def updateClustering_mongo(dataDict_value, this_processor_queue,
mongo_db_clusterGroup_collection_name):
hostnameValues = dataDict_value.values()
for _hostname_ in hostnameValues:
if len(
exact_findout(mongo_db_clusterGroup_collection_name,
{u'hahostname': _hostname_})):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "%(_hostname_)s already clustered" % {
"_hostname_": _hostname_
}
}
this_processor_queue.put(return_object)
return False
for _hostname_ in hostnameValues:
for _element_ in exact_findout(mongo_db_clusterGroup_collection_name,
{u'hostname': _hostname_}):
if (not re.match('^none$', str(_element_[u'clusterStatus']))) or (
not re.match('^none$', str(_element_[u'hahostname']))):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "%(_hostname_)s has cluster member" % {
"_hostname_": _hostname_
}
}
this_processor_queue.put(return_object)
return False
for _hostname_ in hostnameValues:
for _hahostname_ in hostnameValues:
if (not re.match(str(_hostname_), str(_hahostname_))) and (
not re.match(str(_hahostname_), str(_hostname_))):
if len(
exact_findout(mongo_db_clusterGroup_collection_name,
{u'hostname': _hostname_})):
remove_data_in_collection(
mongo_db_clusterGroup_collection_name,
{u'hostname': _hostname_})
insert_dictvalues_into_mongodb(
mongo_db_clusterGroup_collection_name, {
u'hostname': _hostname_,
u'hahostname': _hahostname_,
u'clusterStatus': u'clustered'
})
return_object = {
"items": [],
"process_status": "done",
"process_msg": "clustering done "
}
this_processor_queue.put(return_object)
def obtainItemsRuleHas(_element_, partialMatchList):
_sourceEveryNet_ = []
_destinationEveryNet_ = []
_sourceEveryPort_ = []
_destinationEveryPort_ = []
for _inersectionElement_ in partialMatchList:
_ruleNameSeq_ = str(_inersectionElement_).strip().split('#')
_copiedElement_ = copy.copy(_element_)
_copiedElement_["policyname"] = _ruleNameSeq_[0]
_copiedElement_["sequence_number"] = _ruleNameSeq_[1]
_fromDB_values_ = exact_findout('juniperSrx_cachePolicyTable', _copiedElement_)
for _dictValue_ in _fromDB_values_:
#_fromDB_srcIp_ = str(_dictValue_[u'srcIp']).strip()
#_fromDB_dstIp_ = str(_dictValue_[u'dstIp']).strip()
#_fromDB_srcPort_ = str(_dictValue_[u'srcPort']).strip()
#_fromDB_dstPort_ = str(_dictValue_[u'dstPort']).strip()
for _fromDB_srcIp_ in _dictValue_[u'srcIp']:
_stringText_ = str(_fromDB_srcIp_).strip()
if _stringText_ not in _sourceEveryNet_:
_sourceEveryNet_.append(_stringText_)
for _fromDB_dstIp_ in _dictValue_[u'dstIp']:
_stringText_ = str(_fromDB_dstIp_).strip()
if _stringText_ not in _destinationEveryNet_:
_destinationEveryNet_.append(_stringText_)
for _fromDB_srcPort_ in _dictValue_[u'srcPort']:
_stringText_ = str(_fromDB_srcPort_).strip()
if _stringText_ not in _sourceEveryPort_:
_sourceEveryPort_.append(_stringText_)
for _fromDB_dstPort_ in _dictValue_[u'dstPort']:
_stringText_ = str(_fromDB_dstPort_).strip()
if _stringText_ not in _destinationEveryPort_:
_destinationEveryPort_.append(_stringText_)
return _sourceEveryNet_, _destinationEveryNet_, _sourceEveryPort_, _destinationEveryPort_
def obtainPatialPort(_element_, _typeValue_, thisSrcIp):
if re.search('tcp/', thisSrcIp, re.I) or re.search('udp/', thisSrcIp, re.I):
portRangeList = str(thisSrcIp.split('/')[-1]).strip().split('-')
startNumber = int(portRangeList[0])
endNumber = int(portRangeList[1])
_thisPortNumber_ = map(lambda x : x + startNumber, range(endNumber - startNumber + 1))
_thisPortCount_ = len(_thisPortNumber_)
valuesForQuery = copy.copy(_element_)
valuesForQuery["type"] = str(_typeValue_)
valuesForQuery["size"] = { '$gt':0 }
_fromDB_values_ = exact_findout('juniperSrx_cacheObjects', valuesForQuery)
itemValuesList = []
for _dictValue_ in _fromDB_values_:
fromKeyNameString = str(_dictValue_[u'keyname']).strip()
if re.search('tcp/', fromKeyNameString, re.I) or re.search('udp/', fromKeyNameString, re.I):
_fromDB_portRangeList_ = str(fromKeyNameString.split('/')[-1]).strip().split('-')
_fromDB_startNumber_ = int(_fromDB_portRangeList_[0])
_fromDB_endNumber_ = int(_fromDB_portRangeList_[1])
_fromDBPortNumber_ = map(lambda x : x + _fromDB_startNumber_, range(_fromDB_endNumber_ - _fromDB_startNumber_ + 1))
_fromDBPortCount = len(_fromDBPortNumber_)
if len(list(set(_thisPortNumber_).intersection(_fromDBPortNumber_))):
for itemValue in _dictValue_[u'values']:
if itemValue not in itemValuesList:
itemValuesList.append(itemValue)
return itemValuesList
elif re.search('all', thisSrcIp, re.I) or re.search('0/0-65535', thisSrcIp, re.I):
return perfectMatch_valueSearch(_element_, _typeValue_, 'all')
else:
return perfectMatch_valueSearch(_element_, _typeValue_, thisSrcIp)
def perfectMatch_valueSearch(_element_, _typeValue_, thisSrcIp):
valuesForQuery = copy.copy(_element_)
valuesForQuery["type"] = str(_typeValue_)
valuesForQuery["keyname"] = thisSrcIp
_fromDB_values_ = exact_findout('juniperSrx_cacheObjects', valuesForQuery)
itemValuesList = []
for _dictValue_ in _fromDB_values_:
for itemValue in _dictValue_[u'values']:
if itemValue not in itemValuesList:
itemValuesList.append(itemValue)
return itemValuesList
def convertDictFromMatched(_returnOutputMemory_, statusAfterPerfectMatchProcessor, _dictForKeyName_):
for _dictionaryElement_ in statusAfterPerfectMatchProcessor:
_keyName_ = "%(hostname)s %(from_zone)s %(to_zone)s" % _dictionaryElement_
#
if _keyName_ not in _returnOutputMemory_:
_returnOutputMemory_[_keyName_] = {}
#
if _dictForKeyName_ not in _returnOutputMemory_[_keyName_].keys():
_returnOutputMemory_[_keyName_][_dictForKeyName_] = {}
_returnOutputMemory_[_keyName_][_dictForKeyName_]['matchstatus'] = 0
_returnOutputMemory_[_keyName_][_dictForKeyName_]['matchitems'] = []
_returnOutputMemory_[_keyName_][_dictForKeyName_]['policyrules'] = []
#
_keyNameByHostName_ = _returnOutputMemory_[_keyName_].keys()
#
_returnOutputMemory_[_keyName_][_dictForKeyName_]['matchstatus'] = _dictionaryElement_['matchstatus']
_exceptListSum_ = []
for _matchKeyName_ in _keyNameByHostName_:
