Friday, November 26, 2010

Multi Router Looking Glass

Objective: create a web interface for viewing routing tables and other routing commands.

I have chosen John Fraizer's Multi Router Looking Glass (a working example can be seen at RIPE's Routing Information Service page). The latest version of the software can be downloaded at: http://www.op-sec.us/ .
Basically the software consists of a cgi script to place in your apache server cgi-bin and a couple of perl & bash scripts. There is also code to make fastping, an alternative to ping. I just used plain old ping in my setup.

CPAN Perl Module: First thing we need is the Perl "Network::Telent::Cisco" module to allow the main script to communicate via telnet to our network equipment. SSH is available via the "Network::SSH::Perl" module, however I will not cover this here.

Access your CPAN shell:

$ perl -MCPAN -e shell
cpan>


Note: If this is the first time you have run this command you will have to configure CPAN.

Now install "Network::Telnet::Cisco" module.

cpan> install Net::Telnet::Cisco



With this done all we need is a little file keeping to get our program into place. From our downloaded and extracted tar.gz folder issue the following commands:

cp index.cgi /usr/local/www/apache22/cgi-bin/
chmod +x /usr/local/www/apache22/cgi-bin/index.cgi
cp fping1 ztr ztraceroute /usr/local/bin
chmod +x /usr/local/bin/fping1 /usr/local/bin/ztr /usr/local/bin/ztraceroute
cp mrlg.conf.sample /etc/mrlg.conf


Note: These are for FreeBSD, your directory structure may vary.
Now, we need to edit fping1, ztr & ztraceroute to make sure all paths within these files are correct for your system. For FreeBSD I had to edit paths to bash & traceroute, also exchange fastping for ping and its's correct path.

mrlg.conf set up:
To get anything out of your index.cgi, ie. MRLG, you need to config /etc/mrlg.conf.
First, we have to tell MRLG the host details we will be running MRLG on.

## Set the URL for the location of the looking-glass....
$::url="http://10.1.1.3/cgi-bin/index.cgi";


Secondly, we can amend a router to the details of one of our local routers.


$::Routers{'Folkestone-AS2'} = {
comment => 'Cisco 2600 Series',
server => '10.1.1.2',
use_port => '23',
login_pass => 'cisco',
full_tables => '1',
cisco => '1',
debug => "0",
};



That is all we need to get an interface into our routers as demonstrated below.



The conf file has lots of settings not discussed here but which can be very useful so I would advise this be your first point of call if you decide to install MRLG.
Phil

3 comments:

  1. Nice Work Phil, looks like an interesting tutorial.

    ReplyDelete
  2. Greetings and Salutations...

    First, I'd like to thank you for choosing MRLG. I wanted to point out that the URL for the source has changes though since MRLG 5.4.1 was released. The new URL (and should remain constant going forward) is now: http://mrlg.op-sec.us/ The old URL will take you to (currently) an error page at the main OP-SEC.US site with a link to the new MRLG location.

    Of course, feel free to validate this information. You can contact me. John @ the above domain is my personal address.

    ReplyDelete
  3. Hi John,

    Thanks for the update. I've now amended the link and I am pleased to see mrlg.op-sec.us back in action.

    KR
    Phil

    ReplyDelete