Bash script for changing values under VLAN interface.

Bash is a Unix shell, which is a command line interface (CLI) for interacting with an operating system
(OS). Any command that you can run from the command line can be used in a bash script. Scripts
are used to run a series of commands.

1. The first step to prepare our script is to create a file with .sh extention
Create <filename>.sh file
For example: “touch change_cfg.sh”
2. Make it executable.
chmod +x filename.sh

Now we will have privilege to execute the file.

Every bash script should begin with the following symbols:

#!/bin/bash

In the script itself we have to define a method for authentication. Since our goal is to make the script
log into a lot of devices we don’t want interactively performing password authentication for each
device. So how do we login over ssh without using password less RSA Public keys? How do we login
non-interactively performing password authentication?

Answer: sshpass. With this program we can define separate fine which script will use to get the
password without the need to manually type it each time.

You can see that here we have defined 2 different files under working directory. (hosts and pass). As
you can imagine in those files we define “hosts” on which the script will login and the password
which will be used for authentication (pass file).

The first part of the script is basically performing the checks against the subnet mask value under
VLAN10 interface.

How is this accomplished ?

1. Login to the host device defined in host file

2. Execute show sys interface VLAN10 and grep the result when search for the line with set ip
3. With the results define a variable “IP_MASK”:
Example how it looks like in fortigate system:

Based on the above output “THE IF” statement begin.

Basically this line says: Do not care for the first part of the output it could be anything (Regular
expression), but pay attention to the subnet mask value (the backward slash is to distinguish the “.”
Because this symbol has another meaning in the code).

If you find 255.255.255.192 then do:

Echo “26 bit mask $IP_MASK”<- echo command in linux is used to display line of text/string that are
passed as an argument . In our case this is IP_Mask.

With this echo command script will print the value for the subnet mask found.

The next step is to define a new mask value.

So how is this accomplished ?

#Use the value from IP_MASK but replace pattern 255.255.255.192 with 255.255.255.224

As you might know IP_MASK and NEW_MASK are variables and the values are determined based on
the show sys interface VLAN10 output from each device script will login to.

If the operation is performed script will print Setting new mask:

Then it will proceed with the actual changing:

If script is not able to find suitable mask – different then 255.255.255.192 print “No suitable mask
detected”

With command “fi” we are closing our IF statement.