature by comment changes.) It should also show the way for multi-echoing all text to all clients, if desired.

This server is Glib based, an event-loop system, so you can put many other things in the mainloop simply by adding a timer to launch them. This saves the hassle od complex nested while loops.

UPDATED Sept 6,2008, added commented code to use Glib::IO instead of Gtk2::Helper; both are available, but Gtk2::Helper is simpler to use.

cccp - Cisco Console Command Parser
on Aug 18, 2008 at 23:21 UTC
by colakong
A utility for batch processing of IOS commands. I use it for managing large numbers of Cisco Catalyst Express 500 series switches.
pcap2mpeg
on Jan 09, 2008 at 14:50 UTC
by walto
pcap2mpeg is a script to extract data from a network capture of an IPTV session and saves it to a file which can be viewed as mpeg. IPTV uses the UDP protocol and is (in this case) sent via multicast addresses. The capture has to be in pcap format (tcpdump or wireshark).
Punch hole inbound for Apple NAT-PMP Router
on Jan 01, 2008 at 04:52 UTC
by merlyn
Recent apple base-stations understand the Apple-created (but open documented) "NAT-PMP" protocol to dynamically establish forwarded ports. This is similar to the uPnP protocol for windows-compatible firewalls.

I couldn't find any existing tool to forward an arbitrary port, but hey, it's just simple UDP, so I whipped up this Perl program to do the forwarding.

Adjust the capitalized configuration constants in this program as follows:

$GATEWAY
Internal IP address of your NAT-PMP-enabled router
$PROTO
1 = udp, 2 = tcp
$EXTERNAL
external port on router to map
$INTERNAL
internal port on your box to map to
$TIME
Time in seconds to keep alive (max one hour = 3600)
Then let it run in the background. It'll start by printing the external IP address of the router if all goes well, and then it'll start mapping the port. Every half of $TIME (as recommended), it'll renew the mapping for another $TIME seconds.

Quick and dirty. No warrantees expressed or implied.

A WebDAV server with authentication
on Dec 23, 2007 at 12:27 UTC
by Corion

This is a small WebDAV server I use for serving files to other people. WebDAV is quite convenient for serving files because "all three" operating systems offer a client that allows you to treat a WebDAV share as a remote file system. It extends the sample code of Net::DAV::Server to provide HTTP basic authentication, so it can be exposed on the internet without being completely open.

I've implemented a separation of privileges into "readers" and "writers", but so far I haven't felt the need to export write privileges. So maybe that part shouldn't have been written at all, in the spirit of Dominus.

On the side of prerequisites, this one is quite heavy. It uses Net::DAV::Server, which in turn pulls in XML::LibXML. It uses Filesys::Virtual, Authen::Htpasswd and HTTP::Daemon.

Proxyfinder
on Dec 23, 2007 at 01:27 UTC
by Onur
This program is not usable anymoreThis program finding proxies (getting from samair.ru/proxy) and optional pinging them. Example output:
IP   Port  Country  Status  Ping
129.69.210.96  3128  Germany  Online  101
193.196.39.10  3127  Germany  Online  103
141.76.45.17  3124  Germany  Online  104
80.156.84.39  80  Germany  Online  105
217.172.56.174  23  Germany  Online  107
80.156.84.38  80  Germany  Online  107
88.198.9.185  3128  Germany  Online  107
Example XML output:
<?xml version='1.0'?>
<opt complete_time="1198372633">
  <proxy ip="202.56.176.1" checktime="1198372568" country="Afghanistan" durum="Online" ping="678" port="3128" type="transparent proxy" />
  <proxy ip="196.202.252.244" checktime="1198372570" country="Angola" durum="Offline" ping="0" port="80" type="transparent proxy" />
  <proxy ip="200.81.25.5" checktime="1198372572" country="Argentina" durum="Offline" ping="0" port="3128" type="transparent proxy server" />
  <proxy ip="190.2.61.161" checktime="1198372572" country="Argentina" durum="Online" ping="316" port="80" type="high-anonymous proxy" />
  <proxy ip="201.234.107.165" checktime="1198372573" country="Argentina" durum="Online" ping="357" port="80" type="transparent proxy" />
  ...
</opt>
This program doesn't have any sort option. I dont know how can i short an array reference. You can sort output with `sort` command. For example if you want to sort ping column:
./proxyfinder.pl --text --ping | grep Online | sort -k 5
You can download latest version of this program:
cvs -d :pserver:anonim@0nur.net:/root checkout proxyfinder
This is my first post to here. Sorry for my bad English
host-switchport mapper
on Dec 07, 2007 at 18:59 UTC
by colakong
A utility for describing where hosts are physically connected. Queries Cisco switches for CAM tables, queries hosts for MAC information using wmic (available on WinXP/W2K3), compares CAM/MAC information for host-to-switch-and-port-and-vlan mapping.
WIN32: Permanent & Current MAC Addresses
on Sep 24, 2007 at 19:47 UTC
by cmv
Folks-

This is a script that will query all the available windows network device drivers for their current and permanent MAC addresses. The permanent address should be what the device driver reads from the device firmware, and so I don't believe is easily spoof-able. If that's not the case, please post here.

I got lots of help on this; thanks to everyone, and specifically:
pKai - For introducing me to wmic Re: WindowsRegistry{ServiceName} V.S. wmic{ServiceName}
almut - For his great ioctl code Re: Getting MAC Address(s) on Windows PCs

The MAC addresses reported by the driver are saved as $node{macPerm} and $node{macCurr} along with all the other information about the device.

Hope it comes in handy...

-Craig

UPDATE:
Oct-01-2007: Checking $nBytes from DeviceIoControl - avoids returning meaningless buffer stuff
Oct-02-2007: Providing correct size of packed OID query

Subnet Overlap
on Aug 21, 2007 at 03:50 UTC
by bfarley
Analyzes tab-delimited file with network blocks for duplicates and subnet overlaps. Created for use with CISCO SESM, but could be used with any application that uses stored network blocks.
MySQL Query Sniffer
on Jul 16, 2007 at 21:22 UTC
by jagh

A MySQL query sniffer. It sniffs the network with Net::Pcap, extracts queries from MySQL packets, and prints them on standard output.

The documentation, as well as any future versions, lives at [http://iank.org/querysniffer/]

socksumm -- Display a summary of open sockets
on Sep 13, 2006 at 10:59 UTC
by grinder

I've had this lying around for some time. It just takes the output of netstat and summarises the information à la vmstat, iostat. I have used it for keeping an eye on large daemons that have shown a tendency to go mad.

I don't see that there's anything else to add to it, but I'd be interested in seeing if anyone has suggestions and ways it could be improved.

update: now with Win32 support! thanks Discipulus for the suggestion

Net::Telnet::Options example code
on Oct 14, 2005 at 22:23 UTC
by castaway
An example of how to use Net::Telnet::Options, here for peer review, will be added to the tarball.
Insert the 4th TCP packet after TCP three-times handshakes
on May 03, 2005 at 07:33 UTC
by shanleiguang
Insert the 4th TCP packet after TCP three-times handshakes. Parent process calss socket API 'connect()' to complete TCP 3times handshakes, at the same time, child process sniffing and inserts the 4th packet.
IO.pl
on Apr 07, 2005 at 18:29 UTC
by giulia
This script convert an ip (or url) into a 32 bit adress.
Ping2
on Feb 14, 2005 at 22:39 UTC
by sifukurt
At work, we've got some fairly strict firewall rules. Specifically, I can't ping outside addresses. This has got in my way many times. Plus, we're almost exclusively a Windows shop and the Windows ping utility irritates me to no end. Put all those things together, and I finally decided to do put together a simple script that will allow me to work around the problem. By default, it does a TCP ping to a specified host on port 80. You can override this behavior from the command line. I've given it to several of the people I work with and they've found it useful. I hope you will, too.

UPDATE: I apologize for the license issue with the original post. That wasn't intended to be included. This was done for when I was handing it around at work. There was a rash of people taking code that other people had written and passing it off as their own to the CIO. Those of us who were bitten by such behavior were forced to start using restrictive licenses for things used at work. I sincerely apologize. That wasn't, never has been, and never will be my intent for things posted here. It rather defeats the purpose. As to why it was written instead of using some other pre-existing tool, several reasons. First, simply for the fun of writing something. I enjoy it. It makes me happy. Second, since I intended for other people I worked with to use it, I wanted to keep it simple and I wanted its behavior to closely mimic that of "ping." Again, I apologize for the licese snafu.
bp (Bounce Port)
on Dec 11, 2004 at 18:55 UTC
by tremere
redirects a tcp or udp port to another tcp or udp port (only tcp to tcp tested), a file, or a program. (file and program not implemented yet, but shall be) At some point regexp replacement...
Token bucket rate limiter
on Oct 27, 2004 at 17:21 UTC
by kappa
Token bucket is a simple but powerful algorithm to limit the rate of a stream of items. I'd like a review, please, if someone has a spare minute or two.
ircpipe
on Aug 18, 2004 at 17:39 UTC
by iblech
ircpipe allows simple shellscripts to send messages over IRC.

ircpipe consists of two parts, a daemon and a client. A FIFO is used for IPC:
mkfifo ~/.ircpipe.fifo

Then, start the daemon:
ircpiped --fifo=$HOME/.ircpipe.fifo -v

Now you can use ircpipe to send something:
date | ircpipe --server=thestars --to=iblech
date | ircpipe --server=thestars --to=#bots

The server will connect to the given server and join the given channel if necessary.
Connections are kept alive.
ircpipe will return immediately after notifying the daemon, i.e. it does not wait for the message to be delivered.
If you send too long lines for IRC, they get word-wrapped.

Note: ircpipe depends on POE::Component::IRC::Tracking, which can be found here.
Note: ircpipe does not work on Win32, because ircpipe depends on FIFOs.
For your convenice, all necessary files are packaged at http://m19s28.vlinux.de/iblech/ircpipe.tbz2.

Update: ircpiped didn't correctly detect if it's logged in. Fixed.
POE::Component::IRC::Tracking
on Aug 18, 2004 at 16:05 UTC
by iblech
POE::Component::IRC::Tracking adds tracking support to POE::Component::IRC, i.e. the bot knows its current nick and the channels it joined. Use it exactly like POE::Component::IRC.
Perl/Tk GUI IRC Client
on Jul 24, 2004 at 03:37 UTC
by #include
A GUI IRC Client in less than 1200 lines of code (including whitespace, comments, and POD). Uses Perl/Tk, POE, POE::Component::IRC, and Getopt::Mixed. Heavily commented. Tested on Mandrake 10, Windows 98, Windows XP, Windows 2000, and Ubuntu Linux 6.06.


UPDATE: Added some more GUI settings, squashed a couple of bugs, and expanded what you can put in a config file.
UPDATE: Added a whole slew of new GUI settings, and fixed a bug in topic display.
UPDATE: Fixed a bug in topic retrieval (topics that contained a ':' were truncated).
UPDATE: Fixed a bug causing the client to error out on newer versions of Perl.
Get External IP From Linksys Router
on Apr 28, 2004 at 15:03 UTC
by meonkeys

This script can get the external (WAN) IP assigned to a Linksys BEFSR41/BEFSR11/BEFSRU31 router using the Web interface provided by the router. The external IP is printed to standard output.

requires WWW::Mechanize, HTML::Scrubber, HTML::Entities, and Regexp::Common.

A good alternative to this script is simply fetching http://checkip.dyndns.org/ and parsing that result.

Net::Server::POP3::Skeleton
on Apr 05, 2004 at 21:18 UTC
by bbfu

Moved from where I originally posted it (at Re: POP3/IMAP Server modules?), to be more organized and easier to find. Also updated slightly.

A skeleton POP3 server, based on Net::Server. Handles the connections, and parsing and validating the commands. Dispatches commands as method calls.

Note: This module does work on Win32, despite the tests for Net::Server failing/hanging. If you manually install Net::Server, it will work (mostly) fine (see the CAVEATS section of the POD).

(code) Netfilter/iptables log parser/reporter for PHB consumption
on Nov 10, 2003 at 04:16 UTC
by ybiC

A lightweight parser for Netfilter logs.   Produces a highly-simplified summary report for PHB consumption.   Sample input and report at tail of pod.

From a perlish standpoint, this has been my re-entry after a couple-month absence, and an exercise in using File::Temp properly, as well as an introduction to the following modules:

Update: as always, critique is welcome and requested.

Clean unknown users/email from pop3 account
on Sep 20, 2003 at 20:59 UTC
by castaway
Someone started using my domain name to send spam mails, and I started to receive bounces to users that don't exist on my machine.. (I have a multi-drop pop3 account) So I decided to write a little something to remove them before they get picked up and delivered to root. This is meant to be added to .fetchmailrc using the 'preconnect' command. It relies on several MailTools modules (included in 5.8.0). The check if a user is valid locally is made using getpwnam() and Mail::Alias which parses sendmails aliases file.

Update: Also now throws away mails from certain countries, using Geo::IP to determine the oroginal source of the mail. Also parses/uses an XML email whitelist, to accept legitimate mails sent to mailing lists that I receive.

wcdns - report on wildcard DNS domains
on Sep 16, 2003 at 22:47 UTC
by thrig
Provides means to determine which TLD have wildcard DNS records, or whether particular domains resolve to the wildcard address(es).
Perl IRC Bot Skeleton
on Jun 17, 2003 at 11:18 UTC
by #include
GirBot is an IRC bot written to be a "skeleton" for other Perl IRC bots. That is to say, all of the "hard" work (connection, configuration, etc.) is already done, but not much else. All of GirBot's settings are loaded from a default configuration file. Unchanged, all GirBot does is connect to an IRC server and print any data it receives to STDOUT, but it does provide a usefull base for those wanting to write a Perl IRC bot to start from. Heavily commented. Uses Net::IRC.
Time-Slice Concurrent Ping
on Apr 26, 2003 at 00:23 UTC
by rob_au
Ping multiple hosts concurrently ... with no threads, no forks, no external binaries.

I have recently found myself in the position where I have needed to check the connection status of a large number of hosts concurrently within a Perl script - While this task could easily be implemented with external binaries such as fping, the requirement to check the connection status of each of these hosts was secondary to other requirements of the script.

