Community discussions

MUM Europe 2020
 
1001001
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Mon Sep 24, 2012 12:46 pm

Accessing 100+ ip's via ssh

Tue Nov 19, 2013 7:44 pm

Hello everybody,

I recently ran into the problem of having to change the configuration of about 150 vpn clients.
They are all conntected to a RouterOS system runnning as ovpn-server.
To tackle the problem not having to access every client manually i tried the following script
:foreach item in=[ /ip address find ] do={ :local network [ /ip address get $item network ];
/system ssh user=username address="$network" "/tool fetch address=VPN.VPN.VPN.VPN user=user password=password mode=ftp src-path=/conf.rsc dst-path=/conf.rsc
/import conf.rsc
/quit"
}
The problem i ran into is that it crashes halfway through the list and i can't retrace where and don't get why.
Has anyone any idea as to why this script would stop working?

Best Regards
 
User avatar
pcunite
Forum Guru
Forum Guru
Posts: 1071
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: Accessing 100+ ip's via ssh

Tue Nov 19, 2013 7:45 pm

Should you pause after the quit ... give it some time?
 
1001001
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Mon Sep 24, 2012 12:46 pm

Re: Accessing 100+ ip's via ssh

Tue Nov 19, 2013 7:53 pm

Should you pause after the quit ... give it some time?
Well that would probably be a good idea, but I don't have the faintest of ideas how to accomplish that.
Could you give me a hint?
 
1001001
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Mon Sep 24, 2012 12:46 pm

Re: Accessing 100+ ip's via ssh

Tue Nov 19, 2013 8:09 pm

Related to the subject: Would it be possible to create somekind of output to a file for example to be able to track progress and in case of an error know which clients weren't handled?
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: Accessing 100+ ip's via ssh

Tue Nov 19, 2013 11:12 pm

I'm guessing it's erroring out because it's trying to ssh into every IP address listed in IP Addresses, it hits an address it cannot get to, so the script errors out. The scripting language is not good at catching errors and moving on. So you may want to narrow down what it finds in the first line by specifying dynamic addresses, or looping through the PPP interface list and getting the caller ID instead.

You can add a delay by this command ":delay <time in seconds>" if desired.

Who is online

Users browsing this forum: No registered users and 17 guests