def post(self, request, *args, **kwargs):
# mengambil nilai dari form
formm = NacmForm(request.POST or None)
ipform = IpFormset(request.POST)
upform = UploadForm(request.POST, request.FILES)
userValue = formm['username'].value()
passValue = formm['password'].value()
confValue = formm['conft'].value()
bgp_name = str(request.POST['bgp_name'])
asn = str(request.POST['bgp_asn'])
router_id = str(request.POST['bgp_router_id'])
neighbor_address = str(request.POST['bgp_neighbor_address'])
neighbor_asn = str(request.POST['bgp_neighbor_asn'])
networkx = (request.POST.getlist('bgp_network'))
prefixs = (request.POST.getlist('bgp_prefix'))
# jika form valid
if ipform.is_valid() and formm.is_valid():
collect_data = ""
count_form = 0
simpanForm = formm.save()
# perulangan data pada form ipform
for form in ipform:
ipaddr = form.cleaned_data.get('ipaddr')
vendor = form.cleaned_data.get('vendor')
collect_config = "<b>Configure on " + str(
ipaddr) + " | vendor = " + str(vendor) + "</b></br>"
networks = netmask = wildcard = ""
# mengkoneksikan ke perangkat via protokol SSH menggunakan library Paramiko
try:
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
# memasukkan informasi username, password SSH
ssh_client.connect(hostname=ipaddr,
username=userValue,
password=passValue,
look_for_keys=False,
allow_agent=False,
timeout=5)
remote_conn = ssh_client.invoke_shell()
shell = remote_conn.recv(65535)
config_read = str(vendor.sett_dynamic_routing_bgp)
# split memakai \r dulu
array_read = config_read.split('\r')
# hasilnya akan ada \n
output_line = ""
# membuat perulangan pada network yang di advertise, karena pada advertise network menggunakan form dinamis
for x in range(len(networkx)):
network = networkx[x]
print(network)
prefix = prefixs[x]
if prefix != '':
networks = str(network + "/" + prefix)
print(networks)
netmask = IPNetwork(networks).netmask
print(netmask)
wildcard = IPNetwork(networks).hostmask
print(wildcard)
print(vendor)
# membaca code tiap line
for line in array_read:
# menghilangkan \n
new_line = re.sub(r'\n', '', line)
# print new_line
# akan error karena ada nilai kosong dan eval tidak bisa membacanya
# sehingga mengeleminasi nilai kosong
if new_line != '':
config_send = eval(new_line)
collect_config = collect_config + config_send + "</br>"
print(config_send + " ini config send")
# mengirim perintah yang akan dikonfig
# menggunakan non-interactive shell
try:
stdin, stdout, stderr = ssh_client.exec_command(
config_send + "\n")
time.sleep(1)
results = stdout.read()
print(str(results))
except:
# jika gagal menggunakan interactive shell
try:
remote_conn.send(config_send + "\n")
time.sleep(1)
results = remote_conn.recv(65535)
print(results.decode('ascii'))
# print (results)
except:
print("error paramiko")
# menyimpan data ke sqlite
count_form = count_form + 1
collect_data = collect_data + collect_config
if count_form == len(ipform):
simpanForm.conft = collect_data
messages.success(request, collect_config)
ssh_client.close()
simpanIp = form.save(commit=False)
simpanIp.connect_id = simpanForm
print(simpanIp)
simpanIp.save()
simpanForm.save()
# jika gagal terkoneksi
except paramiko.AuthenticationException:
error_conf(
request, collect_config,
"</br>Authentication failed, please verify your credentials"
)
except paramiko.SSHException as sshException:
error_conf(
request, collect_config,
"</br>Could not establish SSH connection: %s" %
sshException)
except socket.timeout as e:
error_conf(request, collect_config,
"</br>Connection timed out")
except Exception as e:
ssh_client.close()
error_conf(request, collect_config,
"</br>Exception in connecting to the server")
return HttpResponseRedirect('routing_bgp')
def oob_provision(self, equips):
log.info("AutoprovisionOOB")
variablestochangecore1 = dict()
variablestochangecore2 = dict()
variablestochangeoob = dict()
fileincore1 = None
fileoutcore1 = None
fileincore2 = None
fileoutcore2 = None
dcroom = model_to_dict(self.rack.dcroom)
log.debug("type: %s" % str(type(dcroom.get("config"))))
fabricconfig = dcroom.get("config")
try:
fabricconfig = json.loads(fabricconfig)
log.debug("type -ast: %s" % str(type(fabricconfig)))
except:
pass
try:
fabricconfig = ast.literal_eval(fabricconfig)
log.debug("config -ast: %s" % str(fabricconfig))
except:
pass
envconfig = fabricconfig
BASE_CHANNEL = int(envconfig.get("Channel").get(
"channel")) if envconfig.get("Channel") else 10
try:
path_to_guide = get_variable("path_to_guide")
path_to_add_config = get_variable("path_to_add_config")
path_to_config = get_variable("path_to_config")
except ObjectDoesNotExist:
raise var_exceptions.VariableDoesNotExistException(
"Erro buscando a variável PATH_TO_GUIDE")
try:
vlan_name = "VLAN_GERENCIA_" + self.rack.nome
vlan = models_vlan.Vlan.objects.filter(
nome=vlan_name).uniqueResult()
except Exception as e:
log.debug("Error while getting %s. Error: %s" % (vlan_name, e))
vlan = False
if not vlan:
try:
vlan_name = "OOB_SO_" + self.rack.nome
vlan = models_vlan.Vlan.objects.filter(
nome=vlan_name).uniqueResult()
except Exception as e:
raise Exception("O rack não tem vlan de gerencia. Error: %s" %
e)
log.debug("Vlan OOB: %s" % vlan.nome)
log.debug("Rede OOB: %s" % IPNetwork(vlan.networks_ipv4[0].networkv4))
log.debug("equips: %s" % str(equips))
if not vlan.networks_ipv4:
raise Exception("Vlan de OOB do rack não possui rede associada.")
variablestochangeoob["VLAN_SO"] = str(vlan.num_vlan)
equips_sorted = sorted(equips, key=operator.itemgetter('sw'))
oob = equips_sorted[-1]
variablestochangeoob["OWN_IP_MGMT"] = oob.get("ip_mngt")
variablestochangeoob["HOSTNAME_OOB"] = oob.get("nome")
variablestochangeoob["HOSTNAME_RACK"] = self.rack.nome
fileinoob = path_to_guide + oob.get("roteiro")
fileoutoob = path_to_config + oob.get("nome") + ".cfg"
for equip in oob.get("interfaces"):
nome = equip.get("nome")
log.debug(str(nome))
roteiro = equip.get("roteiro")
if nome[:3] == self.leaf_prefix:
if nome[-1] == "1":
variablestochangeoob["HOSTNAME_LF1"] = nome
else:
variablestochangeoob["HOSTNAME_LF2"] = nome
elif nome[:3] == self.oob_prefix:
intoob = equip.get("eq_interface")
intcore = equip.get("interface")
if nome[-1] == "1":
log.info(str(nome))
variablestochangeoob["INT_OOBC1_UPLINK"] = intoob
variablestochangeoob["INTERFACE_CORE1"] = intcore
variablestochangeoob["HOSTNAME_CORE1"] = nome
variablestochangecore1["INT_OOB_UPLINK"] = intoob
variablestochangecore1["INTERFACE_CORE"] = intcore
variablestochangecore1["HOSTNAME_RACK"] = self.rack.nome
variablestochangecore1["SO_HOSTNAME_OOB"] = "SO_" + str(
self.rack.nome)
variablestochangecore1["VLAN_SO"] = str(vlan.num_vlan)
variablestochangecore1['IPCORE'] = str(
IPNetwork(vlan.networks_ipv4[0].networkv4).broadcast -
2)
variablestochangecore1['IPHSRP'] = str(
IPNetwork(vlan.networks_ipv4[0].networkv4).ip + 1)
variablestochangecore1['NUM_CHANNEL'] = str(
BASE_CHANNEL + int(self.rack.numero))
if (1 + int(self.rack.numero)) % 2 == 0:
variablestochangecore1["HSRP_PRIORITY"] = "100"
else:
variablestochangecore1["HSRP_PRIORITY"] = "101"
fileincore1 = path_to_guide + roteiro
fileoutcore1 = path_to_add_config + nome + "-ADD-" + str(
self.rack.nome) + ".cfg"
elif nome[-1] == "2":
log.info(str(nome))
variablestochangeoob["INT_OOBC2_UPLINK"] = intoob
variablestochangeoob["INTERFACE_CORE2"] = intcore
variablestochangeoob["HOSTNAME_CORE2"] = nome
variablestochangecore2["INT_OOB_UPLINK"] = intoob
variablestochangecore2["INTERFACE_CORE"] = intcore
variablestochangecore2["HOSTNAME_RACK"] = self.rack.nome
variablestochangecore2["SO_HOSTNAME_OOB"] = "SO_" + str(
self.rack.nome)
variablestochangecore2["VLAN_SO"] = str(vlan.num_vlan)
variablestochangecore2['IPCORE'] = str(
IPNetwork(vlan.networks_ipv4[0].networkv4).broadcast -
1)
variablestochangecore2['IPHSRP'] = str(
IPNetwork(vlan.networks_ipv4[0].networkv4).ip + 1)
variablestochangecore2['NUM_CHANNEL'] = str(
BASE_CHANNEL + int(self.rack.numero))
if (2 + int(self.rack.numero)) % 2 == 0:
variablestochangecore2["HSRP_PRIORITY"] = "100"
else:
variablestochangecore2["HSRP_PRIORITY"] = "101"
fileincore2 = path_to_guide + roteiro
fileoutcore2 = path_to_add_config + nome + "-ADD-" + str(
self.rack.nome) + ".cfg"
self.replace_file(fileincore1, fileoutcore1, variablestochangecore1)
self.replace_file(fileincore2, fileoutcore2, variablestochangecore2)
self.replace_file(fileinoob, fileoutoob, variablestochangeoob)
return True
def get_ipv4_prefixes(prefixes=[]):
return [
prefix for prefix in prefixes or []
if IPNetwork(prefix).version == 4
]
def test_node_start(self, m_root, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_docker_client,
m_client, m_conntrack, m_setup_ip, m_check_system,
m_container, m_call, m_os_makedirs, m_os_path_exists,
m_ipv6_enabled):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_container.return_value = False
m_root.return_value = False
m_os_path_exists.return_value = False
ip_2 = '2.2.2.2'
m_docker_client.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
ipv4_pools = [
IPPool(IPNetwork("10.0.0.0/16")),
IPPool(IPNetwork("10.1.0.0/16"), ipip=True)
]
ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
m_client.get_ip_pools.return_value = ipv4_pools
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork = False
# Don't pull the node image
no_pull = True
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork, no_pull)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
"AS=",
"NO_DEFAULT_POOLS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
]
binds = {
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
"/var/run/calico": {
"bind": "/var/run/calico",
"ro": False
},
"/lib/modules": {
"bind": "/lib/modules",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_called_once_with('calico-node',
force=True)
m_docker_client.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds)
self.assertFalse(m_find_or_pull_node_image.called)
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico', "/var/run/calico", "/lib/modules"])
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container, False)
def generate_subnet(self, ip, sn="24"):
subnet = IPNetwork('{ip}/{sn}'.format(ip=ip, sn=sn))
for ip in IPNetwork(subnet):
yield ip
def handleEvent(self, event):
eventName = event.eventType
srcModuleName = event.module
eventData = event.data
scanIps = list()
if self.errorState:
return None
self.sf.debug("Received event, %s, from %s" %
(eventName, srcModuleName))
if not self.portlist:
self.sf.error('No ports specified in port list', False)
self.errorState = True
return None
try:
if eventName == "NETBLOCK_OWNER" and self.opts['netblockscan']:
net = IPNetwork(eventData)
if net.prefixlen < self.opts['netblockscanmax']:
self.sf.debug("Skipping port scanning of " + eventData +
", too big.")
