1package App::Netdisco::SSHCollector::Platform::PaloAlto;
2
3=head1 NAME
4
5App::Netdisco::SSHCollector::Platform::PaloAlto
6
7=head1 DESCRIPTION
8
9Collect ARP entries from PaloAlto devices.
10
11=cut
12
13use strict;
14use warnings;
15
16use Dancer ':script';
17use Expect;
18use Moo;
19
20=head1 PUBLIC METHODS
21
22=over 4
23
24=item B<arpnip($host, $ssh)>
25
26Retrieve ARP and neighbor entries from device. C<$host> is the hostname or IP address
27of the device. C<$ssh> is a Net::OpenSSH connection to the device.
28
29Returns a list of hashrefs in the format C<{ mac => MACADDR, ip => IPADDR }>.
30
31=back
32
33=cut
34
35sub arpnip{
36    my ($self, $hostlabel, $ssh, $args) = @_;
37
38    debug "$hostlabel $$ arpnip()";
39
40    my ($pty, $pid) = $ssh->open2pty;
41    unless ($pty) {
42        debug "unable to run remote command [$hostlabel] " . $ssh->error;
43        return ();
44    }
45    my $expect = Expect->init($pty);
46    my ($pos, $error, $match, $before, $after);
47    my $prompt = qr/> \r?$/;
48
49    ($pos, $error, $match, $before, $after) = $expect->expect(20, -re, $prompt);
50    $expect->send("set cli scripting-mode on\n");
51
52    # The PAN cli echos stuff back at us, causing us to see the prompt 3 extra times.
53    # Fortunately, the previous command disables this, so we only deal with it once.
54    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
55    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
56    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
57    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
58
59    $expect->send("show arp all\n");
60    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
61
62    my @arpentries;
63    for (split(/\r\n/, $before)){
64        next unless $_ =~ m/(\d{1,3}\.){3}\d{1,3}/;
65        my ($tmp, $ip, $mac) = split(/\s+/);
66        if ($ip =~ m/(\d{1,3}\.){3}\d{1,3}/ && $mac =~ m/([0-9a-f]{2}:){5}[0-9a-f]{2}/i) {
67             push(@arpentries, { ip => $ip, mac => $mac });
68        }
69    }
70
71    $expect->send("show neighbor interface all\n");
72    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
73    for (split(/\r\n/, $before)){
74        next unless $_ =~ m/([0-9a-f]{0,4}:){2,7}[0-9a-f]{0,4}/;
75        my ($tmp, $ip, $mac) = split(/\s+/);
76        if ($ip =~ m/([0-9a-f]{0,4}:){2,7}[0-9a-f]{0,4}/ && $mac =~ m/([0-9a-f]{2}:){5}[0-9a-f]{2}/i) {
77             push(@arpentries, { ip => $ip, mac => $mac });
78        }
79    }
80    $expect->send("exit\n");
81    $expect->soft_close();
82
83    return @arpentries;
84}
85
861;
87