netutils 0.1.1

data/bin/mac-drop

@@ -0,0 +1,84 @@
+#!/usr/bin/env ruby
+$:.unshift File.join(File.expand_path(File.dirname(__FILE__)).untaint, '/..')
+
+require 'netutils'
+
+################################################################################
+def usage
+	progname = File.basename($0)
+	STDERR.print "\
+Usage: ruby #{progname} [-h] [-d] <IP address>
+Options:
+	-d:	dry run (do not shut down a port, just locate a host only)
+	-h:	output this help message.
+Example:
+	#{progname} 192.168.0.1
+"
+        exit
+end
+
+case ARGV.size
+when 1
+	usage if ARGV[0] !~ /^[0-9\.]+$/
+when 2
+	usage if ARGV.shift != '-d'
+	dry = true
+else
+	usage
+end
+usage if ARGV.size != 1
+
+ia = ARGV[0]
+
+swname = swia = xia = ma = 'unknown'
+begin
+	log "locate directly connected router for #{ia}... "
+	sw, xia = router_locate(ia)
+	swname = sw.name
+	swia = sw.ia
+	if ia == xia
+		log "\t\"#{sw.name}\" (#{sw.ia})"
+	else
+		log "\t\"department router\" (#{xia})"
+	end
+
+	log_without_newline "resolving MAC address for #{xia}... "
+	ma, vrf, interface = sw.macaddr_resolve(xia)
+	log "found"
+	log "\t#{xia} #{ma} on VRF \"#{vrf.name}\" #{interface}"
+
+	vlan = interface_name_vlan_id(interface)
+	log_without_newline "setting to \"#{sw.name}\" (#{sw.ia})\n"
+
+	if dry
+		log 'skip (due to -d, dry run, option)'
+		exit 0
+	else
+		sw.configure
+
+		for vid in vlans_by_switch_name(swname, vlan) do
+			cmd = "mac-address-table static #{ma} vlan #{vid} drop"
+			log_without_newline "\t#{cmd}"
+			sw.cmd(cmd)
+		end
+
+		sw.unconfigure
+		log 'done'
+
+		s = File.join(File.dirname(__FILE__), 'mac-no-drop.rb')
+		s = File.expand_path(s)
+		log "please run below command on recovery:\n"
+		log "\t#{s} #{sw.name} #{sw.ia} #{ma} #{vlan}\n"
+	end
+	exitcode = 0
+rescue => e
+	r = ' FAILED'
+	log "\n#{r}: #{e.to_s}"
+	log "ERROR: Cannot MAC DROP #{xia} (#{ma}) on #{swname} #{swia} for " +
+	    "#{ia}"
+	exitcode = 1
+end
+
+mail "MAC DROP#{r}: #{swname} (#{swia}) for #{xia} (#{ma})", log_buffer
+
+exit exitcode

data/bin/mac-nodrop

@@ -0,0 +1,45 @@
+#!/usr/bin/env ruby
+$:.unshift File.join(File.expand_path(File.dirname(__FILE__)).untaint, '/..')
+
+require 'netutils'
+
+################################################################################
+def usage
+	progname = File.basename($0)
+	STDERR.print "\
+Usage: #{progname} <Switch name> <IP address> <MAC address> <existing VLAN>
+Example:
+	#{progname} hoge-cisco-01 192.168.0.1 de:ad:be:ef:de:ad
+"
+        exit
+end
+
+def mac_nodrop(name, ia, mac, vlan)
+	sw = Switch.new(name, ia)
+	sw.login
+	sw.configure
+	for vid in vlans_by_switch_name(name, vlan) do
+		cmd = "no mac-address-table static #{mac} vlan #{vid}"
+		log_without_newline "\t#{cmd}\n"
+		sw.cmd(cmd)
+	end
+	sw.unconfigure
+end
+
+usage if ARGV.size != 4
+name = ARGV[0]
+ia   = ARGV[1]
+mac = ARGV[2]
+vlan = ARGV[3]
+
+begin
+        log_without_newline "setting to \"#{name}\"(#{ia})\n\n"
+	mac_nodrop(name, ia, mac, vlan)
+	log "\nRe-enable #{mac} on #{name} #{ia}"
+rescue => e
+	r = ' FAILED'
+	log e.to_s
+	log "\ncannot allow traffic #{mac} on #{name} #{ia}"
+end
+
+mail "MAC NODROP#{r}: #{name} #{ia} #{mac}", log_buffer

data/bin/port-shutdown

@@ -0,0 +1,78 @@
+#!/usr/bin/env ruby
+$:.unshift File.join(File.expand_path(File.dirname(__FILE__)).untaint, '/..')