if not re.search(_dictForKeyName_, _matchKeyName_, re.I):
_exceptListSum_ = _exceptListSum_ + _returnOutputMemory_[_keyName_][_matchKeyName_]['matchitems']
for _uniqueElement_ in _dictionaryElement_['matchitems']:
if _uniqueElement_ not in _exceptListSum_:
_returnOutputMemory_[_keyName_][_dictForKeyName_]['matchitems'].append(_uniqueElement_)
#
_sortingBox_ = {}
for _uniqueElement_ in _returnOutputMemory_[_keyName_][_dictForKeyName_]['matchitems']:
_splitedElement_ = str(_uniqueElement_).strip().split('#')
_insertQuery_ = {
'policyname': _splitedElement_[0],
'sequence_number': _splitedElement_[1],
'hostname': _dictionaryElement_['hostname'],
'from_zone': _dictionaryElement_['from_zone'],
'to_zone': _dictionaryElement_['to_zone']
}
_fromDB_values_ = exact_findout('juniperSrx_cachePolicyTable', _insertQuery_)
for _dbElement_ in _fromDB_values_:
_copiedElement_ = copy.copy(_dbElement_)
_seqNumber_ = int(_copiedElement_[u'sequence_number'])
if _seqNumber_ not in _sortingBox_.keys():
_sortingBox_[_seqNumber_] = {}
del _copiedElement_[u'_id']
_sortingBox_[_seqNumber_] = _copiedElement_
#
_indexNumber_ = _sortingBox_.keys()
_indexNumber_.sort()
_outValuseList_ = []
for _Number_ in _indexNumber_:
_outValuseList_.append(_sortingBox_[_Number_])
_returnOutputMemory_[_keyName_][_dictForKeyName_]['policyrules'] = _outValuseList_
return _returnOutputMemory_
def obtainIncludeAddress(_element_, _typeValue_, thisSrcIp):
if re.search('^all$',thisSrcIp, re.I):
return perfectMatch_valueSearch(_element_, _typeValue_, thisSrcIp)
else:
valuesForQuery = copy.copy(_element_)
valuesForQuery["type"] = str(_typeValue_)
valuesForQuery["size"] = { '$lte':int(thisSrcIp.strip().split('/')[-1]) }
_fromDB_values_ = exact_findout('juniperSrx_cacheObjects', valuesForQuery)
itemValuesList = []
for _dictValue_ in _fromDB_values_:
_fromDB_keyvalueString_ = str(_dictValue_[u'keyname']).strip()
if re.search('[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/[0-9]+', _fromDB_keyvalueString_):
if IPNetwork(thisSrcIp) in IPNetwork(_fromDB_keyvalueString_):
for itemValue in _dictValue_[u'values']:
if itemValue not in itemValuesList:
itemValuesList.append(itemValue)
return itemValuesList
def findOut_fwAndZone(_element_, inputObject, this_processor_queue):
# find valid zone
validZoneList = []
_fromDB_values_ = exact_findout('juniperSrx_devicesInfomation', {"hostname":_element_, "zoneValidation" : "enable"})
for _dictValue_ in _fromDB_values_:
_stringInsert_ = {
'from_zone':str(_dictValue_[u'from_zone']).strip(),
'to_zone':str(_dictValue_[u'to_zone']).strip()
}
_uniqueString_ = "%(from_zone)s %(to_zone)s" % _stringInsert_
if _uniqueString_ not in validZoneList:
validZoneList.append(_uniqueString_)
# routing engin create
rtree = radix.Radix()
#
_fromDB_values_ = exact_findout('juniperSrx_routingTable', {"hostname":_element_})
for _dictValue_ in _fromDB_values_:
#
_hostNameString_ = str(_dictValue_[u'hostname']).strip()
_zoneNameString_ = str(_dictValue_[u'zonename']).strip()
_routingAddressString_ = str(_dictValue_[u'routing_address']).strip()
#
descriptionString = "%(_hostNameString_)s %(_zoneNameString_)s" % {"_hostNameString_":_hostNameString_, "_zoneNameString_":_zoneNameString_}
#
rnode = rtree.add(_routingAddressString_)
rnode.data["nextHop"] = descriptionString
# address definition
srcIpString = str(inputObject[u'srcIp']).strip()
dstIpString = str(inputObject[u'dstIp']).strip()
#
copiedSrcIpString = copy.copy(srcIpString)
copiedDstIpString = copy.copy(dstIpString)
#
if re.search("^all$", copiedSrcIpString, re.I):
copiedSrcIpString = "0.0.0.0/0"
if re.search("^all$", copiedDstIpString, re.I):
copiedDstIpString = "0.0.0.0/0"
# routing engin search
memberSrcList = findOutNextHop_RoutingEngin(rtree, copiedSrcIpString)
memberDstList = findOutNextHop_RoutingEngin(rtree, copiedDstIpString)
#
for _sourceElement_ in memberSrcList:
_sourceZoneName_ = _sourceElement_.strip().split()[-1]
for _destinationElement_ in memberDstList:
_destinationZoneName_ = _destinationElement_.strip().split()[-1]
#
if not (re.search(_sourceZoneName_, _destinationZoneName_, re.I) and re.search(_destinationZoneName_, _sourceZoneName_, re.I)):
_stringInsert_ = {
'hostname':_element_,
'from_zone':_sourceZoneName_,
'to_zone':_destinationZoneName_
}
_uniqueString_ = "%(from_zone)s %(to_zone)s" % _stringInsert_
if _uniqueString_ in validZoneList:
this_processor_queue.put(_stringInsert_)
#
time.sleep(1)
def obtain_showroute(_primaryip_, mongo_db_collection_name):
#
HostNamesList = exact_findout('juniperSrx_registeredDevices',{ "apiaccessip" : str(_primaryip_) })
_thisHostName_ = HostNamesList[0][u'hostname']
#
_ifName_memory_ = {}
for _dict_ in exact_findout('juniperSrx_zonestatus',{ "status" : "on", "apiaccessip" : str(_primaryip_) }):
_ifName_ = str(_dict_[u'interface'])
if _ifName_ not in _ifName_memory_.keys():
_ifName_memory_[_ifName_] = str(_dict_[u'zonename'])
# routing
_origin_filepath_ = "/var/tmp/thisHost_routingTableAll"
_cmd_ = "show route | no-more | save %(_origin_filepath_)s\n" % {"_origin_filepath_":_origin_filepath_}
laststring_pattern = "Wrote [0-9]* line[s]* of output to \'%(_origin_filepath_)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % {"_origin_filepath_":_origin_filepath_}
runssh_clicommand(_primaryip_, laststring_pattern, _cmd_)
_remote_filename_ = USER_VAR_ROUTING + "routingtable@%(_primaryip_)s" % {"_primaryip_":_primaryip_}
sftp_file_download(_primaryip_, _origin_filepath_, _remote_filename_)
#
f = open(_remote_filename_, 'r')
contents = f.readlines()
f.close()
#
_addressIndex_ = []
_count_ = 0
for _line_ in contents:
_lineNoSpace_ = str(_line_).strip()
ipAddressPattern = "([0-9]+)\.[0-9]+\.[0-9]+\.[0-9]+\/[0-9]+"
_searchStatus_ = re.search(ipAddressPattern, _lineNoSpace_)
if _searchStatus_:
#if re.search("[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/[0-9]+", _lineNoSpace_):
_fristNumber_ = int(_searchStatus_.group(1))
if not (_fristNumber_ == int(0) and re.search("0\.0\.0\.0", _lineNoSpace_)):