return None
for ip in net:
ipaddr = str(ip)
if ipaddr.split(".")[3] in ['255', '0']:
continue
if '255' in ipaddr.split("."):
continue
scanIps.append(ipaddr)
else:
scanIps.append(eventData)
except BaseException as e:
self.sf.error(
"Strange netblock identified, unable to parse: " + eventData +
" (" + str(e) + ")", False)
return None
for ipAddr in scanIps:
# Don't look up stuff twice
if ipAddr in self.results:
self.sf.debug("Skipping " + ipAddr + " as already scanned.")
return None
else:
self.results[ipAddr] = True
i = 0
portArr = []
for port in self.portlist:
if self.checkForStop():
return None
if i < self.opts['maxthreads']:
portArr.append(port)
i += 1
else:
self.sendEvent(self.tryPortWrapper(ipAddr, portArr), event)
i = 1
portArr = [port]
# Scan whatever is remaining
self.sendEvent(self.tryPortWrapper(ipAddr, portArr), event)
def handleEvent(self, event):
eventName = event.eventType
srcModuleName = event.module
eventData = event.data
if self.errorState:
return None
self.sf.debug(f"Received event, {eventName}, from {srcModuleName}")
if self.opts['api_key'] == "":
self.sf.error("You enabled sfp_shodan but did not set an API key!",
False)
self.errorState = True
return None
# Don't look up stuff twice
if eventData in self.results:
self.sf.debug(f"Skipping {eventData}, already checked.")
return None
else:
self.results[eventData] = True
if eventName == "DOMAIN_NAME":
hosts = self.searchHosts(eventData)
if hosts is None:
return None
evt = SpiderFootEvent("RAW_RIR_DATA", str(hosts), self.__name__,
event)
self.notifyListeners(evt)
if eventName == 'WEB_ANALYTICS_ID':
try:
network = eventData.split(": ")[0]
analytics_id = eventData.split(": ")[1]
except BaseException as e:
self.sf.error(
f"Unable to parse WEB_ANALYTICS_ID: {eventData} ({e})",
False)
return None
if network not in [
'Google AdSense', 'Google Analytics',
'Google Site Verification'
]:
self.sf.debug("Skipping " + eventData + ", as not supported.")
return None
rec = self.searchHtml(analytics_id)
if rec is None:
return None
evt = SpiderFootEvent("RAW_RIR_DATA", str(rec), self.__name__,
event)
self.notifyListeners(evt)
return None
if eventName == 'NETBLOCK_OWNER':
if not self.opts['netblocklookup']:
return None
else:
if IPNetwork(eventData).prefixlen < self.opts['maxnetblock']:
self.sf.debug("Network size bigger than permitted: " +
str(IPNetwork(eventData).prefixlen) + " > " +
str(self.opts['maxnetblock']))
return None
qrylist = list()
if eventName.startswith("NETBLOCK_"):
for ipaddr in IPNetwork(eventData):
qrylist.append(str(ipaddr))
self.results[str(ipaddr)] = True
else:
qrylist.append(eventData)
for addr in qrylist:
rec = self.query(addr)
if rec is None:
continue
# For netblocks, we need to create the IP address event so that
# the threat intel event is more meaningful.
if eventName.startswith('NETBLOCK_'):
pevent = SpiderFootEvent("IP_ADDRESS", addr, self.__name__,
event)
self.notifyListeners(pevent)
else:
pevent = event
evt = SpiderFootEvent("RAW_RIR_DATA", str(rec), self.__name__,
pevent)
self.notifyListeners(evt)
if self.checkForStop():
return None
if rec.get('os') is not None:
# Notify other modules of what you've found
evt = SpiderFootEvent("OPERATING_SYSTEM",
rec.get('os') + " (" + addr + ")",
self.__name__, pevent)
self.notifyListeners(evt)
if rec.get('devtype') is not None:
# Notify other modules of what you've found
evt = SpiderFootEvent("DEVICE_TYPE",
rec.get('devtype') + " (" + addr + ")",
self.__name__, pevent)
self.notifyListeners(evt)
if rec.get('country_name') is not None:
location = ', '.join([
_f for _f in [rec.get('city'),
rec.get('country_name')] if _f
])
evt = SpiderFootEvent("GEOINFO", location, self.__name__,
pevent)
self.notifyListeners(evt)
if 'data' in rec:
self.sf.info("Found SHODAN data for " + eventData)
ports = list()
banners = list()
asns = list()
products = list()
vulnlist = list()
for r in rec['data']:
port = str(r.get('port'))
banner = r.get('banner')
asn = r.get('asn')
product = r.get('product')
vulns = r.get('vulns')
if port is not None:
# Notify other modules of what you've found
cp = addr + ":" + port
if cp not in ports:
ports.append(cp)
evt = SpiderFootEvent("TCP_PORT_OPEN", cp,
self.__name__, pevent)
self.notifyListeners(evt)
if banner is not None:
if banner not in banners:
banners.append(banner)
# Notify other modules of what you've found
evt = SpiderFootEvent("TCP_PORT_OPEN_BANNER",
banner, self.__name__,
pevent)
self.notifyListeners(evt)
if product is not None:
if product not in products:
products.append(product)
evt = SpiderFootEvent("SOFTWARE_USED", product,
self.__name__, pevent)
self.notifyListeners(evt)
if asn is not None:
if asn not in asns:
asns.append(asn)
evt = SpiderFootEvent("BGP_AS_MEMBER",
asn.replace("AS", ""),
self.__name__, pevent)
self.notifyListeners(evt)
if vulns is not None:
for vuln in vulns.keys():
if vuln not in vulnlist:
vulnlist.append(vuln)
evt = SpiderFootEvent('VULNERABILITY', vuln,
self.__name__, pevent)
self.notifyListeners(evt)
return None
def blacklistedSubnets(self):
for subnet in self.blacklist:
try:
self.blacklisted_subnets.append(IPNetwork(str(subnet)))
except:
pass
def resourceList(self, id, target, targetType):
targetDom = ''
# Get the base domain if we're supplied a domain
if targetType == "domain":
targetDom = self.sf.hostDomain(target, self.opts['_internettlds'])
for check in malchecks.keys():
cid = malchecks[check]['id']
if id == cid and malchecks[check]['type'] == "list":
data = dict()
url = malchecks[check]['url']
data['content'] = self.sf.cacheGet(
"sfmal_" + cid, self.opts.get('cacheperiod', 0))
if data['content'] is None:
data = self.sf.fetchUrl(url,
timeout=self.opts['_fetchtimeout'],
useragent=self.opts['_useragent'])
if data['content'] is None:
self.sf.error("Unable to fetch " + url, False)
return None
else:
self.sf.cachePut("sfmal_" + cid, data['content'])
# If we're looking at netblocks
if targetType == "netblock":
iplist = list()
# Get the regex, replace {0} with an IP address matcher to
# build a list of IP.
# Cycle through each IP and check if it's in the netblock.
if 'regex' in malchecks[check]:
rx = malchecks[check]['regex'].replace(
"{0}", "(\d+\.\d+\.\d+\.\d+)")
pat = re.compile(rx, re.IGNORECASE)
self.sf.debug("New regex for " + check + ": " + rx)
for line in data['content'].split('\n'):
grp = re.findall(pat, line)
if len(grp) > 0:
#self.sf.debug("Adding " + grp[0] + " to list.")
iplist.append(grp[0])
else:
iplist = data['content'].split('\n')
for ip in iplist:
if len(ip) < 8 or ip.startswith("#"):
continue
ip = ip.strip()
try:
if IPAddress(ip) in IPNetwork(target):
self.sf.debug(
ip + " found within netblock/subnet " +
target + " in " + check)
return url
except Exception as e:
self.sf.debug("Error encountered parsing: " +
str(e))
continue
return None
# If we're looking at hostnames/domains/IPs
if 'regex' not in malchecks[check]:
for line in data['content'].split('\n'):
if line == target or (targetType == "domain"
and line == targetDom):
self.sf.debug(target + "/" + targetDom +
" found in " + check + " list.")
return url
else:
# Check for the domain and the hostname
try:
rxDom = unicode(
malchecks[check]['regex']).format(targetDom)
rxTgt = unicode(
malchecks[check]['regex']).format(target)
for line in data['content'].split('\n'):
if (targetType == "domain" and re.match(rxDom, line, re.IGNORECASE)) or \
re.match(rxTgt, line, re.IGNORECASE):
self.sf.debug(target + "/" + targetDom +
" found in " + check + " list.")
return url
except BaseException as e:
self.sf.debug("Error encountered parsing 2: " + str(e))
continue
return None
check_ip(ip_address)
except Exception as e:
with print_lock:
print "[ERROR] [%s] - %s" % (ip_address, e)
finally:
semaphore.release()
if ip:
check_ip(ip)
elif filename:
with open(filename, "r") as fp:
for line in fp:
semaphore.acquire()
ip_address = line.strip()
t = threading.Thread(target=threaded_check, args=(ip_address, ))
t.start()
elif net:
from netaddr import IPNetwork
network = IPNetwork(net)
for addr in network:
# Skip the network and broadcast addresses
if ((network.size != 1) and ((addr == network.network) or
(addr == network.broadcast))):
continue
semaphore.acquire()
ip_address = str(addr)
t = threading.Thread(target=threaded_check, args=(ip_address, ))
t.start()
# exibe protocolo detectado e os hosts
#print ("Protocolo : %s De: %s -> Para: %s" % (ip_header.protocol, ip_header.src_address, ip_header.dst_address))
# se for ICMP, nos queremos o pacote
if ip_header.protocol == "ICMP": #(2)
# calcula em que ponto nosso pacote ICMP comeca
offset = ip_header.ihl * 4 #(3)
buf = raw_buffer[offset:offset + sys.getsizeof(ICMP)]
# cria nossa estrutura ICMP
icmp_header = ICMP(buf) #(4)
#print ("ICMP -> Type: %d Code: %d" % (icmp_header.type, icmp_header.code))
# verifica se type e code sao iguais a 3
if icmp_header.code == 3 and icmp_header.type == 3:
# garantir que o host esta em nossa sub-rede
if IPAddress(ip_header.src_address) in IPNetwork(SUBNET):
# garante que contem nossa mensagem
if raw_buffer[len(raw_buffer) -
len(MAGIC_STRING):] == MAGIC_STRING:
print("Host Up: %s" % ip_header.src_address)
# tratando ctrl-c
except KeyboardInterrupt:
# se usando Windows, desabilitar modo promiscuo
if os.name == "nt":
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
print("Exiting...")
