#!/usr/bin/expect -f
log_file -a /tmp/ar_debug.log
log_user 1

# Lokasi File ini pada Wazuh Server (192.168.160.70) : /var/ossec/active-response/bin
# Eksekusi manual : sudo ./unblock_aruba_telnet.sh <alamat_IP>
# Menerima IP address sebagai input
set attacker_ip [lindex $argv 0]

# ==== KONFIGURASI ====
set switch_ip "192.168.161.215"
set username "admin"
set password "miami2025"
set map_file "/var/ossec/active-response/bin/ip_port_map.txt"

# cari port dari ip
set port "unknown"
# Membuka file mapping untuk dibaca
set f [open $map_file r]
while {[gets $f line] != -1} {
    set parts [split $line " "]
    if {[lindex $parts 0] == $attacker_ip} {
        set port [lindex $parts 1]
        break
    }
}
close $f

# Jika port tidak ditemukan dalam file mapping, keluar dari script
if {$port == "unknown"} {
    puts "Error: Tidak ada mapping port yang ditemukan untuk IP $attacker_ip di file $map_file."
    exit 1
}

# telnet swith aruba untuk mengaktifkan port
spawn telnet $switch_ip
expect "Username:" { send "$username\r" }
expect "Password:" { send "$password\r" }
expect -re ".*#.*" { send "configure terminal\r" }
expect -re ".*\\(config\\)#" { send "interface $port\r" }
expect -re ".*\\(eth-$port\\)#" { send "enable\r" }
expect -re ".*\\(eth-$port\\)#" { send "exit\r" }
expect -re ".*\\(config\\)#" { send "exit\r" }
expect -re ".*#.*" { send "exit\r" }
expect -re ".*>.*" { send "exit\r" }
expect -re ".*Do you want to log out (y/n)?.*" { send "y\r" }

puts "Port $port (IP $attacker_ip) telah diaktifkan kembali."