Hi everyone!
Who knows whether it's possible (with SNMP?) to poll a Mikrotik unit and find the total number of connections (/ip firewall connections ) this way?
#!/usr/bin/expect
#Information gathering script for RouterOS
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.1.1.2"
set logn "admin"
set passwd ""
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet telnet session
eval spawn -noecho telnet "$router"
# Authentication stuff
expect "Login:" {send "$logn\r"}
expect "Password:" {send "$passwd\r"}
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print\r"
}
expect "$rta_prompt" {
set aa $expect_out(buffer);
send_user "\n-------------------------------\n";
send_user $aa;
send_user "\n-------------------------------\n";
}
sleep 2
send "\r"
-- [Q quit|D dump|down]
-------------------------------
123:80 tcp time-wait 1m41s
152 A 192.168.24.140:58533 199.181.132.206:80 tcp time-wait 1m23s
153 A 192.168.24.140:58531 199.181.132.207:80 tcp time-wait 1m23s
154 A 192.168.24.140:58536 199.181.132.207:80 tcp time-wait 1m23s
155 A 192.168.24.140:47582 204.74.101.1:53 udp 2m47s
156 A 192.168.24.140:55077 204.152.184.184:6277 tcp established 4d23h54m2s
157 A 192.168.24.140:58496 206.16.0.222:80 tcp time-wait 19s
158 A 192.168.24.140:58518 206.16.0.222:80 tcp time-wait 1m23s
159 A 192.168.24.140:58576 207.171.166.48:80 tcp time-wait 1m44s
160 A 192.168.24.140:58577 207.171.166.48:80 tcp time-wait 1m44s
161 A 192.168.24.140:58578 207.171.166.48:80 tcp time-wait 1m48s
162 192.168.24.140:47582 207.171.169.7:53 udp 13s
163 A 192.168.24.140:56123 212.97.129.35:6277 tcp established 4d23h59m57s
164 A 192.168.24.140:58575 213.84.23.119:80 tcp fin-wait 1m42s
165 U 192.168.24.140:58517 213.220.100.3:80 tcp syn-sent 1m55s
166 A 192.168.24.140:58520 213.220.100.3:80 tcp time-wait 1m58s
167 192.168.24.140:47582 216.200.69.14:53 udp 24s
168 A 192.168.24.140:47582 216.239.120.69:53 udp 2m11s
169 A 195.225.3.19:64413 213.151.155.141:6277 tcp established 4d40m19s
170 A 204.152.184.184:58374 213.151.152.215:6277 tcp established 4d23h59m57s
171 A 204.152.184.184:56980 213.151.155.141:6277 tcp established 4d41m48s
172 A 212.4.33.214:13095 213.151.155.141:80 tcp established 2d23h57m59s
173 A 213.151.152.215:1499 205.188.8.136:5190 tcp established 4d23h59m39s
174 A 213.151.152.215:1492 205.188.11.184:5190 tcp established 4d23h59m7s
175 A 213.151.152.215:1483 207.46.107.167:1863 tcp established 4d23h59m40s
176 A 213.151.152.215:1488 207.46.107.169:1863 tcp established 4d23h59m39s
177 A 213.151.152.215:1496 216.155.193.184:5050 tcp established 4d23h59m6s
178 A 213.151.152.215:1480 217.13.3.82:1723 tcp established 4d5h42m3s
179 A 213.151.152.215 217.13.3.82 gre 4d23h59m59s
180 213.151.153.79:1026 213.151.152.215:137 udp 2s
181 A 213.151.155.141:1319 205.188.8.138:5190 tcp established 4d21m18s
182 A 213.151.155.141:1321 205.188.11.184:5190 tcp established 4d21m18s
183 A 213.151.155.141:1240 207.46.106.71:1863 tcp established 4d21m18s
184 A 213.151.155.141:1241 207.46.107.62:1863 tcp established 4d21m18s
185 A 213.151.155.141:1248 208.245.212.67:5222 tcp established 4d21m18s
186 A 213.151.155.141:1213 216.155.193.178:5050 tcp established 4d21m22s
187 A 213.151.155.141:1479 217.13.2.82:1723 tcp established 4d19m53s
188 A 213.151.155.141 217.13.3.82 gre 4d21m30s
[evert@MEULIE] >
-------------------------------
#!/usr/bin/expect
#Information gathering script for RouterOS v1.2
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.1.1.2"
set logn "admin"
set passwd ""
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet ssh session
eval spawn -noecho ssh -l "$logn" "$router"
# Authentication stuff
#expect ".*password:" {send "$passwd\r"}
#set maximum buffer length (there are too many connections sometimes)
match_max 50000
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print without-paging\r"
}
expect "$rta_prompt" {
set aa $expect_out(buffer);
send_user "\n-------------------------------\n";
send_user $aa;
send_user "\n-------------------------------\n";
}
sleep 2
send "\r"
$ wc -l < myscript
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print count-only\r"
}
expect -re "\[0-9]+" {
set aa $expect_out(0,string);
send_user "$aa\n";
}
sleep 1
send "\r"
Target[conncount]: `/usr/local/bin/connection_poll`
Options[conncount]: gauge,growright,nopercent,noo
Title[conncount]: Connection count
MaxBytes[conncount]: 1000
PageTop[conncount]: <H1>Connection count</H1>
LegendO[conncount]: Connections
LegendI[conncount]: Connections
YLegend[conncount]: connections
ShortLegend[conncount]: connections
#!/usr/bin/expect
#Information gathering script for RouterOS
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.2.3.4"
set logn "mrtg"
set passwd "blah"
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet telnet session
eval spawn -noecho ssh "$logn@$router"
# Authentication stuff
expect "Password:" {send "$passwd\r"}
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print count-only\r"
}
expect -re "\[0-9]+" {
set aa $expect_out(0,string);
send_user "$aa\n0\n";
}
sleep 1
send "\r"
send "/quit\r"
spawn -noecho killall ssh
113
0
2004-12-15 08:36:05 -- ERROR: Target[conncount_192.168.100.1][_IN_] ' $target->[1]{$mode} ' did not eval into defined data
2004-12-15 08:36:05 -- ERROR: Target[conncount_192.168.100.1][_OUT_] ' $target->[1]{$mode} ' did not eval into defined data
/system script add policy=read,write source="/ip firewall connection print count-only"
snmpwalk -v2c -cpublic 192.0.2.1 1.3.6.1.4.1.14988.1.1.8.1.1.2
SNMPv2-SMI::enterprises.14988.1.1.8.1.1.2.1 = STRING: "script1"
snmpget -v2c -cpublic 192.0.2.1 1.3.6.1.4.1.14988.1.1.18.1.1.2.1
SNMPv2-SMI::enterprises.14988.1.1.18.1.1.2.1 = STRING: "7"