def run(self):
self.net_connect = ConnectHandler(**self.net_device)
self.net_connect.find_prompt()
output = self.net_connect.send_command_timing(
"sudo -S <<< 7654321 ovs-vsctl show | grep is_connected",
strip_command=False,
strip_prompt=False)
output = output.split('\n')[1]
if 'true' in output:
connected_ovses.append(self.net_device['ip'])
else:
#disconnected_ovses.append(self.net_device['ip'])
command = "sudo -S <<< 7654321 ovs-vsctl get-controller {}".format(
BRIDGE)
controller_config = self.net_connect.send_command_timing(
command, strip_command=False, strip_prompt=False)
controller_config = controller_config.split('\n')[1]
of_ver = self.net_connect.send_command_timing(
"sudo -S <<< 7654321 ovs-vsctl get bridge br0 protocols",
strip_command=False,
strip_prompt=False)
of_ver = of_ver.split('\n')[1]
of_versions = re.findall(r'OpenFlow\d+', of_ver)
disconnected_ovses.append({
'switch_mgmt_ip': self.net_device['ip'],
'controller_config': controller_config,
'of_versions': of_versions,
})
def __init__(self, *args, **kwargs):
"""
Constructor of the SSHDetect class
"""
if kwargs["device_type"] != "autodetect":
raise ValueError("The connection device_type must be 'autodetect'")
self.connection = ConnectHandler(*args, **kwargs)
# Call the _test_channel_read() in base to clear initial data
output = BaseConnection._test_channel_read(self.connection)
self.initial_buffer = output
self.potential_matches = {}
self._results_cache = {}
def ssh_version(host: str, username: str, password: str):
""" Get Device Type and Version using SSH Netmiko
:param host: Hostname or IP adress of the router/switch
:param username: Username
:param password: Password
:return: list [device, version]
"""
command = 'show version'
remote_device = {
'device_type': 'cisco_ios',
'host': host,
'username': username,
'password': password
}
VERSION_MAPPER = {
'iosxe': {
'device_pattern': [r'Cisco IOS XE Software', r'IOS-XE'],
'version_pattern':
'Cisco.IOS.XE.Software.*Version\s+([^,\s]+)[.|\s]+'
},
'ios': {
'device_pattern': [
r'Cisco IOS Software',
r'Cisco Internetwork Operating System Software'
],
'version_pattern':
r'Cisco.IOS.Software.*Version\s+([^,\s]+).+'
},
'nxos': {
'device_pattern': [r'Cisco Nexus Operating System', r'NX-OS'],
'version_pattern': r'.*version (\d+.+)$'
}
}
try:
conn = ConnectHandler(**remote_device)
output = conn.send_command(command)
logging.debug(output)
except (NetmikoAuthenticationException, NetmikoTimeoutException) as e:
logging.error(e)
exit(1)
for device_type, patterns in VERSION_MAPPER.items():
for pattern in patterns['device_pattern']:
match = re.search(pattern, output, flags=re.I)
if match:
version = re.findall(patterns['version_pattern'], output,
re.MULTILINE)
if version:
return [device_type, version[0]]
def __init__(self, *args: Any, **kwargs: Any) -> None:
"""
Constructor of the SSHDetect class
"""
if kwargs["device_type"] != "autodetect":
raise ValueError("The connection device_type must be 'autodetect'")
# Always set cmd_verify to False for autodetect
kwargs["global_cmd_verify"] = False
self.connection = ConnectHandler(*args, **kwargs)
# Call the _test_channel_read() in base to clear initial data
output = BaseConnection._test_channel_read(self.connection)
self.initial_buffer = output
self.potential_matches: Dict[str, int] = {}
self._results_cache: Dict[str, str] = {}
def run(self):
self.net_connect = ConnectHandler(**self.net_device)
self.net_connect.find_prompt()
#Add true_of_version
command = "sudo -S <<< 7654321 ovs-vsctl set bridge {} protocols={}".format(
BRIDGE, self.true_of_version)
output = self.net_connect.send_command_timing(command,
strip_command=False,
strip_prompt=False)
print("Added Version: {}, Switch: {}".format(self.true_of_version,
self.net_device['ip']))
def run(self):
self.net_connect = ConnectHandler(**self.net_device)
self.net_connect.find_prompt()
#Remove false ctl config
command = "sudo -S <<< 7654321 ovs-vsctl del-controller {}".format(
BRIDGE)
output = self.net_connect.send_command_timing(command,
strip_command=False,
strip_prompt=False)
#Add true ctl config
command = "sudo -S <<< 7654321 ovs-vsctl set-controller {} {}".format(
BRIDGE, self.true_ctl_config)
output = self.net_connect.send_command_timing(command,
strip_command=False,
strip_prompt=False)
def main():
"""
This will run an ssh command successfully on an Ericsson IPPOS.