While there have been a number of scripts posted on this site previously which implement this task, I found myself faced with a number of other requirements of the implementation environment which complicated this task. The environment in which this script was to run, did not have a threaded Perl interpreter, preventing the use of threads as proposed previously in this thread, and was a heavily loaded environment, countering the usefulness of forking multiple processes to ping hosts in unison. Additionally, while not an absolute, the installation of additional modules which would make this task immensely easier, such as POE and POE::Component::Client::Ping, was discouraged.

The solution to this problem revolved around the building of a script which incorporated a time-slicing execution method through the use of select.

The following script uses a loop centered around a timeout queue as the basis of execution - New ping connection attempts are created up to a maximum number of concurrent connection attempts, configurable by setting the constant, MAX_CONNECTIONS, within the script, and execution will continue as long as there are ping connection attempts pending timeout.

All ICMP echo requests are generated within this script, allowing the unique sequence number of the ICMP ECHO packet to be paired with an IP address. The determination of an ICMP ECHOREPLY packet waiting the be read on the network socket is carried out with select thereby not blocking indefinitely and allowing other code execution to take place.

Updated - As per zengargoyle's comments below.

Cisco Telnet
on Feb 18, 2003 at 20:28 UTC
by CongoGrey
This script will import a list of Ip addresses into an array and then telnet to the Cisco routers and execute commands and log the output to a file. useful for making changes to a lot of routers where SNMP MIBS are not available.
FileShare.pm
on Jan 10, 2003 at 18:34 UTC
by gravalo
The development of FileShare.pm started while I was working on an ICB bot. I wanted to be able to share files on an ICB channel either via a bot or a chat client.
FileShare.pm uses a very basic protocol to allow a client to request a file from a server. The server, if the file is contained in _directory will then respond with an acknowledgement and the file size. The server then will open the requested file and print it to the client, which is storing the file as file_name.copy.
The following is an example of a file server created with FileShare.pm:
#!/usr/bin/perl -w use strict; use FileShare; my ($fh) = FileShare->new(_send_only => 1, _socket => 1, _directory => '/tmp/files_to_share', _debug => 1); $fh->server_connection;

and the following is an example of a file sharing client:
#!/usr/bin/perl -w use strict; use FileShare; my ($fh) = FileShare->new(_send_only => 0, _socket => 1, _directory => '/home/userid', _debug => 1); $fh->client_connection("x.x.x.x", "3000", "somefile");
P2P Homework
on Dec 09, 2002 at 22:29 UTC
by Beatnik
This is one of 2 homeworks for Distributed Systems class in my final year of Comp Sci. (The other homework being a webserver and a web client). I already turned this in BTW. This is a classic P2P, Napster style. One core server handles IPs and filenames. Client forks into client & server. PS: This is my 666th node. This homework is probably doomed to get a D mark or something.
IPTables Log Parser to postgres
on Dec 07, 2002 at 08:11 UTC
by Ryszard
Dismayed at the platform this uses, I decided to write my own IPTABLES log parser. My own platform is apache, perl and a postgres database, I wasnt about to go and change my database, nor my preferred language just to use it.

Using this module I posted a little while ago the IPTABLES log parser can be modified to use any database backend supported (by DBI), all you have to is work out the differences in the sql.

This module was developed on a RH8.0, perl 5.8.0 and iptables 1.2.6a platform.

The method used is relatively inefficient as it will re-parse the log file each time it is executed and as such uses md5 to determine if the record has been processed before (does a a select for the hash key in the database). This is fine for my personal use, but wont really scale that well..

Personalisations:
•I'm using the the "itp" string to determine what are iptables entries in my syslog.
•Redhat uses /var/log/messages
•Your log format may differ slightly different from mine.. make sure the data you're putting in your DB is sourced from the correct log fields.

Packet Capture IP Accounting
on Nov 20, 2002 at 01:17 UTC
by rob_au
This script makes use of the libpcap library to capture network packets in a non-switched environment for the purpose of traffic logging and accounting. All captured traffic is logged to a MySQL database to facilitate later analysis and auditing.

Note that execution of this script will require root privileges or equivalent as the network interface is set into promiscuous mode.

The incipience behind this script was a client who required the establishment of an IP accounting system to audit traffic usage over the corporate LAN. Constraints in the existing network topology led to the development of this code such that this IP accounting could be carried out without impacting upon the existing network infrastructure.

The database table structure for logging is as follows:

CREATE TABLE ipacct ( src_ip varchar(16) NOT NULL default '0.0.0.0', src_port smallint(5) unsigned NOT NULL default '0', src_mac tinytext NOT NULL, dest_ip varchar(16) NOT NULL default '0.0.0.0', dest_port smallint(5) unsigned NOT NULL default '0', dest_mac tinytext NOT NULL, protocol tinyint(4) NOT NULL default '-1', length smallint(6) NOT NULL default '-1', flags tinyint(4) NOT NULL default '-1', timestamp timestamp(14) NOT NULL ) TYPE=MyISAM;

Available options for configuration include interface specification, packet capture filter and database connection information. These options can mostly be set by command line parameters or an external configuration file - See the BEGIN block and code comments for details.

cisco-insert
on Oct 28, 2002 at 17:45 UTC
by neilwatson

Cisco-insert will parse a commented text file of Cisco IOS rules and upload them to a router. A backup of the running config is made prior to the upload.

SOCKS4 Server in Perl
on Jul 01, 2002 at 18:21 UTC
by strredwolf
Something I grew frustrated with, so I wrote up my own Socks 4 server. Supports CONNECT and BIND. Probably extensible to Socks 5 (have to pull the specs on it). Quick and dirty hack.

To use, grab netpipes and use socks4.pl outgoingIPaddr

cvs daemon in perl
on May 10, 2002 at 18:37 UTC
by tallfred

I wrote a CVS server in perl which stores the repository in MySQL. I am working on a better access/privileges system, but some feedback would be useful. http://fdd.com/software/dcvs/

The code has a web page interface very similar to cvsweb.

(code) HTTP connectivity log, or nail up dial connection
on Apr 23, 2002 at 01:08 UTC
by ybiC

Fetch a random web page from a list of URLs.   Waits a random length of time between fetches.

Written with two purposes in mind:
  * log internet connectivity
  * nail up analog dial connection
Mostly the latter, so my ISP won't drop my connection during looong downloads.

There are a number of commandline options+arguments.   Perhaps the more interesting are

  • --verbose=1 which reports only delta of success/fail ala zeno from Internet Connection Uptime Logger
  • --errDelay=1 to cause almost-immediate retry on fetch failure
  • --daemonize which backgrounds and disconnects so vty can be closed
  • --logging to print progress, options, and versions to file

From a Perlish perspective, this has been an exercise in rand, IO::Tee and Proc::Daemon, plus Getopt::Long bobs that I ended up not using.   I started out "use"ing Proc::Daemon, but had to copy+tweak subs from it to allow logging-to-file while daemonized.

Thanks to tye, fletch, tachyon, lemming, chmrr and others for tips and suggestions.   And as always, constructive criticism is welcome and invited.

The Veachian IRC Daemon
on Mar 29, 2002 at 23:07 UTC
by Veachian64
This is an IRC daemon I wrote out of sheer boredom in Perl. It's in the public domain, so if anyone wants to see a simplified example of an IRC server or how a server written in Perl works and use it for whatever they want, here it is. This is the latest version of the code. An archive containing all the previous versions of the code is available as a zip or a tarball. Read the README in the archive for more info.

Updated: 12/23/2002
ARP Watch
on Mar 07, 2002 at 12:16 UTC
by rob_au
This code watches for ARP requests on the ethernet address specified and sends an alert email to the network administrator in the event of a change in the hardware MAC address associated with an IP address. This was developed in part for a network traffic accountancy system in order to maintain record of machine hardware addresses and minimise the likelihood that network users could introduce foreign equipment onto the network.

It should be noted that this code was written as a proof of concept moreso than as a stand-alone piece of code. However, this code is interesting in its own right in that no external binaries are called upon for the capturing or interpretation of the ethernet ARP packets, instead relying upon the libpcap packet capturing library.

For previous nodes relating to this type of application, review (code) MAC n' IP cheese, How can I find a MAC address from aremote IP ? and MAC Address and NIC Device on Network.

ACL Tool for Cabletron/Enterasys L2 switches
on Feb 15, 2002 at 19:07 UTC
by zengargoyle

Helps manage the Access Controll List on Cabletron/Enterasys L2 switches (6000/2000). Requires SNMP, 2nd/3rd Gen switches w/ latest 2.0+ code, and the MIB's from Enterasys' web site.

I would wait until it's prettier, but with the SNMP problem it' may prove usefull to anybody with these switches.

Tips, comments, etc. more than welcome. Hope it helps somebody somewhere.

(code) UDP timeout for IO::Socket, plus Pod::Usage with Getopt::Long
on Jan 22, 2002 at 08:03 UTC
by ybiC
A localhost TCP+UDP port sccaner, intended to supplement netstat -vat, which doesn't seem to report listening UDP services.   Requires no additional modules beyond those in the base Perl.

portck.pl was written to aid in configuring the author's computers in a reasonably secure manner. Anyone using this software is encouraged to do so in a responsible and constructive fashion. Remember, kids, always use your powers for *good*, not evil.

From a perlish perspective, this ditty has been an introduction to IO::Socket, as well as finally getting around to applying the most excellent Pod::Usage in conjunction with Getopt::Long.

As always, comments and critique are respectfully requested (and appreciated).
    cheers,
    Don

Update: added a bit o'clarification to description
Just found netstat -vatu for localhost TCP *and* UDP services.   D'oh!

UDP sniffer
on Dec 20, 2001 at 07:05 UTC
by cforde
This is something I'd been thinking about doing for a while. The other day I saw Simple UDP example anyone? and decided it was time.

The way to use it is to change the first 5 variable declarations to suit, make sure the server is running, run this script (which will redirect requests to the server) and start the client. The client will think it's talking to the server and the server will think it is talking to the client. Meanwhile the script is displaying their conversation for you to see. Great for debugging UDP applications when you don't have real networking tools available. With a little tinkering you could also, uhmm, diddle with the conversation...

update: improved formatting and link

Scan C-Class for used IP-addresses
on Dec 07, 2001 at 16:23 UTC
by cab
This program scans trough a given C-Class subnet and lists the addresses that respond to ping to a file.
I used it to list the addresses on our network, so i could find unused addresses.
It's not pretty or witty, but it worked for me.
The script keeps on scanning, until interrupted. Although the replys are written only once to the file.
Use the code with option 'sort <filename>' to sort the output
It uses a sort routine suggested by tye in the QA section on sorting. (Thanks for that)
Any suggestions are welcome.
This is also my first code post, so be gentle.

/cab
(code) Dynamic DNS Update with IO::Interface (look Ma, no backticks!)
on Nov 28, 2001 at 07:38 UTC
by ybiC
One of my boxen is dial-connected nailed up using /etc/ppp/ppp_on_boot plus persist and holdoff parameters in /etc/ppp/peers/provider.   Whenever the connection is (re)established, this ditty sends the new ppp0 IP address to my dynamic DNS provider.

Not much of a Perlish exercise, but was fun to make practical use of new (to me anyways) IO::Interface.

Start dynamic DNS update:

Check ppp0 status: ACTIVE
Query host for ppp0 address: PASS
Post ppp0 IP address to DynDNS service: PASS
Check DNS propagation via name lookup: PASS
Compare resolved address to local: PASS
  nnn.nnn.nnn.nnn <= my.host.com
  nnn.nnn.nnn.nnn <= ppp0

Finished dynamic DNS update
PIX Syslog Parser
on Nov 07, 2001 at 02:22 UTC
by salsa
This is actually my first PERL program. It uses File::Tail and Net::SMTP to watch your PIX firewall log for changes, evaluates the changes based on keywords and then e-mails/alpha pages on a match as well as logging the entry into a critical_log file. In addition, it evaulates the growing log size and rolls it into a date and time stamped archive when it hits a certain size. Keep in my mind, that this is my first program! if you have any questions or constructive (<--- NOTE) criticism, please feel free to e-mail me.
(code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP
on Nov 06, 2001 at 03:50 UTC
by ybiC
Automate password updates for any number of Cisco routers and Catalyst switches.   Uses Net::SNMP to detect device+code types, and Net::Telnet::Cisco to make the changes.   Old, new, and confirm password entries blanked by Term::Readkey.   Command line switches facilitated by Getopt::Long.

Is a substantial rewrite and consolidation of the now deprecated "(code)) Cisco Pass Mass - IOS (deprecated by node 123464)" and "(code)) Cisco Pass Mass - CatOS (deprecated by node 123464)".   Cleaner code.   Better error detection and handling, activity logging, and results reporting.

Commandline switches include:

 --help     print Usage() to screen
 --nochange reset pw's to original
 --ROcomm   will prompt for SNMP RO community string. Default of 'public'
 --target   accepts IPaddr, hostname or fqdn of single target
 --infile   accepts name of text file list of multiple targets.

Thanks to Petruchio for pre-post critique+comments+corrections, and to c for inspiration and example of Net::SNMP device-type detection from Pancho. Also to several monks who offered good counsel on prior efforts leading up to this project.

I'm seriously considering submitting this to Freshmeat and/or Sourceforge, so please chew it up and spit it out and let me know what's not tasty.
    cheers,
    Ned

(code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel
on Oct 29, 2001 at 22:26 UTC
by ybiC
Query SNMP-enabled devices for interface (in|out)put octets, ifSpeed, ifName.   Creates chart of %bandwidth vs. time in PNM, PNG, and/or PostScript formats.   Raw data in CSV, tab-delimited, and/or Excel formats.

Intended for spotchecks or periodic monitoring of individual interfaces.   Tools like MRTG, MCSview, SNMPc, CWSI do well for large number of ports.

Sample graph output temporarily on my homenode pix.   As always... critique, comments, and suggestions are welcome and appreciated.

Usage:
snmpiio.pl target ifIndex iterations delay outdir

target: an IPaddress, DNS name, or FQDN.
ifIndex: SNMP parameter specifying port or interface.
iterations: how many queries you wish to run. (minimum 3, default 4)
delay: seconds to wait between iterations. (minimum 10, default 30)
outdir: destination dir for outfile. No trailing '/'. (default '.')

