{"id":216,"date":"2018-10-06T20:52:53","date_gmt":"2018-10-06T23:52:53","guid":{"rendered":"https:\/\/www.tonev.pro.br\/?p=216"},"modified":"2018-10-06T20:52:53","modified_gmt":"2018-10-06T23:52:53","slug":"cisco-ws-c2950-errdisable-recovery","status":"publish","type":"post","link":"https:\/\/www.tonev.pro.br\/?p=216","title":{"rendered":"Cisco WS-C2950 errdisable recovery"},"content":{"rendered":"<p>Quem ainda usa os switches Cisco Catalyst 2950 e faz uso do\u00a0<strong>storm-control<\/strong> com a op\u00e7\u00e3o de\u00a0<strong>shutdown<\/strong> ja deve ter percebido que o IOS at\u00e9 a ultima vers\u00e3o ( 12.1(22)EA14 ) n\u00e3o consegue reabilitar a porta com o comando\u00a0<strong>errdisable recovery cause all<\/strong>. Para solucionar esse problema pode ser usada a combina\u00e7\u00e3o de syslog-ng + cron + shell script + expect.<\/p>\n<p>Primeiramente voc\u00ea precisa habilitar o log remoto dos switches atrav\u00e9s dos comandos abaixo ( troque o\u00a010.1.1.10 pelo IP do host onde vai estar rodando o syslog-ng ):<\/p>\n<pre>service timestamps debug datetime localtime show-timezone\r\nservice timestamps log datetime localtime show-timezone\r\nno logging rate-limit\r\nlogging cns-events debugging\r\nlogging trap debugging\r\nlogging 10.1.1.10<\/pre>\n<p>Em seguida, em uma maquina Linux ou FreeBSD ( para essas coisas prefiro o FreeBSD ), instale e configure o syslog-ng. A configura\u00e7\u00e3o m\u00ednima est\u00e1 abaixo:<\/p>\n<pre>@version: 3.14\r\n\r\noptions { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);\r\nowner(\"root\"); group(\"wheel\"); perm(0644); stats_freq(0); threaded(yes);\r\ndir-perm(0755); create_dirs(yes); bad_hostname(\"^gconfd$\");\r\n};\r\n\r\nsource s_network {\r\nudp( port(514) );\r\ntcp( port(514) );\r\n};\r\n\r\ndestination d_network { file(\"\/usr\/local\/www\/syslog\/$SOURCEIP\/$YEAR\/$MONTH\/$SOURCEIP-$YEAR-$MONTH-$DAY.log\"); };\r\n\r\ndestination d_storm { file(\"\/root\/cisco\/tmp\/$SOURCEIP-$UNIXTIME.log\"); };\r\n\r\nfilter f_storm {match(\".*STORM.*\" value (\"MESSAGE\"));};\r\n\r\nlog { source(s_network); destination(d_network); };\r\n\r\nlog {\r\nsource(s_network);\r\nfilter(f_storm);\r\ndestination(d_storm);\r\n};<\/pre>\n<p>Ajuste os diret\u00f3rios onde ser\u00e3o gravados os logs. No caso s\u00e3o usados:<\/p>\n<ul>\n<li><strong>\/usr\/local\/www\/syslog\/<\/strong> &#8211; caso queira acessar para consulta via o Apache, mas pode configurar qualquer outro. Esse serve apenas para ter um hist\u00f3rico di\u00e1rio do que o switch loga;<\/li>\n<li><strong>\/root\/cisco\/tmp\/<\/strong> &#8211; diret\u00f3rio tempor\u00e1rio de onde o script que \u00e9 executado pelo crontab vai procurar os arquivos com os dados necess\u00e1rios para reativar as portas;<\/li>\n<\/ul>\n<p>Apos o switch configurado para enviar os logs para o servidor e o syslog-ng configurado, crie o script que vai fazer a verifica\u00e7\u00e3o de acordo com o seu agendamento no crontab. Crie tamb\u00e9m o diret\u00f3rio\u00a0<strong>\/root\/cisco\/run\/<\/strong> :<\/p>\n<pre>#!\/usr\/local\/bin\/bash\r\n\r\nLS=\"\/bin\/ls\"\r\nMV=\"\/bin\/mv\"\r\nTMPDIR=\"\/root\/cisco\/tmp\/\"\r\nWORKDIR=\"\/root\/cisco\/run\/\"\r\nWC=\"\/usr\/bin\/wc\"\r\nPREFIX=\"10\"\r\nPORT=\"23\"\r\nUSER=\"cisco\"\r\nUSERPW=\"cisco123!\"\r\nENABLEPW=\"enablepass\"\r\nGREP=\"\/usr\/bin\/grep\"\r\nCAT=\"\/bin\/cat\"\r\nCUT=\"\/usr\/bin\/cut\"\r\nECHO=\"\/bin\/echo\"\r\nRM=\"\/bin\/rm\"\r\nENABLE_SCRIPT=\"\/root\/bin\/storm_control_enable.exp\"\r\nDATA=`\/bin\/date +%Y-%m-%d-%H-%M`\r\nMAIL=\"\/usr\/bin\/mail\"\r\nMAILRCPT=\"admin@tonev.pro.br\"\r\n\r\ncd $TMPDIR\r\n\r\nARQUIVOS=`$LS -1 $PREFIX* 2&gt;\/dev\/null | $WC -l 2&gt;\/dev\/null`\r\n\r\n\r\nif [ \"$ARQUIVOS\" -gt 0 ]; then\r\n\r\n$ECHO \"\"\r\n$ECHO \"\"\r\n$ECHO \"\"\r\n$ECHO \"\"\r\n$ECHO \"\"\r\n$ECHO \"run $DATA\"\r\n$ECHO \"\"\r\n$LS -1 $PREFIX*\r\n$ECHO \"\"\r\n$ECHO \"\"\r\n\r\n$MAIL $MAILRCPT &lt; $PREFIX*\r\n\r\n$MV $TMPDIR\/$PREFIX* $WORKDIR\r\n\r\n\r\ncd $WORKDIR\r\n\r\nfor i in $PREFIX* ; do\r\n\r\nIP=`$ECHO $i | $CUT -f 1 -d \"-\"`\r\n\r\nSHUTDOWNINTERFACE=`$CAT $i | $GREP SHUTDOWN | $CUT -f 5 -d \":\" | $CUT -f 6 -d \" \"`\r\n\r\nif [ ! -z \"$SHUTDOWNINTERFACE\" ]; then\r\n\r\n$ENABLE_SCRIPT $IP $PORT $USER $USERPW $ENABLEPW $SHUTDOWNINTERFACE\r\n\r\nSAIDA=\"$?