SSH must be enabled on the device
"""
ericsson_connect = {
"device_type": "ericsson_ipos",
"ip": "1.1.1.1",
"username": "******",
"password": "******",
}
net_connect = ConnectHandler(**ericsson_connect)
output = net_connect.send_command("show ip int brief")
print(output)
output_commit = net_connect.commit()
print(output_commit)
def run(self):
self.config_set = []
self.net_connect = ConnectHandler(**self.net_device)
self.local_as = misconfigured_routers_info[0]['local_as']
self.misconfigured_line = self.misconfigured_routers_info[0][
'misconfigured_line']
self.true_remote_as = self.misconfigured_routers_info[0][
'true_remote_as']
self.true_remote_ip = self.misconfigured_routers_info[0][
'true_remote_ip']
self.config_set.append('router bgp {}'.format(self.local_as))
if self.misconfigured_line:
self.config_set.append('no {}'.format(self.misconfigured_line))
self.config_set.append('neighbor {} remote-as {}'.format(
self.true_remote_ip, self.true_remote_as))
self.net_connect.send_config_set(self.config_set)
def _handleThread(self):
while not self._deviceQueue.empty():
try:
results = []
device = self._deviceQueue.get_nowait()
# print('Handling ' + device)
device_type = self._detect(device)
if device_type:
net_connect = {
'device_type': device_type,
'host': device,
'username': self._username,
'password': self._password
}
if self._global_delay_factor:
net_connect[
'global_delay_factor'] = self._global_delay_factor
connection = ConnectHandler(**net_connect)
for command in self._commandList:
output = connection.send_command(command)
results.append((command, output))
connection.disconnect()
self._outputQueue.put({
'device': device,
'results': results,
'connected': True
})
else:
self._outputQueue.put({
'device': device,
'results': None,
'connected': False
})
except Exception as e:
self._outputQueue.put({
'device': device,
'results': None,
'connected': False
})
finally:
self._show_progress(self._outputQueue.qsize(),
self._deviceCount)
def execute_scan(scan_pk):
devices = Device.objects.all()
scan = Scan.objects.get(pk=scan_pk)
dev_total = len(devices)
dev_scanned = 0
for i, device in enumerate(devices):
scan.status = str(dev_scanned) + '/' + str(dev_total) + ' devices'
scan.save()
remote_device = {
'host': device.ip,
'username': scan.username,
'password': scan.password,
'device_type': device.device_type,
}
try:
if remote_device['device_type'] == 'autodetect':
guesser = SSHDetect(**remote_device)
remote_device['device_type'] = guesser.autodetect()
connection = ConnectHandler(**remote_device)
if remote_device['device_type'] == 'cisco_ios':
device_info = parse_output(
platform=remote_device['device_type'],
command="show version",
data=connection.send_command("show version"),
)[0]
device.device_type = remote_device['device_type']
device.hostname = device_info['hostname']
device.image = device_info['running_image']
device.os_version = device_info['version']
device.uptime = device_info['uptime']
device.serial = device_info['serial'][0]
device.mac = device_info['mac'][0].lower().replace(':', '.')