Example:
snmpiio.pl routerC 7 600 30 MyString /datadir

From a Perlish standpoint, this has been an exercise in hashes instead of arrays, return values, constants, eval, ${var}blah, and STDOUT hot.   Is a significant rewrite of "(code)) Net::SNMP bandwidth query (deprecated by node 121950)".

P.S.   I did not copy this idea from djw's "Ethernet Utilization".   Honest, I didn't, I swear.   Hey, put that phone down!   No, wait - don't call vroom!   ;^D

Update: 2001-10-31 corrected a tyop and clarified verbage in the Description

Ethernet Utilization
on Oct 24, 2001 at 00:26 UTC
by djw
SNMP query tool for reporting interface utilization stats. Does a get_request for sysUpTime, ifInOctets, and ifOutOctets and does a utilization calculation based on the difference of two samples and interface speed. Right now its setup to run every 5 minutes for an 8am-5pm workday.

You can see a sample of the graph plotted by GD::Graph here: http://perldev.org/projects/snmp/

Thanks, djw

UPDATE:
If you plan on using this, you will have to check your ethernet device's MIB OID. ifInOctets and ifOutOctets are the first two items in the @oids list, the last one is system uptime which you shouldn't have to change.
Net::Services
on Oct 22, 2001 at 00:06 UTC
by Masem
Allows better access to the list of system services on an OS. Your OS must support sockets for this to work; this includes *nix, and rules out all Windows varients - 9x, NT, 2K (and probably XP) (thanks Arguile)

I am looking for comments and critiques on this before I submit it to CPAN, msg or email me any suggestions

Net::CIDR::Lite ?? (Merge CIDR addresses)
on Oct 16, 2001 at 22:05 UTC
by runrig
Inspired by Dominus' Challenge Problem: Merging Network Addresses, I posted a reply script which was (about 20 times) faster than the Net::CIDR solution, and thought I'd make a module out of it. Also looking for comments on whether it ought to be on CPAN, and under what name. I'd never before heard of let alone used the Socket::inet_* functions, so I couldn't have done it this way without that thread. It might be interesting to get this to work optionally with IPv6 addresses, but then you'd probably have to use some big integer library like Bit::Vector, so I'm open to suggestions on that :)

Updated with tye's recommendation.

Update: Net::CIDR::Lite has been on CPAN for awhile now and updated several times over. Consider the code on this page obsolete.

Simple WebServer Scanner
on Sep 21, 2001 at 18:07 UTC
by Asmo
This script prints out the webserver version the scanned host is running (with a simple HEAD request)
Netcat like with Blowfish
on Sep 02, 2001 at 19:16 UTC
by Anarion
I usually use netcat. I just want to send some archives encrypted, so i make this program to do it. It uses Blowfish, you need to downoad it from cpan.org.
Pancho(configure/archive Cisco routers)
on Aug 29, 2001 at 03:41 UTC
by c
This is still for all those netadmins out there that need to make global changes by 7am and its already past midnight.
Cisco, in all their wisdom, decided to change a group of their MIBs such that older ios versions known as 11 code are no longer supported. I had originally written Pancho for that group of old-schoolers such as myself that were still using such antiquated software as 11.2.18 from way back in November, 2000.
In the moments after watching a Robin Williams movie, I felt like giving back to the youth and thus began reworking Pancho to support not only the older MIBs, but the new ones as well. I even tricked it out to query the router to figure out which ones to use.
This code is full on unstable, considering that its only been tested against the few routers I have in the house. I think it has been one hell of a lesson on net::snmp which seems to have finally accepted me as one of its own after much coaxing and sending of flowers.

humbly -c

(code)) Net::SNMP bandwidth query (deprecated by node 121950)
on Aug 13, 2001 at 02:16 UTC
by ybiC
## deprecated by "(code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel" ##

netsnmpiio.pl
Periodically query SNMP-enabled devices for interface (in|out)put octets, and record results in csv and xls outfiles.

Intended for relatively short term spot-tests of individual interfaces.   Other tools like MRTG, SNMPc, and CiscoWorks do fine for large number of ports, or for ongoing monitoring.   Uses Net::SNMP instead of system call to UCD-SNMP's snmpwalk like my earlier efforts.   Mind you, snmpwalk is quite useful - I just wanted to eliminate unecessary dependancies on external libraries.

Thanks to:
tachyon, HamNRye, crazyinsomniac, tilly, lemming, and wog.
Oh yeah, and to some guy named vroom.

As always:
Comments, corrections, and criteque welcome and requested.

Most recent update:
2001-08-22   10:00   Unlink .tmp at end of run, skip Spreadsheet::WriteExcel stuff if module not installed, fix wrong %util calculation, display MBytes transferred, gracefully handle non-responsive (host|OID).

SysLogger
on Aug 02, 2001 at 05:23 UTC
by Rex(Wrecks)
Hey all, first post so go easy on me :) I do a lot of automation to test hardware and software, I constantly fight the proprietary logging issue in a lot of code being written by fellow Automation Daemons. Since I work with a lot of hardware, specifically network gear, I wrote this utilty that can be used on both *nix and Win32 (I usually create a standalone exe for Windows) to send messages to a Syslog daemon. I have not used Perl for that long yet so I am sure there are things you can improve on.
List TLD nameservers
on Jul 21, 2001 at 20:16 UTC
by chazzz
This script has a list of top level domains and queries the root-servers for the corresponding nameservers. It then prints the results in pretty html. Requires Net::DNS.
switchcheck.pl
on Jul 19, 2001 at 22:13 UTC
by fingers
Usage: switchcheck.pl options ip { ip ip ... }
Designed to get an overview or collect statisics on switchports usage using SNMP.
-b option allows you to specify community name on the command line to allow being called in a cron job -l logs basic port usage stats to a dbm file
-r is used to read files created by -l
-v gives more detailed stats on ports that are up
-c generates a csv file, can be used in conjunction with -v
Some options are mutually exclusive. The later option takes precedence.
Tested
with:
Perl 5.6.1
RedHat 7.1
against:
Cisco 6509,2924XL,3508XL,3512XL,3524XL,3548XL switches
I realize it may be a little sloppy and amateur, I definately would appreciate any constructive criticism anyone has about my code.
(code) Resolve list of DNS names
on Jul 11, 2001 at 23:24 UTC
by ybiC
Feed this script a textfile list of hostnames, and it spits out CSV and XLS files of names and resolved IP addresses.   I use this ditty to confirm (or deny) in one swell foop that the DNS folks have proper IP address records for every one of the hundred+ LAN switches I support.

Tested with:

  • Net::DNS 0.12
  • Spreadsheet::WriteExcel 0.31
  • Perl 5.00503
  • Debian 2.2r3

Comments and critique are welcome and requested.

Most recent update: 2001-07-12 07:00 CDT
Corrected minor mistakes in comments and above description.
Add a bit more explanation to description above.

(code) Net::SNMP, table-ish interface stats
on May 21, 2001 at 01:50 UTC
by ybiC
Query one or more SNMP-enabled devices for network interface stats.   Written specifically for multi-interface devices like routers and LAN switches, but trivial to adapt for any table-ish SNMP response.

Accepts target device(s) from command-line, and prompts for SNMP RO community string.   Example run+output, and interesting SNMP OIDs at tail of pod.  

Output is (almost) csv.   Still researching methods for better output format. Probably better to use hash of hashes (or maybe hash references) than to munge existing output.

No external libraries needed.   Uses Net::SNMP, Tie::IxHash and Time::localtime CPAN modules.

fingers++ for recent post "Cisco SNMP CDP Poll" that inspired me to dig into this.

Critique and suggestions are both welcome and appreciated.
    cheers,
    Don
    striving toward Perl Adept
    (it's pronounced "why-bick")

Latest update: 2001-05-20 21:10
Added "Related CPAN modules" to pod.
 

Cisco SNMP CDP Poll
on May 16, 2001 at 21:45 UTC
by fingers
This started out as a script that gathered CDP info by telnet until I realized I could much less intrusively get the same info from SNMP. Give the script an IP for an argument and it will retrieve some CDP neighbor info from the target and then use that info to acquire the IPs of new targets effectively allowing you to map out all of your cisco gear and how they are connected.


Currently Working On
1. making subs more blackbox-ish
2. more error checking
3. get info such as serial number,
number of ports on device,etc.

EDITED May 16th
Corrected a problem with how the script reacted if it has a neighbor with no ip address. It will now display 0.0.0.0 when it sees a null value for IP.
EDITED May 16th
Cleaned up the code a little bit. Made the get_ip get_name get_port and get_type subs a single sub Get_SNMP_Info
Moved all of the IP conversion code into its own sub Convert_IP
The code should be several steps closer to being strict compliant.
EDITED May 17th
Cleaned things up a lot more. Started using pod, and modified the inline comments to improve readability.
Got rid of get_target sub (it really shouldn't have been a sub at all)
Code now works with strict
(code) Cisco errdisable (no password timeout if Win32)
on May 04, 2001 at 02:36 UTC
by ybiC
Problems with either cable plant or NIC drivers intermittantly cause our ethernet switches at one site to protect themselves by 'error disabling' the port connecting the offending device.   Of course, this causes a particular user to lose network connectivity.   Until we can resolve the root problem, the workaround I've arrived at is to periodically check for errdisabled ports and enable them, after which things work fine until the next hiccup.

This tidbit automates my check for these errdisabled ports.

From a Pelish standpoint, it checks for Win32 and skips password-timeout code plus which doesn't work on that OS.

Todos:
Debug non-fatal error only seen on Win32:
Argument "" isn't numeric in number gt (>> at Telnet.pm line 2569, <STDIN> line 1.
 

ipcalc
on May 03, 2001 at 22:51 UTC
by idnopheq
ipcalc provides network calcualtions about an IP address.

You can provide the script with mask information in a multitude of ways:

ipcalc 192.168.1.0 255.255.255.192
ipcalc 192.168.1.0:255.255.255.192
ipcalc 192.168.1.0/26

You get the idea ... Enjoy!

p.s. - didn't comment much

UPDATE: Well, don't I feel silly! It has been pointed out that there is already an ipcalc perl script in the world. Was told it's at ftp.ocs.com.au, but I can't get there now to look at it. I did not mean to step on toes.

(code) Cisco sho ver
on Apr 12, 2001 at 05:49 UTC
by ybiC
Automate collection of Cisco router and LAN switch information for inventory purposes:
    device name, hardware type, IOS/CatOS ver, serial number

From a Perlish standpoint, this has been an excercise in using hashes instead of buckets o' scalar variables or array with obtuse $file[0], and more discriminate use of subroutines so not need passel o' global variables.

Updated:
2001-04-13 perldoc switchver.pl for details.

Todo:
Use Net::Snmp sysDescr instead of Net::Telnet::Cisco.
    simplify data structure
    simplify parsing
    simplify program
    improve security

Sys::IP
on Apr 04, 2001 at 08:09 UTC
by BlueLines
This is a rewrite of Sys::IP that actually works on unix systems. It has 3 functions:
  • ip() - returns the first non-127.0.0.1 ip address it can find on the local machine
  • ips() - returns a list of all ips on a local machine.
  • interfaces() - returns a hash of interface/ip address pairs from the local machine
Network Link Status Report Generator
on Mar 27, 2001 at 04:00 UTC
by Big Willy
Generates an HTML report of ping tests for connectivity to the hosts in 'hostfile,' while is formatted as such:

{host}:{description}\n

Useful for admins who want to have a cron job intermittently check link status for router-router links, etc. Realize that if you can't ping the host, but can access it by other means this script will not work.
Net::PingImproved
on Mar 13, 2001 at 04:58 UTC
by Falkkin
Net::PingImproved is a modified version of the standard Net::Ping module.

Update: the changes I've made are actually being added to the standard version of Net::Ping, and will probably be incorporated into future versions of Perl. Maintainership of the module may also fall to me. I'll try to post the most recent version of Net::Ping below, for now. :)

Look here for more discussion on why I think this module needs to be altered.

Please look at this module, tear it apart, abuse it, and generally try to find things wrong with it. (And then tell me what you found, or I'll be none better off then when I started ;))

Things I've fixed so far:

  • Got rid of the call to alarm() in ping_tcp(). This call broke any scripts using alarm() (and, by association, sleep(), at least on many machines), and also made the code incompatible with Windows systems. Hence, we now use select() on a non-blocking connect() to implement TCP timeouts.
  • Unfortunately, non-blocking connect() isn't currently supported under Windows either. I fixed this by using system(1, ...) to spawn a new Perl process which attempts to ping the remote host.
  • As an after-effect of changing the method in which ping_tcp() calls connect(), this code now (correctly, in most cases) returns true instead of false if the remote host responded with "Connection refused."

Another thing this module really needs (IMHO) is updated documentation... along with all the code fixes, I'll be working on documentation as well.

Net::Ping::External
on Mar 11, 2001 at 08:26 UTC
by Falkkin
Net::Ping::External is a module that uses your system's default ping command and parses the result. It contains a single public function: ping(). ping() takes in a host and a timeout, and returns true if the system was able to ping the host before the timeout expired, false otherwise.

Look here for more info/discussion on why I am doing this. I need as many monks as possible to test this module, since I will eventually (although not any time soon) be attempting to submit this to CPAN.

TODO:
- more extensive testing
- support for more esoteric systems

Updates:
- Fixed support for Win32 systems and generalized the various unix-like pings into one function.
- Added POD, version number, other module-related stuff.

NNTP: Most recent articles in a group
on Mar 08, 2001 at 16:23 UTC
by tomhukins

Prints out the subject and sender of the most recent articles in a newsgroup.

To configure the script's behaviour, set the NUMBER_OF_ARTICLES, GROUP_NAME and SERVER_NAME constants at the top of the script.

I've tried to make this script as resource-friendly as possible for both the client and server. If there's a better way, let me know!

(code)) Cisco Pass Mass - CatOS (deprecated by node 123464)
on Mar 05, 2001 at 09:37 UTC
by ybiC
## deprecated by (code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP ##

(code)) Cisco Pass Mass - CatOS (deprecated by node 123464) automates password resets on multiple Cisco CatOS LAN switches.   It's a complete re-write of (code)) Cisco Pass Mass - IOS (deprecated by node 123464), which does the same for Cisco IOS routers and LAN switches.