sys.exit(0)
async def process_system(device_id, host, community, port):
device_repository = repository.get('device')
system_info = await snmp_async.get_system_info(host, community, port)
interfaces = await snmp_async.get_interfaces(host, community, port)
interface_update_time = time.time()
ip_addrs = await snmp_async.get_ip_addr(host, community, port)
if not system_info:
logging.info("SNMP (Process system [sys info]): host {} is down".format(host))
return None
if not ip_addrs:
logging.info("SNMP (Process system [ip addr]): host {} is down".format(host))
return None
if not interfaces:
logging.info("SNMP (Process system [interface]): host {} is down".format(host))
return None
# Todo optimize this
for if_index, interface in enumerate(interfaces):
for ip_index, ip_addr in enumerate(ip_addrs):
if interface['index'] == ip_addr['if_index']:
interface['ipv4_address'] = ip_addr['ipv4_address']
interface['subnet'] = ip_addr['subnet']
break
my_device = device_repository.get_device_by_mgmt_ip(host)
diff_interface_update_time = interface_update_time - my_device.get('interfaces_update_time', 0)
diff_interface_update_time *= 100
try:
if my_device.get('interfaces'):
for if_index, interface in enumerate(interfaces):
for my_interface in my_device['interfaces']:
if interface['description'] == my_interface['description']:
# In
in_octets = interface['in_octets'] - my_interface['in_octets']
# in_in_time = system_info['uptime'] - my_device['uptime']
bw_in_usage_percent = sdn_utils.cal_bw_usage_percent(
in_octets,
interface['speed'],
diff_interface_update_time)
# Out
out_octets = interface['out_octets'] - my_interface['out_octets']
# out_in_time = system_info['uptime'] - my_device['uptime']
bw_out_usage_percent = sdn_utils.cal_bw_usage_percent(
out_octets,
interface['speed'],
diff_interface_update_time)
# Add information
interface['bw_in_usage_octets'] = in_octets
interface['bw_in_usage_persec'] = sdn_utils.bandwidth_usage_percent_to_bit(interface['speed'],
bw_in_usage_percent)
interface['bw_in_usage_percent'] = bw_in_usage_percent
interface['bw_out_usage_octets'] = out_octets
# interface['bw_out_usage_persec'] = (out_octets / out_in_time) * 8
interface['bw_out_usage_persec'] = sdn_utils.bandwidth_usage_percent_to_bit(interface['speed'],
bw_out_usage_percent)
interface['bw_out_usage_percent'] = bw_out_usage_percent
interface['bw_usage_update'] = time.time()
if interface.get('ipv4_address'):
ip = IPNetwork("{}/{}".format(interface['ipv4_address'], interface['subnet']))
if ip.size == 1:
start_ip = ip.first
end_ip = ip.first
elif ip.size == 2:
start_ip = ip.first
end_ip = ip.last
else:
start_ip = ip.first
end_ip = ip.last
interface['start_ip'] = start_ip
interface['end_ip'] = end_ip
break
except Exception as e:
logging.info("Except: %s", e)
system_info['interfaces'] = interfaces
system_info['interfaces_update_time'] = interface_update_time
# Set update time
system_info['updated_at'] = time.time()
# Update device info
device_repository.set(host, system_info)
return True
from netaddr import IPNetwork
import sys
ip_list = sys.argv[1]
cidr_list = []
with open(ip_list, 'r') as f:
for line in f:
cidr = line.strip()
cidr_list.append(cidr)
with open("iplist.txt", 'wb') as g:
for subnet in cidr_list:
for ip in IPNetwork(subnet):
g.write(str(ip) + "\n")
def create_network(self,
name,
cidr=None,
dhcp=True,
nat=True,
domain=None,
plan='kvirt',
overrides={}):
if nat:
externalnets = [
n for n in self.neutron.list_networks()['networks']
if n['router:external']
]
externalnet_id = externalnets[0]['id'] if externalnets else None
routers = [
router for router in self.neutron.list_routers()['routers']
if router['name'] == 'kvirt'
]
router_id = routers[0]['id'] if routers else None
try:
IPNetwork(cidr)
except:
return {'result': 'failure', 'reason': "Invalid Cidr %s" % cidr}
neutron = self.neutron
network_id = None
networks = {
net['name']: net['id']
for net in neutron.list_networks()['networks']
}
if name not in networks:
network = {'name': name, 'admin_state_up': True}
if 'port_security_enabled' in overrides:
network['port_security_enabled'] = bool(
overrides['port_security_enabled'])
network = neutron.create_network({'network': network})
network_id = network['network']['id']
tenant_id = network['network']['tenant_id']
else:
common.pprint("Network already there. Creating subnet",
color='yellow')
if cidr is not None:
if network_id is None:
network_id = networks[name]
cidrs = [
s['cidr'] for s in neutron.list_subnets()['subnets']
if s['network_id'] == network_id
]
if cidr not in cidrs:
subnet = {
'name': cidr,
'network_id': network_id,
'ip_version': 4,
"cidr": cidr,
'enable_dhcp': dhcp
}
if domain is not None:
subnet['dns_nameservers'] = [domain]
subnet = neutron.create_subnet({'subnet': subnet})
subnet_id = subnet['subnet']['id']
tenant_id = subnet['subnet']['tenant_id']
else:
common.pprint("Subnet already there. Leaving", color='yellow')
return {'result': 'success'}
if nat:
if externalnet_id is not None:
if router_id is None:
router = {'name': 'kvirt', 'tenant_id': tenant_id}
# router['external_gateway_info'] = {"network_id": externalnet_id, "enable_snat": True}
router = neutron.create_router({'router': router})
router_id = router['router']['id']
router_dict = {"network_id": externalnet_id}
neutron.add_gateway_router(router_id, router_dict)
neutron.add_interface_router(router_id,
{'subnet_id': subnet_id})
return {'result': 'success'}
def test_route_exclusion_list(self):
"""
This is strips part of a network out of another.
There could be multiple cases here, but a simple smoke test
probably covers the intent.
"""
_input = [
IPNetwork('10.50.0.0/24'),
IPNetwork('10.51.0.0/24'),
IPNetwork('10.52.0.0/24')
]
remove_routes = [
IPNetwork('10.50.0.0/28'),
IPNetwork('10.51.0.128/25'),
]
proper_output = [
IPNetwork('10.50.0.16/28'),
IPNetwork('10.50.0.32/27'),
IPNetwork('10.50.0.64/26'),
IPNetwork('10.50.0.128/25'),
IPNetwork('10.51.0.0/25'),
IPNetwork('10.52.0.0/24'),
]
ret = self.library.route_exclusion(_input, remove_routes)
self.assertEqual(proper_output, ret)
def handleEvent(self, event):
eventName = event.eventType
srcModuleName = event.module
eventData = event.data
if self.errorState:
return None
self.sf.debug("Received event, " + eventName + ", from " +
srcModuleName)
# Don't look up stuff twice
if eventData in self.results:
self.sf.debug("Skipping " + eventData + " as already mapped.")
return None
else:
self.results[eventData] = True
if eventName == 'NETBLOCK_OWNER':
if not self.opts['netblocklookup']:
return None
else:
if IPNetwork(eventData).prefixlen < self.opts['maxnetblock']:
self.sf.debug("Network size bigger than permitted: " +
str(IPNetwork(eventData).prefixlen) + " > " +
str(self.opts['maxnetblock']))
return None
if eventName == 'NETBLOCK_MEMBER':
if not self.opts['subnetlookup']:
return None
else:
if IPNetwork(eventData).prefixlen < self.opts['maxsubnet']:
self.sf.debug("Network size bigger than permitted: " +
str(IPNetwork(eventData).prefixlen) + " > " +
str(self.opts['maxsubnet']))
return None
qrylist = list()
if eventName.startswith("NETBLOCK_"):
for ipaddr in IPNetwork(eventData):
qrylist.append(str(ipaddr))
self.results[str(ipaddr)] = True
else:
# If user has enabled affiliate checking
if eventName == "AFFILIATE_IPADDR" and not self.opts[
'checkaffiliates']:
return None
qrylist.append(eventData)
for addr in qrylist:
if self.checkForStop():
return None
data = self.queryIPAddress(addr)
if data is None:
break
maliciousIP = data.get('ip_addr')
if maliciousIP is None:
continue
if addr != maliciousIP:
self.sf.error(
"Reported address doesn't match requested, skipping",
False)
continue
blacklistedRecords = data.get('blacklist')
if blacklistedRecords is None or len(blacklistedRecords) == 0:
self.sf.debug("No blacklist information found for IP")
continue
# Data is reported about the IP Address
if eventName.startswith("NETBLOCK_"):
ipEvt = SpiderFootEvent("IP_ADDRESS", addr, self.__name__,
event)
self.notifyListeners(ipEvt)
evt = SpiderFootEvent("RAW_RIR_DATA", str(data), self.__name__,
event)
self.notifyListeners(evt)
maliciousIPDesc = "Maltiverse [ " + str(maliciousIP) + " ]\n"
for blacklistedRecord in blacklistedRecords:
lastSeen = blacklistedRecord.get('last_seen')
if lastSeen is None:
continue
try:
lastSeenDate = datetime.strptime(str(lastSeen),
"%Y-%m-%d %H:%M:%S")
except:
self.sf.error("Invalid date in JSON response, skipping",
False)
continue
today = datetime.now()
difference = (today - lastSeenDate).days
if difference > int(self.opts["age_limit_days"]):
self.sf.debug(
"Record found is older than age limit, skipping")
continue
maliciousIPDesc += " - DESCRIPTION : " + str(
blacklistedRecord.get("description")) + "\n"
maliciousIPDescHash = self.sf.hashstring(maliciousIPDesc)
if maliciousIPDescHash in self.results:
continue
self.results[maliciousIPDescHash] = True
if eventName.startswith("NETBLOCK_"):
evt = SpiderFootEvent("MALICIOUS_IPADDR", maliciousIPDesc,
self.__name__, ipEvt)
else:
evt = SpiderFootEvent("MALICIOUS_IPADDR", maliciousIPDesc,
self.__name__, event)
self.notifyListeners(evt)
return None
def is_public_ip(ip):
ip = IPAddress(ip)
if (ip in IPNetwork("10.0.0.0/8") or ip in IPNetwork("172.16.0.0/12")
or ip in IPNetwork("192.168.0.0/16")):
return False
return True
def _create_spnlfenv(user, rack):
log.debug("_create_spnlfenv")
envfathers = models_env.Ambiente.objects.filter(
dcroom=int(rack.dcroom.id),
father_environment__isnull=True,
grupo_l3__nome=str(rack.dcroom.name),
ambiente_logico__nome="SPINES")
log.debug("SPN environments" + str(envfathers))
environment_spn_lf = None
environment_spn_lf_list = list()
spines = int(rack.dcroom.spines)
fabric = rack.dcroom.name
try:
id_grupo_l3 = models_env.GrupoL3().get_by_name(fabric).id
except:
grupo_l3_dict = models_env.GrupoL3()
grupo_l3_dict.nome = fabric
grupo_l3_dict.save()
id_grupo_l3 = grupo_l3_dict.id
pass
for env in envfathers:
config_subnet = list()
for net in env.configs:
# verificar se o ambiente possui range associado.
cidr = IPNetwork(net.ip_config.subnet)
prefix = int(net.ip_config.new_prefix)
network = {
'cidr': list(cidr.subnet(prefix)),
'type': net.ip_config.type,
'network_type': net.ip_config.network_type.id
}
config_subnet.append(network)
for spn in range(spines):
amb_log_name = "SPINE0" + str(spn + 1) + "LEAF"
try:
id_amb_log = models_env.AmbienteLogico().get_by_name(
amb_log_name).id
except:
amb_log_dict = models_env.AmbienteLogico()
amb_log_dict.nome = amb_log_name
amb_log_dict.save()
id_amb_log = amb_log_dict.id
pass
config = list()
for sub in config_subnet:
config_spn = {
'subnet':
str(sub.get("cidr")[spn]),
'new_prefix':
str(31) if str(sub.get("type"))[-1] is "4" else str(127),
'type':
str(sub.get("type")),
'network_type':
sub.get("network_type")
}
config.append(config_spn)
obj = {
'grupo_l3': id_grupo_l3,
'ambiente_logico': id_amb_log,
'divisao_dc': env.divisao_dc.id,
'acl_path': env.acl_path,
'ipv4_template': env.ipv4_template,
'ipv6_template': env.ipv6_template,
'link': env.link,
'min_num_vlan_2': env.min_num_vlan_2,
'max_num_vlan_2': env.max_num_vlan_2,
'min_num_vlan_1': env.min_num_vlan_1,
'max_num_vlan_1': env.max_num_vlan_1,
'vrf': env.vrf,
'father_environment': env.id,
'default_vrf': env.default_vrf.id,
'configs': config,
'fabric_id': rack.dcroom.id
}
return environment_spn_lf_list
# create an IP header from the first 20 bytes of the buffer
ip_header = IP(raw_buffer[0:20])
# if it's ICMP, we want it
if ip_header.protocol == 'ICMP':
# calculate where our ICMP packet starts
offset = ip_header.ihl * 4
buf = raw_buffer[offset:offset + sizeof(ICMP)]
# create our ICMP structure
icmp_header = ICMP(buf)
# now check for TYPE 3 and Code 3
if icmp_header.code == 3 and icmp_header.type == 3:
# make sure host is in our target subnet
if IPAddress(ip_header.src_address) in IPNetwork(subnet):
# make sure it has our magic messge
if raw_buffer[len(raw_buffer)-len(magic_message):] == magic_message:
print('Host Up: %s' % ip_header.src_address)
# handle CTRL-C
except KeyboardInterrupt:
# if we're using Windows, turn off promiscuous mode
if os.name == 'nt':
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
def _create_prod_envs(rack, user):
log.debug("_create_prod_envs")
prod_envs = models_env.Ambiente.objects.filter(
dcroom=int(rack.dcroom.id),
father_environment__isnull=True,
grupo_l3__nome=str(rack.dcroom.name),
ambiente_logico__nome="PRODUCAO").exclude(divisao_dc__nome="BO_DMZ")
log.debug("PROD environments: " + str(prod_envs))
try:
id_grupo_l3 = models_env.GrupoL3().get_by_name(rack.nome).id
except:
grupo_l3_dict = models_env.GrupoL3()
grupo_l3_dict.nome = rack.nome
grupo_l3_dict.save()
id_grupo_l3 = grupo_l3_dict.id
pass
if rack.dcroom.config:
fabricconfig = rack.dcroom.config
else:
log.debug("sem configuracoes do fabric %s" % str(rack.dcroom.id))
fabricconfig = list()
try:
fabricconfig = json.loads(fabricconfig)
except:
pass
try:
fabricconfig = ast.literal_eval(fabricconfig)
log.debug("config -ast: %s" % str(fabricconfig))
except:
pass
environment = list()
for env in prod_envs:
father_id = env.id
for fab in fabricconfig.get("Ambiente"):
if int(fab.get("id")) == int(father_id):
details = fab.get("details")
config_subnet = list()
for net in env.configs:
cidr = IPNetwork(str(net.ip_config.subnet))
prefix = int(net.ip_config.new_prefix)
bloco = list(cidr.subnet(int(prefix)))[int(rack.numero)]
if details[0].get(str(net.ip_config.type)):
new_prefix = details[0].get(str(
net.ip_config.type)).get("new_prefix")
else:
new_prefix = 31 if net.ip_config.type == "v4" else 127
network = {
'subnet': str(bloco),
'type': net.ip_config.type,
'network_type': net.ip_config.network_type.id,
'new_prefix': new_prefix
}
config_subnet.append(network)
obj = {
'grupo_l3': id_grupo_l3,
'ambiente_logico': env.ambiente_logico.id,
'divisao_dc': env.divisao_dc.id,
'acl_path': env.acl_path,
'ipv4_template': env.ipv4_template,
'ipv6_template': env.ipv6_template,
'link': env.link,
'min_num_vlan_2': env.min_num_vlan_1,
'max_num_vlan_2': env.max_num_vlan_1,
'min_num_vlan_1': env.min_num_vlan_1,
'max_num_vlan_1': env.max_num_vlan_1,
'vrf': env.vrf,
'father_environment': father_id,
'default_vrf': env.default_vrf.id,
'configs': config_subnet,
'fabric_id': rack.dcroom.id
}
obj_env = facade_env.create_environment(obj)
environment.append(obj_env)
log.debug("Environment object: %s" % str(obj_env))
for switch in [rack.id_sw1, rack.id_sw2]:
try:
equipamento_ambiente = EquipamentoAmbiente()
equipamento_ambiente.ambiente = obj_env
equipamento_ambiente.equipamento = switch
equipamento_ambiente.is_router = True
equipamento_ambiente.create(user)
except EquipamentoAmbienteDuplicatedError:
pass
return environment
def generate_heat_model(input_model, virt_config):
"""
Create a data structure that more or less describes the heat resources
required to deploy the input model. The data structure can then later
be used to generate a heat orchestration template.
:param input_model: enhanced input model data structure
:param virt_config: additional information regarding the virtual setup
(images, flavors, disk sizes)
:return: dictionary describing heat resources
"""
heat_template = dict(description='Template for deploying Ardana {}'.format(
input_model['cloud']['name']))
clm_cidr = IPNetwork(input_model['baremetal']['subnet'],
input_model['baremetal']['netmask'])
clm_network = None
heat_networks = heat_template['networks'] = dict()
# First, add L2 neutron provider networks defined in the input
# model's neutron configuration
for neutron_network in input_model['neutron-networks'].itervalues():
heat_network = dict(name=neutron_network['name'],
is_mgmt=False,
external=neutron_network['external'])
if neutron_network.get('cidr'):
heat_network['cidr'] = neutron_network['cidr']
if neutron_network.get('gateway'):
heat_network['gateway'] = neutron_network['gateway']
if neutron_network.get('provider'):
provider = neutron_network['provider'][0]
if provider['network_type'] == 'vlan':
if not provider.get('segmentation_id'):
# Neutron network is incompletely defined (VLAN tag is
# dynamically allocated), so it cannot be defined as an
# individual heat network
continue
heat_network['vlan'] = provider['segmentation_id']
elif provider['network_type'] not in ['flat', 'vlan']:
# Only layer 2 neutron provider networks are considered
continue
heat_networks[heat_network['name']] = heat_network
# Collect all the routers required by routes configured in the input model,
# as pairs of networks
routers = set()
# Next, add global networks
for network in input_model['networks'].itervalues():
cidr = None
vlan = network['vlanid'] if network.get('tagged-vlan') else None
gateway = IPAddress(
network['gateway-ip']) if network.get('gateway-ip') else None
if network.get('cidr'):
cidr = IPNetwork(network['cidr'])
heat_network = dict(name=network['name'],
is_mgmt=False,
external=False)
if cidr:
heat_network['cidr'] = str(cidr)
if gateway:
heat_network['gateway'] = str(gateway)
# There is the special case of global networks being used to implement
# flat neutron provider networks. For these networks, we need to
# create a heat network based on the global network parameters
# (i.e. VLAN) and a heat subnet based on the neutron network
# parameters
for neutron_network in network['network-group'].get(
'neutron-networks', {}).itervalues():
heat_neutron_network = heat_networks.get(neutron_network['name'])
if not heat_neutron_network or heat_neutron_network.get('vlan'):
