removed the artifacts of working with snmp for mikrotik candles

updated to the current version of oxidized 0.34.3 pack for a list with support for custom ssh|telnet ports

scripts/eyelib/database.pm

@@ -784,8 +784,11 @@ return hash_to_text($record);
 sub delete_user_auth {
 my $db = shift;
 my $id = shift;
-my $msg = '';
 my $record = get_record_sql($db,'SELECT * FROM User_auth WHERE id='.$id);
+my $auth_ident = $record->{ip};
+$auth_ident = $auth_ident . '['.$record->{dns_name} .']' if ($record->{dns_name});
+$auth_ident = $auth_ident . ' :: '.$record->{comments} if ($record->{dns_name});
+my $msg = "";
 my $txt_record = hash_to_text($record);
 #remove aliases
 my @t_User_auth_alias = get_records_sql($db,'SELECT * FROM User_auth_alias WHERE auth_id='.$id);
@@ -793,9 +796,9 @@ if (@t_User_auth_alias and scalar @t_User_auth_alias) {
     foreach my $row ( @t_User_auth_alias) {
         my $alias_txt = record_to_txt($db,'User_auth_alias','id='.$row->{'id'});
         if (delete_record($db,'User_auth_alias','id='.$row->{'id'})) {
-            $msg = "Deleting an alias: ". $alias_txt . "::Success!\n" . $msg;
+            $msg = "Deleting an alias: ". $alias_txt . "\n::Success!\n" . $msg;
             } else {
-            $msg = "Deleting an alias: ". $alias_txt . "::Fail!\n" . $msg;
+            $msg = "Deleting an alias: ". $alias_txt . "\n::Fail!\n" . $msg;
             }
         }
     }
@@ -804,10 +807,12 @@ do_sql($db,'DELETE FROM connections WHERE auth_id='.$id);
 #remove user auth record
 my $changes = delete_record($db, "User_auth", "id=" . $id);
 if ($changes) {
-    $msg = "Deleting ip-record: ". $txt_record . "::Success!\n" . $msg;
+    $msg = "Deleting ip-record: ". $txt_record . "\n::Success!\n" . $msg;
     } else {
-    $msg = "Deleting ip-record: ". $txt_record . "::Fail!\n" . $msg;
+    $msg = "Deleting ip-record: ". $txt_record . "\n::Fail!\n" . $msg;
     }
+
+$msg = "Deleting user ip record $auth_ident\n\n".$msg;
 db_log_warning($db, $msg, $id);
 my $send_alert = isNotifyDelete(get_notify_subnet($db,$record->{ip}));
 sendEmail("WARN! ".get_first_line($msg),$msg,1) if ($send_alert);
@@ -1752,6 +1757,9 @@ my $client_id = $ip_record->{'client-id'};
 if (!exists $ip_record->{ip_aton}) { $ip_record->{ip_aton}=StrToIp($ip); }
 if (!exists $ip_record->{hotspot}) { $ip_record->{hotspot}=is_hotspot($db,$ip); }
 
+my $auth_ident = "Found new ip-address: " . $ip;
+$auth_ident = $auth_ident . '['.$mac .']' if ($mac);
+$auth_ident = $auth_ident . ' :: '.$hostname if ($hostname);
 
 my $ip_aton=$ip_record->{ip_aton};
 
@@ -1797,7 +1805,7 @@ $record=get_record_sql($db,'SELECT * FROM User_auth WHERE `ip_int`='.$ip_aton."
 if ($record->{id}) {
     #if found record with same ip but without mac - update it
     if (!$record->{mac}) {
-        $msg = "Use auth record with no mac: " . hash_to_text($record);
+        $msg = $auth_ident. "\nUse auth record with no mac: " . hash_to_text($record);
         db_log_verbose($db,$msg);
         $new_record->{mac}=$mac;
         #disable dhcp for same mac in one ip subnet
@@ -1868,12 +1876,12 @@ my $cur_auth_id= 0;
 if ($auth_exists) {
     #found ->Resurrection old record
     my $resurrection_id = get_id_record($db,'User_auth',"ip_int=".$ip_aton." and mac='".$mac."'");
-    $msg = "Resurrection auth_id: $resurrection_id with ip: $ip and mac: $mac";
+    $msg = $auth_ident . " Resurrection auth_id: $resurrection_id with ip: $ip and mac: $mac";
     if (!$ip_record->{hotspot}) { db_log_warning($db,$msg); } else { db_log_info($db,$msg); }
     if (update_record($db,'User_auth',$new_record,"id=$resurrection_id")) { $cur_auth_id = $resurrection_id; }
     } else {
     #not found ->create new record
-    $msg = "New ip created! ip: $ip mac: $mac";
+    $msg = $auth_ident ."\n";
     $cur_auth_id = insert_record($db,'User_auth',$new_record);
     if ($cur_auth_id) {
         if (!$ip_record->{hotspot}) { db_log_warning($db,$msg); } else { db_log_info($db,$msg); }

