Forum Discussion

Navd_298927's avatar
Navd_298927
Icon for Nimbostratus rankNimbostratus
Mar 22, 2017

tmsh command to read external data group file

I need help with tmsh commands to read external data group file . Due to security issues, we cannot give the user access to shell . The user uses a discovery tool to discover F5 and properties and tries to read the external data group file, so that it can map the applications to right IPs based on the contents of the file. The user has "guest with tmsh" role on F5.

 

F5 Version - BIG-IP 11.6.0 Build 6.0.442 Hotfix HF6

 

Any help or hint is appreciated . Thanks

 

8 Replies

    • Navd_298927's avatar
      Navd_298927
      Icon for Nimbostratus rankNimbostratus

      thanks Kunjan,

       

      That only lists the data groups. But we are trying read the contents of the data group. We can do it by shell command like 'cat file.txt' , but that would require us to give the user shell access to F5 server. So, we're trying to get an alternate way using tmsh command.

       

    • Navd_298927's avatar
      Navd_298927
      Icon for Nimbostratus rankNimbostratus

      thanks Kunjan,

       

      That only lists the data groups. But we are trying read the contents of the data group. We can do it by shell command like 'cat file.txt' , but that would require us to give the user shell access to F5 server. So, we're trying to get an alternate way using tmsh command.

       

  • May be can write a script and call it from tmsh, if you know the full path to the data-group.

    cli script test {
    proc script::run {} {
        set fp [open "/config/filestore/files_d/Common_d/data_group_d/:Common:dg1_46552_3" r]
    
        while { [gets $fp data] >= 0 } {
            puts $data
        }
    }
    
    }
    
    (/Common)(tmos) run cli script test 
    
    • brad_11480's avatar
      brad_11480
      Icon for Nimbostratus rankNimbostratus

      oh gosh, this is terrible. this means you have to know where it is storing these files. it would be far better if the tmsh command provided a way for it to list the content like it will for the GUI.. if it does it for the GUI, it should provide the same via TMSH.

       

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    May be can write a script and call it from tmsh, if you know the full path to the data-group.

    cli script test {
    proc script::run {} {
        set fp [open "/config/filestore/files_d/Common_d/data_group_d/:Common:dg1_46552_3" r]
    
        while { [gets $fp data] >= 0 } {
            puts $data
        }
    }
    
    }
    
    (/Common)(tmos) run cli script test 
    
    • brad_11480's avatar
      brad_11480
      Icon for Nimbostratus rankNimbostratus

      oh gosh, this is terrible. this means you have to know where it is storing these files. it would be far better if the tmsh command provided a way for it to list the content like it will for the GUI.. if it does it for the GUI, it should provide the same via TMSH.