#if not re.search("^0\.0\.0\.0$", _lineNoSpace_):
_addressIndex_.append(_count_)
_count_ = _count_ + 1
#
routingMem = {}
for _index_ in _addressIndex_:
_firstLine_ = contents[_index_]
_secondLine_ = contents[_index_ + 1]
_addressKey_ = str(_firstLine_).strip().split()[0]
_nextHopValue_ = str(_secondLine_).strip().split()[-1]
#
if _addressKey_ not in routingMem.keys():
if _nextHopValue_ in _ifName_memory_.keys():
routingMem[_addressKey_] = _ifName_memory_[_nextHopValue_]
# save into database
_inputDataforDB_ = []
routingMemKeyList = routingMem.keys()
for _routingKey_ in routingMemKeyList:
_inputBox_ = {}
_inputBox_[u'apiaccessip'] = _primaryip_
_inputBox_[u'hostname'] = _thisHostName_
_inputBox_['routing_address'] = _routingKey_
_inputBox_['zonename'] = routingMem[_routingKey_]
_inputBox_['update_method'] = 'auto'
_inputDataforDB_.append(_inputBox_)
#for _hostName_ in _hostNameEvery_:
# routingMemKeyList = routingMem.keys()
# for _routingKey_ in routingMemKeyList:
# _inputBox_ = {}
# _inputBox_['hostname'] = _hostName_
# _inputBox_['routing_address'] = _routingKey_
# _inputBox_['zonename'] = routingMem[_routingKey_]
# _inputBox_['update_method'] = 'auto'
# _inputDataforDB_.append(_inputBox_)
insert_dictvalues_list_into_mongodb(mongo_db_collection_name, _inputDataforDB_)
#
#return_object = {
# "items":[],
# "process_status":"done",
# "process_msg":"%(combination_hostName)s routing table auto uploaded" % {"combination_hostName":combination_hostName}
#}
#this_processor_queue.put(return_object)
#
time.sleep(1)
def juniper_showrulebyrequest(request, format=None):
# get method
if request.method == 'GET':
#_fromDB_values_ = exact_findout('juniperSrx_devicesInfomation', {"failover" : "primary","zoneValidation" : "enable"})
_fromDB_values_ = obtainjson_from_mongodb(
'juniperSrx_cachePolicyTable')
_outValuseList_ = []
returnItems = []
for _dictValue_ in _fromDB_values_:
_msgInput_ = {
'hostname': _dictValue_[u'hostname'],
'from_zone': _dictValue_[u'from_zone'],
'to_zone': _dictValue_[u'to_zone']
}
_uniqueString_ = "%(hostname)s#%(from_zone)s#%(to_zone)s" % _msgInput_
if _uniqueString_ not in _outValuseList_:
_outValuseList_.append(_msgInput_)
returnItems.append(_msgInput_)
#
return_object = {
"items": returnItems,
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# post method
elif request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# {u'items': [{u'to_zone': u'PCI', u'hostname': u'KRIS10-PUBF02-5400FW', u'from_zone': u'PRI'}]}
# [{u'to_zone': u'PCI', u'hostname': u'KRIS10-PUBF02-5400FW', u'from_zone': u'PUB', u'option': u'no option'}]
_outValuseList_ = []
for _dictValue_ in _input_[u'items']:
_copiedvalues_ = copy.copy(_dictValue_)
if u'option' in _copiedvalues_:
_optionString_ = str(_copiedvalues_[u'option']).strip()
if re.search('deviceonly', _optionString_, re.I):
del _copiedvalues_[u'from_zone']
del _copiedvalues_[u'to_zone']
del _copiedvalues_[u'option']
#_fromDB_values_ = exact_findout('juniperSrx_cachePolicyTable', _dictValue_)
_fromDB_values_ = exact_findout('juniperSrx_cachePolicyTable',
_copiedvalues_)
for _dict_ in _fromDB_values_:
_copyiedDcit_ = copy.copy(_dict_)
del _copyiedDcit_[u'_id']
_outValuseList_.append(_copyiedDcit_)
#
_sortingBox_ = {}
for _dictValue_ in _outValuseList_:
_hostNameKey_ = "%(hostname)s %(from_zone)s %(to_zone)s" % _dictValue_
if _hostNameKey_ not in _sortingBox_.keys():
_sortingBox_[_hostNameKey_] = {}
_intIndex_ = int(_dictValue_[u'sequence_number'])
if _intIndex_ not in _sortingBox_[_hostNameKey_].keys():
_sortingBox_[_hostNameKey_][_intIndex_] = {}
_sortingBox_[_hostNameKey_][_intIndex_] = _dictValue_
#
_outValuseList_ = []
_hostGroup_ = _sortingBox_.keys()
for hostZone in _hostGroup_:
_indexNumber_ = _sortingBox_[hostZone].keys()
_indexNumber_.sort()
for _Number_ in _indexNumber_:
_outValuseList_.append(_sortingBox_[hostZone][_Number_])
#
#_sortingBox_ = {}
#for _dictValue_ in _outValuseList_:
# _intIndex_ = int(_dictValue_[u'sequence_number'])
# if _intIndex_ not in _sortingBox_.keys():
# _sortingBox_[_intIndex_] = {}
# _sortingBox_[_intIndex_] = _dictValue_
#
#_indexNumber_ = _sortingBox_.keys()
#_indexNumber_.sort()
#
#_outValuseList_ = []
#for _Number_ in _indexNumber_:
## _outValuseList_.append(_sortingBox_[_Number_])
return_object = {
"items": _outValuseList_,
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "host is not system"
}
return Response(json.dumps(return_object))
def _delete_registered_info_(dataDict_value, this_processor_queue,
mongo_db_collection_name,
mongo_db_clusterGroup_collection_name,
mongo_db_devicesInfo_collection_name,
mongo_db_routingTable_collection_name,
mongo_db_hastatus_collection_name,
mongo_db_zonestatus_collection_name,
mongo_db_cachePolicyTable, mongo_db_cacheObject):
remove_info_in_db(dataDict_value, this_processor_queue,
mongo_db_collection_name)
# cluster DB update
cluster_info = {u'hostname': dataDict_value[u'hostname']}
remove_status = exact_findout(mongo_db_clusterGroup_collection_name,
cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_clusterGroup_collection_name,
_removeDict_)
#
cluster_info = {u'hahostname': dataDict_value[u'hostname']}
_defaultClustering_in_db_(mongo_db_clusterGroup_collection_name,
cluster_info)
#
cluster_info = {u'hostname': dataDict_value[u'hostname']}
remove_status = exact_findout(mongo_db_devicesInfo_collection_name,
cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_devicesInfo_collection_name,
_removeDict_)
#
remove_status = exact_findout(mongo_db_routingTable_collection_name,
cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_routingTable_collection_name,
_removeDict_)
#
remove_status = exact_findout(mongo_db_hastatus_collection_name,
cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_hastatus_collection_name,
_removeDict_)
#
remove_status = exact_findout(mongo_db_zonestatus_collection_name,
cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_zonestatus_collection_name,
_removeDict_)
#
remove_status = exact_findout(mongo_db_cachePolicyTable, cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_cachePolicyTable, _removeDict_)
#
remove_status = exact_findout(mongo_db_cacheObject, cluster_info)
if len(remove_status):
for _removeDict_ in remove_status:
remove_data_in_collection(mongo_db_cacheObject, _removeDict_)
def export_policy(_primaryString_):
# policy
#_primary_hostname_ = secondary_devices["primary_hostname"]
#_accessip_ = secondary_devices["selected_hadevicesip"]
#_zones_namelist_ = secondary_devices["selected_zonenames"]
#
_splitedInput_ = _primaryString_.strip().split('::')
_deviceHostName_ = _splitedInput_[0]
_primaryip_ = _splitedInput_[-1]
#_deviceHostNameFromDB_ = exact_findout('juniperSrx_registeredDevices',{"apiaccessip":str(_primaryip_)})
#_deviceHostName_ = str(_deviceHostNameFromDB_[0][u'hostname'])
# primaryAll_info = exact_findout('juniperSrx_devicesInfomation',{"failover" : "primary"})
_fromDB_values_ = exact_findout('juniperSrx_devicesInfomation', {
'apiaccessip': str(_primaryip_),
'zoneValidation': 'enable'
})
for _dictValue_ in _fromDB_values_:
_cmdValues_ = {}
_cmdValues_['hostname'] = str(_dictValue_[u'hostname'])
_cmdValues_['from_zone'] = str(_dictValue_[u'from_zone'])
_cmdValues_['to_zone'] = str(_dictValue_[u'to_zone'])
#
saveFileName = "/var/tmp/from_%(from_zone)s_to_%(to_zone)s" % _cmdValues_
_cmdValues_['saveFileName'] = saveFileName
_thisCmd_ = "show security policies detail from-zone %(from_zone)s to-zone %(to_zone)s | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
#
remoteSaveFileName = USER_VAR_POLICIES + "from_%(from_zone)s_to_%(to_zone)s@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
#
_fromDB_values_ = exact_findout('juniperSrx_zonestatus', {
'apiaccessip': str(_primaryip_),
'status': 'on'
})
for _dictValue_ in _fromDB_values_:
_cmdValues_ = {}
_cmdValues_['hostname'] = str(_dictValue_[u'hostname'])
_cmdValues_['zonename'] = str(_dictValue_[u'zonename'])
#
saveFileName = "/var/tmp/this_Addressbook" % _cmdValues_
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show configuration security zones security-zone %(zonename)s address-book | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_ADDRESSBOOK + "%(zonename)s@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# show configuration applications
_cmdValues_ = {}
_cmdValues_['hostname'] = _deviceHostName_
saveFileName = "/var/tmp/this_application"
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show configuration applications | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_APPLICATIONS + "application@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# show configuration applications
_cmdValues_ = {}
_cmdValues_['hostname'] = _deviceHostName_
saveFileName = "/var/tmp/this_default_application"
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show configuration groups junos-defaults applications | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_APPLICATIONS + "default_application@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# show security nat source rule all node primary
_cmdValues_ = {}
_cmdValues_['hostname'] = _deviceHostName_
saveFileName = "/var/tmp/this_sourcerule"
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show security nat source rule all node primary | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_NAT + "sourcerule@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# show security nat source pool all node primary
_cmdValues_ = {}
_cmdValues_['hostname'] = _deviceHostName_
saveFileName = "/var/tmp/this_sourcepool"
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show security nat source pool all node primary | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_NAT + "sourcepool@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# show security nat static rule all node primary
_cmdValues_ = {}
_cmdValues_['hostname'] = _deviceHostName_
saveFileName = "/var/tmp/this_staticrule"
_cmdValues_['saveFileName'] = saveFileName
#
_thisCmd_ = "show security nat static rule all node primary | no-more | save %(saveFileName)s\n" % _cmdValues_
_lastString_ = "Wrote [0-9]* line[s]* of output to \'%(saveFileName)s\'[ \t\n\r\f\v]+\{[a-zA-Z0-9]+:[a-zA-Z0-9]+\}[ \t\n\r\f\v]+" % _cmdValues_
remoteSaveFileName = USER_VAR_NAT + "staticrule@%(hostname)s" % _cmdValues_
#
runssh_clicommand(str(_primaryip_), _lastString_, _thisCmd_)
sftp_file_download(str(_primaryip_), saveFileName, remoteSaveFileName)
# return the queue {'apiaccessip':str(_primaryip_), 'zoneValidation':'enable'}
#return_object = {
# "items":[],
# "process_status":"done",
# "process_msg":"%(hostname)s configuration exported" % {'hostname':str(_deviceHostName_)}
#}
#this_processor_queue.put(return_object)
#done_msg = "%(_this_hostname_)s exported!" % {"_this_hostname_":_primary_hostname_}
#this_processor_queue.put({"message":done_msg,"process_status":"done"})
# thread timeout
time.sleep(1)
def juniper_exportpolicy(request, format=None):
if request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
print "run"
if auth_matched:
# end of if auth_matched:
#device_information_values = obtainjson_from_mongodb('juniper_srx_devices')
#primary_devices = findout_primary_devices(device_information_values)
#
primaryAll_info = exact_findout('juniperSrx_hastatus',
{"failover": "primary"})
primaryAccessIp = []
for _dictValue_ in primaryAll_info:
#_value_ = str(_dictValue_[u'apiaccessip'])
_value_ = "%(_hostName_)s::%(_ipaddr_)s" % {
'_hostName_': str(_dictValue_[u'hostname']),
'_ipaddr_': str(_dictValue_[u'apiaccessip'])
}
if _value_ not in primaryAccessIp:
primaryAccessIp.append(_value_)
# delete old files : USER_VAR_POLICIES
except_filenames = ['readme.txt']
for _filename_ in os.listdir(USER_VAR_POLICIES):
if _filename_ not in except_filenames:
_filefull_ = USER_VAR_POLICIES + _filename_
os.popen('rm -rf %(_filefull_)s' %
{'_filefull_': _filefull_})
#
except_filenames = ['readme.txt']
for _filename_ in os.listdir(USER_VAR_NAT):
if _filename_ not in except_filenames:
_filefull_ = USER_VAR_NAT + _filename_