\"\r\n\r\nif [ $SAIDA -eq 0 ]; then\r\n$RM $WORKDIR\/$i\r\nfi\r\nfi\r\n\r\ndone\r\n\r\nfi<\/pre>\n<p>Por fim crie o script que vai fazer o acesso ao switch e retirar o <strong>shutdown<\/strong> da interface:<\/p>\n<pre>#!\/bin\/sh\r\n# \\\r\nexec \/usr\/local\/bin\/expect -- \"$0\" ${1+\"$@\"}\r\n\r\nexp_version -exit 5.0\r\n\r\nif {$argc==0} {\r\nsend_user \"usage: $argv0 host port username password enable port\\n\\n\"\r\nsend_user \"host - ip \/ dns hostname\\n\"\r\nsend_user \"port - telnet port\\n\"\r\nsend_user \"username - telnet username\\n\"\r\nsend_user \"password - telnet password\\n\"\r\nsend_user \"enable - enable password\\n\"\r\nsend_user \"interface - interface to enable\\n\\n\"\r\nexit\r\n}\r\n\r\nset HOST [lindex $argv 0]\r\nset PORT [lindex $argv 1]\r\nset USERNAME [lindex $argv 2]\r\nset PASSWORD [lindex $argv 3]\r\nset ENAPASSWORD [lindex $argv 4]\r\nset INTERFACE [lindex $argv 5]\r\n\r\nspawn telnet $HOST $PORT\r\n\r\nexpect \"Username: \"\r\nsend \"$USERNAME\\r\"\r\nexpect \"Password: \"\r\nsend \"$PASSWORD\\r\"\r\nexpect \"&gt;\"\r\nsend \"enable\\r\"\r\nexpect \"Password: \"\r\nsend \"$ENAPASSWORD\\r\"\r\nexpect \"#\"\r\nsend \"conf term\\r\"\r\nexpect \"g)#\"\r\nsend \"interface $INTERFACE\\r\"\r\nexpect \"if)#\"\r\nsend \"no shut\\r\"\r\nexpect \"if)#\"\r\nsend \"exit\\r\"\r\nexpect \"g)#\"\r\nsend \"exit\\r\"\r\nexpect \"#\"\r\nsend \"wr\\r\"\r\nexpect \"#\"\r\nsend \"quit\\r\"<\/pre>\n<p>Depend\u00eancias:<\/p>\n<ul>\n<li>expect;<\/li>\n<li>bash;<\/li>\n<li>postfix ou qualquer outro MTA ( se quiser receber emails de aviso );<\/li>\n<\/ul>\n<p>Diret\u00f3rios necess\u00e1rios:<\/p>\n<ul>\n<li>\/usr\/local\/www\/syslog\/<\/li>\n<li>\/root\/cisco\/tmp\/<\/li>\n<li>\/root\/cisco\/run\/<\/li>\n<\/ul>\n<p>Altera\u00e7\u00f5es necess\u00e1rias:<\/p>\n<ul>\n<li>IP do servidor de syslog;<\/li>\n<li>PREFIX &#8211; prefixo do IP dos switches. Os arquivos de log gerados v\u00e3o iniciar com o numero IP e o script de verifica\u00e7\u00e3o vai usar o nome para compor as vari\u00e1veis necess\u00e1rias\u00a0para a reativa\u00e7\u00e3o ;<\/li>\n<li>USER &#8211; nome de usu\u00e1rio para acesso ao switch via telnet;<\/li>\n<li>USERPW &#8211; senha do usu\u00e1rio de acesso;<\/li>\n<li>ENABLEPW &#8211; senha de enable;<\/li>\n<li>ENABLE_SCRIPT &#8211; caminho completo do script de reativa\u00e7\u00e3o das portas;<\/li>\n<li>MAILRCPT &#8211; endere\u00e7o de e-mail para onde vai ser enviada notifica\u00e7\u00e3o das portas que foram reativadas;<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Quem ainda usa os switches Cisco Catalyst 2950 e faz uso do\u00a0storm-control com a op\u00e7\u00e3o de\u00a0shutdown ja deve ter percebido que o IOS at\u00e9 a ultima vers\u00e3o ( 12.1(22)EA14 ) n\u00e3o consegue reabilitar a porta&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-216","post","type-post","status-publish","format-standard","hentry","category-rede"],"_links":{"self":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/216","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=216"}],"version-history":[{"count":19,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/216\/revisions"}],"predecessor-version":[{"id":235,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=\/wp\/v2\/posts\/216\/revisions\/235"}],"wp:attachment":[{"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=216"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=216"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tonev.pro.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=216"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}