12-21-2007 12:50 AM - edited 03-03-2019 08:01 PM
Respected,
I need to create TCL script on my 1841, which will check status of dialer1 interface, and if protocol is up and interface is up, then it will delete all local vpn sessions.
Anyone who can help me with this? I never do anything similarâ¦.
12-21-2007 12:12 PM
Here is the script that will do a command based on the up or down operation status of an interface.
This script is very, VERY basic, no spell checking of the interface, no check of previous interface state
the last time the script was run
proc clearvpn { int } {
set int_out [exec "show interfaces"]
## regex looks for the interface you specified when you called
## the procedure Variable var_dontcare is a copy of variable
## int_out, variable var_int_status contains the operation status
## of the interface.
regexp "$int is \[a-z \]\{2,25\}, line protocol is (\[a-z\]\{2,5\}).*" $int_out var_dontcare var_int_status
if {[info exists var_int_status]} {
if {[string equal up $var_int_status]} {
##
## Replace the following line with the command you wish to run.
##
exec "clear ip bgp *"
puts "VPN's cleared"
} elseif {[string equal down $var_int_status]} {
puts "Interface is down" }
} else {
puts "Interface does not exist! Check spelling"
}
}
You can have the procedure auto initialize from an ftp server.
To accomplish that, add the following global command with your info:
scripting tcl init ftp://user:password@10.1.1.1/tclscript/initfiles3.tcl
-or-
you can store the tcl file locally on the flash:
scripting tcl init flash://initfiles3.tcl
-or-
just call the file when you start tclsh
source slot0:clearvpn.tcl
Here is the output of me using the command.
Rack1R1#tclsh
Rack1R1(tcl)#
Rack1R1(tcl)#
Rack1R1(tcl)#proc clearvpn { int } {
+>
+>set int_out [exec "show interfaces"]
+>
+>## regex looks for the interface you specified when you called
+>## the procedure Variable var_dontcare is a copy of variable
+>## int_out, variable var_int_status contains the operation status
+>## of the interface.
+>
+>$rotocol is (\[a-z\]\{2,5\}).*" $int_out var_dontcare var_int_status
+>
+>if {[info exists var_int_status]} {
+> if {[string equal up $var_int_status]} {
+> ##
+> ## Replace the following line with the command you wish to run.
+> ##
+> exec "clear ip bgp *"
+> puts "VPN's cleared"
+> } elseif {[string equal down $var_int_status]} {
+> puts "Interface is down" }
+> } else {
+> puts "Interface does not exist! Check spelling"
+> }
+>}
Rack1R1(tcl)#clearvpn serial2/0
Interface does not exist! Check spelling
Rack1R1(tcl)#clearvpn Serial2/0
Interface is down
Rack1R1(tcl)#clearvpn FastEthernet0/0
VPN's cleared
Rack1R1(tcl)#
03:53:58: %BGP-5-ADJCHANGE: neighbor 131.1.3.3 Down User reset
03:53:58: %BGP-5-ADJCHANGE: neighbor 131.1.5.5 Down User reset
03:53:58: %BGP-5-ADJCHANGE: neighbor 131.1.19.9 Down User reset
03:53:59: %BGP-5-ADJCHANGE: neighbor 131.1.3.3 Up
Rack1R1(tcl)#
03:54:00: %BGP-5-ADJCHANGE: neighbor 131.1.5.5 Up
Rack1R1(tcl)#
03:54:02: %BGP-5-ADJCHANGE: neighbor 131.1.19.9 Up
Rack1R1(tcl)#
12-24-2007 01:47 PM
Please, Can you help me with this file, how to download on router, where to put it, on flash or nvram or where?
I really don't have any experience with this kind scriptingâ¦
Thank you for your assistance it is rally helpful.
01-02-2008 11:20 AM
Now there are lots of ways to do this, you do not even need to copy this to your router to get it to work, but I thought this would be the easiest to start with. I've included the steps as an attachment because the formating is messed up below but you can get the general idea. Setup a tftp server and put the tcl file on it so you can copy it to your router.
Rack1R1#dir disk0:
Directory of disk0:/
No files in directory
133910528 bytes total (133910528 bytes free)
Rack1R1#
Rack1R1#ping 192.168.1.72
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.72, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/36 ms
Rack1R1#
Rack1R1#copy tftp://192.168.1.72/clearvpn.tcl disk0:
Destination filename [clearvpn.tcl]?
Accessing tftp://192.168.1.72/clearvpn.tcl...
Loading clearvpn.tcl from 192.168.1.72 (via FastEthernet0/0): !
[OK - 764 bytes]
764 bytes copied in 0.152 secs (5026 bytes/sec)
Rack1R1#
Rack1R1#dir disk0:
Directory of disk0:/
1 -rw- 764 Jan 2 2008 13:14:26 +00:00 clearvpn.tcl
133910528 bytes total (133906432 bytes free)
Rack1R1#
Rack1R1#
Rack1R1#tclsh
Rack1R1(tcl)#clearvpn
invalid command name "clearvpn" ^
% Invalid input detected at '^' marker.
Rack1R1(tcl)#
Rack1R1(tcl)#source disk0:/clearvpn.tcl
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn
no value given for parameter "int" to "clearvpn"
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn fa 0/0
called "clearvpn" with too many arguments
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn fa0/0
Interface does not exist! Check spelling
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn Fastethernet0/0
Interface does not exist! Check spelling
Rack1R1(tcl)#
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn FastEthernet0/0
VPN's cleared
Rack1R1(tcl)#
Rack1R1(tcl)#exit
Rack1R1#
01-02-2008 11:25 AM
If you are going to use this a lot, then I would set the router to automatically load this script every time you go into tclsh, by setup up the tcl init variables. See below or attached for details.
Rack1R1#
Rack1R1#tclsh
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn
invalid command name "clearvpn" ^
% Invalid input detected at '^' marker.
Rack1R1(tcl)#exit
Rack1R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R1(config)#scripting tcl init disk0:clearvpn.tcl
Rack1R1(config)#exit
Rack1R1#
Rack1R1#tclsh
Rack1R1(tcl)#clearvpn
no value given for parameter "int" to "clearvpn"
Rack1R1(tcl)#
Rack1R1(tcl)#clearvpn FastEthernet0/0
VPN's cleared
Rack1R1(tcl)#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide