Solved

Need Assistance with TCL regular expression in Script run on Fortigate

Posted on 2013-05-28
2
1,020 Views
Last Modified: 2013-05-29
We have 65+ Fortigate branch firewalls that all have unique subnets based on their branch number.

The third octet in the IP address is the only difference.

What I want to do is dynamically get the third octet from the internal1 interface and use that as a variable in the rest of the script.

I have borrowed from here which works, however when I change the regexp to only get the 3rd octet rather than the whole ip address the script it fails at the regular expression.

#!
puts "Script starts ..."

# Create do_cmd procedure to execute CLI commands
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}

# get internal ip
do_cmd "config system interface"
do_cmd "edit internal1"
set query [exec "show\n" "# "]
#puts $query
set output [split $query "\n"]
#Find branch number and puts $ip
regexp {(?<=10.10.)[0-9]{1,3}} $output ip
do_cmd "end"
do_cmd "$ip"

Open in new window


Below is the contents of $query. I have highlighted in bold the data I need.

config system interface
    edit "internal1"
        set vdom "root"
        set ip XXX.XXX.XXX.XXX 255.255.255.0
        set allowaccess ping https
        set dns-query recursive
        set type physical
        set description "X"
        set alias "X"
    next
end

XXXXXX (internal1) #
0
Comment
Question by:Barfoots
2 Comments
 

Accepted Solution

by:
Barfoots earned 0 total points
ID: 39205771
I have found a way around this but am unsure whether this is the most effective method;

#!
puts "Script starts ..."

# Create do_cmd procedure to execute CLI commands
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}

# get internal ip
do_cmd "config system interface"
do_cmd "edit internal1"
set query [exec "show\n" "# "]
#puts $query
set output [split $query "\n"]
#Find IP address and puts $ip
regexp {(?:\d+\.){3}\d+} $output ip
do_cmd $ip
regexp "(\[0-9]{1,3})\.(\[0-9]{1,3})\.(\[0-9]{1,3})\.(\[0-9]{1,3})" $ip all first second third fourth
do_cmd $third
do_cmd "end"

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Navigation is an important part of web design from a usability perspective. But it is often a pain when it comes to a developer’s perspective. By navigation, it often means menuing. This is less theory and more practical of how to get a specific gro…
Background Still having to process all these year-end "csv" files received from all these sources (including Government entities), sometimes we have the need to examine the contents due to data error, etc... As a "Unix" shop, our only readily …
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now