CatOS switches are a little bit tougher to script, since their password resets are interactive.   Fortunately, I learned of Net::Telnet's waitfor() and getlines() syntax in Network Programming with Perl.   They're pretty straightforward, and Net::Telnet's input_log and dump_log help *a*lot* with debugging.   If you use dump_log, be sure to unlink it when done to avoid leaving your passwords laying around.   Anyway, I suspect this approach is quicker+simpler to code than Expect.pm.  

Target switches are either given as command-line arguments, or in a text file - one device name or IP address per line.   Rudimentary sanity checks are done on the input file, but it won't pass -T yet.   It takes a few seconds for each device.   Progress is displayed on-screen and recorded to a logfile.

Comments and critique are both welcome and invited.

Thanks to:
Petruchio for mondo suggestions and help
chromatic for $command =~ $commands[0] suggestion on a different post
ar0n for timeout example at Re: timeout for ?
tilly for tips on functions
strredwolf, jcwren, boo_radley, danger, crazyinsomniac, OeufMayo, azatoth and deprecated for suggestions in CB
Oh yeah, and some guy named vroom.   {grin}
    cheers,
    ybiC

Most recent update: 2001-04-30
hashamafied passel o' scalar vars.
un-subified non-redundant code to reduce number of global vars.
mixed-case subroutine names, w/o ampersan's.
formatted for 75 chars/line (well, mostly)

 

Juniper Router Audit
on Feb 27, 2001 at 12:38 UTC
by cleen
Juniper (www.juniper.net) is a provider of high-end routing equipment, even the lower-end juniper equipment (m20) can out-preform cisco's high-end 12k GSR's.

I needed a way to easily audit my juniper configurations on a ever expanding juniper-core based network, thus this was born.

Writing the template configuration file:
Writing the template configuration is a little on the complex side, and it takes a little bit of explaining, so I put the configuration readme at juniper-audit-readme.txt

Overall this code is in beta, and I know there are many things I could do much better, and I intend on doing so, any suggestions and comments would also be great!
Out of Band Access Testing
on Feb 27, 2001 at 12:11 UTC
by reyjrar
given an file of "Site name : 9876543210\n"'s it attempts to dial the site and check for success. Success condition is getting to the router/server prompt AFTER successfully completing a login. I noticed some out of band equipment didn't prompt or username/password and figured that was a security risk. use with -v or -l for full effect.
(code) Cisco Neighbors
on Feb 26, 2001 at 22:51 UTC
by ybiC
Starting with a seed device, discover neighboring Cisco switches/routers.   If run repeatedly, feeding prior output back as input, can generate complete list of Cisco switches/routers in your network.   I use it like that to create input files for (code)) Cisco Pass Mass - IOS (deprecated by node 123464).

Comments and critique are very much welcomed.

Thanks to tilly, fastolfe, japhy, geektron, Petruchio, mkmcconn, boo_radley and chromatic for their suggestions and advice.
 

LDAP Searcher
on Feb 06, 2001 at 02:58 UTC
by BigJoe
This is a quick LDAP search I did. This gives web users to search our internal "Phone book". I figure when I was trying to throw this together I couldn't find any information on it so here it is for everyone. Thanks to Chromatic for giving me a fix for the Win32 problem with the entry's.
(code)) The Going input/output Rate (deprecated by node 121950)
on Jan 18, 2001 at 00:23 UTC
by ybiC
## deprecated by (code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel ##

Every so often, a sysadmin asks me to check bandwidth utilization by a particular server.   I use tools like CiscoWorks, SNMPc and MRTG for ongoing monitoring, but instead of mucking about with those for one-off checks, I wrote this ditty.

It prompts for switch name/IP, port, number of runs, delay between runs, and (no-echo) passwords, then reports estimated total runtime and output file size, and telnets to the device to collect 5 minute input/output rates.   Output file is csv for easy importing/reporting with Excel or whatever.

In it's present form, commands and parsing are tweaked for Cisco Catalyst 3548 ethernet switch, but should be trivial to add support for other IOS switches (2916, 2924) and routers.   Support for CatOS switches like 6000, 5000, 2948g may take a bit more work.

From a Perlish perspective, it's been an exercise in learning more of for, sleep, if, unless, int, plus subs for readability.   As always, critique and suggestions are more than welcome.

Thanks to: tye and chipmunk for suggestions on how to join output file lines, and to several monks whose names I missed for a flurry o' CB suggestions on integer-checking input.

Update: 2001-04-30
un-subified non-redundant code, for fewer global vars.
hashamafied passel o' scalars.

IP Accounting parser
on Jan 11, 2001 at 14:49 UTC
by Viking
This parses a log file of ipchains IP accounting data and spits it out as a csv. I use this at work for statistical and billing purposes. It is still a work in progress (but it does work) so I'm interested in any comments. The log file is created from a shell script run from a cron, which you will find at the end of the code.
Thread::Queue for non-threaded apps
on Jan 02, 2001 at 22:06 UTC
by kschwab
I needed functionality somewhat like Thread::Queue for passing data on a queue between a parent and it's forked child. Since non-threaded perl has no Thread::Queue, I used this. It's a bit quick and dirty, but works for me. == Kerry Save money
Whois+DNS
on Nov 30, 2000 at 09:06 UTC
by mdillon

works like regular whois, but will take a subdomain (or any string used as the domain part of a DNS RR for a subdomain of one of the legacy gTLDs) as input. Requires Net::DNS and Net::ParseWhois.

since Net::ParseWhois only works with the gTLDs COM, ORG, and NET, this code only works with those TLDs as well.

update: now looks up as many domains as are passed on the command line.

for example:

$ ./whois_domain.pl www.perlmonks.org www.maserith.com
Whois Server: whois.networksolutions.com

Registrar: NETWORK SOLUTIONS, INC.
Domain: PERLMONKS.ORG
Name: Blockstackers, Inc
Tag: PERLMONKS-DOM

Address:
        116 E.18th
        Holland, MI 49423

Country: US

Name Servers:
        n/a (n/a)

Contacts:
    ADMINISTRATIVE:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441
    BILLING:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441
    TECHNICAL:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441

Record created: n/a
Record updated: n/a
Record expires: n/a
============================================================================
Whois Server: whois.register.com

Registrar: REGISTER.COM, INC.
Domain: MASERITH.COM
Name: Maserith Information Systems, LLC
Tag: n/a

Address:
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com

Country: US

Name Servers:
        NS1.DNSWIZ.COM (207.91.131.30)
        NS3.DNSWIZ.COM (216.119.149.100)
        NS2.DNSWIZ.COM (207.91.131.31)
        NS4.DNSWIZ.COM (216.119.149.101)

Contacts:
    ADMINISTRATIVE:
        Maserith Information Systesm LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com
    TECHNICAL:
        Maserith Information Systems, LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com
    ZONE:
        Maserith Information Systems, LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com

Record created: Sun, Jan 28, 1996
Record updated: Wed, Oct 18, 2000
Record expires: Mon, Jan 28, 2002
(code) mind your snmPs & Qs
on Oct 13, 2000 at 10:28 UTC
by ybiC
Query and report on Cisco Catalyst switchport population, plus device location and uptime.   Employs UC-Davis SNMP library and Joe Marzot's SNMP.pm CPAN module.

As always, critique and sugestions are welcome and appreciated.

Most recent update: July 11, 2001
- correct calculation error for (live|total) ports.

Thanks to swiftone, geektron, nedv, turnstep, arturo and mdillon for suggestions and improvements.
 

(code) MAC n' IP cheese
on Sep 24, 2000 at 07:32 UTC
by ybiC
It's nearly impossible for me to keep server connections labeled correctly at my core switches.   This ditty uses nmap and Net::Ping to build a list of MAC addresses with associated hostnames/IP addresses for live connections on a local subnet/VLAN.   I can then compare it with the switch's CAM table to find what box is connected at which port.

I dabbled with Linux arping utility, but stuck with Net::Ping for one less external dependancy.

Comments or suggestions for improvement are both welcomed and appreciated.

Update 3: 2001-04-30
hashamafied passel o' scalars and minor format cleanup.

Update 2:
cleaned up a few minor Perlish faux pas' and added to-do of using snmpwalk syntax based from riffraff's post in this thread.

Update1:
thanks to turnstep and to Ovid for feedback, and to ncw for his recent post Numeric list to optimised regexp , which made a no-brainer of regex's to match for nmap input.

(code)) Cisco Pass Mass - IOS (deprecated by node 123464)
on Sep 15, 2000 at 16:46 UTC
by ybiC
## deprecated by "(code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP" ##

Automate mass config changes (password updates, etc.) for large number of Cisco routers &/or switches.

Comments or critiques are very much welcomed.

Update: Feburary 26, 2001
Rearranged using functions for easier maintenance and greater legibility.
Added function that prompts for devices type (CatOS vs. IOS).

Update: October 27-29, 2000
Added:
    Term::Readky for no-echo pw prompts + confirm of new.
    Tie::IxHash for ordered hashes to update passwords.
    Localtime timestamp to $logfile for each device.
    Console preview of target devices list.
    Too many more ToDos.
Moved:
    Regex's into first tmp loop, to eliminate 2nd $tempfile.
    Console+log prints to subs HEREdocs (improve legibility).

Update: Thanks to ar0n, chromatic, merlyn, Fastolfe, tilly and Joshua Keroes for suggestions and examples that, hopefully, steered me away from Cargo Cult Code and Running With Scissors.   {grin}

scandns.pl
on Jun 20, 2000 at 04:04 UTC
by BlueLines
This script should be pretty straightforward. Feed it a network (ip
address/CIDR or ip address/netmask ) and it scans the dns records of said 
network, reporting theresults to STDOUT. Neat. 

Note: This script views the following notations as equivalent:
	
	10.0.0.0/24
	10.0.0.0/255.255.255.0
	10.0.0.0:255.255.255.0

Rather than reinvent the wheel, I cheated and used Net::Netmask. Eventually
I'll write a sub to handle slash/netmask notation, but until then this program
requires the forementioned module, which is available from cpan.

Here's some example output (and no, none of these machines are publicly
routable, so don't even think about it):


nooky:~$ ./scandns.pl 10.0.0.0/24
<----snip---->
10.0.0.202 => beauty.zacknetwork.com => 10.0.3.101 
10.0.0.203 => tman.zacknetwork.com => 10.0.3.15 
10.0.0.204 => afterglow.zacknetwork.com 
10.0.0.205 => serenity.zacknetwork.com => 10.0.7.10 
10.0.0.206 => girth.zacknetwork.com => girth.zacknetwork.com has no A record
10.0.0.207 => no PTR record
<----snip---->


Note that afterglow's A and PTR records matched. Ideally there shouldn't be
anthing in the third column. If there is, then your forward/inverse records
aren't getting along very well.
Push HTTP server
on Jun 11, 2000 at 02:52 UTC
by Corion

This is a non-blocking HTTP-based server for a database which contains temporary highly volatile data. It was written as a proof-of-concept and was designed for stuff like the current status of the dial-up connection or the telephone number of the calling party. It has no access control and no security, but it works with both, specialized clients that keep a connection to the server open and HTTP clients like Internet Explorer. Information can be polled but updated data can also be sent to connected clients. Some documentation is attached as a comment.

activeblock
on May 31, 2009 at 03:28 UTC
by sflitman
Root-executed code scans logfiles or waits as a daemon for new log entries to actively block invalid access attempts using iptables. IPs are logged in a small database and once there are 5 invalid attempts bada boom they're outta there. Has ability to list the ipchain, unblock/allow an IP, or block a specified IP from the command line. This is Linux (probably Debian/Ubuntu) specific, but might work on Red Hat systems too. Verify which log files to scan by looking for typical phrases like 'invalid user' and 'failed login' or my favorite, POSSIBLE BREAK-IN ATTEMPT. /var/log/auth.log and /var/log/secure are the most common.

For daemon use, put activeblock in /root and this line in root's crontab:

0,30 * * * * cd $HOME; ./activeblock -cu /var/log/auth.log 2>>/root/ac +tiveblock.log &
Cisco Router Action Performing Perl Script
on Mar 11, 2009 at 12:50 UTC
by VinsWorldcom

Script will interface with Cisco router via SNMP or Telnet, supporting regular login or username, and perform actions. SNMP supports a get config, put config and a save config ("wr mem" for IOS). SNMP mode also supports get and clear VTY line function and a get interface list and monitor interface utilization function, including CPU, memory and proxy ping.

Telnet mode supports the issuing of commands from a file. The only default command issued in TELNET mode is "terminal length 0" for IOS or "set length 0" for CatOS. Therefore, show commands can be in the commands file along with config commands (on IOS, as long as preceded by a "config term" and followed by an "end" and "wr mem" if save is desired). Telnet mode supports log file of session transcript.

Password decrypt and encrypt mode is provided for Cisco passwords. Type 7 (not "enable secret") are decrypted or encrypted to the 16 possible encryptions. Type 5 ("enable secret") are encrypted or decrypted by dictionary brute force.

Server mode is provided for simple service listening mode.

Server to Server irc channels retranslator (xchat style)
on Nov 11, 2008 at 03:59 UTC
by motzi
You have to choose one source server to copy all talks from (OUT_SERVER in %cfg) and other server to paste (IN_SERVER in %cfg) all from source. Looks like some irc 'spy'.
See code's %cfg to understand it better.

You can use some commands on IN_CHANNEL:
!say bla # will say bla to OUT_CHANNEL
!me bla # action say on OUT_CHANNEL
!sayto nick bla # will say bla to nick on OUT_SERVER
!list # will list all OUT_CHANNEL users
!whois nick # whois nick on OUT_SERVER
!nick newnick # change nick on OUT_SERVER


* can transcode between various codepages
* use local IP addr

########### FIXED BUGS ###############
№01: '!sayto nick message' is delivering receiver's nick instead of message
402: elsif($_[0] =~ /^sayto\s+([^\s]+)\s+(.+)/i) 403: { -404: print $out_sock "PRIVMSG ",$1," :",$1,"\r\n"; +404: print $out_sock "PRIVMSG ",$1," :",$2,"\r\n";
№02: wrong color handling on external msg echos
397: elsif($_[0] =~ /^say\s+(.+)/i) 398: { 399: print $out_sock "PRIVMSG ",$cfg{OUT_CHAN}," :",$1,"\r\n"; -400: print $in_sock "PRIVMSG ",$cfg{IN_CHAN}," :",$color{'graylight'} +,"<",$color{'blue'},$cfg{OUT_NICK},$color{'graylight'},"> ",$clr,$1," +\r\n"; +400: print $in_sock "PRIVMSG ",$cfg{IN_CHAN}," :",$color{'graylight'} +,"<",$color{'blue'},$cfg{OUT_NICK},$color{'graylight'},">",$clr,' ',$ +1,"\r\n";
Using SOCKS via Net::SSH::Perl
on Sep 25, 2008 at 20:11 UTC
by cmv
If you want to use Net::SSH::Perl to setup an SSH connection to a far-end target, via another machine running SOCKS.