# Ignore neutron networks that:
# - were not already considered at the previous step (i.e.
# are not fully defined or are not layer 2 based)
# - have a vlan (i.e. are not flat)
continue
# Replace the heat neutron network with this global network
# This is the same as updating the heat global network with subnet
# attributes taken from the neutron network
del heat_networks[neutron_network['name']]
heat_network = heat_neutron_network
heat_network['name'] = network['name']
# Only one flat neutron provider network can be associated with a
# global network
break
if vlan:
heat_network['vlan'] = vlan
# For each route, track down the target network
for route in network['network-group']['routes']:
if route == 'default':
# The default route is satisfied by adding the network to the
# external router
heat_network['external'] = True
else:
routers.add((
heat_network['name'],
route['name'],
))
if cidr and cidr in clm_cidr:
clm_network = heat_network
heat_network['external'] = heat_network['is_mgmt'] = True
# Create an address pool range that excludes the list of server
# static IP addresses
fixed_ip_addr_list = \
[IPAddress(server['ip-addr'])
for server in input_model['servers'].itervalues()]
if gateway:
fixed_ip_addr_list.append(gateway)
start_addr = cidr[1]
end_addr = cidr[-2]
for fixed_ip_addr in sorted(list(set(fixed_ip_addr_list))):
if start_addr <= fixed_ip_addr <= end_addr:
if fixed_ip_addr - start_addr < end_addr - fixed_ip_addr:
start_addr = fixed_ip_addr + 1
else:
end_addr = fixed_ip_addr - 1
heat_network['allocation_pools'] = \
[[str(start_addr), str(end_addr)]]
heat_networks[network['name']] = heat_network
heat_template['routers'] = []
for network1, network2 in routers:
if network1 not in heat_template['networks'] or \
network2 not in heat_template['networks']:
continue
network1 = heat_template['networks'][network1]
network2 = heat_template['networks'][network2]
# Re-use the external router, if at least one of the networks is
# already attached to it
if network1['external'] or network2['external']:
network1['external'] = network2['external'] = True
else:
heat_template['routers'].append(
[network1['name'], network2['name']])
heat_interface_models = heat_template['interface_models'] = dict()
for interface_model in input_model['interface-models'].itervalues():
heat_interface_model = \
heat_interface_models[interface_model['name']] = \
dict(
name=interface_model['name'],
ports=[]
)
ports = dict()
clm_ports = dict()
for interface in interface_model['network-interfaces'].itervalues():
devices = interface['bond-data']['devices'] \
if 'bond-data' in interface \
else [interface['device']]
for device in devices:
port_list = ports
port = dict(name=device['name'], networks=[])
if 'bond-data' in interface:
port['bond'] = interface['device']['name']
port['primary'] = \
(device['name'] ==
interface['bond-data']['options'].get('primary',
device['name']))
for network_group in \
interface.get('network-groups', []) + \
interface.get('forced-network-groups', []):
port['networks'].extend([
network['name']
for network in network_group['networks'].itervalues()
])
# Attach the port only to those neutron networks that have
# been validated during the previous steps
port['networks'].extend([
network['name'] for network in network_group.get(
'neutron-networks', dict()).itervalues()
if network['name'] in heat_networks
])
if clm_network['name'] in network_group['networks']:
# if the CLM port is a bond port, then only the
# primary is considered if configured
if not clm_ports and port.get('primary', True):
# Collect the CLM port separately, to put it at
# the top of the list and to mark it as the
# "management" port - the port to which the
# server's management IP address is assigned
port_list = clm_ports
port_list[device['name']] = port
# Add a port for each device, starting with those ports attached to
# the CLM network while at the same time preserving the order of the
# original ports. Ultimately, the port names will be re-aligned to
# those in the input model by an updated NIC mappings input model
# configuration
heat_interface_model['ports'] = [
p[1] for _, p in enumerate(
sorted(clm_ports.items()) + sorted(ports.items()))
]
# Generate storage setup (volumes)
#
# General strategy:
# - one volume for each physical volume specified in the disk model
# - the size of each volume cannot be determined from the input model,
# so this information needs to be supplied separately (TBD)
heat_disk_models = heat_template['disk_models'] = dict()
disks = virt_config['disks']
for disk_model in input_model['disk-models'].itervalues():
heat_disk_model = heat_disk_models[disk_model['name']] = dict(
name=disk_model['name'], volumes=[])
devices = []
for volume_group in disk_model.get('volume-groups', []):
devices += volume_group['physical-volumes']
for device_group in disk_model.get('device-groups', []):
devices += [device['name'] for device in device_group['devices']]
for device in sorted(list(set(devices))):
if device.endswith('da_root'):
continue
device = device.replace('/dev/sd', '/dev/vd')
volume_name = device.replace('/dev/', '')
size = virt_config['disk_size']
# Check if disk size is configured explicitly for the disk model
if disk_model['name'] in disks:
size = disks[disk_model['name']]
if isinstance(size, dict):
# Use the disk size specified for the volume name, or
# the disk model default, or the global default
size = size.get(volume_name) or \
size.get('default') or \
virt_config['disk_size']
heat_disk_model['volumes'].append(
dict(name=volume_name, mountpoint=device, size=size))
# Generate VM setup (servers)
#
# General strategy:
# - one server for each server specified in the disk model
# - the CLM server is special:
# - identification: server hosting the lifecycle-manager
# service component
# - the floating IP is associated with the "CLM" port attached to it
# - the image and flavor used for the server cannot be determined from
# the input model so this information needs to be supplied separately
heat_servers = heat_template['servers'] = []
images = virt_config['images']
flavors = virt_config['flavors']
clm_server = None
for server in input_model['servers'].itervalues():
distro_id = server.get('distro-id', virt_config['sles_distro_id'])
image = None
# Check if image is configured explicitly
# for the server or for the role
if server['id'] in images:
image = images[server['id']]
elif server['role']['name'] in images:
image = images[server['role']['name']]
if isinstance(image, dict):
# Use the image specified for the distribution, or
# the global default
image = image.get(distro_id)
if not image:
image = virt_config['sles_image']
if distro_id == virt_config['rhel_distro_id']:
image = virt_config['rhel_image']
flavor = None
# Check if image is configured explicitly
# for the server or for the role
if server['id'] in flavors:
flavor = flavors[server['id']]
elif server['role']['name'] in flavors:
flavor = flavors[server['role']['name']]
heat_server = dict(
name=server['id'],
ip_addr=server['ip-addr'],
role=server['role']['name'],
interface_model=server['role']['interface-model']['name'],
disk_model=server['role']['disk-model']['name'],
image=image,
flavor=flavor,
is_admin=False,
is_controller=False,
is_compute=False)
# Figure out which server is the CLM host, which are controllers
# and which are computes. This information is used e.g. to determine
# the reboot order during the MU workflow and to identify flavors
# unless explicitly specified for each server or server role
service_groups = server['role'].get('clusters', {}).values()
service_groups += server['role'].get('resources', {}).values()
for service_group in service_groups:
# The CLM server is the first server hosting the lifecycle-manager
# service component.
# Compute nodes host the nova-compute service component
if 'nova-compute' in service_group['service-components']:
heat_server['is_compute'] = True
if not heat_server['flavor']:
heat_server['flavor'] = virt_config['compute_flavor']
# Every server that is not a compute node and hosts service
# components other than those required by the CLM is considered
# a controller node
else:
ctrl_service_components = filter(
lambda sc: sc not in virt_config['clm_service_components'],
service_group['service-components'])
if ctrl_service_components:
heat_server['is_controller'] = True
if not heat_server['flavor']:
heat_server['flavor'] = \
virt_config['controller_flavor']
if not clm_server and \
'lifecycle-manager' in service_group['service-components']:
clm_server = heat_server
heat_server['is_admin'] = True
if not heat_server['flavor']:
heat_server['flavor'] = virt_config['clm_flavor']
heat_servers.append(heat_server)
return heat_template
def _create_prod_vlans(rack, user):
log.debug("_create_prod_vlans")
env = models_env.Ambiente.objects.filter(
dcroom=int(rack.dcroom.id),
divisao_dc__nome="BE",
grupo_l3__nome=str(rack.nome),
ambiente_logico__nome="PRODUCAO").uniqueResult()
log.debug("BE environments: " + str(env))
if rack.dcroom.config:
fabricconfig = rack.dcroom.config
else:
log.debug("sem configuracoes do fabric %s" % str(rack.dcroom.id))
fabricconfig = list()
try:
fabricconfig = json.loads(fabricconfig)
except:
pass
try:
fabricconfig = ast.literal_eval(fabricconfig)
log.debug("config -ast: %s" % str(fabricconfig))
except:
pass
environment = None
father_id = env.id
fabenv = None
for fab in fabricconfig.get("Ambiente"):
if int(fab.get("id")) == int(env.father_environment.id):
fabenv = fab.get("details")
if not fabenv:
log.debug(
"Sem configuracoes para os ambientes filhos - BE, BEFE, BEBO, BECA do ambiente id=%s"
% str())
return 0
fabenv.sort(key=operator.itemgetter('min_num_vlan_1'))
log.debug("Order by min_num_vlan: " + str(fabenv))
for idx, amb in enumerate(fabenv):
try:
id_div = models_env.DivisaoDc().get_by_name(amb.get("name")).id
except:
div_dict = models_env.DivisaoDc()
div_dict.nome = amb.get("name")
div_dict.save()
id_div = div_dict.id
pass
config_subnet = list()
for net in env.configs:
for net_dict in amb.get("config"):
if net_dict.get("type") == net.ip_config.type:
cidr = IPNetwork(net.ip_config.subnet)
prefixo_inicial = 18 if net.ip_config.type == "v4" else 57
prefixo = net_dict.get("mask")
if not idx:
bloco = list(cidr.subnet(int(prefixo)))[0]
log.debug(str(bloco))
else:
bloco1 = list(cidr.subnet(prefixo_inicial))[1]
bloco = list(bloco1.subnet(int(prefixo)))[idx - 1]
log.debug(str(bloco))
network = {
'subnet': str(bloco),
'type': str(net.ip_config.type),
'network_type': int(net.ip_config.network_type.id),
'new_prefix': int(net_dict.get("new_prefix"))
}
config_subnet.append(network)
obj = {
'grupo_l3': env.grupo_l3.id,
'ambiente_logico': env.ambiente_logico.id,
'divisao_dc': id_div,
'acl_path': env.acl_path,
'ipv4_template': env.ipv4_template,
'ipv6_template': env.ipv6_template,
'link': env.link,
'min_num_vlan_2': amb.get("min_num_vlan_1"),
'max_num_vlan_2': amb.get("max_num_vlan_1"),
'min_num_vlan_1': amb.get("min_num_vlan_1"),
'max_num_vlan_1': amb.get("max_num_vlan_1"),
'vrf': env.vrf,
'father_environment': father_id,
'default_vrf': env.default_vrf.id,
'configs': config_subnet,
'fabric_id': rack.dcroom.id
}
environment = facade_env.create_environment(obj)
log.debug("Environment object: %s" % str(environment))
for switch in [rack.id_sw1, rack.id_sw2]:
try:
equipamento_ambiente = EquipamentoAmbiente()
equipamento_ambiente.ambiente = environment
equipamento_ambiente.equipamento = switch
equipamento_ambiente.is_router = True
equipamento_ambiente.create(user)
except EquipamentoAmbienteDuplicatedError:
pass
return environment
def checkGuifiSubnet(ip):
return IPAddress(ip) in IPNetwork("10.0.0.0/8")
def api_foreman(rack):
try:
NETWORKAPI_FOREMAN_URL = get_variable("foreman_url")
NETWORKAPI_FOREMAN_USERNAME = get_variable("foreman_username")
NETWORKAPI_FOREMAN_PASSWORD = get_variable("foreman_password")
FOREMAN_HOSTS_ENVIRONMENT_ID = get_variable(
"foreman_hosts_environment_id")
except ObjectDoesNotExist:
raise var_exceptions.VariableDoesNotExistException(
"Erro buscando as variáveis relativas ao Foreman.")
