API-SSH-Management
Management Device
Introduction
Device management via api and (or) ssh.
Management can be globally divided into two parts: group configuration your devices and request-response for reporting your settings.
To send the command:
you can select the devices to which you want to send the command:
or use your groups:
Command type:
There are several ways to interact with devices (this depends on the specific manufacturer and version of the operating system)
Terminal command - send command via SSH
Rsc file - send configuration file
API command - send command via API
if there is no choice, this means that work on SSH
Cisco - IOS
SEND CONFIGURATION COMMAND: via SSH
Enter the usual CLI command IOS, like as:
show clock
send multiple commands at once (neded if commands runs on privileged mode)
in order not to enter a password, you can use a variable: #su# or #privilegeduser# (variable it will only work if you specified a password in the equipment settings)
use a separator between commands #13 or #/n
example:
set new hostname on router
enable#13#su##13configure terminal#13hostname MBRouter229
or
enable#13yourpassord#13configure terminal#13hostname MBRouter229
create new user
enable#13#su##13configure terminal#13username mbuser privilege 15 password PassW0rd
show users on router
enable#13#su##13show run | i username
MikroTik ROS v6
SEND CONFIGURATION COMMAND: via SSH
Enter the usual CLI command RouterOS, like as:
interface bridge add name=bridge1
as well as
in br ad na=bridge1
send multiple commands at once
int br ad na=bridge1#13int bri ad na=bridge2
use a separator #13 between commands
SEND CONFIGURATION COMMAND: via API
API closely follows syntax from command line interface (CLI). It can be used to create translated or custom configuration tools to aid ease of use running and managing routers with RouterOS.
sample a full syntax for API commandsCLI:
interface bridge add name=bridge1
API:
/interface/bridge/add
=name=bridge1
CLI:
ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade
API:
/ip/firewall/nat/add
=chain=srcnat
=out-interface=ether1
=action=masquerade
API one line with separator:
/ip/firewall/nat/add;=chain=srcnat;=out-interface=ether1;=action=masquerade
the default separator is ; , but it can be changed in MUPSBOX - Settings ->
Example:
add new user
/user/add
=name=username
=group=full
=password=userpassword
=comment=this is new user
remove user
/user/remove
=.id=username
disable all rules in /ip/firewall/filter where chain=input and action=drop
/ip/firewall/filter/disable
?chain=input
?action=drop
?#&
mbgetid
delete all users except mupsbox
/user/remove
?name=mupsbox
?#!
mbgetid
Notice: mbgetid - proproetary function mupsbox, allows you to combine several commands: perform an action with a preliminary request to get id, execute a print query c .proplist = .id, storing the result in the array and then performing the desired action.
?#operations - applies operations to the values in the stack. !
character replaces top value with the opposite. &
pops two values and pushes result of logical 'and' operation. |
pops two values and pushes result of logical 'or' operation.
REQUEST-RESPONSE (reporting): via API
Using api - you get feedback. This is very important because you will always know if the command was executed successfully. Also, you get the opportunity to build reports using API: request->response. Here are some examples.
on which router is the user 'admin'?
/user/print
?name=admin
mbcount==1
on which router firewall is not configured, for example, rules < 3 ?
/ip/firewall/filter/print
mbcount=<3
on which router is dns server 8.8.4.4 configured?
/ip/dns/print
mb?servers=8.8.4.4
Notice: mbcount - proproetary function mupsbox, gets counts data replies (!re),mbcount= (=x, >x , <x, ==x, =>x, =<x).
mb?filed - allows you to build queries where there is no where attribute, mb?(field)(=/!=/<>)
Huawei
comming soon