This is a prime example of standing on the shoulders of giants. I basically copied the Net::SSH::W32Perl code, which overloads Net::SSH::Perl to fix a windows compatibility problem, and added the ability to create the outgoing socket by using the Net::SOCKS module. I created new entries for the Net::SSH::Perl::Config data structure (socks_proxy, socks_port, and socks_protocol) to pass in the data for Net::SOCKS.

The code as-is should be saved into a file called mySSH.pm, and you should do a use mySSH from your perl script.

I'm not convinced this is the best way to solve this problem, but it was the way that occurred to me at the time I needed it. Please feel free to comment, and maybe we can have this put into CPAN officially.

-craig

UPDATE 1: Minor update to comments

UPDATE 2: Contacted Module Author who asked for a feature request: rt://39798

Simple bi-directional forking commandline client
on Sep 05, 2008 at 19:39 UTC
by zentara
About as simple a forking bi-directional client as you can get. Use with Glib based forking server with root messaging
Glib based forking server with root messaging
on Sep 05, 2008 at 19:26 UTC
by zentara
This is a forking server to handle multiple connections, as well as 1 way root messaging to all connected clients. If you need a bi-directional client for testing, try Gtk2 Interactive Chat client or get the super simple commandline forking client at Simple bi-directional forking commandline client

The code will allow root messages to be sent to all clients (or you can disable this feature by comment changes.) It should also show the way for multi-echoing all text to all clients, if desired.

This server is Glib based, an event-loop system, so you can put many other things in the mainloop simply by adding a timer to launch them. This saves the hassle od complex nested while loops.

UPDATED Sept 6,2008, added commented code to use Glib::IO instead of Gtk2::Helper; both are available, but Gtk2::Helper is simpler to use.

cccp - Cisco Console Command Parser
on Aug 18, 2008 at 23:21 UTC
by colakong
A utility for batch processing of IOS commands. I use it for managing large numbers of Cisco Catalyst Express 500 series switches.
pcap2mpeg
on Jan 09, 2008 at 14:50 UTC
by walto
pcap2mpeg is a script to extract data from a network capture of an IPTV session and saves it to a file which can be viewed as mpeg. IPTV uses the UDP protocol and is (in this case) sent via multicast addresses. The capture has to be in pcap format (tcpdump or wireshark).
Punch hole inbound for Apple NAT-PMP Router
on Jan 01, 2008 at 04:52 UTC
by merlyn
Recent apple base-stations understand the Apple-created (but open documented) "NAT-PMP" protocol to dynamically establish forwarded ports. This is similar to the uPnP protocol for windows-compatible firewalls.

I couldn't find any existing tool to forward an arbitrary port, but hey, it's just simple UDP, so I whipped up this Perl program to do the forwarding.

Adjust the capitalized configuration constants in this program as follows:

$GATEWAY
Internal IP address of your NAT-PMP-enabled router
$PROTO
1 = udp, 2 = tcp
$EXTERNAL
external port on router to map
$INTERNAL
internal port on your box to map to
$TIME
Time in seconds to keep alive (max one hour = 3600)
Then let it run in the background. It'll start by printing the external IP address of the router if all goes well, and then it'll start mapping the port. Every half of $TIME (as recommended), it'll renew the mapping for another $TIME seconds.

Quick and dirty. No warrantees expressed or implied.

A WebDAV server with authentication
on Dec 23, 2007 at 12:27 UTC
by Corion

This is a small WebDAV server I use for serving files to other people. WebDAV is quite convenient for serving files because "all three" operating systems offer a client that allows you to treat a WebDAV share as a remote file system. It extends the sample code of Net::DAV::Server to provide HTTP basic authentication, so it can be exposed on the internet without being completely open.

I've implemented a separation of privileges into "readers" and "writers", but so far I haven't felt the need to export write privileges. So maybe that part shouldn't have been written at all, in the spirit of Dominus.

On the side of prerequisites, this one is quite heavy. It uses Net::DAV::Server, which in turn pulls in XML::LibXML. It uses Filesys::Virtual, Authen::Htpasswd and HTTP::Daemon.

Proxyfinder
on Dec 23, 2007 at 01:27 UTC
by Onur
This program is not usable anymoreThis program finding proxies (getting from samair.ru/proxy) and optional pinging them. Example output:
IP   Port  Country  Status  Ping
129.69.210.96  3128  Germany  Online  101
193.196.39.10  3127  Germany  Online  103
141.76.45.17  3124  Germany  Online  104
80.156.84.39  80  Germany  Online  105
217.172.56.174  23  Germany  Online  107
80.156.84.38  80  Germany  Online  107
88.198.9.185  3128  Germany  Online  107
Example XML output:
<?xml version='1.0'?>
<opt complete_time="1198372633">
  <proxy ip="202.56.176.1" checktime="1198372568" country="Afghanistan" durum="Online" ping="678" port="3128" type="transparent proxy" />
  <proxy ip="196.202.252.244" checktime="1198372570" country="Angola" durum="Offline" ping="0" port="80" type="transparent proxy" />
  <proxy ip="200.81.25.5" checktime="1198372572" country="Argentina" durum="Offline" ping="0" port="3128" type="transparent proxy server" />
  <proxy ip="190.2.61.161" checktime="1198372572" country="Argentina" durum="Online" ping="316" port="80" type="high-anonymous proxy" />
  <proxy ip="201.234.107.165" checktime="1198372573" country="Argentina" durum="Online" ping="357" port="80" type="transparent proxy" />
  ...
</opt>
This program doesn't have any sort option. I dont know how can i short an array reference. You can sort output with `sort` command. For example if you want to sort ping column:
./proxyfinder.pl --text --ping | grep Online | sort -k 5
You can download latest version of this program:
cvs -d :pserver:anonim@0nur.net:/root checkout proxyfinder
This is my first post to here. Sorry for my bad English
host-switchport mapper
on Dec 07, 2007 at 18:59 UTC
by colakong
A utility for describing where hosts are physically connected. Queries Cisco switches for CAM tables, queries hosts for MAC information using wmic (available on WinXP/W2K3), compares CAM/MAC information for host-to-switch-and-port-and-vlan mapping.
WIN32: Permanent & Current MAC Addresses
on Sep 24, 2007 at 19:47 UTC
by cmv
Folks-

This is a script that will query all the available windows network device drivers for their current and permanent MAC addresses. The permanent address should be what the device driver reads from the device firmware, and so I don't believe is easily spoof-able. If that's not the case, please post here.

I got lots of help on this; thanks to everyone, and specifically:
pKai - For introducing me to wmic Re: WindowsRegistry{ServiceName} V.S. wmic{ServiceName}
almut - For his great ioctl code Re: Getting MAC Address(s) on Windows PCs

The MAC addresses reported by the driver are saved as $node{macPerm} and $node{macCurr} along with all the other information about the device.

Hope it comes in handy...

-Craig

UPDATE:
Oct-01-2007: Checking $nBytes from DeviceIoControl - avoids returning meaningless buffer stuff
Oct-02-2007: Providing correct size of packed OID query

Subnet Overlap
on Aug 21, 2007 at 03:50 UTC
by bfarley
Analyzes tab-delimited file with network blocks for duplicates and subnet overlaps. Created for use with CISCO SESM, but could be used with any application that uses stored network blocks.
MySQL Query Sniffer
on Jul 16, 2007 at 21:22 UTC
by jagh

A MySQL query sniffer. It sniffs the network with Net::Pcap, extracts queries from MySQL packets, and prints them on standard output.

The documentation, as well as any future versions, lives at [http://iank.org/querysniffer/]

socksumm -- Display a summary of open sockets
on Sep 13, 2006 at 10:59 UTC
by grinder

I've had this lying around for some time. It just takes the output of netstat and summarises the information à la vmstat, iostat. I have used it for keeping an eye on large daemons that have shown a tendency to go mad.

I don't see that there's anything else to add to it, but I'd be interested in seeing if anyone has suggestions and ways it could be improved.

update: now with Win32 support! thanks Discipulus for the suggestion

Net::Telnet::Options example code
on Oct 14, 2005 at 22:23 UTC
by castaway
An example of how to use Net::Telnet::Options, here for peer review, will be added to the tarball.
Insert the 4th TCP packet after TCP three-times handshakes
on May 03, 2005 at 07:33 UTC
by shanleiguang
Insert the 4th TCP packet after TCP three-times handshakes. Parent process calss socket API 'connect()' to complete TCP 3times handshakes, at the same time, child process sniffing and inserts the 4th packet.
IO.pl
on Apr 07, 2005 at 18:29 UTC
by giulia
This script convert an ip (or url) into a 32 bit adress.
Ping2
on Feb 14, 2005 at 22:39 UTC
by sifukurt
At work, we've got some fairly strict firewall rules. Specifically, I can't ping outside addresses. This has got in my way many times. Plus, we're almost exclusively a Windows shop and the Windows ping utility irritates me to no end. Put all those things together, and I finally decided to do put together a simple script that will allow me to work around the problem. By default, it does a TCP ping to a specified host on port 80. You can override this behavior from the command line. I've given it to several of the people I work with and they've found it useful. I hope you will, too.

UPDATE: I apologize for the license issue with the original post. That wasn't intended to be included. This was done for when I was handing it around at work. There was a rash of people taking code that other people had written and passing it off as their own to the CIO. Those of us who were bitten by such behavior were forced to start using restrictive licenses for things used at work. I sincerely apologize. That wasn't, never has been, and never will be my intent for things posted here. It rather defeats the purpose. As to why it was written instead of using some other pre-existing tool, several reasons. First, simply for the fun of writing something. I enjoy it. It makes me happy. Second, since I intended for other people I worked with to use it, I wanted to keep it simple and I wanted its behavior to closely mimic that of "ping." Again, I apologize for the licese snafu.
bp (Bounce Port)
on Dec 11, 2004 at 18:55 UTC
by tremere
redirects a tcp or udp port to another tcp or udp port (only tcp to tcp tested), a file, or a program. (file and program not implemented yet, but shall be) At some point regexp replacement...
Token bucket rate limiter
on Oct 27, 2004 at 17:21 UTC
by kappa
Token bucket is a simple but powerful algorithm to limit the rate of a stream of items. I'd like a review, please, if someone has a spare minute or two.
ircpipe
on Aug 18, 2004 at 17:39 UTC
by iblech
ircpipe allows simple shellscripts to send messages over IRC.

ircpipe consists of two parts, a daemon and a client. A FIFO is used for IPC:
mkfifo ~/.ircpipe.fifo

Then, start the daemon:
ircpiped --fifo=$HOME/.ircpipe.fifo -v

Now you can use ircpipe to send something:
date | ircpipe --server=thestars --to=iblech
date | ircpipe --server=thestars --to=#bots

The server will connect to the given server and join the given channel if necessary.
Connections are kept alive.
ircpipe will return immediately after notifying the daemon, i.e. it does not wait for the message to be delivered.
If you send too long lines for IRC, they get word-wrapped.

Note: ircpipe depends on POE::Component::IRC::Tracking, which can be found here.
Note: ircpipe does not work on Win32, because ircpipe depends on FIFOs.
For your convenice, all necessary files are packaged at http://m19s28.vlinux.de/iblech/ircpipe.tbz2.

Update: ircpiped didn't correctly detect if it's logged in. Fixed.
POE::Component::IRC::Tracking
on Aug 18, 2004 at 16:05 UTC
by iblech
POE::Component::IRC::Tracking adds tracking support to POE::Component::IRC, i.e. the bot knows its current nick and the channels it joined. Use it exactly like POE::Component::IRC.
Perl/Tk GUI IRC Client
on Jul 24, 2004 at 03:37 UTC
by #include
A GUI IRC Client in less than 1200 lines of code (including whitespace, comments, and POD). Uses Perl/Tk, POE, POE::Component::IRC, and Getopt::Mixed. Heavily commented. Tested on Mandrake 10, Windows 98, Windows XP, Windows 2000, and Ubuntu Linux 6.06.


UPDATE: Added some more GUI settings, squashed a couple of bugs, and expanded what you can put in a config file.
UPDATE: Added a whole slew of new GUI settings, and fixed a bug in topic display.
UPDATE: Fixed a bug in topic retrieval (topics that contained a ':' were truncated).
UPDATE: Fixed a bug causing the client to error out on newer versions of Perl.
Get External IP From Linksys Router
on Apr 28, 2004 at 15:03 UTC
by meonkeys

This script can get the external (WAN) IP assigned to a Linksys BEFSR41/BEFSR11/BEFSRU31 router using the Web interface provided by the router. The external IP is printed to standard output.

requires WWW::Mechanize, HTML::Scrubber, HTML::Entities, and Regexp::Common.

A good alternative to this script is simply fetching http://checkip.dyndns.org/ and parsing that result.

Net::Server::POP3::Skeleton
on Apr 05, 2004 at 21:18 UTC
by bbfu

Moved from where I originally posted it (at Re: POP3/IMAP Server modules?), to be more organized and easier to find. Also updated slightly.

A skeleton POP3 server, based on Net::Server. Handles the connections, and parsing and validating the commands. Dispatches commands as method calls.

Note: This module does work on Win32, despite the tests for Net::Server failing/hanging. If you manually install Net::Server, it will work (mostly) fine (see the CAVEATS section of the POD).

(code) Netfilter/iptables log parser/reporter for PHB consumption
on Nov 10, 2003 at 04:16 UTC
by ybiC

A lightweight parser for Netfilter logs.   Produces a highly-simplified summary report for PHB consumption.   Sample input and report at tail of pod.

From a perlish standpoint, this has been my re-entry after a couple-month absence, and an exercise in using File::Temp properly, as well as an introduction to the following modules:

Update: as always, critique is welcome and requested.