os.popen('rm -rf %(_filefull_)s' %
{'_filefull_': _filefull_})
#
except_filenames = ['readme.txt']
for _filename_ in os.listdir(USER_VAR_ADDRESSBOOK):
if _filename_ not in except_filenames:
_filefull_ = USER_VAR_ADDRESSBOOK + _filename_
os.popen('rm -rf %(_filefull_)s' %
{'_filefull_': _filefull_})
# queue generation
#processing_queues_list = []
#for _primaryip_ in primary_devices:
#for _primaryip_ in primaryAccessIp:
# processing_queues_list.append(Queue(maxsize=0))
# run processing to get information
count = 0
_processor_list_ = []
#for _primaryip_ in primary_devices:
for _primaryip_ in primaryAccessIp:
#this_processor_queue = processing_queues_list[count]
#_processor_ = Process(target = export_policy, args = (_primaryip_, secondary_devices[str(_primaryip_)], this_processor_queue,))
#_processor_ = Process(target = export_policy, args = (_primaryip_, primary_detail_info[str(_primaryip_)], this_processor_queue,))
#_processor_ = Process(target = export_policy, args = (_primaryip_, this_processor_queue,))
_processor_ = Process(target=export_policy,
args=(_primaryip_, ))
_processor_.start()
_processor_list_.append(_processor_)
# for next queue
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
# get information from the queue
#search_result = []
#for _queue_ in processing_queues_list:
# while not _queue_.empty():
# search_result.append(_queue_.get())
#
#if not len(search_result):
# return_object = {
# "items":[],
# "process_status":"error",
# "process_msg":"no devices to export"
# }
# return Response(json.dumps(return_object))
#
search_result = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(search_result))
#return Response(json.dumps({"items":search_result}))
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "wrong auth_password"
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "host is not system"
}
return Response(json.dumps(return_object))
def juniper_zonestatus(request, format=None):
mongo_db_collection_name = 'juniperSrx_zonestatus'
if request.method == 'GET':
return_object = {
"items": obtainjson_from_mongodb(mongo_db_collection_name),
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
elif request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
#
offstatus_values = exact_findout(mongo_db_collection_name,
{"status": "off"})
#
data_from_databasefile = exact_findout('juniperSrx_hastatus',
{"failover": "primary"})
#
# remove collection
remove_collection(mongo_db_collection_name)
# run processing to get information
count = 0
_processor_list_ = []
for dataDict_value in data_from_databasefile:
_processor_ = Process(target=obtain_zonestatus,
args=(dataDict_value,
mongo_db_collection_name))
_processor_.start()
_processor_list_.append(_processor_)
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
# update off values
for dataDict_value in offstatus_values:
_copied_value_ = copy.copy(dataDict_value)
if u'status' in _copied_value_:
_copied_value_[u'status'] = unicode('on')
if u'_id' in _copied_value_:
del _copied_value_[u'_id']
for _innerDict_ in exact_findout(mongo_db_collection_name,
_copied_value_):
dataDict_value[u'_id'] = _innerDict_[u'_id']
replace_dictvalues_into_mongodb(
mongo_db_collection_name, _innerDict_,
dataDict_value)
return_object = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# end of if auth_matched:
else:
return_object = {
"items": [{
"message": "no authorization!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [{
"message": "this host has no authorizaition!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
elif request.method == 'PUT':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
#
_thisGet_value_ = copy.copy(_input_[u'items'])
for _inner_ in _thisGet_value_:
_copied_inner_ = copy.copy(_inner_)
_statusString_ = str(_copied_inner_[u'status'])
if re.match('on', _statusString_, re.I):
_copied_inner_[u'status'] = unicode('off')
if re.match('off', _statusString_, re.I):
_copied_inner_[u'status'] = unicode('on')
replace_dictvalues_into_mongodb(mongo_db_collection_name,
_inner_, _copied_inner_)
#
return_object = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# end of if auth_matched:
else:
return_object = {
"items": [{
"message": "no authorization!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [{
"message": "this host has no authorizaition!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
def juniper_showroute_static_update(request, format=None):
mongo_db_collection_name = 'juniperSrx_routingTable'
if request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
_dataForInsert_ = []
for _dict_ in _input_[u'items']:
_matchingDatabase_ = exact_findout(
'juniperSrx_registeredDevices',
{u'hostname': _dict_[u'hostname']})
for _matcheDict_ in _matchingDatabase_:
_apiaccessip_ = _matcheDict_[u'apiaccessip']
_hostname_ = _matcheDict_[u'hostname']
for _inDict_ in _dict_[u'routing_address']:
_staticMachingStatus_ = True
for _staticMatchedDict_ in exact_findout(
mongo_db_collection_name, {
u'apiaccessip': _apiaccessip_,
u'hostname': _hostname_,
u'update_method': u'static'
}):
if (IPNetwork(_inDict_) in IPNetwork(
_staticMatchedDict_[u'routing_address']
)) and (IPNetwork(
_staticMatchedDict_[u'routing_address']
) in IPNetwork(_inDict_)):
_staticMachingStatus_ = False
if _staticMachingStatus_:
_insertingData_ = {
u'apiaccessip':
_matcheDict_[u'apiaccessip'],
u'hostname': _matcheDict_[u'hostname'],
u'update_method': u'static',
u'routing_address': _inDict_,
u'zonename': _dict_[u'zonename']
}
_dataForInsert_.append(_insertingData_)
#
if len(_dataForInsert_):
insert_dictvalues_list_into_mongodb(
mongo_db_collection_name, _dataForInsert_)
#
return_object = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# end of if auth_matched:
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "wrong auth_password"
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "host is not system"
}
return Response(json.dumps(return_object))
elif request.method == 'DELETE':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