scripts/eyelib/snmp.pm

@@ -238,25 +238,19 @@ sub get_mac_table {
 #-------------------------------------------------------------------------------------
 
 sub get_fdb_table {
-    my ($host,$snmp,$iflist) = @_;
-
+    my ($host,$snmp) = @_;
     my $ifindex_map = get_ifmib_index_table($host,$snmp);
+#    print "IFINDEX_MAP: " . Dumper($ifindex_map);
     my $fdb1=get_mac_table($host,$snmp,$fdb_table_oid,$ifindex_map);
+#    print "FDB1: " . Dumper($fdb1);
     my $fdb2=get_mac_table($host,$snmp,$fdb_table_oid2,$ifindex_map);
-
-    my $fdb3;
-
-    if ($fdb2 and $iflist) {
-        foreach my $mac (keys %$fdb2) {
-            if (exists $iflist->{$fdb2->{$mac}}) { $fdb3->{$mac}=$iflist->{$fdb2->{$mac}}; }
-            }
-        }
+#    print "FDB2: " . Dumper($fdb1);
 
     my $fdb;
-    if ($fdb1 and !$fdb3) { $fdb = $fdb1; }
-    if (!$fdb1 and $fdb3) { $fdb = $fdb3; }
     #join tables
-    if ($fdb1 and $fdb3) { $fdb = { %$fdb1,%$fdb3 }; }
+    if (!$fdb1 and $fdb2) { $fdb = $fdb2; }
+    if (!$fdb2 and $fdb1) { $fdb = $fdb1; }
+    if ($fdb1 and $fdb2) { $fdb = { %$fdb1,%$fdb2 }; }
 
     my $snmp_cisco = $snmp;
 
@@ -264,10 +258,11 @@ sub get_fdb_table {
     if (!$fdb) {
         my $vlan_table=snmp_get_oid($host,$snmp,$cisco_vlan_oid);
         if (!$vlan_table) { $vlan_table=snmp_walk_oid($host,$snmp,$cisco_vlan_oid); }
-        #fuck!
+        # just empty
         if (!$vlan_table) { return; }
+        #fucking cisco!
         my %fdb_vlan;
-            foreach my $vlan_oid (keys %$vlan_table) {
+        foreach my $vlan_oid (keys %$vlan_table) {
                 next if (!$vlan_oid);
                 my $vlan_id;
                 if ($vlan_oid=~/\.([0-9]{1,4})$/) { $vlan_id=$1; }
@@ -276,18 +271,18 @@ sub get_fdb_table {
                 $snmp_cisco->{'ro-community'} = $snmp->{'ro-community'}.'@'.$vlan_id;
                 $fdb_vlan{$vlan_id}=get_mac_table($host,$snmp_cisco,$fdb_table_oid,$ifindex_map);
                 if (!$fdb_vlan{$vlan_id}) { $fdb_vlan{$vlan_id}=get_mac_table($host,$snmp_cisco,$fdb_table_oid2,$ifindex_map); }
-            }
-            foreach my $vlan_id (keys %fdb_vlan) {
+        }
+        foreach my $vlan_id (keys %fdb_vlan) {
                 next if (!exists $fdb_vlan{$vlan_id});
                 if (defined $fdb_vlan{$vlan_id}) {
                         my %tmp=%{$fdb_vlan{$vlan_id}};
                         foreach my $mac (keys %tmp) {
-                                next if (!$mac);
-                                $fdb->{$mac}=$tmp{$mac};
-                                }
-                    }
-            }
+                            next if (!$mac);
+                            $fdb->{$mac}=$tmp{$mac};
+                        }
+                }
         }
+    }
     return $fdb;
 }
 

scripts/fetch_new_arp.pl

@@ -251,17 +251,6 @@ sub {
     }
 );
 