Clean unknown users/email from pop3 account
on Sep 20, 2003 at 20:59 UTC
by castaway
Someone started using my domain name to send spam mails, and I started to receive bounces to users that don't exist on my machine.. (I have a multi-drop pop3 account) So I decided to write a little something to remove them before they get picked up and delivered to root. This is meant to be added to .fetchmailrc using the 'preconnect' command. It relies on several MailTools modules (included in 5.8.0). The check if a user is valid locally is made using getpwnam() and Mail::Alias which parses sendmails aliases file.

Update: Also now throws away mails from certain countries, using Geo::IP to determine the oroginal source of the mail. Also parses/uses an XML email whitelist, to accept legitimate mails sent to mailing lists that I receive.

wcdns - report on wildcard DNS domains
on Sep 16, 2003 at 22:47 UTC
by thrig
Provides means to determine which TLD have wildcard DNS records, or whether particular domains resolve to the wildcard address(es).
Perl IRC Bot Skeleton
on Jun 17, 2003 at 11:18 UTC
by #include
GirBot is an IRC bot written to be a "skeleton" for other Perl IRC bots. That is to say, all of the "hard" work (connection, configuration, etc.) is already done, but not much else. All of GirBot's settings are loaded from a default configuration file. Unchanged, all GirBot does is connect to an IRC server and print any data it receives to STDOUT, but it does provide a usefull base for those wanting to write a Perl IRC bot to start from. Heavily commented. Uses Net::IRC.
Time-Slice Concurrent Ping
on Apr 26, 2003 at 00:23 UTC
by rob_au
Ping multiple hosts concurrently ... with no threads, no forks, no external binaries.

I have recently found myself in the position where I have needed to check the connection status of a large number of hosts concurrently within a Perl script - While this task could easily be implemented with external binaries such as fping, the requirement to check the connection status of each of these hosts was secondary to other requirements of the script.

While there have been a number of scripts posted on this site previously which implement this task, I found myself faced with a number of other requirements of the implementation environment which complicated this task. The environment in which this script was to run, did not have a threaded Perl interpreter, preventing the use of threads as proposed previously in this thread, and was a heavily loaded environment, countering the usefulness of forking multiple processes to ping hosts in unison. Additionally, while not an absolute, the installation of additional modules which would make this task immensely easier, such as POE and POE::Component::Client::Ping, was discouraged.

The solution to this problem revolved around the building of a script which incorporated a time-slicing execution method through the use of select.

The following script uses a loop centered around a timeout queue as the basis of execution - New ping connection attempts are created up to a maximum number of concurrent connection attempts, configurable by setting the constant, MAX_CONNECTIONS, within the script, and execution will continue as long as there are ping connection attempts pending timeout.

All ICMP echo requests are generated within this script, allowing the unique sequence number of the ICMP ECHO packet to be paired with an IP address. The determination of an ICMP ECHOREPLY packet waiting the be read on the network socket is carried out with select thereby not blocking indefinitely and allowing other code execution to take place.

Updated - As per zengargoyle's comments below.

Cisco Telnet
on Feb 18, 2003 at 20:28 UTC
by CongoGrey
This script will import a list of Ip addresses into an array and then telnet to the Cisco routers and execute commands and log the output to a file. useful for making changes to a lot of routers where SNMP MIBS are not available.
FileShare.pm
on Jan 10, 2003 at 18:34 UTC
by gravalo
The development of FileShare.pm started while I was working on an ICB bot. I wanted to be able to share files on an ICB channel either via a bot or a chat client.
FileShare.pm uses a very basic protocol to allow a client to request a file from a server. The server, if the file is contained in _directory will then respond with an acknowledgement and the file size. The server then will open the requested file and print it to the client, which is storing the file as file_name.copy.
The following is an example of a file server created with FileShare.pm:
#!/usr/bin/perl -w use strict; use FileShare; my ($fh) = FileShare->new(_send_only => 1, _socket => 1, _directory => '/tmp/files_to_share', _debug => 1); $fh->server_connection;

and the following is an example of a file sharing client:
#!/usr/bin/perl -w use strict; use FileShare; my ($fh) = FileShare->new(_send_only => 0, _socket => 1, _directory => '/home/userid', _debug => 1); $fh->client_connection("x.x.x.x", "3000", "somefile");
P2P Homework
on Dec 09, 2002 at 22:29 UTC
by Beatnik
This is one of 2 homeworks for Distributed Systems class in my final year of Comp Sci. (The other homework being a webserver and a web client). I already turned this in BTW. This is a classic P2P, Napster style. One core server handles IPs and filenames. Client forks into client & server. PS: This is my 666th node. This homework is probably doomed to get a D mark or something.
IPTables Log Parser to postgres
on Dec 07, 2002 at 08:11 UTC
by Ryszard
Dismayed at the platform this uses, I decided to write my own IPTABLES log parser. My own platform is apache, perl and a postgres database, I wasnt about to go and change my database, nor my preferred language just to use it.

Using this module I posted a little while ago the IPTABLES log parser can be modified to use any database backend supported (by DBI), all you have to is work out the differences in the sql.

This module was developed on a RH8.0, perl 5.8.0 and iptables 1.2.6a platform.

The method used is relatively inefficient as it will re-parse the log file each time it is executed and as such uses md5 to determine if the record has been processed before (does a a select for the hash key in the database). This is fine for my personal use, but wont really scale that well..

Personalisations:
•I'm using the the "itp" string to determine what are iptables entries in my syslog.
•Redhat uses /var/log/messages
•Your log format may differ slightly different from mine.. make sure the data you're putting in your DB is sourced from the correct log fields.

Packet Capture IP Accounting
on Nov 20, 2002 at 01:17 UTC
by rob_au
This script makes use of the libpcap library to capture network packets in a non-switched environment for the purpose of traffic logging and accounting. All captured traffic is logged to a MySQL database to facilitate later analysis and auditing.

Note that execution of this script will require root privileges or equivalent as the network interface is set into promiscuous mode.

The incipience behind this script was a client who required the establishment of an IP accounting system to audit traffic usage over the corporate LAN. Constraints in the existing network topology led to the development of this code such that this IP accounting could be carried out without impacting upon the existing network infrastructure.

The database table structure for logging is as follows:

CREATE TABLE ipacct ( src_ip varchar(16) NOT NULL default '0.0.0.0', src_port smallint(5) unsigned NOT NULL default '0', src_mac tinytext NOT NULL, dest_ip varchar(16) NOT NULL default '0.0.0.0', dest_port smallint(5) unsigned NOT NULL default '0', dest_mac tinytext NOT NULL, protocol tinyint(4) NOT NULL default '-1', length smallint(6) NOT NULL default '-1', flags tinyint(4) NOT NULL default '-1', timestamp timestamp(14) NOT NULL ) TYPE=MyISAM;

Available options for configuration include interface specification, packet capture filter and database connection information. These options can mostly be set by command line parameters or an external configuration file - See the BEGIN block and code comments for details.

cisco-insert
on Oct 28, 2002 at 17:45 UTC
by neilwatson

Cisco-insert will parse a commented text file of Cisco IOS rules and upload them to a router. A backup of the running config is made prior to the upload.

SOCKS4 Server in Perl
on Jul 01, 2002 at 18:21 UTC
by strredwolf
Something I grew frustrated with, so I wrote up my own Socks 4 server. Supports CONNECT and BIND. Probably extensible to Socks 5 (have to pull the specs on it). Quick and dirty hack.

To use, grab netpipes and use socks4.pl outgoingIPaddr

cvs daemon in perl
on May 10, 2002 at 18:37 UTC
by tallfred

I wrote a CVS server in perl which stores the repository in MySQL. I am working on a better access/privileges system, but some feedback would be useful. http://fdd.com/software/dcvs/

The code has a web page interface very similar to cvsweb.

(code) HTTP connectivity log, or nail up dial connection
on Apr 23, 2002 at 01:08 UTC
by ybiC

Fetch a random web page from a list of URLs.   Waits a random length of time between fetches.

Written with two purposes in mind:
  * log internet connectivity
  * nail up analog dial connection
Mostly the latter, so my ISP won't drop my connection during looong downloads.

There are a number of commandline options+arguments.   Perhaps the more interesting are

  • --verbose=1 which reports only delta of success/fail ala zeno from Internet Connection Uptime Logger
  • --errDelay=1 to cause almost-immediate retry on fetch failure
  • --daemonize which backgrounds and disconnects so vty can be closed
  • --logging to print progress, options, and versions to file

From a Perlish perspective, this has been an exercise in rand, IO::Tee and Proc::Daemon, plus Getopt::Long bobs that I ended up not using.   I started out "use"ing Proc::Daemon, but had to copy+tweak subs from it to allow logging-to-file while daemonized.

Thanks to tye, fletch, tachyon, lemming, chmrr and others for tips and suggestions.   And as always, constructive criticism is welcome and invited.

The Veachian IRC Daemon
on Mar 29, 2002 at 23:07 UTC
by Veachian64
This is an IRC daemon I wrote out of sheer boredom in Perl. It's in the public domain, so if anyone wants to see a simplified example of an IRC server or how a server written in Perl works and use it for whatever they want, here it is. This is the latest version of the code. An archive containing all the previous versions of the code is available as a zip or a tarball. Read the README in the archive for more info.

Updated: 12/23/2002
ARP Watch
on Mar 07, 2002 at 12:16 UTC
by rob_au
This code watches for ARP requests on the ethernet address specified and sends an alert email to the network administrator in the event of a change in the hardware MAC address associated with an IP address. This was developed in part for a network traffic accountancy system in order to maintain record of machine hardware addresses and minimise the likelihood that network users could introduce foreign equipment onto the network.

It should be noted that this code was written as a proof of concept moreso than as a stand-alone piece of code. However, this code is interesting in its own right in that no external binaries are called upon for the capturing or interpretation of the ethernet ARP packets, instead relying upon the libpcap packet capturing library.

For previous nodes relating to this type of application, review (code) MAC n' IP cheese, How can I find a MAC address from aremote IP ? and MAC Address and NIC Device on Network.

ACL Tool for Cabletron/Enterasys L2 switches
on Feb 15, 2002 at 19:07 UTC
by zengargoyle

Helps manage the Access Controll List on Cabletron/Enterasys L2 switches (6000/2000). Requires SNMP, 2nd/3rd Gen switches w/ latest 2.0+ code, and the MIB's from Enterasys' web site.

I would wait until it's prettier, but with the SNMP problem it' may prove usefull to anybody with these switches.

Tips, comments, etc. more than welcome. Hope it helps somebody somewhere.

(code) UDP timeout for IO::Socket, plus Pod::Usage with Getopt::Long
on Jan 22, 2002 at 08:03 UTC
by ybiC
A localhost TCP+UDP port sccaner, intended to supplement netstat -vat, which doesn't seem to report listening UDP services.   Requires no additional modules beyond those in the base Perl.

portck.pl was written to aid in configuring the author's computers in a reasonably secure manner. Anyone using this software is encouraged to do so in a responsible and constructive fashion. Remember, kids, always use your powers for *good*, not evil.

From a perlish perspective, this ditty has been an introduction to IO::Socket, as well as finally getting around to applying the most excellent Pod::Usage in conjunction with Getopt::Long.

As always, comments and critique are respectfully requested (and appreciated).
    cheers,
    Don

Update: added a bit o'clarification to description
Just found netstat -vatu for localhost TCP *and* UDP services.   D'oh!

UDP sniffer
on Dec 20, 2001 at 07:05 UTC
by cforde
This is something I'd been thinking about doing for a while. The other day I saw Simple UDP example anyone? and decided it was time.

The way to use it is to change the first 5 variable declarations to suit, make sure the server is running, run this script (which will redirect requests to the server) and start the client. The client will think it's talking to the server and the server will think it is talking to the client. Meanwhile the script is displaying their conversation for you to see. Great for debugging UDP applications when you don't have real networking tools available. With a little tinkering you could also, uhmm, diddle with the conversation...

update: improved formatting and link

Scan C-Class for used IP-addresses
on Dec 07, 2001 at 16:23 UTC
by cab
This program scans trough a given C-Class subnet and lists the addresses that respond to ping to a file.
I used it to list the addresses on our network, so i could find unused addresses.
It's not pretty or witty, but it worked for me.
The script keeps on scanning, until interrupted. Although the replys are written only once to the file.
Use the code with option 'sort <filename>' to sort the output
It uses a sort routine suggested by tye in the QA section on sorting. (Thanks for that)
Any suggestions are welcome.
This is also my first code post, so be gentle.

/cab
(code) Dynamic DNS Update with IO::Interface (look Ma, no backticks!)
on Nov 28, 2001 at 07:38 UTC
by ybiC
One of my boxen is dial-connected nailed up using /etc/ppp/ppp_on_boot plus persist and holdoff parameters in /etc/ppp/peers/provider.   Whenever the connection is (re)established, this ditty sends the new ppp0 IP address to my dynamic DNS provider.

Not much of a Perlish exercise, but was fun to make practical use of new (to me anyways) IO::Interface.

Start dynamic DNS update:

Check ppp0 status: ACTIVE
Query host for ppp0 address: PASS
Post ppp0 IP address to DynDNS service: PASS
Check DNS propagation via name lookup: PASS
Compare resolved address to local: PASS
  nnn.nnn.nnn.nnn <= my.host.com
  nnn.nnn.nnn.nnn <= ppp0

Finished dynamic DNS update
PIX Syslog Parser
on Nov 07, 2001 at 02:22 UTC
by salsa
This is actually my first PERL program. It uses File::Tail and Net::SMTP to watch your PIX firewall log for changes, evaluates the changes based on keywords and then e-mails/alpha pages on a match as well as logging the entry into a critical_log file. In addition, it evaulates the growing log size and rolls it into a date and time stamped archive when it hits a certain size. Keep in my mind, that this is my first program! if you have any questions or constructive (<--- NOTE) criticism, please feel free to e-mail me.
(code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP
on Nov 06, 2001 at 03:50 UTC
by ybiC
Automate password updates for any number of Cisco routers and Catalyst switches.   Uses Net::SNMP to detect device+code types, and Net::Telnet::Cisco to make the changes.   Old, new, and confirm password entries blanked by Term::Readkey.   Command line switches facilitated by Getopt::Long.

Is a substantial rewrite and consolidation of the now deprecated "(code)) Cisco Pass Mass - IOS (deprecated by node 123464)" and "(code)) Cisco Pass Mass - CatOS (deprecated by node 123464)".   Cleaner code.   Better error detection and handling, activity logging, and results reporting.