foreman = Foreman(
NETWORKAPI_FOREMAN_URL,
(NETWORKAPI_FOREMAN_USERNAME, NETWORKAPI_FOREMAN_PASSWORD),
api_version=2)
# for each switch, check the switch ip against foreman know networks, finds foreman hostgroup
# based on model and brand and inserts the host in foreman
# if host already exists, delete and recreate with new information
for [switch, mac] in [[rack.id_sw1, rack.mac_sw1],
[rack.id_sw2, rack.mac_sw2],
[rack.id_ilo, rack.mac_ilo]]:
# Get all foremand subnets and compare with the IP address of the switches until find it
if mac == None:
raise RackConfigError(
None, rack.nome,
("Could not create entry for %s. There is no mac address." %
switch.nome))
ip = _buscar_ip(switch.id)
if ip == None:
raise RackConfigError(
None, rack.nome,
("Could not create entry for %s. There is no management IP." %
switch.nome))
switch_cadastrado = 0
for subnet in foreman.subnets.index()['results']:
network = IPNetwork(ip + '/' + subnet['mask']).network
# check if switches ip network is the same as subnet['subnet']['network'] e subnet['subnet']['mask']
if network.__str__() == subnet['network']:
subnet_id = subnet['id']
hosts = foreman.hosts.index(search=switch.nome)['results']
if len(hosts) == 1:
foreman.hosts.destroy(id=hosts[0]['id'])
elif len(hosts) > 1:
raise RackConfigError(None, rack.nome, (
"Could not create entry for %s. There are multiple entries "
"with the sam name." % switch.nome))
# Lookup foreman hostgroup
# By definition, hostgroup should be Marca+"_"+Modelo
hostgroup_name = switch.modelo.marca.nome + "_" + switch.modelo.nome
hostgroups = foreman.hostgroups.index(search=hostgroup_name)
if len(hostgroups['results']) == 0:
raise RackConfigError(
None, rack.nome,
"Could not create entry for %s. Could not find hostgroup %s "
"in foreman." % (switch.nome, hostgroup_name))
elif len(hostgroups['results']) > 1:
raise RackConfigError(
None, rack.nome,
"Could not create entry for %s. Multiple hostgroups %s found"
" in Foreman." % (switch.nome, hostgroup_name))
else:
hostgroup_id = hostgroups['results'][0]['id']
foreman.hosts.create(
host={
'name': switch.nome,
'ip': ip,
'mac': mac,
'environment_id': FOREMAN_HOSTS_ENVIRONMENT_ID,
'hostgroup_id': hostgroup_id,
'subnet_id': subnet_id,
'build': 'true',
'overwrite': 'true'
})
switch_cadastrado = 1
if not switch_cadastrado:
raise RackConfigError(
None, rack.nome,
"Unknown error. Could not create entry for %s in foreman." %
switch.nome)
def get_space_id_and_family(record):
dhcp_on, space_id, cidr, ip = record
return space_id, IPNetwork(cidr).version
def update(self):
changed = False
svcs = []
params = dict()
current = self.read()
check_mode = self.params['check_mode']
address = self.params['address']
allow_service = self.params['allow_service']
name = self.params['name']
netmask = self.params['netmask']
partition = self.params['partition']
traffic_group = self.params['traffic_group']
vlan = self.params['vlan']
route_domain = self.params['route_domain']
if address is not None and address != current['address']:
raise F5ModuleError('Self IP addresses cannot be updated')
if netmask is not None:
# I ignore the address value here even if they provide it because
# you are not allowed to change it.
try:
address = IPNetwork(current['address'])
new_addr = "%s/%s" % (address.ip, netmask)
nipnet = IPNetwork(new_addr)
if route_domain is not None:
nipnet = "%s%s%s" % (address.ip, route_domain, netmask)
cur_addr = "%s/%s" % (current['address'], current['netmask'])
cipnet = IPNetwork(cur_addr)
if route_domain is not None:
cipnet = "%s%s%s" % (current['address'],
current['route_domain'],
current['netmask'])
if nipnet != cipnet:
if route_domain is not None:
address = "%s%s%s/%s" % (address.ip, '%', route_domain,
netmask)
else:
address = "%s/%s" % (nipnet.ip, nipnet.prefixlen)
params['address'] = address
except AddrFormatError:
raise F5ModuleError(
'The provided address/netmask value was invalid')
if traffic_group is not None:
traffic_group = "/%s/%s" % (partition, traffic_group)
if traffic_group not in self.traffic_groups():
raise F5ModuleError(
'The specified traffic group was not found')
if 'traffic_group' in current:
if traffic_group != current['traffic_group']:
params['trafficGroup'] = traffic_group
else:
params['trafficGroup'] = traffic_group
if vlan is not None:
vlans = self.get_vlans()
vlan = "/%s/%s" % (partition, vlan)
if 'vlan' in current:
if vlan != current['vlan']:
params['vlan'] = vlan
else:
params['vlan'] = vlan
if vlan not in vlans:
raise F5ModuleError('The specified VLAN was not found')
if allow_service is not None:
svcs = self.verify_services()
if 'allow_service' in current:
if svcs != current['allow_service']:
params['allowService'] = self.fmt_services(svcs)
else:
params['allowService'] = self.fmt_services(svcs)
if params:
changed = True
params['name'] = name
params['partition'] = partition
if check_mode:
return changed
self.cparams = camel_dict_to_snake_dict(params)
if svcs:
self.cparams['allow_service'] = list(svcs)
else:
return changed
r = self.api.tm.net.selfips.selfip.load(name=name, partition=partition)
r.update(**params)
r.refresh()
return True
def spine_provision(self, rack, equips):
log.info("AutoprovisionSPN-LF")
numero_rack = self.rack.numero
IPSPINEipv4 = dict()
IPSPINEipv6 = dict()
IPLEAFipv4 = dict()
IPLEAFipv6 = dict()
IPSIBGPipv4 = dict()
IPSIBGPipv6 = dict()
ASLEAF = dict()
PODSBEipv4 = dict()
redesPODSBEipv4 = dict()
subnetsRackBEipv4 = dict()
PODSBEipv6 = dict()
redesPODSBEipv6 = dict()
PODSBEFEipv6 = dict()
redesPODSBEFEipv6 = dict()
PODSBEBOipv6 = dict()
redesPODSBEBOipv6 = dict()
PODSBECAipv6 = dict()
redesPODSBECAipv6 = dict()
redesHostsipv6 = dict()
redeHostsBEipv6 = dict()
redeHostsFEipv6 = dict()
redeHostsBOipv6 = dict()
redeHostsCAipv6 = dict()
redeHostsFILERipv6 = dict()
redesPODSFEipv4 = dict()
redesPODSFEipv6 = dict()
VLANBELEAF = dict()
VLANFELEAF = dict()
VLANBORDALEAF = dict()
VLANBORDACACHOSLEAF = dict()
VLANBORDACACHOSBLEAF = dict()
IPSPINEipv4[numero_rack] = list()
IPSPINEipv6[numero_rack] = list()
IPLEAFipv4[numero_rack] = list()
IPLEAFipv6[numero_rack] = list()
IPSIBGPipv4[numero_rack] = list()
IPSIBGPipv6[numero_rack] = list()
VLANBELEAF[numero_rack] = list()
VLANFELEAF[numero_rack] = list()
VLANBORDALEAF[numero_rack] = list()
VLANBORDACACHOSLEAF[numero_rack] = list()
VLANBORDACACHOSBLEAF[numero_rack] = list()
ASLEAF[numero_rack] = list()
PODSBEipv4[numero_rack] = list()
redesPODSBEipv4[numero_rack] = list()
subnetsRackBEipv4[numero_rack] = list()
PODSBEipv6[numero_rack] = list()
redesPODSBEipv6[numero_rack] = list()
PODSBEFEipv6[numero_rack] = list()
redesPODSBEFEipv6[numero_rack] = list()
PODSBEBOipv6[numero_rack] = list()
redesPODSBEBOipv6[numero_rack] = list()
PODSBECAipv6[numero_rack] = list()
redesPODSBECAipv6[numero_rack] = list()
redesHostsipv6[numero_rack] = list()
redeHostsBEipv6[numero_rack] = list()
redeHostsFEipv6[numero_rack] = list()
redeHostsBOipv6[numero_rack] = list()
redeHostsCAipv6[numero_rack] = list()
redeHostsFILERipv6[numero_rack] = list()
redesPODSFEipv4[numero_rack] = list()
redesPODSFEipv6[numero_rack] = list()
variablestochangespine1 = dict()
variablestochangeleaf1 = dict()
VLANBE = None
VLANFE = None
VLANBORDA = None
VLANBORDACACHOS = None
VLANBORDACACHOSB = None
CIDRBEipv4 = list()
CIDRBO_DSRipv4interno = None
CIDRBO_DSRipv6interno = None
CIDRBOCAAipv4interno = None
CIDRBEipv6 = list()
CIDRBOCAAipv6interno = None
CIDRBOCABipv4interno = None
CIDRBOCABipv6interno = None
try:
path_to_guide = get_variable("path_to_guide")
path_to_add_config = get_variable("path_to_add_config")
path_to_config = get_variable("path_to_config")
except ObjectDoesNotExist:
raise var_exceptions.VariableDoesNotExistException(
"Erro buscando a variável PATH_TO_GUIDE")
try:
variablestochangeleaf1["KICKSTART_SO_LF"] = get_variable(
"kickstart_so_lf")
variablestochangeleaf1["IMAGE_SO_LF"] = get_variable("image_so_lf")
except ObjectDoesNotExist:
raise var_exceptions.VariableDoesNotExistException(
"Erro buscando a variável KICKSTART_SO_LF ou IMAGE_SO_LF.")