device.hardware = device_info['hardware'][0]
device.last_seen = timezone.now()
if not device.first_seen:
device.first_seen = device.last_seen
device.save()
interface_info = parse_output(
platform=remote_device['device_type'],
command="show ip int brief",
data=connection.send_command("show ip int brief"),
)
for item in interface_info:
if item['ipaddr'] != 'unassigned':
try:
host = Host.objects.get(pk=item['ipaddr'])
host.delete()
except Host.DoesNotExist:
pass
try:
interface = Interface.objects.get(
pk=item['ipaddr'])
interface.name = item['intf']
interface.device = device
except Interface.DoesNotExist:
interface = Interface(ip=item['ipaddr'],
name=item['intf'],
device=device)
interface.save()
arp_info = parse_output(
platform=remote_device['device_type'],
command="show ip arp",
data=connection.send_command("show ip arp"),
)
for item in arp_info:
try:
interface = Interface.objects.get(pk=item['address'])
interface.mac = item['mac']
interface.save()
try:
host = Host.objects.get(pk=item['address'])
host.delete()
except Host.DoesNotExist:
pass
except Interface.DoesNotExist:
try:
host = Host.objects.get(pk=item['address'])
host.mac = item['mac']
host.vlan = item['interface']
host.last_seen = timezone.now()
host.save()
host.access_interface.add(
Interface.objects.get(device=device,
name=item['interface']))
host.scans_found.add(scan)
except Host.DoesNotExist:
host = Host(ip=item['address'],
mac=item['mac'],
vlan=item['interface'])
host.first_seen = timezone.now()
host.last_seen = timezone.now()
host.save()
host.access_interface.add(
Interface.objects.get(device=device,
name=item['interface']))
host.scans_found.add(scan)
dev_scanned += 1
except:
continue
scan.finish_date = timezone.now()
if dev_scanned == dev_total:
scan.status = 'Completed'
else:
scan.status = 'Partial Failure'
scan.username = scan.password = ''
scan.save()
import pandas as pd
import re
remote_device = {
'device_type': 'autodetect',
'host': '192.168.1.1',
'username': '******',
'password': '******',
}
guesser = SSHDetect(**remote_device)
best_match = guesser.autodetect()
print('Firmware Type:', best_match)
remote_device['device_type'] = best_match
connection = ConnectHandler(**remote_device)
vlan_set = connection.send_command('show ip interface brief', use_textfsm=True)
svi_list = []
for i in vlan_set:
if 'Vlan' in i['intf']:
svi_list.append(i['intf'])
list1 = []
list2 = []
for svi in svi_list:
ipadd = connection.send_command(
'show running-config interface {} | in address | exclude dhcp'.format(
svi))
def find_mac_address(remote_device, mac_address, results_list):
"""Updates list of interfaces that have learnt the specified MAC address"""
try:
# Auto-detect device type & establish correct SSH connection
best_match = guess_device_type(remote_device)
if best_match is None:
return
else:
remote_device["device_type"] = best_match
device = ConnectHandler(**remote_device)
except NetMikoAuthenticationException:
print(
f"Failed to execute CLI on {remote_device['host']} due to incorrect credentials."
)
return
except (NetMikoTimeoutException, SSHException):
print(
f"Failed to execute CLI on {remote_device['host']} due to timeout or SSH not enabled."
)
return
except ValueError:
print(
f"Unsupported platform {remote_device['host']}, {remote_device['device_type']}."
)
return
else:
# IOS, IOS XE & NX-OS
if (best_match == "cisco_ios" or best_match == "cisco_xe"
or best_match == "cisco_nxos"):
# Grab MAC address table & extract information
cli_output = device.send_command(
f"show mac address-table | include {mac_address}")
if cli_output is None or len(cli_output) == 0:
device.disconnect()
return
cli_output = cli_output.split("\n")
# Iterate through results
for cli_line in cli_output:
cli_items = cli_line.split()
# Skip empty result lines
if not cli_items:
continue
cli_output2 = device.send_command(
f"show interface {cli_items[-1]}")
int_description = re.search(r"Description: (.+)", cli_output2)
int_description = (int_description.group(1).rstrip()
if int_description else "")
if best_match == "cisco_nxos":
results_list.append([
remote_device["host"],
cli_items[-1],
int_description,
cli_items[1],
])
else:
results_list.append([
remote_device["host"],
cli_items[-1],
int_description,
cli_items[0],
])
device.disconnect()
# JunOS
elif best_match == "juniper" or best_match == "juniper_junos":
