I am trying to create a script which clears ciscoasa bad xlate.
To check bad xlate I run sh xlate | in 500 and if it gets a reply then it should send a clear command. If I don't do it, ciscoasa won't allow new vpn tunnels.
I need help with the if else statement. Otherwise, the script is working fine. Here is my code:
import pexpect
import re
password1="abc"
password2="abc"
router="127.0.0.20"
user="user"
#Extracting IP out of xlate command
class sendip(object):
def ip(self,reply):
divide=reply[15:32]
extract_ip = re.findall( r'[0-9]+(?:\.[0-9]+){3}', divide )
for ip in extract_ip:
send = 'clear local-host '+ip
return send
clearVPN = sendip()
#ssh into ciscoasa userop5@ip
child = pexpect.spawn ('ssh ' + user + '@' + router)
child.expect ('.*assword:.*')
child.sendline (password1)
#enable mode
child.expect ('.*>.*')
child.sendline ('ena')
child.expect ('.*assword:.*')
child.sendline (password2)
# after enabling send test command
child.sendline ('terminal pager 0')
child.sendline ('show run | include http')
child.expect ('enroll*')
print child.before
# Here it sends command
child.sendline('sh xlate | i 500')
child.expect ('ciscoasa#.*')
print child.after
if child==1: # If receive reply then extract IP and send clear memory
child.expect('UDP.*')
message = child.before
child.sendline(clearVPN.ip(message)) #extract ip from there reply and send clear
print child.before
child.expect('clearing.*')
print child.before
else: # Otherwise memory is not full
child.expect ('ciscoasa#.*')
print 'Memory is empty'
print child.after
child.sendline('exit')
child.close() # close ssh