if ('items' in _input_.keys()) and (u'items'
in _input_.keys()):
for _dict_ in _input_[u'items']:
remove_data_in_collection(mongo_db_collection_name,
_dict_)
#
return_object = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
# end of if ('items' in _input_.keys()) and (u'items' in _input_.keys()):
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no items in input"
}
return Response(json.dumps(return_object))
# end of if auth_matched:
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "wrong auth_password"
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [],
"process_status": "error",
"process_msg": "host is not system"
}
return Response(json.dumps(return_object))
def juniper_showroute(request,format=None):
mongo_db_collection_name = 'juniperSrx_routingTable'
# get method
if request.method == 'GET':
#primaryAll_info = exact_findout('juniperSrx_devicesInfomation',{"failover" : "primary"})
#primaryAll_info = obtainjson_from_mongodb('juniperSrx_devicesInfomation')
#primaryAccessHost = []
#for _dictValue_ in primaryAll_info:
# _value_ = str(_dictValue_[u'hostname'])
# if _value_ not in primaryAccessHost:
# primaryAccessHost.append(_value_)
##
#if not len(primaryAccessHost):
# return_object = {
# "items":[],
# "process_status":"error",
# "process_msg":"nothing to display"
# }
# print return_object
# return Response(json.dumps(return_object))
#obtainjson_from_mongodb(mongo_db_collection_name),
return_object = {
"items": obtainjson_from_mongodb(mongo_db_collection_name),
"process_status":"done",
"process_msg":"done"
}
return Response(json.dumps(return_object))
elif request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items":[],
"process_status":"error",
"process_msg":"input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key' not in _input_.keys()):
return_object = {
"items":[],
"process_status":"error",
"process_msg":"no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
primaryAll_info = exact_findout('juniperSrx_hastatus',{"failover" : "primary"})
primaryAccessIp = []
for _dictValue_ in primaryAll_info:
_value_ = str(_dictValue_[u'apiaccessip'])
if _value_ not in primaryAccessIp:
primaryAccessIp.append(_value_)
# manual static route search
_manually_items_ =[]
_manually_registered_ = exact_findout(mongo_db_collection_name, {"update_method":"static"})
for _dictValue_ in _manually_registered_:
if u'_id' in _dictValue_:
del _dictValue_[u'_id']
_copiedValue_ = copy.copy(_dictValue_)
_manually_items_.append(_copiedValue_)
# remove collections
remove_collection(mongo_db_collection_name)
if not len(primaryAccessIp):
return_object = {
"items":[],
"process_status":"error",
"process_msg":"nothing to updated for routing"
}
return Response(json.dumps(return_object))
# queue generation
#processing_queues_list = []
#for _primaryip_ in primaryAccessIp:
# processing_queues_list.append(Queue(maxsize=0))
# run processing to get information
count = 0
_processor_list_ = []
for _primaryip_ in primaryAccessIp:
#this_processor_queue = processing_queues_list[count]
#_processor_ = Process(target = obtain_showroute, args = (_primaryip_, this_processor_queue, mongo_db_collection_name,))
_processor_ = Process(target = obtain_showroute, args = (_primaryip_, mongo_db_collection_name,))
_processor_.start()
_processor_list_.append(_processor_)
# for next queue
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
# manual update
insert_dictvalues_list_into_mongodb(mongo_db_collection_name, _manually_items_)
#for _dictvalue_ in manual_static_route:
# insert_dictvalues_into_mongodb(mongo_db_collection_name, _dictvalue_)
# get information from the queue
#search_result = []
#for _queue_ in processing_queues_list:
# while not _queue_.empty():
# search_result.append(_queue_.get())
#
return_object = {
"items":[],
"process_status":"",
"process_msg":"done"
}
return Response(json.dumps(return_object))
# end of if auth_matched:
else:
return_object = {
"items":[],
"process_status":"error",
"process_msg":"wrong auth_password"
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items":[],
"process_status":"error",
"process_msg":"host is not system"
}
return Response(json.dumps(return_object))
def juniper_searchpolicy(request,format=None):
#global tatalsearched_values, threadlock_key
#threadlock_key = threading.Lock()
#tatalsearched_values = []
# get method
#if request.method == 'GET':
# parameter_from = request.query_params.dict()
if request.method == 'POST':
#elif request.method == 'POST':
_input_ = JSONParser().parse(request)
#
_fromDB_values_ = exact_findout('juniperSrx_devicesInfomation', {"failover" : "primary"})
primaryHostNames = []
for _dictValue_ in _fromDB_values_:
_hostName_ = str(_dictValue_[u'hostname'])
if _hostName_ not in primaryHostNames:
primaryHostNames.append(_hostName_)
#device_information_values = obtainjson_from_mongodb('juniper_srx_devices')
#primary_devices = findout_primary_devices(device_information_values)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items":[],
"process_status":"error",
"process_msg":"input wrong format"
}
return Response(json.dumps(return_object))
if ('items' in _input_.keys()) and (u'items' in _input_.keys()):
inputObjectList = _input_[u'items']
if len(inputObjectList) == 1:
#
inputObject = inputObjectList[0]
##############################################
# choose the firewall and zone #
##############################################
startTime = time.time()
print "start searching zone and devices processing"
processing_queues_list = []
for _element_ in primaryHostNames:
processing_queues_list.append(Queue(maxsize=0))
#
count = 0
_processor_list_ = []
for _element_ in primaryHostNames:
this_processor_queue = processing_queues_list[count]
_processor_ = Process(target = findOut_fwAndZone, args = (_element_, inputObject, this_processor_queue,))
_processor_.start()
_processor_list_.append(_processor_)
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
# fwAndZone_selectedList : [{'to_zone': 'PRI', 'from_zone': 'COM', 'hostname': 'KRIS10-PUBF02-5400FW'}]
fwAndZone_selectedList = []