-my %dev_ifindex=();
-
-foreach my $device (@device_list) {
-    my $dev_id = $device->{id};
-    my @device_ports = get_records_sql($dbh,"SELECT * FROM device_ports WHERE device_id=$dev_id");
-    foreach my $port_data (@device_ports) {
-        if (!$port_data->{snmp_index}) { $port_data->{snmp_index} = $port_data->{port}; }
-        $dev_ifindex{$dev_id}->{$port_data->{port}}=$port_data->{snmp_index};
-    }
-}
-
 $dbh->disconnect;
 
 FDB_LOOP:
@@ -274,7 +263,7 @@ $pm_fdb->start() and next FDB_LOOP;
 my $result;
 my $tmp_dbh = init_db();
 if (apply_device_lock($tmp_dbh,$device->{id})) {
-    my $fdb=get_fdb_table($device->{ip},$device->{snmp},$dev_ifindex{$device->{id}});
+    my $fdb=get_fdb_table($device->{ip},$device->{snmp});
     unset_lock_discovery($tmp_dbh,$device->{id});
     $result->{id}=$device->{id};
     $result->{fdb} = $fdb;
@@ -325,6 +314,7 @@ foreach my $port_data (@device_ports) {
     }
 
 my $sw_mac;
+#for mikrotik - skip DL mac
 if ($device->{vendor_id} eq '9') {
     #get device mac
     my $sw_auth = get_record_sql($dbh,"SELECT mac FROM User_auth WHERE deleted=0 and ip='".$device->{ip}."'");

scripts/utils/oxidized/add_source_input_port.patch

@@ -1,68 +0,0 @@
-diff -urN oxidized/lib/oxidized/input/ssh.rb oxidized.patched/lib/oxidized/input/ssh.rb
---- oxidized/lib/oxidized/input/ssh.rb	2023-06-25 13:21:13.549859510 +0300
-+++ oxidized.patched/lib/oxidized/input/ssh.rb	2023-06-26 01:05:44.715259384 +0300
-@@ -121,6 +121,7 @@
- 
-     def make_ssh_opts
-       secure = Oxidized.config.input.ssh.secure?
-+      node_ssh_port = @node.input_port || vars(:ssh_port)
-       ssh_opts = {
-         number_of_password_prompts:      0,
-         keepalive:                       vars(:ssh_no_keepalive) ? false : true,
-@@ -128,7 +129,7 @@
-         append_all_supported_algorithms: true,
-         password:                        @node.auth[:password],
-         timeout:                         Oxidized.config.timeout,
--        port:                            (vars(:ssh_port) || 22).to_i,
-+        port:                            (node_ssh_port || 22).to_i,
-         forward_agent:                   false
-       }
- 
-diff -urN oxidized/lib/oxidized/input/telnet.rb oxidized.patched/lib/oxidized/input/telnet.rb
---- oxidized/lib/oxidized/input/telnet.rb	2023-06-25 13:21:13.549859510 +0300
-+++ oxidized.patched/lib/oxidized/input/telnet.rb	2023-06-26 01:05:51.839271280 +0300
-@@ -11,11 +11,11 @@
-       @timeout = Oxidized.config.timeout
-       @node.model.cfg['telnet'].each { |cb| instance_exec(&cb) }
-       @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-telnet", 'w') if Oxidized.config.input.debug?
--      port = vars(:telnet_port) || 23
-+      port = @node.input_port || vars(:telnet_port)
- 
-       telnet_opts = {
-         'Host'    => @node.ip,
--        'Port'    => port.to_i,
-+        'Port'    => (port || 23).to_i,
-         'Timeout' => @timeout,
-         'Model'   => @node.model,
-         'Log'     => @log
-diff -urN oxidized/lib/oxidized/node.rb oxidized.patched/lib/oxidized/node.rb
---- oxidized/lib/oxidized/node.rb	2023-06-25 13:21:13.557859532 +0300
-+++ oxidized.patched/lib/oxidized/node.rb	2023-06-26 01:25:50.009837507 +0300
-@@ -6,7 +6,7 @@
-   class ModelNotFound  < OxidizedError; end
- 
-   class Node
--    attr_reader :name, :ip, :model, :input, :output, :group, :auth, :prompt, :vars, :last, :repo
-+    attr_reader :name, :ip, :model, :input, :output, :group, :auth, :prompt, :vars, :last, :repo, :input_port
-     attr_accessor :running, :user, :email, :msg, :from, :stats, :retry, :err_type, :err_reason
-     alias running? running
- 
-@@ -26,6 +26,7 @@
-       @auth = resolve_auth opt
-       @prompt = resolve_prompt opt
-       @vars = opt[:vars]
-+      @input_port = resolve_input_port opt
-       @stats = Stats.new
-       @retry = 0
-       @repo = resolve_repo opt
-@@ -165,6 +166,10 @@
-       end
-     end
- 
-+    def resolve_input_port(opt)
-+      resolve_key :input_port, opt
-+    end
-+
-     def resolve_output(opt)
-       output = resolve_key :output, opt, Oxidized.config.output.default
-       Oxidized.mgr.add_output(output) || raise(MethodNotFound, "#{output} not found for node #{ip}") unless Oxidized.mgr.output[output]

