Cisco
How to search for an Mac Address in a cisco switches environment using snmp.
Here is a little shel lscript to do this:
#!/bin/bash
if [ $# -lt 1 ]
then
echo Usage $0 MAC-ADDRESS\(xx-xx-xx-xx-xx-xx\)
exit
fi#echo $1
# convert mac address
mac=`echo $1 | tr “[:lower:]” “[:upper:]” `
#MAC=`echo $mac | tr “-” ” ” `
MAC=`echo $mac | sed s/:/-/g | tr “-” ” “`# Switchliste
SWITCHES=(”ip address switch1″ “ip address switch2″ .. )
PANELINFO=(”Description switch 1 ” “description switch 2 ” .. )
NRSWITCH=`echo ${#PANELINFO[*]}-1|bc`echo
echo The MAC-Address $MAC is found on the following switches.
# the following isn’t strictly correct for switches with uplink-ports below 48, but it seems to work.
echo ‘The numbers in parentheses (O,10) mean in this example: the 10th port in the top row.’
echo ‘”uplink” means that it is found on the uplink-ports (port # > 48).’
echofor i in `seq 0 $NRSWITCH`
#$SWITCHES
do
ip=172.21.16.${SWITCHES[$i]}
A=`snmpwalk -v 2c -c public $ip .1.3.6.1.2.1.17.4.3.1.1 | grep “$MAC”`
#Ergebnis: BRIDGE-MIB::dot1dTpFdbAddress.’….?>’ = Hex-STRING: 00 00 F0 A1 3F 3E
SUCHSTRING=`echo $A | sed s,\ =.*$,,|sed s,^.*Address\.,,`
if [ x$SUCHSTRING != “x” ]
then
#echo $SUCHSTRING
B=`snmpwalk -v 2c -c public $ip .1.3.6.1.2.1.17.4.3.1.2 | fgrep $SUCHSTRING|sed ’s/^.*INTEGER: //’|sort -nu|awk ‘{n=split($0,A);for (i=1;i< =n;i++){if (A[i]<=48) {p rint "#" A[i] "(";if (A[i]%2==0) print "U"; else print "O"; printf "%i",(A[i]-1)/2+1; print") "} else print "uplink";}}'`
echo Switch $ip, Panel-Line: "${PANELINFO[$i]}": Ports: $B
else
echo Switch $ip, Panel-Line: "${PANELINFO[$i]}": not seen on the switch
fi
done