+
+require 'netutils'
+
+################################################################################
+def usage
+	STDERR.print "\
+Usage:
+	#{$progname} [-d] (up|down) <Switch IP address> <port>
+Example:
+	#{$progname} up 192.168.0.1 GigabitEthernet 1/2/3
+	#{$progname} down 192.168.0.2 GigabitEthernet 1/2/3
+"
+	exit 1
+end
+
+#
+if ARGV[0] === '-d'
+	ARGV.shift
+	dry = true
+end
+usage if ARGV.size < 3
+
+#
+cmd  = ARGV.shift
+ia   = ARGV.shift
+port = ARGV.shift
+while ARGV.size > 0
+	port += ' ' + ARGV.shift
+end
+
+#
+case cmd
+when 'up'
+	msg = 'bringing up'
+when 'down'
+	msg = 'shutting down'
+else
+	usage
+end
+
+name = 'unknown'
+begin
+	log_without_newline "Connecting to #{ia}... "
+	sw = Switch.new(nil, Switch::Type::ROUTER, ia)
+	sw.login
+	log 'done'
+	name = sw.name
+
+	port = sw.interface_name(port)
+	interface_sanity_check(name, port)
+	log_without_newline "#{msg.capitalize} #{port} on #{name} (#{ia})... "
+
+	if dry
+		log 'skip (due to -d, dry run, option)'
+		exit 0
+	elsif cmd === 'down'
+		sw.interface_shutdown(port)
+		s = File.expand_path(__FILE__)
+		log 'done'
+		log "please run below command on recovery:\n"
+		log "\t#{s} up #{ia} \'#{port}\'\n"
+	else
+		sw.interface_noshutdown(port)
+		log 'done'
+	end
+	exitcode = 0
+rescue => e
+	r = ' FAILED'
+	log "\n#{r}: #{e.to_s}"
+	log "ERROR: Cannot #{msg} #{port} on #{name} #{ia}"
+	exitcode = 1
+end
+
+mail "Port #{cmd.upcase}#{r}: #{name} #{ia} #{port}", log_buffer
+
+exit exitcode

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/netutils.rb

@@ -0,0 +1,118 @@
+require "netutils/version"
+require 'mail'
+require 'netutils/switch'
+require 'config/config'
+require 'config/passwd'
+
+module Netutils
+
+#
+$progname = File.basename($0)
+
+#
+ACL_MAX_SEQ = 4294967294
+#
+$log = ''
+
+def mail(s, b)
+	m = Mail.new do
+		delivery_method :smtp, address: MAILSERVER
+		from MAILFROM
+		to MAILTO
+		subject s
+		body b
+	end
+	m.charset = 'ascii'
+	m.deliver!
+end
+
+def valid_ip_address?(s)
+	return false if s !~ /^(?:[0-9]+\.){3}[0-9]+$/
+	results = s.split('.').collect { |i| i.to_i.between?(0, 255) }
+	return results.count(true) === 4
+end
+
+def interface_sanity_check(host, port)
+	# XXX: need more checks to detect backbone links.
+	if port !~ /^[gf]/i
+		raise "Suppress shutdown #{port}, which may be backbone link."