scripts/utils/oxidized/oxidized_input_port.patch

@@ -0,0 +1,87 @@
+diff -urN oxidized-0.34.3/lib/oxidized/input/scp.rb oxidized-0.34.3-patched/lib/oxidized/input/scp.rb
+--- oxidized-0.34.3/lib/oxidized/input/scp.rb	2025-11-02 14:44:17.000000000 +0300
++++ oxidized-0.34.3-patched/lib/oxidized/input/scp.rb	2025-11-02 15:05:48.936021265 +0300
+@@ -29,13 +29,14 @@
+ 
+     def make_ssh_opts
+       secure = Oxidized.config.input.scp.secure?
++      node_ssh_port = @node.input_port || vars(:ssh_port)
+       ssh_opts = {
+         number_of_password_prompts:      0,
+         verify_host_key:                 secure ? :always : :never,
+         append_all_supported_algorithms: true,
+         password:                        @node.auth[:password],
+         timeout:                         Oxidized.config.timeout,
+-        port:                            (vars(:ssh_port) || 22).to_i,
++        port:                            (node_ssh_port || 22).to_i,
+         forward_agent:                   false
+       }
+ 
+diff -urN oxidized-0.34.3/lib/oxidized/input/ssh.rb oxidized-0.34.3-patched/lib/oxidized/input/ssh.rb
+--- oxidized-0.34.3/lib/oxidized/input/ssh.rb	2025-11-02 14:44:17.000000000 +0300
++++ oxidized-0.34.3-patched/lib/oxidized/input/ssh.rb	2025-11-02 14:50:20.590731103 +0300
+@@ -140,6 +140,7 @@
+ 
+     def make_ssh_opts
+       secure = Oxidized.config.input.ssh.secure?
++      node_ssh_port = @node.input_port || vars(:ssh_port)
+       ssh_opts = {
+         number_of_password_prompts:      0,
+         keepalive:                       vars(:ssh_no_keepalive) ? false : true,
+@@ -147,7 +148,7 @@
+         append_all_supported_algorithms: true,
+         password:                        @node.auth[:password],
+         timeout:                         Oxidized.config.timeout,
+-        port:                            (vars(:ssh_port) || 22).to_i,
++        port:                            (node_ssh_port || 22).to_i,
+         forward_agent:                   false
+       }
+ 
+diff -urN oxidized-0.34.3/lib/oxidized/input/telnet.rb oxidized-0.34.3-patched/lib/oxidized/input/telnet.rb
+--- oxidized-0.34.3/lib/oxidized/input/telnet.rb	2025-11-02 14:44:17.000000000 +0300
++++ oxidized-0.34.3-patched/lib/oxidized/input/telnet.rb	2025-11-02 14:55:10.438366636 +0300
+@@ -12,11 +12,11 @@
+       @timeout = Oxidized.config.timeout
+       @node.model.cfg['telnet'].each { |cb| instance_exec(&cb) }
+       @log = File.open(Oxidized::Config::LOG + "/#{@node.ip}-telnet", 'w') if Oxidized.config.input.debug?
+-      port = vars(:telnet_port) || 23
++      port = @node.input_port || vars(:telnet_port) || 23
+ 
+       telnet_opts = {
+         'Host'    => @node.ip,
+-        'Port'    => port.to_i,
++        'Port'    => (port || 23).to_i,
+         'Timeout' => @timeout,
+         'Model'   => @node.model,
+         'Log'     => @log
+diff -urN oxidized-0.34.3/lib/oxidized/node.rb oxidized-0.34.3-patched/lib/oxidized/node.rb
+--- oxidized-0.34.3/lib/oxidized/node.rb	2025-11-02 14:44:17.000000000 +0300
++++ oxidized-0.34.3-patched/lib/oxidized/node.rb	2025-11-02 14:52:21.127569609 +0300
+@@ -7,7 +7,7 @@
+   class Node
+     include SemanticLogger::Loggable
+ 
+-    attr_reader :name, :ip, :model, :input, :output, :group, :auth, :prompt, :vars, :last, :repo
++    attr_reader :name, :ip, :model, :input, :output, :group, :auth, :prompt, :vars, :last, :repo, :input_port
+     attr_accessor :running, :user, :email, :msg, :from, :stats, :retry, :err_type, :err_reason
+     alias running? running
+ 
+@@ -24,6 +24,7 @@
+       @group = opt[:group]
+       @model = resolve_model opt
+       @input = resolve_input opt
++      @input_port = resolve_input_port opt
+       @output = resolve_output opt
+       @auth = resolve_auth opt
+       @prompt = resolve_prompt opt
+@@ -176,6 +177,10 @@
+       end
+     end
+ 
++    def resolve_input_port(opt)
++      resolve_key :input_port, opt
++    end
++
+     def resolve_output(opt)
+       output = resolve_key :output, opt, Oxidized.config.output.default
+       unless Oxidized.mgr.output[output]

