From 5b9b389bf844bed0e308ff01a79190229a875891 Mon Sep 17 00:00:00 2001
From: Ben Greear <greearb@candelatech.com>
Date: Mon, 1 Feb 2021 07:49:35 -0800
Subject: [PATCH] openwrt-ctl:  Support bringing up reverse ssh tunnel.

This will let us log in on serial port to bring up a reverse
ssh tunnel so that we can then connect in via ssh from a jumphost,
regardless of how far behind NAT firewalls is the AP...

Signed-off-by: Ben Greear <greearb@candelatech.com>
---
 openwrt_ctl.py | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/openwrt_ctl.py b/openwrt_ctl.py
index c419635e..f84fa664 100755
--- a/openwrt_ctl.py
+++ b/openwrt_ctl.py
@@ -8,6 +8,11 @@ You might need to install pexpect-serial using pip:
 $ pip3 install pexpect-serial
 
 ./openwrt_ctl.py -l stdout -u root -p TIP -s serial --tty ttyUSB0
+
+# Set up reverse ssh tunnel
+./openwrt_ctl.py --tty /dev/ttyAP1 --action ssh-tunnel \
+        --value "ssh -y -y -f -N -T -M -R 9999:localhost:22 lanforge@10.28.3.100" \
+        --value2 password-for-10.28.3.100 --log stdout --scheme serial --prompt root@Open
 '''
 
 
@@ -48,9 +53,9 @@ def usage():
    print("--prompt   Prompt to look for when commands are done (default: root@OpenWrt)")
    print("-s|--scheme (serial|telnet|ssh): connect via serial, ssh or telnet")
    print("-l|--log file log messages here")
-   print("--action (logread | journalctl | lurk | sysupgrade | download | upload | reboot | cmd")
+   print("--action (logread | journalctl | lurk | sysupgrade | download | upload | reboot | cmd | ssh-tunnel")
    print("--value (option to help complete the action")
-   print("--value2 (option to help complete the action, dest filename for download")
+   print("--value2 (option to help complete the action, dest filename for download, passwd for ssh-tunnel")
    print("-h|--help")
 
 # see https://stackoverflow.com/a/13306095/11014343
@@ -78,7 +83,7 @@ def main():
    parser.add_argument("-t", "--tty",     type=str, help="tty serial device")
    parser.add_argument("-l", "--log",     type=str, help="logfile for messages, stdout means output to console")
    parser.add_argument("--action",        type=str, help="perform action",
-      choices=["logread", "journalctl", "lurk", "sysupgrade", "sysupgrade-n", "download", "upload", "reboot", "cmd" ])
+      choices=["logread", "journalctl", "lurk", "sysupgrade", "sysupgrade-n", "download", "upload", "reboot", "cmd", "ssh-tunnel" ])
    parser.add_argument("--value",         type=str, help="set value")
    parser.add_argument("--value2",        type=str, help="set value2")
    tty = None
@@ -247,6 +252,20 @@ def main():
       TO=1
       wait_forever = True
 
+   if (args.action == "ssh-tunnel"):
+       command = "%s"%(args.value)
+       passwd = "%s"%(args.value2)
+       logg.info("Command[%s]"%command)
+       egg.sendline(command);
+
+       i = egg.expect(["password:", "Do you want to continue connecting"], timeout=5)
+       if i == 1:
+           egg.sendline("y")
+           egg.expect("password:", timeout=5)
+       egg.sendline(passwd)
+       egg.expect(CCPROMPT, timeout=20)
+       return
+
    if ((args.action == "sysupgrade") or (args.action == "sysupgrade-n")):
        command = "scp %s /tmp/new_img.bin"%(args.value)
        logg.info("Command[%s]"%command)