for _queue_ in processing_queues_list:
while not _queue_.empty():
fwAndZone_selectedList.append(_queue_.get())
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "include matching done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
##############################################
# perfect match #
##############################################
startTime = time.time()
print "start perfect matching processing"
processing_queues_list = []
for _element_ in fwAndZone_selectedList:
processing_queues_list.append(Queue(maxsize=0))
#
count = 0
_processor_list_ = []
for _element_ in fwAndZone_selectedList:
this_processor_queue = processing_queues_list[count]
_processor_ = Process(target = perfectMatchProcessor, args = (_element_, inputObject, this_processor_queue,))
_processor_.start()
_processor_list_.append(_processor_)
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
#
statusAfterPerfectMatchProcessor = []
for _queue_ in processing_queues_list:
while not _queue_.empty():
statusAfterPerfectMatchProcessor.append(_queue_.get())
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "perfect matching done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
##############################################
# include match #
##############################################
startTime = time.time()
print "start include matching processing"
processing_queues_list = []
for _element_ in fwAndZone_selectedList:
processing_queues_list.append(Queue(maxsize=0))
#
count = 0
_processor_list_ = []
for _element_ in fwAndZone_selectedList:
this_processor_queue = processing_queues_list[count]
_processor_ = Process(target = includeMatchProcessor, args = (_element_, inputObject, this_processor_queue,))
_processor_.start()
_processor_list_.append(_processor_)
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
#
statusAfterIncludeMatchProcessor = []
for _queue_ in processing_queues_list:
while not _queue_.empty():
statusAfterIncludeMatchProcessor.append(_queue_.get())
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "include matching done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
##############################################
# partial match #
##############################################
startTime = time.time()
print "start partial matching processing"
processing_queues_list = []
for _element_ in fwAndZone_selectedList:
processing_queues_list.append(Queue(maxsize=0))
#
count = 0
_processor_list_ = []
for _element_ in fwAndZone_selectedList:
this_processor_queue = processing_queues_list[count]
_processor_ = Process(target = patialMatchProcessor, args = (_element_, inputObject, this_processor_queue,))
_processor_.start()
_processor_list_.append(_processor_)
count = count + 1
for _processor_ in _processor_list_:
_processor_.join()
#
statusAfterPartialMatchProcessor = []
for _queue_ in processing_queues_list:
while not _queue_.empty():
statusAfterPartialMatchProcessor.append(_queue_.get())
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "partial matching done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
##############################################
# combine and summary #
##############################################
startTime = time.time()
print "start information re-organization processing"
_returnOutputMemory_ = {}
_returnOutputMemory_ = convertDictFromMatched(_returnOutputMemory_, statusAfterPerfectMatchProcessor, 'perfect')
_returnOutputMemory_ = convertDictFromMatched(_returnOutputMemory_, statusAfterIncludeMatchProcessor, 'include')
_returnOutputMemory_ = convertDictFromMatched(_returnOutputMemory_, statusAfterPartialMatchProcessor, 'partial')
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "information re-organization done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
##############################################
# analysis #
##############################################
startTime = time.time()
print "start analysis processing"
returnitems = []
_hostNameZoneName_ = _returnOutputMemory_.keys()
for _keyName_ in _hostNameZoneName_:
#
_PFMS_ = _returnOutputMemory_[_keyName_]['perfect']['matchstatus']
_INMS_ = _returnOutputMemory_[_keyName_]['include']['matchstatus']
_PTMS_ = _returnOutputMemory_[_keyName_]['partial']['matchstatus']
finalMatchStatus = 0
if (_PFMS_ | _INMS_):
finalMatchStatus = 1
else:
if _PTMS_:
finalMatchStatus = 1
else:
finalMatchStatus = 0
#
splited_keyName = str(_keyName_).strip().split()
#
returnOutputDict = {
'hostname':splited_keyName[0],
'from_zone':splited_keyName[1],
'to_zone':splited_keyName[2],
'matchstatus':finalMatchStatus,
'perfectrules':_returnOutputMemory_[_keyName_]['perfect']['policyrules'],
'includerules':_returnOutputMemory_[_keyName_]['include']['policyrules'],
'partialrules':_returnOutputMemory_[_keyName_]['partial']['policyrules']
}
returnitems.append(returnOutputDict)
#
endTime = time.time()
timeGapString = str(int(endTime - startTime))
print "analysis done. %(timeGapString)s seconds spent" % {'timeGapString':timeGapString}
return_object = {
"items":returnitems,
"process_status":"done",
"process_msg":"done"
}
return Response(json.dumps(return_object))
#
else:
return_object = {
"items":[],
"process_status":"error",
"process_msg":"not single item for searching"
}
return Response(json.dumps(return_object))
else:
return_object = {
"items":[],
"process_status":"error",
"process_msg":"no items in input"
}
return Response(json.dumps(return_object))
def juniper_devicelist(request, format=None):
mongo_db_collection_name = 'juniperSrx_devicesInfomation'
if request.method == 'GET':
return_object = {
"items": obtainjson_from_mongodb(mongo_db_collection_name),
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(return_object))
elif request.method == 'POST':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
#
_zonedisabled_ = exact_findout(mongo_db_collection_name,
{'zoneValidation': 'disable'})
#
remove_collection(mongo_db_collection_name)
#
_activeStatusMemoryByIP_ = {}