scripts/utils/oxidized/print_devices_oxi.pl

@@ -15,12 +15,16 @@ use eyelib::config;
 use eyelib::main;
 use eyelib::database;
 
-my @router_list = get_records_sql($dbh,"SELECT * FROM devices WHERE device_type<=2" );
+my @router_list = get_records_sql($dbh,"SELECT D.*, DM.model_name, B.name AS building_name FROM devices D
+LEFT JOIN device_models DM ON D.device_model_id = DM.id
+LEFT JOIN building B ON D.building_id = B.id
+WHERE D.deleted = 0 and device_type<=2 ORDER BY building_name,ip");
 
 foreach my $device (@router_list) {
 next if (!$device->{password} or !$device->{login});
 $device = netdev_set_auth($device);
 my $oxi_model = 'dcnos';
+my $comware_cmdline = '';
 my $vendor = get_record_sql($dbh,"SELECT * FROM vendors WHERE id=".$device->{vendor_id});
 my $model = get_record_sql($dbh,"SELECT * FROM `device_models` WHERE id=".$device->{device_model_id});
 my $building = get_record_sql($dbh,"SELECT * FROM building WHERE id=".$device->{building_id});
@@ -33,15 +37,21 @@ if ($vendor->{name} =~/mikrotik/i) { $oxi_model = 'routeros'; }
 if ($vendor->{name} =~/maipu/i) { $oxi_model = 'maipu'; }
 if ($vendor->{name} =~/d[\-*]link/i) { $oxi_model = 'dlink'; }
 if ($vendor->{name} =~/tp[\-*]link/i) { $oxi_model = 'tplink'; }
-if ($vendor->{name} =~/hp/i) { $oxi_model = 'comware'; }
+if ($vendor->{name} =~/hp/i) { $oxi_model = 'comwarehpe'; $comware_cmdline = '512900'; }
+if ($vendor->{name} =~/NetGear/i) { $oxi_model = 'netgear'; }
 if ($vendor->{name} =~/Allied Telesis/i) { $oxi_model = 'awplus'; }
-if ($oxi_model =~/awplus/ and $model->{model_name}=~/AT-8000/i) { $oxi_model = 'powerconnect'; }
+if ($oxi_model =~/awplus/ and $model->{model_name}=~/AT\-8000/i) { $oxi_model = 'powerconnect'; }
+#web-smart
+if ($oxi_model =~/awplus/ and $model->{model_name}=~/AT\-GS950/i) { next; }
+if ($oxi_model =~/netgear/ and $model->{model_name}=~/GS110TP/i) { next; }
+
 my $proto = 'telnet';
 if ($device->{protocol} eq '0') { $proto = 'ssh'; }
 my $location = $building->{name};
 my $enable_password = '';
-if ($vendor->{name} !~ /mikrotik/i) { $enable_password = $device->{password}; }
-print $device->{device_name}.":".$device->{ip}.":".$device->{login}.":".$device->{password}.":".$oxi_model.":".$device->{control_port}.":".$proto.":".$location.":".$enable_password."\n";
+if ($oxi_model !~ /(routeros|awplus)/i) { $enable_password = $device->{password}; }
+print $device->{device_name}.":".$device->{ip}.":".$device->{login}.":".$device->{password}.":".$oxi_model.":".$device->{control_port}.":".$proto.":".$location.":".$enable_password;
+print ":$comware_cmdline\n";
 }
 
 $dbh->disconnect;