Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Need Assistance with TCL regular expression in Script run on Fortigate

Posted on 2013-05-28
2
1,059 Views
Last Modified: 2013-05-29
We have 65+ Fortigate branch firewalls that all have unique subnets based on their branch number.

The third octet in the IP address is the only difference.

What I want to do is dynamically get the third octet from the internal1 interface and use that as a variable in the rest of the script.

I have borrowed from here which works, however when I change the regexp to only get the 3rd octet rather than the whole ip address the script it fails at the regular expression.

#!
puts "Script starts ..."

# Create do_cmd procedure to execute CLI commands
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}

# get internal ip
do_cmd "config system interface"
do_cmd "edit internal1"
set query [exec "show\n" "# "]
#puts $query
set output [split $query "\n"]
#Find branch number and puts $ip
regexp {(?<=10.10.)[0-9]{1,3}} $output ip
do_cmd "end"
do_cmd "$ip"

Open in new window


Below is the contents of $query. I have highlighted in bold the data I need.

config system interface
    edit "internal1"
        set vdom "root"
        set ip XXX.XXX.XXX.XXX 255.255.255.0
        set allowaccess ping https
        set dns-query recursive
        set type physical
        set description "X"
        set alias "X"
    next
end

XXXXXX (internal1) #
0
Comment
Question by:Barfoots
2 Comments
 

Accepted Solution

by:
Barfoots earned 0 total points
ID: 39205771
I have found a way around this but am unsure whether this is the most effective method;

#!
puts "Script starts ..."

# Create do_cmd procedure to execute CLI commands
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}

# get internal ip
do_cmd "config system interface"
do_cmd "edit internal1"
set query [exec "show\n" "# "]
#puts $query
set output [split $query "\n"]
#Find IP address and puts $ip
regexp {(?:\d+\.){3}\d+} $output ip
do_cmd $ip
regexp "(\[0-9]{1,3})\.(\[0-9]{1,3})\.(\[0-9]{1,3})\.(\[0-9]{1,3})" $ip all first second third fourth
do_cmd $third
do_cmd "end"

Open in new window

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem to event 3 102
rhino JavaScript import, load 25 92
Fetching data from Multiple Linux Server using Shell Scripting 55 151
Problem to refer to value 8 62
Navigation is an important part of web design from a usability perspective. But it is often a pain when it comes to a developer’s perspective. By navigation, it often means menuing. This is less theory and more practical of how to get a specific gro…
Utilizing an array to gracefully append to a list of EmailAddresses
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question