search

knipknap / exscript

A Python module making Telnet and SSH easy
MIT License
367 stars 136 forks source link

EOF while waiting for response from device #128

Closed pcapdevila closed 7 years ago

pcapdevila commented 7 years ago

Hi,

Thanks for the library. I've been using for some time now and it has been very handy. However, a script that audits FortiOS devices through the Fortimanager works OK up to version 5.4, where I get:

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in exec_command(host, credentials, command)
     43     ssh_conn = ssh_connect(host, credentials)
     44     try:
---> 45         ssh_conn.execute(command)
     46
     47     except TimeoutException:

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in execute(self, command)
    919         """
    920         self.send(command + '\r')
--> 921         return self.expect_prompt()
    922
    923     def _domatch(self, prompt, flush):

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in expect_prompt(self)
   1018           and the match object.
   1019         """
-> 1020         result = self.expect(self.get_prompt())
   1021
   1022         # We skip the first line because it contains the echo of the command

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in expect(self, prompt)
    999         while True:
   1000             try:
-> 1001                 result = self._expect(prompt)
   1002             except DriverReplacedException:
   1003                 continue # retry

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in _expect(self, prompt)
    975
    976     def _expect(self, prompt):
--> 977         result = self._domatch(to_regexs(prompt), True)
    978         return result
    979

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/SSH2.pyc in _domatch(self, prompt, flush)
    329                 if not self._fill_buffer():
    330                     error = 'EOF while waiting for response from device'
--> 331                     raise ProtocolException(error)
    332                 continue
    333

ProtocolException: EOF while waiting for response from device

If I try to use conn.autoinit() it detects FortiOS and fails due to Fortimanager having another CLI:

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in exec_command(host, credentials, command)
     42 def exec_command(host, credentials, command):
     43
---> 44     ssh_conn = ssh_connect(host, credentials)
     45     try:
     46         ssh_conn.execute(command)

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in ssh_connect(device, credentials)
     31     #print 'Connecting to '+device+' with username '+credentials.get_name(),
     32     conn.login(credentials)
---> 33     conn.autoinit()
     34
     35     return conn

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in autoinit(self)
    399             term width 0
    400         """
--> 401         self.get_driver().init_terminal(self)
    402
    403     def set_username_prompt(self, regex = None):

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/drivers/fortios.pyc in init_terminal(self, conn)
     62
     63     def init_terminal(self, conn):
---> 64         conn.execute('config global')
     65         conn.execute('config system console')
     66         conn.execute('set output standard')  # no paging

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in execute(self, command)
    919         """
    920         self.send(command + '\r')
--> 921         return self.expect_prompt()
    922
    923     def _domatch(self, prompt, flush):

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/Protocol.pyc in expect_prompt(self)
   1029                 args = repr(prompt.pattern), repr(line)
   1030                 self._dbg(5, "error prompt (%s) matches %s" % args)
-> 1031                 raise InvalidCommandException('Device said:\n' + self.response)
   1032
   1033         return result

InvalidCommandException: Device said:
config global

command parse error before 'global'
Command fail. Return code 1

Could you please advise?

Thanks and regards

knipknap commented 7 years ago

It looks like FortiOS change it's syntax then. Since I do not have any such device, can you tell me what they are using to replace "config global' with in this version?

-Samuel

On Mon, Jan 16, 2017 at 11:09 AM, pcapdevila notifications@github.com wrote:

Hi,

Thanks for the library. I've been using for some time now and it has been very handy. However, a script that audits FortiOS devices through the Fortimanager works OK up to version 5.4, where I get:

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in exec_command(host, credentials, command) 43 ssh_conn = ssh_connect(host, credentials) 44 try: ---> 45 ssh_conn.execute(command) 46 47 except TimeoutException:

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in execute(self, command) 919 """ 920 self.send(command + '\r') --> 921 return self.expect_prompt() 922 923 def _domatch(self, prompt, flush):

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in expect_prompt(self) 1018 and the match object. 1019 """ -> 1020 result = self.expect(self.get_prompt()) 1021 1022 # We skip the first line because it contains the echo of the command

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in expect(self, prompt) 999 while True: 1000 try: -> 1001 result = self._expect(prompt) 1002 except DriverReplacedException: 1003 continue # retry

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in _expect(self, prompt) 975 976 def _expect(self, prompt): --> 977 result = self._domatch(to_regexs(prompt), True) 978 return result 979

/home/pcapdevila/.local/lib/python2.7/site-packages/Exscript/protocols/SSH2.pyc in _domatch(self, prompt, flush) 329 if not self._fill_buffer(): 330 error = 'EOF while waiting for response from device' --> 331 raise ProtocolException(error) 332 continue 333

ProtocolException: EOF while waiting for response from device

If I try to use conn.autoinit() it detects FortiOS and fails due to Fortimanager having another CLI:

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in exec_command(host, credentials, command) 42 def exec_command(host, credentials, command): 43 ---> 44 ssh_conn = ssh_connect(host, credentials) 45 try: 46 ssh_conn.execute(command)

/home/pcapdevila/fmg5/FMaudit-SSLVPN.py in ssh_connect(device, credentials) 31 #print 'Connecting to '+device+' with username '+credentials.get_name(), 32 conn.login(credentials) ---> 33 conn.autoinit() 34 35 return conn

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in autoinit(self) 399 term width 0 400 """ --> 401 self.get_driver().init_terminal(self) 402 403 def set_username_prompt(self, regex = None):

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/drivers/fortios.pyc in init_terminal(self, conn) 62 63 def init_terminal(self, conn): ---> 64 conn.execute('config global') 65 conn.execute('config system console') 66 conn.execute('set output standard') # no paging

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in execute(self, command) 919 """ 920 self.send(command + '\r') --> 921 return self.expect_prompt() 922 923 def _domatch(self, prompt, flush):

/home/pcapdevila/.local/lib/python2.7/site-packages/ Exscript/protocols/Protocol.pyc in expect_prompt(self) 1029 args = repr(prompt.pattern), repr(line) 1030 self._dbg(5, "error prompt (%s) matches %s" % args) -> 1031 raise InvalidCommandException('Device said:\n' + self.response) 1032 1033 return result

InvalidCommandException: Device said: config global

command parse error before 'global' Command fail. Return code 1

Could you please advise?

Thanks and regards

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/knipknap/exscript/issues/128, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJHSfkGmQWIDeRSx9hygacZpEVTmvh8ks5rS0HugaJpZM4LkYKj .

pcapdevila commented 7 years ago

HI,

Just clarify that we are SSHing a FortiManager, whose CLI is not exactly the same as a FortiGate FW.

For versions earlier than 4 you have to:

config fmsystem global set console-output standard

For version 5 onwards:

config system global set console-output standard

You can detect the OS with:

fmg5 # get system status Platform Type : FMG3000C Platform Full Name : FortiManager-3000C (...)

fm33 # get fmsystem status Platform Type : FMG3000C Version : v4.0-build0422 120608 (MR2 Patch 9) (...)

Best regards,

Pau

knipknap commented 7 years ago

This looks a little hard to implement without having access to such a device. Perhaps you can have a look at

src/Exscript/protocols/drivers/fortios.py

and provide a pull request? It is a fairly simple file to change.

pcapdevila commented 7 years ago

Hi,

It looks like this was due to a device bug outputting json before the current output.

I think this issue can be closed.

Thanks and best regards

knipknap commented 7 years ago

Ah, Thanks for the info! :-)

Prabakaran1410 commented 6 years ago

Hi,

I'm facing the same issue "EOF while waiting for response from device" in nxos

Could someone help me on this?

Regards, Praba