def handle_event(self, event, clientData):
print "-----"
print "Caught: " + event.message
print "-----"
blackhole = False
vtyService = VtyService(router)
vtyService.open()
TEST_CMD1 = "who"
cli_result = vtyService.write(TEST_CMD1)
vtyService.close()
victim_string = " " + victim + " "
lines = cli_result.split("\n")
for line in lines:
if " vty " and victim_string in line:
print "-----"
print "User is on the system: " + victim
entries = line.split()
for entry in entries:
if is_ip_address(entry):
blackhole = True
blackhole_ip = entry
if blackhole:
print "Blackholing ip: " + blackhole_ip
out_if = router.get_interface_by_name("Null0")
routing = Routing.get_instance(router)
approutetable = routing.app_route_table
route_scope = L3UnicastScope("", L3UnicastScope.AFIType.IPV4,
L3UnicastScope.SAFIType.UNICAST, "")
aL3UnicastNextHop = L3UnicastNextHop(out_if, "")
aL3UnicastNextHopList = list()
aL3UnicastNextHopList.append(aL3UnicastNextHop)
destNetworkPrefix = NetworkPrefix(blackhole_ip, 32)
aRoute = L3UnicastRoute(destNetworkPrefix, aL3UnicastNextHopList)
aRoute.admin_distance = 1
routeOperation = L3UnicastRouteOperation(0, aRoute)
routeOperationList = list()
routeOperationList.append(routeOperation)
mylist = approutetable.update_routes(route_scope,
routeOperationList)
print "-----"
print "Type a key to exit script"
def check_target(self):
logger.info("******* CHECKING MEDIATRACE CONFIG *******")
try:
vty = VtyService(self.get_network_element())
vty.open()
resp = vty.write('sho run')
resping = vty.write('ping '+ self.dst_ip)
vty.close()
if resp:
vty.open()
if resp.find('mediatrace initiator source-ip') == -1:
logger.info('"mediatrace initiator ..." not set on target')
logger.info("******* ADDING INITIATOR SOURCE *******")
vty.write('conf t')
vty.write('mediatrace initiator source-ip '+ self.initiater_src)
if resp.find('mediatrace responder') == -1:
logger.info('"mediatrace responder" not set on target ')
logger.info("******* ADDING RESPONDER *******")
vty.write('conf t)
vty.write('mediatrace responder')
if resp.find('service set mediatrace') > -1:
if resping.find('Success rate is 0') > -1:
logger.info('Target cannot reach %s so ECHO '
'traceroute_status will TIMEOUT',
self.dst_ip)
return True
raise Exception('forced fail')
except Exception as e:
logger.info("Target not setup correctly")
res = raw_input('''
Target test device must have the following configurations:
-------------------------------------------------------------------
|conf t |
| mediatrace responder |
| mediatrace initiator source-ip <IP address of Target interface> |
| onep |
| service set mediatrace |
-------------------------------------------------------------------
Enter yes if config has been applied or quit to exit:
''')
if res.startswith('y'):
return self.check_target()
else:
return False
return True
cli_result = vtyService.write(TEST_CMD2)
logger.info("Test Command : %s", TEST_CMD2)
logger.info("Test Command Max Response: %s", MAX_RESPONSE_LENGTH)
logger.info("CLI Result for Test Command : %s", cli_result)
try:
"""Show the parser state attributes"""
tutorial.show_parser_state_attributes(parser_state)
except OnepRemoteProcedureException as re:
logger.error("Error in getting parser state", str(re))
"""Cancel the command execution"""
# START SNIPPET: vty_cancel_cmd
vtyService.cancel()
# END SNIPPET: vty_cancel_cmd
"""Close the VTY connection on NE"""
# START SNIPPET: vty_close
vtyService.close()
# END SNIPPET: vty_close
"""Check if the VTY is still open"""
logger.info("Is Open - %s", vtyService.is_open())
"""Destroy the VTY"""
# START SNIPPET: vty_destroy
vtyService.destroy()
# END SNIPPET: vty_destroy
except Exception, e:
# START SNIPPET: disconnect_ne
tutorial.disconnect()
# END SNIPPET: disconnect_ne
logger.error(str(e))
tutorial.disconnect()
sys.exit(0)
# clear all entries at the end of the ACL
while i<maxACLLines:
commandList+="no "+str(i+1)+"\n"
i+=1
commandList+=str(maxACLLines+1)+" permit any any\n"
ne_vty=VtyService(ne)
try:
ne_vty.open()
except:
print("ERROR: Couldn't connect to VtyService "+ne.host_address)
else:
cli_result=ne_vty.write(commandList)
ne_vty.close()
ne.disconnect()
#print the ACL to screen for visual check
# ------ START - remove this for production -------
print("ip access-list extended "+aclName)
i=0
for printIP in resolvedIPs:
print(str(i+1)+" deny ip any "+printIP+" 0.0.0.0")
i+=1
while i<maxACLLines:
print("no "+str(i+1))
i+=1
print(str(maxACLLines+1)+" permit any any")