+	end
+end
+
+def log_without_newline(m)
+	print m
+	$log += m
+end
+
+def log(m)
+	puts m
+	$log += m + "\n"
+end
+
+def log_buffer
+	return $log
+end
+
+def vlans_by_switch_name(swname, vlan)
+	vlan = vlan.to_i
+	vlans = []
+	vlans = VLANS[swname].dup if VLANS.has_key?(swname)
+	vlans.unshift(vlan) if vlan && ! vlans.include?(vlan)
+	return vlans
+end
+
+def interface_name_vlan_id(name)
+	return $1 if name =~ /^vlan([0-9]+)$/i
+	nil
+end
+
+def static_neighbor_resolve(name, ifname)
+	key = "#{name}_#{ifname}"
+	n = STATIC_NEIGHBOR[key]
+	return nil if n.nil?
+	Switch.get(n[:name], Switch::Type::ROUTER, nil, nil, nil, n[:ia])
+end
+
+def tunnel_nexthop_resolve(sw, rt)
+	return rt.nh if rt.nh
+	c = CDP.new(nil)
+	c.parse(sw.cli.cmd("show cdp neighbors #{rt.interface} detail"))
+	c.ias[0]
+end
+
+def router_locate(ia)
+	root = SWITCHES[0]
+	sw = Switch.new(root[0], Switch::Type::ROUTER, root[1])
+	sw.login
+
+	while true
+		rts = sw.route_gets(ia)
+		raise "No route found for #{ia}" if ! rts
+		bestrt = nil
+		rts.each do |rt|
+			case rt.proto
+			when 'connected'
+				return sw, ia
+			when 'static', 'rip', 'ospf', 'bgp'
+				# just in case for redistributed routes.
+				next if rt.nh === nil && ! rt.tunnel?
+				bestrt = rt.compare(bestrt)
+			end
+		end
+		raise "No valid route found for #{ia}" if ! bestrt
+
+		if OTHER_NEXTHOPS.include?(bestrt.nh)
+			return sw, bestrt.nh
+		end
+
+		if bestrt.tunnel?
+			nh = tunnel_nexthop_resolve(sw, bestrt)
+		else
+			nh = bestrt.nh
+		end
+		sw = Switch.new(nil, Switch::Type::ROUTER, nh)
+		sw.login
+	end
+end
+
+end

data/lib/netutils/arp.rb

@@ -0,0 +1,28 @@
+require 'netutils/macaddr'
+
+class ARPTable
+	class ARP
+		attr_reader :ia, :ma, :interface, :static
+
+		def initialize(ia, ma, interface, static)
+			@ia = ia
+			@ma = MACAddr.new(ma)
+			@interface = interface
+			@static = static
+		end
+	end
+
+	attr_reader :arps
+
+	def initialize
+		@arps = {}
+	end
+
+	def add(ia, ma, interface, static)
+		@arps[ia] = ARP.new(ia, ma, interface, static)
+	end
+
+	def [](ia)
+		return @arps[ia]
+	end
+end

data/lib/netutils/cli.rb

@@ -0,0 +1,702 @@
+require 'net/ssh'
+require 'net/ssh/telnet'
+require 'net/telnet'
+
+path = File.expand_path(File.dirname(__FILE__)).untaint
+Dir.glob("#{path}/cli/*") do |path|
+	file = File.basename(path, '.*')
+	require "netutils/cli/#{file}"
+end
+
+class CLI
+	module Maker
+		CISCO		= 0
+		ALAXALA		= 1
+		PALOALTO	= 2
+		ARUBA		= 3
+		NEC		= 4
+		#
+		# XXX:  Cisco WLC should come after Paloalto and NEC for a maker
+		#	detection by a command to disable a CLI terminal pager.
+		#	Since Paloalto always interprets a command like:
+		#
+		#		``config hogehoge''
+		#
+		#	as:
+		#
+		#		``configure.''
+		#
+		#	WLC pager command is then accepted by Paloalto and a
+		#	maker detection fails if Cisco WLC preceds Paloalto.
+		#
+		WLC		= 5	# XXX: Cisco WLC, should be product...