# Switch MAC address format from aaaa.bbbb.cccc to aa:aa:bb:bb:cc:cc
junos_mac_address = mac_address
for digit in junos_mac_address:
if digit in ".:-":
junos_mac_address = junos_mac_address.replace(digit, "")
junos_mac_address = (
f"{junos_mac_address[0:2]}:{junos_mac_address[2:4]}:{junos_mac_address[4:6]}"
f":{junos_mac_address[6:8]}:{junos_mac_address[8:10]}:{junos_mac_address[10:12]}"
)
# Grab MAC address table & extract information
cli_output = device.send_command(
f"show ethernet-switching table brief | match {junos_mac_address}"
)
if cli_output is None or len(cli_output) <= 1:
device.disconnect()
return
cli_output = cli_output.split("\n")
# Iterate through results
for cli_line in cli_output:
# Skip empty result lines
if cli_line is None or len(cli_line) <= 1:
continue
cli_items = cli_line.split()
if not cli_items:
continue
int_name = re.search(r"(\w.+)\.\d+", cli_items[-1])
if int_name:
int_name = int_name.group(1)
cli_output2 = device.send_command(
f"show interfaces {int_name}")
int_description = re.search(r"Description: (.+)",
cli_output2)
int_description = (int_description.group(1).rstrip()
if int_description else "")
else:
continue
results_list.append([
remote_device["host"],
cli_items[-1],
int_description,
cli_items[0],
])
device.disconnect()
# Arista EOS
elif best_match == "arista_eos":
# Grab MAC address table & extract information
cli_output = device.send_command(
f"show mac address-table | include {mac_address}")
if cli_output is None or len(cli_output) == 0:
device.disconnect()
return
cli_output = cli_output.split("\n")
# Iterate through results
for cli_line in cli_output:
cli_items = cli_line.split()
# Skip empty result lines
if not cli_items:
continue
cli_output2 = device.send_command(
f"show interfaces {cli_items[3]}")
int_description = re.search(r"Description: (.+)", cli_output2)
int_description = (int_description.group(1).rstrip()
if int_description else "")
results_list.append([
remote_device["host"], cli_items[3], int_description,
cli_items[0]
])
device.disconnect()
# Unsupported, disconnect
else:
device.disconnect()
import time
from netmiko import redispatch
from netmiko.ssh_dispatcher import ConnectHandler
jumpserver = {
'device_type': 'terminal_server',
'ip': '10.108.16.104',
'username': '******',
'password': '******',
# 'global_delay_factor':2
}
print("Connecting %s" % jumpserver)
net_connect = ConnectHandler(**jumpserver)
print(net_connect.find_prompt())
filewrite = open("output1.txt", "a")
file_obj = open("officeDevice.txt", "r")
for line in file_obj:
print("Connecting ***** %s" % line)
net_connect.write_channel("mtrad " + line)
time.sleep(1)
net_connect.read_channel()
redispatch(net_connect, device_type='cisco_ios_telnet')
output = net_connect.send_command("show version | i IOS")
output = net_connect.send_command("show mod | i 10GE")
print(output)
def run(self):
global misconfigured_routers_info
#true remote ip is controller
self.true_remote_as, self.true_remote_ip = get_bgp_config(
self.net_device['ip'])
self.net_connect = ConnectHandler(**self.net_device)
#Assuming one neighbor
self.neighbor_line = self.net_connect.send_command_timing(
"sh run | include neighbor | exclude bgp",
strip_command=False,
strip_prompt=False)
self.neighbor_line_list = self.neighbor_line.split()
self.bgp_line = self.net_connect.send_command_timing(
"sh run | include router bgp",
strip_command=False,
strip_prompt=False)
self.bgp_line_list = self.bgp_line.split()
self.local_as = self.bgp_line_list[8]
self.neighbor_line = self.neighbor_line.split('bgp\n ')[-1]
self.neighbor_line = self.neighbor_line.split('\n')[0]
if len(self.neighbor_line_list) != 0:
#Check for misconfiguration
configured_remote_as = self.neighbor_line_list[3]
configured_remote_ip = self.neighbor_line_list[1]
if self.true_remote_as == configured_remote_as and configured_remote_ip == self.true_remote_ip:
pass
else:
misconfigured_routers_info.append({
'router_ip':
self.net_device['ip'],
'local_as':
self.local_as,
'misconfigured_line':
self.neighbor_line,
'true_remote_as':
self.true_remote_as,
'true_remote_ip':
self.true_remote_ip
})
#Neighbor not configured at all. Configure now
else:
misconfigured_routers_info.append({
'router_ip':
self.net_device,
'local_as':
self.local_as,
'misconfigured_line':
None,
'true_remote_as':
self.true_remote_as,
'true_remote_ip':
self.true_remote_ip
})