equips_sorted = sorted(equips, key=operator.itemgetter('sw'))
dcroom = model_to_dict(rack.dcroom)
log.debug("type: %s" % str(type(dcroom.get("config"))))
fabricconfig = dcroom.get("config")
try:
fabricconfig = json.loads(fabricconfig)
log.debug("type -ast: %s" % str(type(fabricconfig)))
except:
pass
try:
fabricconfig = ast.literal_eval(fabricconfig)
log.debug("config -ast: %s" % str(fabricconfig))
except:
pass
envconfig = fabricconfig
BASE_RACK = dcroom.get("racks")
BGP = envconfig.get("BGP")
BASE_AS_SPN = int(BGP.get("spines"))
BASE_AS_LFS = int(BGP.get("leafs"))
# get fathers environments
dc_name = ["BE", "FE", "BO", "BOCACHOS-A", "BOCACHOS-B"]
vlan_name = list()
for env in dc_name:
for spn in range(1, 5):
name = "VLAN_" + env + "_SPINE0" + str(
spn) + "LEAF_" + self.rack.nome
vlan_name.append(name)
spn_vlan = models_vlan.Vlan.objects.filter(
nome__in=vlan_name).order_by("nome")
log.debug("spn_vlan %s" % spn_vlan)
prod_envs = models_env.Ambiente.objects.filter(
grupo_l3__nome=str(self.rack.nome),
ambiente_logico__nome="PRODUCAO",
divisao_dc__nome__in=[
"BE", "FE", "BO_DSR", "BOCACHOS-A", "BOCACHOS-B"
])
log.debug("prod_envs %s" % prod_envs)
lf_env = models_env.Ambiente.objects.filter(
grupo_l3__nome=str(self.rack.nome),
divisao_dc__nome="BE",
ambiente_logico__nome="LEAF-LEAF").uniqueResult()
log.debug("lf_env %s" % lf_env)
vlanBE = list()
vlanFE = list()
vlanBO = list()
vlanBOCA = list()
vlanBOCAB = list()
for vlan in spn_vlan:
if "_BE_" in vlan.nome:
vlanBE.append(vlan.num_vlan)
CIDRBEipv4.append(IPNetwork(vlan.networks_ipv4[0].networkv4))
CIDRBEipv6.append(IPNetwork(vlan.networks_ipv6[0].networkv6))
elif "_FE_" in vlan.nome:
vlanFE.append(vlan.num_vlan)
elif "_BO_" in vlan.nome:
vlanBO.append(vlan.num_vlan)
elif "_BOCACHOS-A_" in vlan.nome:
vlanBOCA.append(vlan.num_vlan)
elif "_BOCACHOS-B_" in vlan.nome:
vlanBOCAB.append(vlan.num_vlan)
for prod in prod_envs:
if prod.divisao_dc.nome[:2] == "BE":
for net in prod.configs:
if net.ip_version == "v4":
CIDRBEipv4interno = str(net.network)
else:
CIDRBEipv6interno = str(net.network)
elif prod.divisao_dc.nome[:2] == "FE":
for net in prod.configs:
if net.ip_version == "v4":
CIDRFEipv4interno = str(net.network)
else:
CIDRFEipv6interno = str(net.network)
elif prod.divisao_dc.nome == "BO_DSR":
for net in prod.configs:
if net.ip_version == "v4":
CIDRBO_DSRipv4interno = str(net.network)
else:
CIDRBO_DSRipv6interno = str(net.network)
elif prod.divisao_dc.nome == "BOCACHOS-A":
for net in prod.configs:
if net.ip_version == "v4":
CIDRBOCAAipv4interno = str(net.network)
else:
CIDRBOCAAipv6interno = str(net.network)
elif prod.divisao_dc.nome == "BOCACHOS-B":
for net in prod.configs:
if net.ip_version == "v4":
CIDRBOCABipv4interno = str(net.network)
else:
CIDRBOCABipv6interno = str(net.network)
for netlf in lf_env.configs:
if netlf.ip_version == "v4":
IBGPToRLxLipv4 = IPNetwork(str(netlf.network))
elif netlf.ip_version == "v6":
IBGPToRLxLipv6 = IPNetwork(str(netlf.network))
id_vlt = [
envconfig.get("VLT").get("id_vlt_lf1"),
envconfig.get("VLT").get("id_vlt_lf2")
]
priority_vlt = [
envconfig.get("VLT").get("priority_vlt_lf1"),
envconfig.get("VLT").get("priority_vlt_lf2")
]
IPSPINEipv4[numero_rack].append(CIDRBEipv4[0][0])
IPSPINEipv4[numero_rack].append(CIDRBEipv4[1][0])
IPSPINEipv4[numero_rack].append(CIDRBEipv4[2][0])
IPSPINEipv4[numero_rack].append(CIDRBEipv4[3][0])
#
IPLEAFipv4[numero_rack].append(CIDRBEipv4[0][1])
IPLEAFipv4[numero_rack].append(CIDRBEipv4[1][1])
IPLEAFipv4[numero_rack].append(CIDRBEipv4[2][1])
IPLEAFipv4[numero_rack].append(CIDRBEipv4[3][1])
#
IPSIBGPipv4[numero_rack].append(IBGPToRLxLipv4[0])
IPSIBGPipv4[numero_rack].append(IBGPToRLxLipv4[1])
#
IPSPINEipv6[numero_rack].append(CIDRBEipv6[0][0])
IPSPINEipv6[numero_rack].append(CIDRBEipv6[1][0])
IPSPINEipv6[numero_rack].append(CIDRBEipv6[2][0])
IPSPINEipv6[numero_rack].append(CIDRBEipv6[3][0])
#
IPLEAFipv6[numero_rack].append(CIDRBEipv6[0][1])
IPLEAFipv6[numero_rack].append(CIDRBEipv6[1][1])
IPLEAFipv6[numero_rack].append(CIDRBEipv6[2][1])
IPLEAFipv6[numero_rack].append(CIDRBEipv6[3][1])
#
IPSIBGPipv6[numero_rack].append(IBGPToRLxLipv6[0])
IPSIBGPipv6[numero_rack].append(IBGPToRLxLipv6[1])
#
log.debug("vlan subnet")
log.debug(vlanBE)
log.debug(BASE_RACK)
log.debug(numero_rack)
log.debug(vlanFE)
log.debug(vlanBO)
log.debug(vlanBOCA)
log.debug(vlanBOCAB)
log.debug(CIDRBEipv4)
log.debug(CIDRBEipv6)
log.debug("as")
log.debug(BASE_AS_LFS)
log.debug(numero_rack)
ASLEAF[numero_rack].append(BASE_AS_LFS + numero_rack)
for equip, spn, j in zip(equips_sorted[:2], [0, 2], [0, 1]):
variablestochangeleaf1["IPLEAFSP1IPV4"] = str(
IPLEAFipv4[numero_rack][spn])
variablestochangeleaf1["IPLEAFSP2IPV4"] = str(
IPLEAFipv4[numero_rack][spn + 1])
variablestochangeleaf1["IPIBGPIPV4"] = str(
IPSIBGPipv4[numero_rack][j])
variablestochangeleaf1["IPLEAFSP1IPV6"] = str(
IPLEAFipv6[numero_rack][spn])
variablestochangeleaf1["IPLEAFSP2IPV6"] = str(
IPLEAFipv6[numero_rack][spn + 1])
variablestochangeleaf1["IPIBGPIPV6"] = str(
IPSIBGPipv6[numero_rack][j])
log.debug("1")
variablestochangeleaf1["VLANBELEAFSP1"] = str(vlanBE[spn])
variablestochangeleaf1["VLANBELEAFSP2"] = str(vlanBE[spn + 1])
variablestochangeleaf1["VLANFELEAFSP1"] = str(vlanFE[spn])
variablestochangeleaf1["VLANFELEAFSP2"] = str(vlanFE[spn + 1])
variablestochangeleaf1["VLANBORDALEAFSP1"] = str(vlanBO[spn])
variablestochangeleaf1["VLANBORDALEAFSP2"] = str(vlanBO[spn + 1])
variablestochangeleaf1["VLANBORDACACHOSLEAFSP1"] = str(
vlanBOCA[spn])
variablestochangeleaf1["VLANBORDACACHOSLEAFSP2"] = str(
vlanBOCA[spn + 1])
variablestochangeleaf1["VLANBORDACACHOSBLEAFSP1"] = str(
vlanBOCAB[spn])
variablestochangeleaf1["VLANBORDACACHOSBLEAFSP2"] = str(
vlanBOCAB[spn + 1])
log.debug("2")
variablestochangeleaf1["ASLEAF"] = str(ASLEAF[numero_rack][0])
variablestochangeleaf1["IPNEIGHSPINE1IPV4"] = str(
IPSPINEipv4[numero_rack][spn])
variablestochangeleaf1["IPNEIGHSPINE2IPV4"] = str(
IPSPINEipv4[numero_rack][spn + 1])
variablestochangeleaf1["IPNEIGHSPINE1IPV6"] = str(
IPSPINEipv6[numero_rack][spn])
variablestochangeleaf1["IPNEIGHSPINE2IPV6"] = str(
IPSPINEipv6[numero_rack][spn + 1])
if equip.get("nome")[-1] == "1":
log.debug("lf-name: %s. Ip: %s" %
(equip.get("nome"), IPSIBGPipv4[numero_rack][1]))
variablestochangeleaf1["IPNEIGHIBGPIPV4"] = str(
IPSIBGPipv4[numero_rack][1])
variablestochangeleaf1["IPNEIGHIBGPIPV6"] = str(
IPSIBGPipv6[numero_rack][1])
else:
log.debug("lf-name: %s. Ip: %s" %
(equip.get("nome"), IPSIBGPipv4[numero_rack][0]))
variablestochangeleaf1["IPNEIGHIBGPIPV4"] = str(
IPSIBGPipv4[numero_rack][0])
variablestochangeleaf1["IPNEIGHIBGPIPV6"] = str(
IPSIBGPipv6[numero_rack][0])
try:
variablestochangeleaf1["NET_HOST_BE_IPV4"] = CIDRBEipv4interno
variablestochangeleaf1["NET_HOST_FE_IPV4"] = CIDRFEipv4interno
except Exception as e:
raise Exception(
"Error while getting IPv4 CIDR from BE or FE production environment. E: %s"
% e)
if CIDRBO_DSRipv4interno:
variablestochangeleaf1[
"NET_HOST_BO_DSR_IPV4"] = CIDRBO_DSRipv4interno
if CIDRBOCAAipv4interno:
variablestochangeleaf1[
"NET_HOST_BOCAA_IPV4"] = CIDRBOCAAipv4interno
if CIDRBOCABipv4interno:
variablestochangeleaf1[
"NET_HOST_BOCAB_IPV4"] = CIDRBOCABipv4interno
log.debug("3")
variablestochangeleaf1["NET_SPINE1_LF_IPV4"] = str(CIDRBEipv4[0])
variablestochangeleaf1["NET_SPINE2_LF_IPV4"] = str(CIDRBEipv4[1])
variablestochangeleaf1["NET_LF_LF_IPV4"] = str(IBGPToRLxLipv4)
try:
variablestochangeleaf1["NET_HOST_BE_IPV6"] = CIDRBEipv6interno
variablestochangeleaf1["NET_HOST_FE_IPV6"] = CIDRFEipv6interno
except Exception as e:
raise Exception(
"Error while getting IPv6 CIDR from BE or FE production environment. E: %s"
% e)
if CIDRBO_DSRipv6interno:
variablestochangeleaf1[
"NET_HOST_BO_DSR_IPV6"] = CIDRBO_DSRipv6interno
if CIDRBOCAAipv6interno:
variablestochangeleaf1[
"NET_HOST_BOCAA_IPV6"] = CIDRBOCAAipv6interno
if CIDRBOCABipv6interno:
variablestochangeleaf1[
"NET_HOST_BOCAB_IPV6"] = CIDRBOCABipv6interno
log.debug("4")
variablestochangeleaf1["NET_SPINE1_LF_IPV6"] = str(CIDRBEipv6[0])
variablestochangeleaf1["NET_SPINE2_LF_IPV6"] = str(CIDRBEipv6[1])
variablestochangeleaf1["NET_LF_LF_IPV6"] = str(IBGPToRLxLipv6)
variablestochangeleaf1["ID_LEAF"] = str(
equip.get("sw")) # lf1 ou lf2
variablestochangeleaf1["OWN_IP_MGMT"] = equip.get("ip_mngt")
variablestochangeleaf1["LF_HOSTNAME"] = equip.get("nome")
log.debug("5")
for i in equip.get("interfaces"):
if i.get("nome")[:3] == self.leaf_prefix:
variablestochangeleaf1["LFNEIGH_HOSTNAME"] = i.get("nome")
variablestochangeleaf1["LFNEIGH_IP_MGMT"] = i.get(
"ip_mngt")