+		UNKNOWN		= 6
+		MIN		= CISCO
+		MAX		= ARUBA
+	end
+
+	FIRST_PROMPT_RE		= /^.*\n+\(?!?([^\r\n\(\)\s>#]+)\)? ?([>#]) ?\r?\n?.*$/m
+
+	TIMEOUT = 30
+	LOGIN_TIMEOUT = 3
+
+	attr_reader :name, :ia, :maker, :product, :users, :prompt,
+	    :passwds, :enable_passwds
+
+	def initialize(name, ia, types = CLI_SESSION_TYPES, maker = Maker::UNKNOWN)
+		@ia = ia
+		@users = USERS.dup
+		@passwds = PASSWORDS.dup
+		@enable_passwds = ENABLES.dup
+		@enabled = false
+		@type = nil
+		@types = types
+		@session = nil
+		@maker = maker
+		@product = nil
+		@cr = ''
+		@name_supplied = name
+		name_update(nil)
+		@userprompt = [
+		    'login:',		# Alaxala
+		    '[Uu]sername:',	# Cisco
+		    'User:'		# Cisco WiSM/WLC
+		    ]
+		# Cisco has trailing space, ``Password: '', but Alaxala not
+		@passwdprompt = 'Password:'
+		@telnetopt = Hash.new
+		@telnetopt['Timeout' ] = TIMEOUT
+		if defined?(LOGDIR)
+			path = File.dirname(__FILE__)
+			path += "/../"
+			path += "/#{LOGDIR}/#{ia}.log"
+			path = File.expand_path(path).untaint
+			@telnetopt['Output_log'] = path
+		end
+		#@telnetopt['Dump_log'] = '/dev/stdout'
+	end
+
+	def name_update(name)
+		if name =~ /^([^@]*)@(.*)$/
+			@user = $1
+			name = $2
+		end
+		raise "Invalid host name given: \"#{name}\"" if name =~ /[>#\n]/
+		if @name === nil && name != nil &&
+		   @name_supplied != nil && name != @name_supplied
+			raise(ArgumentError, "host name mismatch: " +
+			    "\"#{@name_supplied}\" is supplied " +
+			    "but actually \"#{name}\"")
+		end
+		@name = name
+		case @maker
+		when Maker::CISCO
+			prefix = suffix = trailer = ''
+		when Maker::ALAXALA
+			prefix = '!?'
+			suffix = ''
+			trailer = "\0? "
+		when Maker::PALOALTO
+			raise('Invalid host name for Paloalto') if ! @user
+			prefix = "#{@user}@"
+			suffix = ''
+			trailer = ' '
+		when Maker::ARUBA
+			prefix  = '\('
+			suffix  = '\) '
+			trailer = ''
+		else
+			prefix  = '\(?'
+			if @user
+				prefix = "#{prefix}#{@user}@"
+			else
+				prefix = "#{prefix}.*"
+			end
+			suffix  = '\)? ?'
+			trailer = "\0? ?"
+		end
+		name = '[^\r\n\(\)]+' if ! name
+		@normalprompt = "#{prefix}#{name}#{suffix}>#{trailer}"
+		@enableprompt = "#{prefix}#{name}#{suffix}##{trailer}"
+		@configprompt = "#{prefix}#{name}#{suffix}\\(config[^ ]*\\)##{trailer}"
+		if @enabled
+			@prompt = @enableprompt
+		else
+			# XXX configuring node... dirty....
+			@prompt = @normalprompt
+		end
+	end
+
+	#
+	# handle a carriage return (\r) and (\E[K) that intend to
+	# remove all characters in a current line and remove trailing
+	# characters, respectively.
+	#
+	def handle_control_characters(input)
+		out = ''
+		l = ''
+		pos = 0
+		escape = nil
+		input.chars do |c|
+			if escape
+				escape += c
+				case escape
+				when /\e[0-9]/, /\e\[[0-9]+;[0-9]+H/, "\e[r"
+					escape = nil
+				when "\e[K"
+					l.slice!(pos, l.length - pos)
+					escape = nil
+				when "\x1b[6n"
+					# XXX: Alaxala edge switch hack...