Commandline switches include:

 --help     print Usage() to screen
 --nochange reset pw's to original
 --ROcomm   will prompt for SNMP RO community string. Default of 'public'
 --target   accepts IPaddr, hostname or fqdn of single target
 --infile   accepts name of text file list of multiple targets.

Thanks to Petruchio for pre-post critique+comments+corrections, and to c for inspiration and example of Net::SNMP device-type detection from Pancho. Also to several monks who offered good counsel on prior efforts leading up to this project.

I'm seriously considering submitting this to Freshmeat and/or Sourceforge, so please chew it up and spit it out and let me know what's not tasty.
    cheers,
    Ned

(code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel
on Oct 29, 2001 at 22:26 UTC
by ybiC
Query SNMP-enabled devices for interface (in|out)put octets, ifSpeed, ifName.   Creates chart of %bandwidth vs. time in PNM, PNG, and/or PostScript formats.   Raw data in CSV, tab-delimited, and/or Excel formats.

Intended for spotchecks or periodic monitoring of individual interfaces.   Tools like MRTG, MCSview, SNMPc, CWSI do well for large number of ports.

Sample graph output temporarily on my homenode pix.   As always... critique, comments, and suggestions are welcome and appreciated.

Usage:
snmpiio.pl target ifIndex iterations delay outdir

target: an IPaddress, DNS name, or FQDN.
ifIndex: SNMP parameter specifying port or interface.
iterations: how many queries you wish to run. (minimum 3, default 4)
delay: seconds to wait between iterations. (minimum 10, default 30)
outdir: destination dir for outfile. No trailing '/'. (default '.')

Example:
snmpiio.pl routerC 7 600 30 MyString /datadir

From a Perlish standpoint, this has been an exercise in hashes instead of arrays, return values, constants, eval, ${var}blah, and STDOUT hot.   Is a significant rewrite of "(code)) Net::SNMP bandwidth query (deprecated by node 121950)".

P.S.   I did not copy this idea from djw's "Ethernet Utilization".   Honest, I didn't, I swear.   Hey, put that phone down!   No, wait - don't call vroom!   ;^D

Update: 2001-10-31 corrected a tyop and clarified verbage in the Description

Ethernet Utilization
on Oct 24, 2001 at 00:26 UTC
by djw
SNMP query tool for reporting interface utilization stats. Does a get_request for sysUpTime, ifInOctets, and ifOutOctets and does a utilization calculation based on the difference of two samples and interface speed. Right now its setup to run every 5 minutes for an 8am-5pm workday.

You can see a sample of the graph plotted by GD::Graph here: http://perldev.org/projects/snmp/

Thanks, djw

UPDATE:
If you plan on using this, you will have to check your ethernet device's MIB OID. ifInOctets and ifOutOctets are the first two items in the @oids list, the last one is system uptime which you shouldn't have to change.
Net::Services
on Oct 22, 2001 at 00:06 UTC
by Masem
Allows better access to the list of system services on an OS. Your OS must support sockets for this to work; this includes *nix, and rules out all Windows varients - 9x, NT, 2K (and probably XP) (thanks Arguile)

I am looking for comments and critiques on this before I submit it to CPAN, msg or email me any suggestions

Net::CIDR::Lite ?? (Merge CIDR addresses)
on Oct 16, 2001 at 22:05 UTC
by runrig
Inspired by Dominus' Challenge Problem: Merging Network Addresses, I posted a reply script which was (about 20 times) faster than the Net::CIDR solution, and thought I'd make a module out of it. Also looking for comments on whether it ought to be on CPAN, and under what name. I'd never before heard of let alone used the Socket::inet_* functions, so I couldn't have done it this way without that thread. It might be interesting to get this to work optionally with IPv6 addresses, but then you'd probably have to use some big integer library like Bit::Vector, so I'm open to suggestions on that :)

Updated with tye's recommendation.

Update: Net::CIDR::Lite has been on CPAN for awhile now and updated several times over. Consider the code on this page obsolete.

Simple WebServer Scanner
on Sep 21, 2001 at 18:07 UTC
by Asmo
This script prints out the webserver version the scanned host is running (with a simple HEAD request)
Netcat like with Blowfish
on Sep 02, 2001 at 19:16 UTC
by Anarion
I usually use netcat. I just want to send some archives encrypted, so i make this program to do it. It uses Blowfish, you need to downoad it from cpan.org.
Pancho(configure/archive Cisco routers)
on Aug 29, 2001 at 03:41 UTC
by c
This is still for all those netadmins out there that need to make global changes by 7am and its already past midnight.
Cisco, in all their wisdom, decided to change a group of their MIBs such that older ios versions known as 11 code are no longer supported. I had originally written Pancho for that group of old-schoolers such as myself that were still using such antiquated software as 11.2.18 from way back in November, 2000.
In the moments after watching a Robin Williams movie, I felt like giving back to the youth and thus began reworking Pancho to support not only the older MIBs, but the new ones as well. I even tricked it out to query the router to figure out which ones to use.
This code is full on unstable, considering that its only been tested against the few routers I have in the house. I think it has been one hell of a lesson on net::snmp which seems to have finally accepted me as one of its own after much coaxing and sending of flowers.

humbly -c

(code)) Net::SNMP bandwidth query (deprecated by node 121950)
on Aug 13, 2001 at 02:16 UTC
by ybiC
## deprecated by "(code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel" ##

netsnmpiio.pl
Periodically query SNMP-enabled devices for interface (in|out)put octets, and record results in csv and xls outfiles.

Intended for relatively short term spot-tests of individual interfaces.   Other tools like MRTG, SNMPc, and CiscoWorks do fine for large number of ports, or for ongoing monitoring.   Uses Net::SNMP instead of system call to UCD-SNMP's snmpwalk like my earlier efforts.   Mind you, snmpwalk is quite useful - I just wanted to eliminate unecessary dependancies on external libraries.

Thanks to:
tachyon, HamNRye, crazyinsomniac, tilly, lemming, and wog.
Oh yeah, and to some guy named vroom.

As always:
Comments, corrections, and criteque welcome and requested.

Most recent update:
2001-08-22   10:00   Unlink .tmp at end of run, skip Spreadsheet::WriteExcel stuff if module not installed, fix wrong %util calculation, display MBytes transferred, gracefully handle non-responsive (host|OID).

SysLogger
on Aug 02, 2001 at 05:23 UTC
by Rex(Wrecks)
Hey all, first post so go easy on me :) I do a lot of automation to test hardware and software, I constantly fight the proprietary logging issue in a lot of code being written by fellow Automation Daemons. Since I work with a lot of hardware, specifically network gear, I wrote this utilty that can be used on both *nix and Win32 (I usually create a standalone exe for Windows) to send messages to a Syslog daemon. I have not used Perl for that long yet so I am sure there are things you can improve on.
List TLD nameservers
on Jul 21, 2001 at 20:16 UTC
by chazzz
This script has a list of top level domains and queries the root-servers for the corresponding nameservers. It then prints the results in pretty html. Requires Net::DNS.
switchcheck.pl
on Jul 19, 2001 at 22:13 UTC
by fingers
Usage: switchcheck.pl options ip { ip ip ... }
Designed to get an overview or collect statisics on switchports usage using SNMP.
-b option allows you to specify community name on the command line to allow being called in a cron job -l logs basic port usage stats to a dbm file
-r is used to read files created by -l
-v gives more detailed stats on ports that are up
-c generates a csv file, can be used in conjunction with -v
Some options are mutually exclusive. The later option takes precedence.
Tested
with:
Perl 5.6.1
RedHat 7.1
against:
Cisco 6509,2924XL,3508XL,3512XL,3524XL,3548XL switches
I realize it may be a little sloppy and amateur, I definately would appreciate any constructive criticism anyone has about my code.
(code) Resolve list of DNS names
on Jul 11, 2001 at 23:24 UTC
by ybiC
Feed this script a textfile list of hostnames, and it spits out CSV and XLS files of names and resolved IP addresses.   I use this ditty to confirm (or deny) in one swell foop that the DNS folks have proper IP address records for every one of the hundred+ LAN switches I support.

Tested with:

  • Net::DNS 0.12
  • Spreadsheet::WriteExcel 0.31
  • Perl 5.00503
  • Debian 2.2r3

Comments and critique are welcome and requested.

Most recent update: 2001-07-12 07:00 CDT
Corrected minor mistakes in comments and above description.
Add a bit more explanation to description above.

(code) Net::SNMP, table-ish interface stats
on May 21, 2001 at 01:50 UTC
by ybiC
Query one or more SNMP-enabled devices for network interface stats.   Written specifically for multi-interface devices like routers and LAN switches, but trivial to adapt for any table-ish SNMP response.

Accepts target device(s) from command-line, and prompts for SNMP RO community string.   Example run+output, and interesting SNMP OIDs at tail of pod.  

Output is (almost) csv.   Still researching methods for better output format. Probably better to use hash of hashes (or maybe hash references) than to munge existing output.

No external libraries needed.   Uses Net::SNMP, Tie::IxHash and Time::localtime CPAN modules.

fingers++ for recent post "Cisco SNMP CDP Poll" that inspired me to dig into this.

Critique and suggestions are both welcome and appreciated.
    cheers,
    Don
    striving toward Perl Adept
    (it's pronounced "why-bick")

Latest update: 2001-05-20 21:10
Added "Related CPAN modules" to pod.
 

Cisco SNMP CDP Poll
on May 16, 2001 at 21:45 UTC
by fingers
This started out as a script that gathered CDP info by telnet until I realized I could much less intrusively get the same info from SNMP. Give the script an IP for an argument and it will retrieve some CDP neighbor info from the target and then use that info to acquire the IPs of new targets effectively allowing you to map out all of your cisco gear and how they are connected.


Currently Working On
1. making subs more blackbox-ish
2. more error checking
3. get info such as serial number,
number of ports on device,etc.

EDITED May 16th
Corrected a problem with how the script reacted if it has a neighbor with no ip address. It will now display 0.0.0.0 when it sees a null value for IP.
EDITED May 16th
Cleaned up the code a little bit. Made the get_ip get_name get_port and get_type subs a single sub Get_SNMP_Info
Moved all of the IP conversion code into its own sub Convert_IP
The code should be several steps closer to being strict compliant.
EDITED May 17th
Cleaned things up a lot more. Started using pod, and modified the inline comments to improve readability.
Got rid of get_target sub (it really shouldn't have been a sub at all)
Code now works with strict
(code) Cisco errdisable (no password timeout if Win32)
on May 04, 2001 at 02:36 UTC
by ybiC
Problems with either cable plant or NIC drivers intermittantly cause our ethernet switches at one site to protect themselves by 'error disabling' the port connecting the offending device.   Of course, this causes a particular user to lose network connectivity.   Until we can resolve the root problem, the workaround I've arrived at is to periodically check for errdisabled ports and enable them, after which things work fine until the next hiccup.

This tidbit automates my check for these errdisabled ports.

From a Pelish standpoint, it checks for Win32 and skips password-timeout code plus which doesn't work on that OS.

Todos:
Debug non-fatal error only seen on Win32:
Argument "" isn't numeric in number gt (>> at Telnet.pm line 2569, <STDIN> line 1.
 

ipcalc
on May 03, 2001 at 22:51 UTC
by idnopheq
ipcalc provides network calcualtions about an IP address.

You can provide the script with mask information in a multitude of ways:

ipcalc 192.168.1.0 255.255.255.192
ipcalc 192.168.1.0:255.255.255.192
ipcalc 192.168.1.0/26

You get the idea ... Enjoy!

p.s. - didn't comment much

UPDATE: Well, don't I feel silly! It has been pointed out that there is already an ipcalc perl script in the world. Was told it's at ftp.ocs.com.au, but I can't get there now to look at it. I did not mean to step on toes.

(code) Cisco sho ver
on Apr 12, 2001 at 05:49 UTC
by ybiC
Automate collection of Cisco router and LAN switch information for inventory purposes:
    device name, hardware type, IOS/CatOS ver, serial number

From a Perlish standpoint, this has been an excercise in using hashes instead of buckets o' scalar variables or array with obtuse $file[0], and more discriminate use of subroutines so not need passel o' global variables.

Updated:
2001-04-13 perldoc switchver.pl for details.

Todo:
Use Net::Snmp sysDescr instead of Net::Telnet::Cisco.
    simplify data structure
    simplify parsing
    simplify program
    improve security

Sys::IP
on Apr 04, 2001 at 08:09 UTC
by BlueLines
This is a rewrite of Sys::IP that actually works on unix systems. It has 3 functions:
  • ip() - returns the first non-127.0.0.1 ip address it can find on the local machine
  • ips() - returns a list of all ips on a local machine.
  • interfaces() - returns a hash of interface/ip address pairs from the local machine
Network Link Status Report Generator
on Mar 27, 2001 at 04:00 UTC
by Big Willy
Generates an HTML report of ping tests for connectivity to the hosts in 'hostfile,' while is formatted as such:

{host}:{description}\n

Useful for admins who want to have a cron job intermittently check link status for router-router links, etc. Realize that if you can't ping the host, but can access it by other means this script will not work.
Net::PingImproved
on Mar 13, 2001 at 04:58 UTC
by Falkkin
Net::PingImproved is a modified version of the standard Net::Ping module.

Update: the changes I've made are actually being added to the standard version of Net::Ping, and will probably be incorporated into future versions of Perl. Maintainership of the module may also fall to me. I'll try to post the most recent version of Net::Ping below, for now. :)

Look here for more discussion on why I think this module needs to be altered.

Please look at this module, tear it apart, abuse it, and generally try to find things wrong with it. (And then tell me what you found, or I'll be none better off then when I started ;))

Things I've fixed so far:

  • Got rid of the call to alarm() in ping_tcp(). This call broke any scripts using alarm() (and, by association, sleep(), at least on many machines), and also made the code incompatible with Windows systems. Hence, we now use select() on a non-blocking connect() to implement TCP timeouts.
  • Unfortunately, non-blocking connect() isn't currently supported under Windows either. I fixed this by using system(1, ...) to spawn a new Perl process which attempts to ping the remote host.
  • As an after-effect of changing the method in which ping_tcp() calls connect(), this code now (correctly, in most cases) returns true instead of false if the remote host responded with "Connection refused."