elif i.get("nome")[:3] == self.spine_prefix:
spine_num = int(i.get("nome")[-1])
variablestochangespine1["ASSPINE"] = str(BASE_AS_SPN +
spine_num - 1)
variablestochangespine1["INTERFACE"] = i.get("interface")
variablestochangespine1["LEAFNAME"] = equip.get("nome")
variablestochangespine1["INT_LF_UPLINK"] = i.get(
"eq_interface")
log.debug("ok if spn")
variablestochangespine1["IPSPINEIPV4"] = str(
IPSPINEipv4[numero_rack][spine_num - 1])
variablestochangespine1["IPSPINEIPV6"] = str(
IPSPINEipv6[numero_rack][spine_num - 1])
variablestochangespine1["VLANBELEAF"] = str(
vlanBE[spine_num - 1])
variablestochangespine1["VLANFELEAF"] = str(
vlanFE[spine_num - 1])
variablestochangespine1["VLANBORDALEAF"] = str(
vlanBO[spine_num - 1])
variablestochangespine1["VLANBORDACACHOSLEAF"] = str(
vlanBOCA[spine_num - 1])
variablestochangespine1["VLANBORDACACHOSB"] = str(
vlanBOCAB[spine_num - 1])
variablestochangespine1["ASLEAF"] = str(
ASLEAF[numero_rack][0])
variablestochangespine1["IPNEIGHLEAFIPV4"] = str(
IPLEAFipv4[numero_rack][spine_num - 1])
variablestochangespine1["IPNEIGHLEAFIPV6"] = str(
IPLEAFipv6[numero_rack][spine_num - 1])
if spine_num in [1, 3]:
variablestochangeleaf1["SP1_HOSTNAME"] = i.get("nome")
variablestochangeleaf1["INTERFACE_SP1"] = i.get(
"interface")
variablestochangeleaf1["ASSPINE1"] = str(BASE_AS_SPN +
spine_num - 1)
else:
variablestochangeleaf1["SP2_HOSTNAME"] = i.get("nome")
variablestochangeleaf1["INTERFACE_SP2"] = i.get(
"interface")
variablestochangeleaf1["ASSPINE2"] = str(BASE_AS_SPN +
spine_num - 1)
fileinspine1 = path_to_guide + i.get("roteiro")
fileoutspine1 = path_to_add_config + i.get(
"nome") + "-ADD-" + rack.nome + ".cfg"
self.replace_file(fileinspine1, fileoutspine1,
variablestochangespine1)
variablestochangespine1 = dict()
elif i.get("nome")[:3] == self.oob_prefix:
variablestochangeleaf1["HOSTNAME_OOB"] = i.get("nome")
variablestochangeleaf1["INTERFACE_OOB"] = i.get(
"interface")
variablestochangeleaf1["ID_VLT"] = str(id_vlt[j])
variablestochangeleaf1["PRIORITY_VLT"] = str(priority_vlt[j])
fileinleaf1 = path_to_guide + equip.get("roteiro")
fileoutleaf1 = path_to_config + equip.get("nome") + ".cfg"
self.replace_file(fileinleaf1, fileoutleaf1,
variablestochangeleaf1)
log.debug(fileoutleaf1)
variablestochangeleaf1 = dict()
return True
def create(self):
params = dict()
svcs = []
check_mode = self.params['check_mode']
address = self.params['address']
allow_service = self.params['allow_service']
name = self.params['name']
netmask = self.params['netmask']
partition = self.params['partition']
traffic_group = self.params['traffic_group']
vlan = self.params['vlan']
route_domain = self.params['route_domain']
if address is None or netmask is None:
raise F5ModuleError('An address and a netmask must be specififed')
if vlan is None:
raise F5ModuleError('A VLAN name must be specified')
else:
vlan = "/%s/%s" % (partition, vlan)
try:
ipin = "%s/%s" % (address, netmask)
ipnet = IPNetwork(ipin)
if route_domain is not None:
params['address'] = "%s%s%s/%s" % (ipnet.ip, '%', route_domain,
ipnet.prefixlen)
else:
params['address'] = "%s/%s" % (ipnet.ip, ipnet.prefixlen)
except AddrFormatError:
raise F5ModuleError(
'The provided address/netmask value was invalid')
if traffic_group is None:
params['trafficGroup'] = "/%s/%s" % (partition, DEFAULT_TG)
else:
traffic_group = "/%s/%s" % (partition, traffic_group)
if traffic_group in self.traffic_groups():
params['trafficGroup'] = traffic_group
else:
raise F5ModuleError(
'The specified traffic group was not found')
vlans = self.get_vlans()
if vlan in vlans:
params['vlan'] = vlan
else:
raise F5ModuleError('The specified VLAN was not found')
if allow_service is not None:
svcs = self.verify_services()
params['allowService'] = self.fmt_services(svcs)
params['name'] = name
params['partition'] = partition
self.cparams = camel_dict_to_snake_dict(params)
if svcs:
self.cparams['allow_service'] = list(svcs)
if check_mode:
return True
d = self.api.tm.net.selfips.selfip
d.create(**params)
if self.exists():
return True
else:
raise F5ModuleError("Failed to create the self IP")
def has_ipv4_prefixes(prefixes=[]):
return any(IPNetwork(prefix).version == 4 for prefix in prefixes or [])
def post(self, request, *args, **kwargs):
# mengambil nilai dari form
formm = NacmForm(request.POST or None)
ipform = IpFormset(request.POST)
upform = UploadForm(request.POST, request.FILES)
userValue = formm['username'].value()
passValue = formm['password'].value()
confValue = formm['conft'].value()
rd_select = str(request.POST['dynamic_routing_select'])
print(rd_select)
id_ospf = str(request.POST['id_ospf'])
router_id = str(request.POST['rid_ospf'])
print(router_id)
# kondisi menentukan routing dynamic yang dipilih
if rd_select == 'ospf':
networkx = (request.POST.getlist('network_ospf'))
prefixs = (request.POST.getlist('prefix_ospf'))
elif rd_select == 'ripv1':
networkx = (request.POST.getlist('network_ripv1'))
prefixs = (request.POST.getlist('prefix_ripv1'))
elif rd_select == 'ripv2':
networkx = (request.POST.getlist('network_ripv2'))
prefixs = (request.POST.getlist('prefix_ripv2'))
areas = (request.POST.getlist('area'))
interface_ospf = str(request.POST['interface_ospf'])
interface_ripv1 = str(request.POST['interface_ripv1'])
interface_ripv2 = str(request.POST['interface_ripv2'])
# jika form valid
if ipform.is_valid() and formm.is_valid():
collect_data = ""
count_form = 0
simpanForm = formm.save()
# perulangan data pada form ipform
for form in ipform:
ipaddr = form.cleaned_data.get('ipaddr')
vendor = form.cleaned_data.get('vendor')
networks = netmask = wildcard = ""
collect_config = "<b>Configure on " + str(
ipaddr) + " | vendor = " + str(vendor) + "</b></br>"
# mengkoneksikan ke perangkat via protokol SSH menggunakan library Paramiko
try:
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
# memasukkan informasi username, password SSH
ssh_client.connect(hostname=ipaddr,
username=userValue,
password=passValue)
remote_conn = ssh_client.invoke_shell()
output = remote_conn.recv(65535)
config_read = None
# menentukan routing dynamic yang digunakan dan membaca template syntax yang tersimpan dari database
if rd_select == 'ospf':
config_read = str(vendor.sett_dynamic_routing_ospf)
elif rd_select == 'ripv1':
config_read = str(vendor.sett_dynamic_routing_ripv1)
elif rd_select == 'ripv2':
config_read = str(vendor.sett_dynamic_routing_ripv2)
# split memakai \r dulu
array_read = config_read.split('\r')
# hasilnya akan ada \n
counter = 0
# membuat perulangan pada network yang di advertise, karena pada advertise network menggunakan form dinamis
for x in range(len(networkx)):
if rd_select == 'ospf':
network = networkx[x]
prefix = prefixs[x]
area = areas[x]
elif rd_select == 'ripv1' or rd_select == 'ripv2':
network = networkx[x]
prefix = prefixs[x]
if prefix != '':
networks = str(network + "/" + prefix)
print(networks)
netmask = IPNetwork(networks).netmask
print(netmask)
wildcard = IPNetwork(networks).hostmask
print(wildcard)
print(vendor)
# membaca code tiap line
for line in array_read:
# menghilangkan \n
new_line = re.sub(r'\n', '', line)
# akan error karena ada nilai kosong dan eval tidak bisa membacanya
# sehingga mengeleminasi nilai kosong
if new_line != '':
config_send = eval(new_line)
collect_config = collect_config + config_send + "</br>"
print(config_send)
# mengirim perintah yang akan dikonfig
# menggunakan non-interactive shell
try:
ssh_client.exec_command(config_send + "\n")
time.sleep(1)
except:
# jika gagal menggunakan interactive shell
try:
if counter == 0:
print("try shell interactive")
counter += 1
remote_conn.send(config_send + "\n")
time.sleep(1)
except:
print("error paramiko")
# menyimpan data ke sqlite
count_form = count_form + 1
collect_data = collect_data + collect_config
if count_form == len(ipform):
simpanForm.conft = collect_data
messages.success(request, collect_config)
ssh_client.close()
simpanIp = form.save(commit=False)
simpanIp.connect_id = simpanForm
print(simpanIp)
simpanIp.save()
simpanForm.save()
# jika gagal terkoneksi
except paramiko.AuthenticationException:
error_conf(
request, collect_config,
"</br>Authentication failed, please verify your credentials"
)
except paramiko.SSHException as sshException:
error_conf(
request, collect_config,
"</br>Could not establish SSH connection: %s" %
sshException)
except socket.timeout as e:
error_conf(request, collect_config,
"</br>Connection timed out")
except Exception as e:
ssh_client.close()
error_conf(
request, collect_config,
"</br>Exception in connecting to the server :%s" % e)
print(e)
return HttpResponseRedirect('routing_dynamic')