+					escape = nil
+				end
+				next
+			end
+			case c
+			when "\0"
+				# XXX: i do not know but Alaxala sends this...
+			when "\b"
+				l.chop!
+				pos -= 1
+			when "\e"
+				escape = c
+			else
+				case c
+				when "\r"
+					pos = 0
+				when "\n"
+					#
+					# in case of "\r\n", do not override
+					# the character.
+					#
+					pos = l.length if pos === 0
+					l[pos] = c
+					out += l
+					l = ''
+					pos = 0
+				else
+					l[pos] = c
+					pos += 1
+				end
+			end
+		end
+		out += l if ! l.empty?
+		out.delete!("^\u{0001}-\u{007f}")
+		return out
+	end
+	private :handle_control_characters
+
+	def error?(r)
+		case r
+		when /%[^\n]+\n+\Z/m # XXX: this is not accurate
+			maker = Maker::CISCO
+		when /Error: Bad command\. \n\Z/m,
+		     /[^\s]+: not found\n\Z/m,
+		     /% The command or parameter at the ^ marker is invalid\./m,
+		     /Error: Invalid parameter\./m
+			maker = Maker::ALAXALA
+		when /Invalid syntax\..*\Z/m, /Unknown command: .*\Z/m
+			maker = Maker::PALOALTO
+		when /^ *\^ *\n% [^\n]+ error/m,
+		     /^ *\^ *\n% Invalid input detected at/m	# same as Cisco
+			maker = Maker::ARUBA
+		else
+			return false
+		end
+		#maker_update(maker)
+		return true
+	end
+
+	def puts(s)
+		@session.puts(s + @cr)
+	end
+	private :puts
+
+	def cmd(s, nextprompt = nil, ignoreerror = false)
+		re = [ @prompt ]
+		re.push('#') if @maker == Maker::UNKNOWN # XXX dirty hack for now...
+		re.push(nextprompt) if nextprompt
+		re = '(?:' + re.join('|') + ')'
+		r = @session.cmd('String' => s + @cr, 'Match' => /#{re}\Z/)
+		r = handle_control_characters(r)
+		#
+		# XXX: allows a command not to be echo-ed like FTP server.
+		#
+		if r !~ /^#{re}?(?:#{s.sub('*', '\\*')})?\n+(.*)#{re}\Z/m
+			raise(ArgumentError, "CLI output error: \"#{r}\"")
+		end
+		r = $1
+		r.slice!(-1) if @maker === Maker::ALAXALA && r[-1] === '!'
+		if ignoreerror === false && error?(r)
+			raise(ArgumentError,
+			    "Command failed on #{@name}: #{s}: #{r}")
+		end
+		@prompt = nextprompt if nextprompt
+		return r
+	end
+
+	def passwd(users, passwds, opasswds, nextprompt, cmd = nil)
+		userpromptre = /(?:#{@userprompt.join('|')})/
+		prompts = @userprompt.dup
+		prompts << @prompt if @prompt
+		prompts << @passwdprompt if @passwdprompt
+		prompts << nextprompt if nextprompt
+		re = /(?:#{prompts.join('|')})/
+		r = @session.waitfor('Match' => re) if users
+		while true
+			if passwds.empty?
+				users.shift if users
+				if users && r =~ userpromptre
+					passwds = opasswds.dup
+				else
+					raise(Errno::EPERM,
+					    'authentication failed')
+				end
+			end
+			if users && ! users.empty? && r =~ userpromptre
+				puts(users[0])
+			elsif cmd && r !~ /#{@passwdprompt}/
+				puts(cmd)
+			end
+			if r !~ /#{@passwdprompt}/
+				r = @session.waitfor(
+				    'Match' => /#{@passwdprompt}/)
+				#
+				# emulate an exception because net/telnet.rb
+				# does not raise an exception when a remote
+				# note disconnects after consecutive login
+				# failures.