Another thing this module really needs (IMHO) is updated documentation... along with all the code fixes, I'll be working on documentation as well.

Net::Ping::External
on Mar 11, 2001 at 08:26 UTC
by Falkkin
Net::Ping::External is a module that uses your system's default ping command and parses the result. It contains a single public function: ping(). ping() takes in a host and a timeout, and returns true if the system was able to ping the host before the timeout expired, false otherwise.

Look here for more info/discussion on why I am doing this. I need as many monks as possible to test this module, since I will eventually (although not any time soon) be attempting to submit this to CPAN.

TODO:
- more extensive testing
- support for more esoteric systems

Updates:
- Fixed support for Win32 systems and generalized the various unix-like pings into one function.
- Added POD, version number, other module-related stuff.

NNTP: Most recent articles in a group
on Mar 08, 2001 at 16:23 UTC
by tomhukins

Prints out the subject and sender of the most recent articles in a newsgroup.

To configure the script's behaviour, set the NUMBER_OF_ARTICLES, GROUP_NAME and SERVER_NAME constants at the top of the script.

I've tried to make this script as resource-friendly as possible for both the client and server. If there's a better way, let me know!

(code)) Cisco Pass Mass - CatOS (deprecated by node 123464)
on Mar 05, 2001 at 09:37 UTC
by ybiC
## deprecated by (code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP ##

(code)) Cisco Pass Mass - CatOS (deprecated by node 123464) automates password resets on multiple Cisco CatOS LAN switches.   It's a complete re-write of (code)) Cisco Pass Mass - IOS (deprecated by node 123464), which does the same for Cisco IOS routers and LAN switches.

CatOS switches are a little bit tougher to script, since their password resets are interactive.   Fortunately, I learned of Net::Telnet's waitfor() and getlines() syntax in Network Programming with Perl.   They're pretty straightforward, and Net::Telnet's input_log and dump_log help *a*lot* with debugging.   If you use dump_log, be sure to unlink it when done to avoid leaving your passwords laying around.   Anyway, I suspect this approach is quicker+simpler to code than Expect.pm.  

Target switches are either given as command-line arguments, or in a text file - one device name or IP address per line.   Rudimentary sanity checks are done on the input file, but it won't pass -T yet.   It takes a few seconds for each device.   Progress is displayed on-screen and recorded to a logfile.

Comments and critique are both welcome and invited.

Thanks to:
Petruchio for mondo suggestions and help
chromatic for $command =~ $commands[0] suggestion on a different post
ar0n for timeout example at Re: timeout for ?
tilly for tips on functions
strredwolf, jcwren, boo_radley, danger, crazyinsomniac, OeufMayo, azatoth and deprecated for suggestions in CB
Oh yeah, and some guy named vroom.   {grin}
    cheers,
    ybiC

Most recent update: 2001-04-30
hashamafied passel o' scalar vars.
un-subified non-redundant code to reduce number of global vars.
mixed-case subroutine names, w/o ampersan's.
formatted for 75 chars/line (well, mostly)

 

(code) Cisco Neighbors
on Feb 26, 2001 at 22:51 UTC
by ybiC
Starting with a seed device, discover neighboring Cisco switches/routers.   If run repeatedly, feeding prior output back as input, can generate complete list of Cisco switches/routers in your network.   I use it like that to create input files for (code)) Cisco Pass Mass - IOS (deprecated by node 123464).

Comments and critique are very much welcomed.

Thanks to tilly, fastolfe, japhy, geektron, Petruchio, mkmcconn, boo_radley and chromatic for their suggestions and advice.
 

LDAP Searcher
on Feb 06, 2001 at 02:58 UTC
by BigJoe
This is a quick LDAP search I did. This gives web users to search our internal "Phone book". I figure when I was trying to throw this together I couldn't find any information on it so here it is for everyone. Thanks to Chromatic for giving me a fix for the Win32 problem with the entry's.
(code)) The Going input/output Rate (deprecated by node 121950)
on Jan 18, 2001 at 00:23 UTC
by ybiC
## deprecated by (code) Net::SNMP, Bandwidth, GnuPlot, PNG, PostScript, Excel ##

Every so often, a sysadmin asks me to check bandwidth utilization by a particular server.   I use tools like CiscoWorks, SNMPc and MRTG for ongoing monitoring, but instead of mucking about with those for one-off checks, I wrote this ditty.

It prompts for switch name/IP, port, number of runs, delay between runs, and (no-echo) passwords, then reports estimated total runtime and output file size, and telnets to the device to collect 5 minute input/output rates.   Output file is csv for easy importing/reporting with Excel or whatever.

In it's present form, commands and parsing are tweaked for Cisco Catalyst 3548 ethernet switch, but should be trivial to add support for other IOS switches (2916, 2924) and routers.   Support for CatOS switches like 6000, 5000, 2948g may take a bit more work.

From a Perlish perspective, it's been an exercise in learning more of for, sleep, if, unless, int, plus subs for readability.   As always, critique and suggestions are more than welcome.

Thanks to: tye and chipmunk for suggestions on how to join output file lines, and to several monks whose names I missed for a flurry o' CB suggestions on integer-checking input.

Update: 2001-04-30
un-subified non-redundant code, for fewer global vars.
hashamafied passel o' scalars.

Out of Band Access Testing
on Feb 27, 2001 at 12:11 UTC
by reyjrar
given an file of "Site name : 9876543210\n"'s it attempts to dial the site and check for success. Success condition is getting to the router/server prompt AFTER successfully completing a login. I noticed some out of band equipment didn't prompt or username/password and figured that was a security risk. use with -v or -l for full effect.
Juniper Router Audit
on Feb 27, 2001 at 12:38 UTC
by cleen
Juniper (www.juniper.net) is a provider of high-end routing equipment, even the lower-end juniper equipment (m20) can out-preform cisco's high-end 12k GSR's.

I needed a way to easily audit my juniper configurations on a ever expanding juniper-core based network, thus this was born.

Writing the template configuration file:
Writing the template configuration is a little on the complex side, and it takes a little bit of explaining, so I put the configuration readme at juniper-audit-readme.txt

Overall this code is in beta, and I know there are many things I could do much better, and I intend on doing so, any suggestions and comments would also be great!
IP Accounting parser
on Jan 11, 2001 at 14:49 UTC
by Viking
This parses a log file of ipchains IP accounting data and spits it out as a csv. I use this at work for statistical and billing purposes. It is still a work in progress (but it does work) so I'm interested in any comments. The log file is created from a shell script run from a cron, which you will find at the end of the code.
Thread::Queue for non-threaded apps
on Jan 02, 2001 at 22:06 UTC
by kschwab
I needed functionality somewhat like Thread::Queue for passing data on a queue between a parent and it's forked child. Since non-threaded perl has no Thread::Queue, I used this. It's a bit quick and dirty, but works for me. == Kerry Save money
Whois+DNS
on Nov 30, 2000 at 09:06 UTC
by mdillon

works like regular whois, but will take a subdomain (or any string used as the domain part of a DNS RR for a subdomain of one of the legacy gTLDs) as input. Requires Net::DNS and Net::ParseWhois.

since Net::ParseWhois only works with the gTLDs COM, ORG, and NET, this code only works with those TLDs as well.

update: now looks up as many domains as are passed on the command line.

for example:

$ ./whois_domain.pl www.perlmonks.org www.maserith.com
Whois Server: whois.networksolutions.com

Registrar: NETWORK SOLUTIONS, INC.
Domain: PERLMONKS.ORG
Name: Blockstackers, Inc
Tag: PERLMONKS-DOM

Address:
        116 E.18th
        Holland, MI 49423

Country: US

Name Servers:
        n/a (n/a)

Contacts:
    ADMINISTRATIVE:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441
    BILLING:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441
    TECHNICAL:
        Bates, Jeffrey  (JB18794)  hemos@SLASHDOT.ORG
        BlockStackers
        13268 Riley
        Holland, MI 49424
        616.994.0441

Record created: n/a
Record updated: n/a
Record expires: n/a
============================================================================
Whois Server: whois.register.com

Registrar: REGISTER.COM, INC.
Domain: MASERITH.COM
Name: Maserith Information Systems, LLC
Tag: n/a

Address:
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com

Country: US

Name Servers:
        NS1.DNSWIZ.COM (207.91.131.30)
        NS3.DNSWIZ.COM (216.119.149.100)
        NS2.DNSWIZ.COM (207.91.131.31)
        NS4.DNSWIZ.COM (216.119.149.101)

Contacts:
    ADMINISTRATIVE:
        Maserith Information Systesm LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com
    TECHNICAL:
        Maserith Information Systems, LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com
    ZONE:
        Maserith Information Systems, LLC
        Mikel Smith
        8018 SW Ashford St
        Tigard, OR 97224
        US
        Phone: 503-639-9806
        Email: granola@maserith.com

Record created: Sun, Jan 28, 1996
Record updated: Wed, Oct 18, 2000
Record expires: Mon, Jan 28, 2002
(code) mind your snmPs & Qs
on Oct 13, 2000 at 10:28 UTC
by ybiC
Query and report on Cisco Catalyst switchport population, plus device location and uptime.   Employs UC-Davis SNMP library and Joe Marzot's SNMP.pm CPAN module.

As always, critique and sugestions are welcome and appreciated.

Most recent update: July 11, 2001
- correct calculation error for (live|total) ports.

Thanks to swiftone, geektron, nedv, turnstep, arturo and mdillon for suggestions and improvements.
 

(code)) Cisco Pass Mass - IOS (deprecated by node 123464)
on Sep 15, 2000 at 16:46 UTC
by ybiC
## deprecated by "(code) Poor Man's TACACS - automate CatOS and IOS password resets with Net::Telnet::Cisco and Net::SNMP" ##

Automate mass config changes (password updates, etc.) for large number of Cisco routers &/or switches.

Comments or critiques are very much welcomed.

Update: Feburary 26, 2001
Rearranged using functions for easier maintenance and greater legibility.
Added function that prompts for devices type (CatOS vs. IOS).

Update: October 27-29, 2000
Added:
    Term::Readky for no-echo pw prompts + confirm of new.
    Tie::IxHash for ordered hashes to update passwords.
    Localtime timestamp to $logfile for each device.
    Console preview of target devices list.
    Too many more ToDos.
Moved:
    Regex's into first tmp loop, to eliminate 2nd $tempfile.
    Console+log prints to subs HEREdocs (improve legibility).

Update: Thanks to ar0n, chromatic, merlyn, Fastolfe, tilly and Joshua Keroes for suggestions and examples that, hopefully, steered me away from Cargo Cult Code and Running With Scissors.   {grin}

scandns.pl
on Jun 20, 2000 at 04:04 UTC
by BlueLines
This script should be pretty straightforward. Feed it a network (ip
address/CIDR or ip address/netmask ) and it scans the dns records of said 
network, reporting theresults to STDOUT. Neat. 

Note: This script views the following notations as equivalent:
	
	10.0.0.0/24
	10.0.0.0/255.255.255.0
	10.0.0.0:255.255.255.0

Rather than reinvent the wheel, I cheated and used Net::Netmask. Eventually
I'll write a sub to handle slash/netmask notation, but until then this program
requires the forementioned module, which is available from cpan.

Here's some example output (and no, none of these machines are publicly
routable, so don't even think about it):


nooky:~$ ./scandns.pl 10.0.0.0/24
<----snip---->
10.0.0.202 => beauty.zacknetwork.com => 10.0.3.101 
10.0.0.203 => tman.zacknetwork.com => 10.0.3.15 
10.0.0.204 => afterglow.zacknetwork.com 
10.0.0.205 => serenity.zacknetwork.com => 10.0.7.10 
10.0.0.206 => girth.zacknetwork.com => girth.zacknetwork.com has no A record
10.0.0.207 => no PTR record
<----snip---->


Note that afterglow's A and PTR records matched. Ideally there shouldn't be
anthing in the third column. If there is, then your forward/inverse records
aren't getting along very well.
Push HTTP server
on Jun 11, 2000 at 02:52 UTC
by Corion

This is a non-blocking HTTP-based server for a database which contains temporary highly volatile data. It was written as a proof-of-concept and was designed for stuff like the current status of the dial-up connection or the telephone number of the calling party. It has no access control and no security, but it works with both, specialized clients that keep a connection to the server open and HTTP clients like Internet Explorer. Information can be polled but updated data can also be sent to connected clients. Some documentation is attached as a comment.

(code) MAC n' IP cheese
on Sep 24, 2000 at 07:32 UTC
by ybiC
It's nearly impossible for me to keep server connections labeled correctly at my core switches.   This ditty uses nmap and Net::Ping to build a list of MAC addresses with associated hostnames/IP addresses for live connections on a local subnet/VLAN.   I can then compare it with the switch's CAM table to find what box is connected at which port.

I dabbled with Linux arping utility, but stuck with Net::Ping for one less external dependancy.

Comments or suggestions for improvement are both welcomed and appreciated.

Update 3: 2001-04-30
hashamafied passel o' scalars and minor format cleanup.

Update 2:
cleaned up a few minor Perlish faux pas' and added to-do of using snmpwalk syntax based from riffraff's post in this thread.

Update1:
thanks to turnstep and to Ovid for feedback, and to ncw for his recent post Numeric list to optimised regexp , which made a no-brainer of regex's to match for nmap input.

ident-666
on Aug 05, 2000 at 19:08 UTC
by jettero
I saw a nullident.c program at freashmeat. I thought, hmmm, this would be funnier if it was random, and more insulting. They don't need to know who you are anyway.
snmping.pl
on Apr 27, 2000 at 18:08 UTC
by ergowolf
This program is GREAT for testing snmp and discovering the community name for the device.
Client for custom file server
on Apr 27, 2000 at 00:02 UTC
by Aighearach
This is the client program for my custom file server, written for inclusion in bots on the Free Internet Chess Server.
Custom file server
on Apr 26, 2000 at 23:57 UTC
by Aighearach
This is a basic file server program. It was written as an example, to be included in a bot on the free internet chess server. Yes, there are modules that make this easy, but the intention was to have a custom, extensible protocol. Currently, it is very basic. In the future, it will be converted to a module, and will be able to identify/convert popular chess notation formats. It has been tested under linux, sunos, and windows. A companion client program will also be provided; check where you found this one.