disconnect.cgi
by Dennis Opacki
dopacki@adotout.com






NAME

disconnect.cgi - Perl cgi for maintaining users on a Cisco AS5200


DESCRIPTION

This script provides functions for maintenance of users on a Cisco AS5200. It will generate a list of users, and allow for disconnection of those users via a web-enabled form.

The script runs in three sequential passes:

The first pass queries all avaliable RAS boxes in the @hosts array. It then displays a table of all users connected to the RAS, their Async Line, username, idle time and IP address. Each detail line is followed by a button that, once clicked, will move the script to pass number two.

The second pass displays a table containing a RAS FQDN, Async Line and two buttons. The user is prompted for input on whether the wish to continue with the process of disconnecting the user displayed. Clicking the Verify button continues to pass three. Clicking the Abort button returns to pass one.

The third pass resets the user and displays confirmation. It also displays a single Return to Menu botton that, once clicked, returns the user to pass one.


ROUTER CONFIGURATION

Some small amount of configuration is necessary on your Cisco devices in order for the script to function properly.

Disconnect.cgi requires ``rsh'' and ``finger'' access you all RAS devices managed.

While ``finger'' access is enabled by default on your RAS device, you will need to configure ``rsh''. To do so, you will need to know which user the webserver running disconnect.cgi runs as (usually ``nobody'' or ``www'') as well as the IP address of your webserver. To enable rsh, do the following on each of your RAS boxes:

*telnet to the RAS box
*go to enable mode
*go to configuration mode with ``conf t''
*type the following (substituting your location-specific information):

ip rcmd remote-host <webserver_user> <webserver_ip> <webserver_user> enable
ip rcmd rsh-enable
exit
wri


SCRIPT CONSTANTS

There are three site-specific constants that need to be defined for proper operation

RSH_USER: This should be set to the username defined on your RAS boxes as the approved user for rsh connections

RSH_PATH: This is the full path to the rsh command on your server

SERVERS: This is a list of all servers that you would like the script to manage. This is where you add new RAS boxes.


PROGRAM FLOW

The main body of the script is executed functionally


INTERFACE

The following functions are available


main();

This is the main loop of the script


headHTML();

Display the leading HTML syntax and title


getMode();

This function takes no arguments and returns a reference to a hash containing script mode information derived from the arguments passed to the script via the post method.


getUsers($device);

This function takes as arguments, the address (numeric or FQDN) of the RAS.

It returns a reference to a hash containing RAS line number as key, and a reference to an hash containing detail information about the connection in key/value format.

It returns undef for failure.


vfyBoot(\%mode_hash);

This function takes as an argument, a reference to a hash containing mode specific detail information.

It outputs an HTML form prompting user to either continue with or cancel action.


bootUser($device,$line);

This function takes as arguments, the address (numeric or FQDN) of the RAS, and the line to clear.

It returns a simple scalar value of 1 for success or undef for failure.


footHTML();

Tack on the closing HTML syntax


exit();

Program exits normally


AUTHOR

Dennis M. Opacki, dopacki@adotout.com