+				#
+				raise(Errno::ECONNRESET) if r === nil
+			end
+			puts(passwds[0])
+			r = @session.waitfor('Match' => re)
+			case r
+			when userpromptre
+				raise('no user for user prompt') if ! users
+			when /#{@passwdprompt}/
+			when /#{nextprompt}/
+				@prompt = nextprompt
+				return r
+			else
+				if @prompt && r =~ /#{@prompt}/ && ! cmd
+					raise('invalid state')
+				end
+			end
+			passwds.shift
+		end
+	end
+	private :passwd
+
+	def login_ssh(ousers, opasswds)
+		users = ousers.dup
+		passwds = opasswds.dup
+		user = users.shift
+		begin
+			passwd = passwds.shift
+			opt = @telnetopt.dup
+			ssh = Net::SSH.start(@ia, user,
+			    :password		=> passwd,
+			    :non_interactive	=> true,
+			    #:keys		=> ['/path/to/private_key'],
+			    #:port		=> 22,
+			    :timeout		=> opt['Timeout']
+			    )
+			opt['Session'] = ssh
+
+			#
+			# XXX: Alaxala edge switch hack...
+			#
+			#      an Alaxala edge switch asks us cursor position
+			#      using CSI escap sequence, DSR (0x1b[6n), before
+			#      outputing prompt.  Net::SSH::Telnet then does not
+			#      consider the case where escape sequence is sent
+			#      right after login.  This incurs long delay until
+			#      Alaxala outputs the first  prompt.  Here, we send
+			#      back a dummy cursor position, (1, 1), to Alaxala.
+			#
+			opt['Prompt'] = /(?:\e\[6n|[$%#>] ?\Z)/
+
+			msg = ''
+			@session = Net::SSH::Telnet.new(opt) { |l| msg += l }
+			@session.prompt = /[$%#>] \z/
+			if msg =~ /ALAXALA/
+				maker_update(Maker::ALAXALA)
+				if msg.rindex("\x1b[6n")
+					@cr = "\r"
+					@session.write("^1;1R")
+					msg += @session.waitfor(/[$%#>] \z/)
+				end
+			end
+		rescue Net::SSH::AuthenticationFailed, Net::SSH::Disconnect => e
+			if passwds.empty?
+				if users.empty?
+					raise(Errno::EPERM, "cannot login to " +
+					    "#{@ia}")
+				end
+				user = users.shift
+				passwds = opasswds.dup
+			end
+			retry
+		rescue Net::SSH::ConnectionTimeout
+			raise("cannot login to #{@ia}")
+		end
+		#
+		# XXX: dirty hack
+		#
+		# some switch, say Alaxala, disconnects immediately
+		# after authentication succeeds if many user logged
+		# in.  Net::SSH::Telnet.new() unfortunately cannot
+		# handle such case.
+		# 
+		if @session.nil?
+			raise(Errno::ECONNRESET, 'too many users???')
+		end
+		return msg
+	end
+	private :login_ssh
+
+	def login_telnet(users, passwds)
+		opt = @telnetopt.dup
+		opt['Host'] = @ia
+		users = users.dup if users
+		passwds = passwds.dup
+		opasswds = passwds.dup
+		begin
+			@session = Net::Telnet::new(opt)
+			r = passwd(users, passwds, opasswds, @normalprompt)
+		rescue Errno::ECONNRESET
+			retry
+		end
+		return r
+	end
+	private :login_telnet
+
+	def login
+		users = @users.dup
+		passwds = @passwds.dup
+		@type = @types[0]
+		begin
+			r = send("login_#{@type}", users, passwds)
+		rescue Errno::ECONNREFUSED => e
+			raise e if @type === @types.last
+			@type = @types[@types.index(@type) + 1]
+			retry
+		end
+		r = handle_control_characters(r)
+		if r =~ FIRST_PROMPT_RE
+			name_update($1)
+			if $2 === '#'
+				@enabled = true
+			end
+		end
+		if r =~ /NEC Corporation.*OpenROUTE.*J\. Noel Chiappa/m
+			maker_update(Maker::NEC)
+		end
+		product_detect
+	end
+
+	PRODUCT_DETECTION_MAXRETRIES = 3
+
+	# XXX: exclude maker dependencies...