_activeStatusMemoryByHostname_ = {}
for _dict_ in obtainjson_from_mongodb('juniperSrx_hastatus'):
if _dict_[
u'apiaccessip'] not in _activeStatusMemoryByIP_.keys(
):
_activeStatusMemoryByIP_[
_dict_[u'apiaccessip']] = _dict_[u'failover']
if _dict_[
u'hostname'] not in _activeStatusMemoryByHostname_.keys(
):
_activeStatusMemoryByHostname_[
_dict_[u'hostname']] = _dict_[u'failover']
#_clusterStatusMemory_ = {}
#for _dict_ in exact_findout('juniperSrx_clusterGroup', {"clusterStatus" : "clustered"}):
# if _dict_[u'hostname'] not in _clusterStatusMemory_.keys():
# _clusterStatusMemory_[_dict_[u'hostname']] = _dict_[u'hahostname']
_zoneStatusMemoryByHostname_ = {}
for _dict_ in obtainjson_from_mongodb('juniperSrx_zonestatus'):
if _dict_[
u'hostname'] not in _zoneStatusMemoryByHostname_.keys(
):
_zoneStatusMemoryByHostname_[_dict_[u'hostname']] = []
if re.match(str(_dict_[u'status']), 'on', re.I):
if _dict_[
u'zonename'] not in _zoneStatusMemoryByHostname_[
_dict_[u'hostname']]:
_zoneStatusMemoryByHostname_[
_dict_[u'hostname']].append(
_dict_[u'zonename'])
#
_recreated_deviceinformation_ = []
for _dict_ in obtainjson_from_mongodb(
'juniperSrx_registeredDevices'):
copied_dict = copy.copy(_dict_)
copied_keyname = copied_dict.keys()
if u'_id' in copied_keyname:
del copied_dict[u'_id']
#
copied_dict[u'failover'] = _activeStatusMemoryByHostname_[
copied_dict[u'hostname']]
#
_validZoneName_ = []
_thisHostName_ = copied_dict[u'hostname']
if _thisHostName_ in _zoneStatusMemoryByHostname_.keys():
_validZoneName_ = _zoneStatusMemoryByHostname_[
_thisHostName_]
#else:
# if _thisHostName_ in _clusterStatusMemory_.keys():
# _reverseHostName_ = _clusterStatusMemory_[_thisHostName_]
# if _reverseHostName_ in _zoneStatusMemoryByHostname_.keys():
# _validZoneName_ = _zoneStatusMemoryByHostname_[_reverseHostName_]
#
for from_zone in _validZoneName_:
for to_zone in _validZoneName_:
#if not re.search(from_zone, to_zone) and not re.search(to_zone, from_zone):
if not (re.search(from_zone, to_zone)
and re.search(to_zone, from_zone)):
_outCreated_ = copy.copy(copied_dict)
_outCreated_[u'zoneValidation'] = unicode(
'enable')
_outCreated_[u'from_zone'] = from_zone
_outCreated_[u'to_zone'] = to_zone
_recreated_deviceinformation_.append(
_outCreated_)
insert_dictvalues_list_into_mongodb(
mongo_db_collection_name, _recreated_deviceinformation_)
# recover disable
for _dict_ in _zonedisabled_:
_copied_ = copy.copy(_dict_)
if u'_id' in _copied_:
del _copied_[u'_id']
if u'zoneValidation' in _copied_:
del _copied_[u'zoneValidation']
for _origin_ in exact_findout(mongo_db_collection_name,
_copied_):
_copiedOrigin_ = copy.copy(_origin_)
if u'_id' in _copiedOrigin_:
del _copiedOrigin_[u'_id']
_changedOrign_ = copy.copy(_copiedOrigin_)
_changedOrign_[u'zoneValidation'] = unicode('disable')
replace_dictvalues_into_mongodb(
mongo_db_collection_name, _copiedOrigin_,
_changedOrign_)
#
search_result = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
#
return Response(json.dumps(search_result))
#return Response(json.dumps({"items":search_result}))
# end of if auth_matched:
else:
return_object = {
"items": [{
"message": "no authorization!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [{
"message": "this host has no authorizaition!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
elif request.method == 'PUT':
if re.search(r"system", system_property["role"], re.I):
_input_ = JSONParser().parse(request)
# confirm input type
if type(_input_) != type({}):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "input wrong format"
}
return Response(json.dumps(return_object))
# confirm auth
if ('auth_key' not in _input_.keys()) and (u'auth_key'
not in _input_.keys()):
return_object = {
"items": [],
"process_status": "error",
"process_msg": "no auth_password"
}
return Response(json.dumps(return_object))
#
auth_matched = re.match(ENCAP_PASSWORD, _input_['auth_key'])
if auth_matched:
#
#_clusterStatusMemory_ = {}
#for _dict_ in exact_findout('juniperSrx_clusterGroup', {"clusterStatus" : "clustered"}):
# if _dict_[u'hostname'] not in _clusterStatusMemory_.keys():
# _clusterStatusMemory_[_dict_[u'hostname']] = _dict_[u'hahostname']
#
_thisGet_value_ = copy.copy(_input_[u'items'])
for _dict_ in _thisGet_value_:
for _matcheddict_ in exact_findout(
mongo_db_collection_name, _dict_):
copied_matched = copy.copy(_matcheddict_)
#
if u'_id' in copied_matched:
del copied_matched[u'_id']
change_dict = copy.copy(copied_matched)
if re.match(str(change_dict[u'zoneValidation']),
'enable', re.I):
change_dict[u'zoneValidation'] = unicode('disable')
else:
change_dict[u'zoneValidation'] = unicode('enable')
#
replace_dictvalues_into_mongodb(
mongo_db_collection_name, copied_matched,
change_dict)
#
#if copied_matched[u'hostname'] in _clusterStatusMemory_.keys():
# _clusterdeviceName_ = _clusterStatusMemory_[copied_matched[u'hostname']]
# for _reversematched_ in exact_findout(mongo_db_collection_name, {"hostname":_clusterdeviceName_, "from_zone":copied_matched[u'from_zone'], "to_zone":copied_matched[u'to_zone']}):
# reverseCopied = copy.copy(_reversematched_);
# if u'_id' in reverseCopied:
# del reverseCopied[u'_id']
# reverseChange = copy.copy(reverseCopied)
# if re.match(str(reverseChange[u'zoneValidation']), 'enable', re.I):
# reverseChange[u'zoneValidation'] = unicode('disable')
# else:
# reverseChange[u'zoneValidation'] = unicode('enable')
# #
# replace_dictvalues_into_mongodb(mongo_db_collection_name, reverseCopied, reverseChange)
# #
search_result = {
"items": [],
"process_status": "done",
"process_msg": "done"
}
return Response(json.dumps(search_result))
# end of if auth_matched:
else:
return_object = {
"items": [{
"message": "no authorization!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))
# end of if re.search(r"system", system_property["role"], re.I):
else:
return_object = {
"items": [{
"message": "this host has no authorizaition!",
"process_status": "error"
}]
}
return Response(json.dumps(return_object))