Prev: Processing stdin in blocks
Next: Bash directory traversal with spaces
From: LC's No-Spam Newsreading account on 2 Mar 2010 06:13
We have recently replaced one of our switches (Allied Telesyn) with a
different model. These switches have a telnet and http interface.

I used to access it (and I still access the other switches)
programmatically (from a shell script using expect, and from a java
application via http), in order to retrieve a table of which mac address
is bound to which physical port of the switch.

Now the interfaces have radically changed, and I was hoping to access
the new one via wget but I can't.

If I call http://switchname using a normal browser (firefox), I am
redirected to a page /config/authentication_page.htm (all pages will be
under the same basename above) which presents me with a login (username
and password)

If I login I get to a home page with a menu. I select one item (layer 2)
from the menu, then tick one box in the resulting form, press a "view"
button and I get in another window the list I need.

From the properties I get the URL of the list
/FwdDb/bridg_frdData_Query_Address_m.htm?[AddressDynamicVT]Filter:(dot1qTpFdbStatus==3)&&((ifOperStatus!=6)||(dot1qTpFdbPort%3E52))

I have verified that this URL is reproducible, and that is "callable" in
this sense. If I open a new tab, irrespective of what page I'd navigated
from the switch home page (but provided I'm logged in), and paste such
long URL, I can get the list page

Now I wanted to access such list page via wget.

Of course I can't do it directly, because I'm not logged in.

So I tried to emulate the login process as follows

wget --load-cookies c.txt --save-cookies c.txt --keep-session-cookies
--post-file pfile http://switchname/config/authentication_page.htm

where pfile contains one line for userName$query=xxxxx and
password$query=yyyy (where userName$query and password$query are the
two non-hidden fields of the login form

but what I get is a version of the authentication page with a different
name log_off_page.htm, while the cookie file is created but is empty but
for header comments.

So what am I doing wrong ?
How could I perform a login programmatically and get to the list I need ?


--
----------------------------------------------------------------------
nospam(a)mi.iasf.cnr.it is a newsreading account used by more persons to
avoid unwanted spam. Any mail returning to this address will be rejected.
Users can disclose their e-mail address in the article if they wish so.
From: pk on 2 Mar 2010 06:23
LC's No-Spam Newsreading account wrote:

> We have recently replaced one of our switches (Allied Telesyn) with a
> different model. These switches have a telnet and http interface.
>
> I used to access it (and I still access the other switches)
> programmatically (from a shell script using expect, and from a java
> application via http), in order to retrieve a table of which mac address
> is bound to which physical port of the switch.

Sorry for blatantly avoiding to provide a proper answer to your question,
but have you considered that you can get the same information, more accurate
and with much less hassle, using SNMP?
From: mop2 on 2 Mar 2010 07:20
On Tue, 02 Mar 2010 08:13:51 -0300, LC's No-Spam Newsreading account
<nospam(a)mi.iasf.cnr.it> wrote:

> We have recently replaced one of our switches (Allied Telesyn)
> with a different model. These switches have a telnet and http
> interface.
>
> I used to access it (and I still access the other switches)
> programmatically (from a shell script using expect, and from a
> java application via http), in order to retrieve a table of which
> mac address is bound to which physical port of the switch.
>
> Now the interfaces have radically changed, and I was hoping to
> access the new one via wget but I can't.
>
> If I call http://switchname using a normal browser (firefox), I am
> redirected to a page /config/authentication_page.htm (all pages
> will be under the same basename above) which presents me with a
> login (username and password)
>
> If I login I get to a home page with a menu. I select one item
> (layer 2)
> from the menu, then tick one box in the resulting form, press a
> "view" button and I get in another window the list I need.
>
> From the properties I get the URL of the list
> /FwdDb/bridg_frdData_Query_Address_m.htm?[AddressDynamicVT]Filter:(dot1qTpFdbStatus==3)&&((ifOperStatus!=6)||(dot1qTpFdbPort%3E52))
>
> I have verified that this URL is reproducible, and that is
> "callable" in this sense. If I open a new tab, irrespective of
> what page I'd navigated from the switch home page (but provided
> I'm logged in), and paste such long URL, I can get the list page
>
> Now I wanted to access such list page via wget.
>
> Of course I can't do it directly, because I'm not logged in.
>
> So I tried to emulate the login process as follows
>
> wget --load-cookies c.txt --save-cookies c.txt
> --keep-session-cookies
> --post-file pfile
> http://switchname/config/authentication_page.htm
>
> where pfile contains one line for userName$query=xxxxx and
> password$query=yyyy (where userName$query and password$query are
> the
> two non-hidden fields of the login form
>
> but what I get is a version of the authentication page with a
> different name log_off_page.htm, while the cookie file is created
> but is empty but for header comments.
>
> So what am I doing wrong ?
> How could I perform a login programmatically and get to the list I
> need ?
>

My suggestion is see that in the network interface.
ngrep is an option I like:
/usr/bin/ngrep -W byline -l -p -P ^ -d eth0 # here my prefs.
with -x you can see packets in hex and asc

If possible, consider the use of https:// when solved. (with curl,
for example)
From: LC's No-Spam Newsreading account on 2 Mar 2010 08:09
On Tue, 2 Mar 2010, pk wrote:

> Sorry for blatantly avoiding to provide a proper answer to your
> question, but have you considered that you can get the same
> information, more accurate and with much less hassle, using SNMP?

1) I wouldn't have the faintest idea how to do that
(by the way I'm on Suse 9.2 if that matters)

2) I have all a family of things already working for our other, more
script friendly, switches. I would not rewrite all that, but just
replace something which deals with the list I need.


--
----------------------------------------------------------------------
nospam(a)mi.iasf.cnr.it is a newsreading account used by more persons to
avoid unwanted spam. Any mail returning to this address will be rejected.
Users can disclose their e-mail address in the article if they wish so.
From: pk on 2 Mar 2010 09:16
LC's No-Spam Newsreading account wrote:

> On Tue, 2 Mar 2010, pk wrote:
>
>> Sorry for blatantly avoiding to provide a proper answer to your
>> question, but have you considered that you can get the same
>> information, more accurate and with much less hassle, using SNMP?
>
> 1) I wouldn't have the faintest idea how to do that
> (by the way I'm on Suse 9.2 if that matters)

Usually it's a matter of enabling SNMP on the switch (usually it's enabled,
so you just need to find out/change the community - ie, password) installing
net-snmp for Linux and running a single-line query along the lines of

snmpwalk -c <community> <switch IP> 1.3.6.1.2.1.17.4.3

and parse the output, which is in a standardized and predictable format.
Details might vary slightly, but you should get the idea.

Or it might be that your switch is low-end and it doesn't support SNMP, or
doesn't support the specific MIB that would be needed (though very few don't
these days). In that case, based on what you said, I'd go with telnet first,
since it's easily scriptable, and keep http as a last resort.

> 2) I have all a family of things already working for our other, more
> script friendly, switches. I would not rewrite all that, but just
> replace something which deals with the list I need.

I was not suggesting to rewrite what you already have and works fine. I was
just talking of this specific problem.

However, consider that the html you get from the device might not always be
easily parsable, or its format might change the next time you upgrade the
device's firmware, or it may contain javascript, or....

Maybe by using snmp here, you might end up liking it and gradually extend
its use to other tasks, or maybe not. Your choice.

 |  Next  |  Last
Pages: 1 2 3
Prev: Processing stdin in blocks
Next: Bash directory traversal with spaces