+	def product_detect
+		pager_disable
+		return if @maker === Maker::UNKNOWN
+		case @maker
+		when Maker::CISCO
+			c = 'show version'
+			# XXX: Nexus not supported yet
+			re = /IOS Software, ([^\s]+) Software .*/m
+		when Maker::WLC
+			c = 'show sysinfo'
+			re = /.*Product Name[^ ]+ (.*)$/m
+		when Maker::ALAXALA
+			c = 'show version'
+			re = /.*Model:\s+(AX[^\s\n]+).*$/m
+		when Maker::PALOALTO
+			c = 'show system info'
+			re = /model: ([^\s\n]+).*/m
+		when Maker::ARUBA
+			c = 'show version'
+			re = /.*ArubaOS \(MODEL: ([^\)]+)\),.*/m
+		when Maker::NEC
+			c = 'show version'
+			re = /^IX Series ([^ ]+) .*$/m
+		when Maker::UNKNOWN
+			return
+		end
+
+		leftchance = PRODUCT_DETECTION_MAXRETRIES
+		begin
+			v = cmd(c)
+			if v !~ re
+				raise('Unknown maker detected')
+			end
+			@product = $1
+			disable_logging_console
+		rescue => e
+			leftchance -= 1
+			raise e if leftchance === 0
+			retry
+		end
+	end
+	private :product_detect
+
+	def maker_to_s
+		# XXX: smarter way please...
+		case @maker
+		when Maker::CISCO
+			'Cisco'
+		when Maker::WLC
+			'WLC'
+		when Maker::ALAXALA
+			'Alaxala'
+		when Maker::PALOALTO
+			'Paloalto'
+		when Maker::ARUBA
+			'Aruba'
+		when Maker::NEC
+			'NEC'
+		else
+			'Unknown'
+		end
+	end
+
+	def yes_or_no(yes_or_no, re)
+		re = /\n[^\n]+[Yy]\/[Nn]\)? ?$/m if re == nil
+		@session.waitfor('Match' => re)
+		puts(yes_or_no)
+	end
+	private :yes_or_no
+
+	def yes(re = nil)
+		yes_or_no('y', re)
+	end
+
+	def no(re = nil)
+		yes_or_no('n', re)
+	end
+
+	def logout
+		@session.close
+	end
+
+	def maker_update(maker)
+		return if @maker != Maker::UNKNOWN
+		@maker = maker
+		extend Module.const_get("#{maker_to_s}")
+	end
+	private :maker_update
+
+	def pager_disable_cisco
+		cmd('terminal length 0')
+	end
+	private :pager_disable_cisco
+
+	def pager_disable_wlc
+		cmd('config paging disable')
+	end
+
+	def pager_disable_alaxala
+		cmd('set terminal pager disable')
+	end
+	private :pager_disable_alaxala
+
+	def pager_disable_paloalto
+		cmd('set cli pager off')
+	end
+	private :pager_disable_paloalto
+
+	def pager_disable_aruba
+		enable
+		cmd('no paging')
+	end
+	private :pager_disable_aruba
+
+	def pager_disable_nec
+		configure
+		cmd('terminal length 0')
+		unconfigure
+	end
+	private :pager_disable_nec
+
+	def pager_disable
+		maker = omaker = @maker
+		maker = Maker::MIN if omaker === Maker::UNKNOWN
+		begin
+			@maker = maker
+			send('pager_disable_' + maker_to_s.downcase)
+		rescue Timeout::Error => e
+			raise e
+		rescue => e
+			if omaker === Maker::UNKNOWN
+				maker += 1
+				if maker != Maker::UNKNOWN &&
+				   e != ArgumentError
+					retry
+				else
+					@maker = omaker
+					raise
+				end
+			end
+		ensure
+			@maker = omaker
+		end
+		maker_update(maker)
+		name_update(@name) if omaker === Maker::UNKNOWN
+	end
+	private :pager_disable
+
+	def enable
+		return if @enabled
+		passwd(nil, @enable_passwds.dup, @enable_passwds.dup,
+		    @enableprompt.dup, 'enable')
+		@enabled = true
+	end
+
+	def configure
+		raise "already configuring" if @prompt == @configprompt
+		enable
+		return cmd('configure terminal', @configprompt)
+	end
+
+	def unconfigure
+		raise "currently not configuring" if @prompt != @configprompt
+		return cmd('end', @enableprompt)
+	end
+
+	def config_get
+		enable
+		re = Module.const_get(maker_to_s).const_get('CONFIG_RE')
+		if show_running_config !~ re
+			raise("Invalid configuration format for #{@name}")
+		end
+		return $1
+	end
+
+	def _new(name, *arg)
+		c = Module.const_get(maker_to_s)
+		if c.const_defined?(name)
+			c.const_get(name).new(*arg)
+		else
+			nil
+		end
+	end
+	private :_new
+
+	def route_gets(ia)
+		r = _new(:ShowRoute)
+		r.parse(cmd(r.cmd(ia), nil, true))
+		return r.rib.get(ia)
+	end
+
+	def vrf_gets
+		v = _new(:ShowVRF)
+		v.parse(cmd(v.cmd))
+		v.vrfs.add('default', '0:0') if v.vrfs.empty?
