forked from ytti/oxidized
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sonicos.rb
59 lines (51 loc) · 2 KB
/
sonicos.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
class SonicOS < Oxidized::Model
# Applies to Sonicwall NSA series firewalls
prompt /^\w+@\w+[>]\(?.+\)?\s?/
comment '! '
cmd :all do |cfg|
cfg.each_line.to_a[1..-2].join
end
cmd :secret do |cfg|
cfg.gsub! /cli ftp password default \d\,(\S+)/, 'cli ftp password default <secret hidden> \2'
cfg.gsub! /secret \d\,(\S+)/, 'secret <secret hidden> \2'
cfg.gsub! /shared-secret \d\,(\S+)/, 'shared-secret <secret hidden> \2'
cfg.gsub! /password \d\,(\S+)/, 'password <secret hidden> \2'
cfg.gsub! /passphrase password \d\,(\S+)/, 'passphrase password <secret hidden> \2'
cfg.gsub! /bind-password \d\,(\S+)/, 'bind-password <secret hidden> \2'
cfg.gsub! /authentication sha1 \d\,(\S+)/, 'authentication sha1 <secret hidden> \2'
cfg.gsub! /encryption aes \d\,(\S+)/, 'encryption aes <secret hidden> \2'
cfg.gsub! /smtp-pass \d\,(\S+)/, 'smtp-pass <secret hidden> \2'
cfg.gsub! /pop-pass \d\,(\S+)/, 'pop-pass <secret hidden> \2'
cfg.gsub! /sslvpn password \d\,(\S+)/, 'sslvpn password <secret hidden> \2'
cfg.gsub! /administrator password \d\,(\S+)/, 'administrator password <secret hidden> \2'
cfg.gsub! /ftp password \d\,(\S+)/, 'ftp password <secret hidden> \2'
cfg.gsub! /shared-key \d\,(\S+)/, 'shared-key <secret hidden> \2'
cfg
end
cmd 'show version' do |cfg|
cfg = comment clean cfg
cfg << "\n"
end
cmd 'show current-config' do |cfg|
cfg.gsub! /^: [^\n]*\n/, ''
clean cfg
end
cfg :ssh do
post_login 'no cli pager session'
pre_logout 'exit'
end
def clean(cfg)
out = []
cfg.each_line do |line|
next if line =~ /date \d{4}\:\d{2}\:\d{2}/
next if line =~ /time \d{2}\:\d{2}:\d{2}/
next if line =~ /system-time \"\d{2}\/\d{2}\/\d{4} \d{2}\:\d{2}:\d{2}.\d+\"/
next if line =~ /system-uptime "((\s+up\s+\d+\s+)|(\d+\s\w+(,\s)?)*)"/
next if line =~ /checksum \d+/
line = line[1..-1] if line[0] == "\r"
out << line.strip
end
out = out.join "\n"
out << "\n"
end
end