+		return v.vrfs
+	end
+
+	def arp_resolve(ia, vrf)
+		if vrf.name == 'default'
+			output = cmd("show ip arp #{ia}")
+		else
+			output = cmd("show ip arp vrf #{vrf.name} #{ia}")
+		end
+		a = _new(:ShowARP)
+		a.parse(output)
+		return a.arps[ia]
+	end
+
+	def mac_address_table_get(sw, ma, vlan)
+		fib = _new(:MACFIB, sw)
+		fib.parse(cmd(fib.cmd(ma, vlan)))
+		return fib.ports
+	end
+
+	def interface_gets(sw)
+		i = _new(:Interface, sw)
+		i.parse(cmd(i.cmd))
+		#
+		# XXX: hack for Cisco because Cisco cannot obtain up/down of
+		#      an interface with interfaces capability command...
+		#
+		is = _new(:IfSummary, sw)
+		is.parse(cmd(is.cmd)) if is
+	end
+
+	def interface_name(port)
+		port
+	end
+
+	def interface_name_cli(port)
+		port
+	end
+
+	def interface_shutdown(port)
+		configure
+		cmd("interface #{port}")
+		cmd('shutdown')
+		unconfigure
+	end
+
+	def interface_noshutdown(port)
+		configure
+		cmd("interface #{port}")
+		cmd('no shutdown')
+		unconfigure
+	end
+
+	def acl_exists?(type, name)
+		configure
+		filters = cmd("show #{acl_definition(type, name)}")
+		unconfigure
+		! filters.empty?
+	end
+
+	def acl_add(type, name, addr, seq = nil)
+		case type
+		when 'ip'
+			# XXX: we may need sanity check.
+		when 'mac', 'advance'
+			addr = MACAddr.new(addr)
+		else
+			raise("Unknown ACL type: #type")
+		end
+		cmd = acl_type_to_cmd(type)
+		configure
+		cmd(acl_definition(type, name))
+		cmd("#{seq} deny #{cmd} host #{addr} any")
+		unconfigure
+	end
+
+	def acl_delete(type, name, seq)
+		configure
+		cmd(acl_definition(type, name))
+		cmd("no #{seq}")
+		unconfigure
+	end
+
+	def neighbor_gets(sw, port = nil)
+		c = _new(:CDP, sw)
+		if c
+			begin
+				c.parse(cmd(c.cmd(port)))
+				return c.rsw if port && c.rsw
+			rescue ArgumentError => e
+				if e.to_s !~ /% CDP is not enabled/
+					raise e
+				end
+			end
+		end
+		l = _new(:LLDP, sw)
+		if l
+			l.parse(cmd(l.cmd(port)))
+			return l.rsw if port && l.rsw
+		end
+		if ! c && ! l
+			raise 'No method found for retrieving a neighbor!!'
+		end
+		nil
+	end
+end