def top_talkers_smtp_alert(ip, username, password): local_ip = ip local_username = username local_password = password top_talkers_not_in_white_list = [] for i in get_top_talkers(ip, username, password)[:3]: found = 0 for x in white_list: if i[1] == x: found = 1 else: continue if found == 0: top_talkers_not_in_white_list.append(i[1]) if top_talkers_not_in_white_list != []: id_no = str(int(random.random() * 10000)) Subject = 'Top Talker not in the white list ' + id_no Main_Body = 'Top Talker host not in the white list\n' for ip in top_talkers_not_in_white_list: Main_Body = Main_Body + ip + '\n' Main_Body = Main_Body + 'Pls reply in 1 min, y1 (for kill), n2 (do noting)[default]' qyt_smtp_attachment('smtp.163.com', 'collinsctk', '1a.cisco', '*****@*****.**', '[email protected];[email protected]', Subject, Main_Body) time.sleep(30) operation_code = qyt_rec_mail('pop.163.com', 'collinsctk', '1a.cisco', id_no) print(operation_code) if operation_code == True: cmds = [ 'configure terminal', 'ip access-list extended python_acl_' + id_no ] for ip in top_talkers_not_in_white_list: cmd = 'deny ip host ' + ip + ' any' cmds.append(cmd) cmd = 'permit ip any any' cmds.append(cmd) cmd = 'interface FastEthernet2/0' cmds.append(cmd) cmd = 'ip access-group python_acl_' + id_no + ' in' cmds.append(cmd) print(cmds) QYT_SSHClient_MultiCMD(local_ip, local_username, local_password, cmds) time.sleep(20) del_cmds = ['configure terminal'] cmd = 'no ip access-list extended python_acl_' + id_no del_cmds.append(cmd) cmd = 'interface FastEthernet2/0' del_cmds.append(cmd) cmd = 'no ip access-group python_acl_' + id_no + ' in' del_cmds.append(cmd) QYT_SSHClient_MultiCMD(local_ip, local_username, local_password, del_cmds)
def top_talkers_smtp_alert(ip, username, password): local_ip = ip local_username = username local_password = password top_talkers_not_in_white_list = [] for i in get_top_talkers(ip, username, password)[:3]: found = 0 for x in white_list: if i[1] == x: found = 1 else: continue if found == 0: top_talkers_not_in_white_list.append(i[1]) if top_talkers_not_in_white_list != []: id_no = str(int(random.random()*10000)) Subject = 'Top Talker not in the white list ' + id_no Main_Body = 'Top Talker host not in the white list\n' for ip in top_talkers_not_in_white_list: Main_Body = Main_Body + ip + '\n' Main_Body = Main_Body + 'Pls reply in 1 min, y1 (for kill), n2 (do noting)[default]' qyt_smtp_attachment('smtp.163.com', 'collinsctk', '1a.cisco', '*****@*****.**', '[email protected];[email protected]', Subject, Main_Body) time.sleep(30) operation_code = qyt_rec_mail('pop.163.com', 'collinsctk', '1a.cisco', id_no) print(operation_code) if operation_code == True: cmds = ['configure terminal', 'ip access-list extended python_acl_'+id_no] for ip in top_talkers_not_in_white_list: cmd = 'deny ip host ' + ip + ' any' cmds.append(cmd) cmd = 'permit ip any any' cmds.append(cmd) cmd = 'interface FastEthernet2/0' cmds.append(cmd) cmd = 'ip access-group python_acl_' + id_no + ' in' cmds.append(cmd) print(cmds) QYT_SSHClient_MultiCMD(local_ip, local_username, local_password, cmds) time.sleep(20) del_cmds = ['configure terminal'] cmd = 'no ip access-list extended python_acl_'+id_no del_cmds.append(cmd) cmd = 'interface FastEthernet2/0' del_cmds.append(cmd) cmd = 'no ip access-group python_acl_' + id_no + ' in' del_cmds.append(cmd) QYT_SSHClient_MultiCMD(local_ip, local_username, local_password, del_cmds)
def check_diff(): try: ip, config_changed = find_diff(host_list, 'admin', 'cisco') print('发现配置更改!') id_no = str(int(random.random() * 10000)) Subject = ip + ' configuration changed ' + 'reply "y1" for update db ' + id_no Main_Body = config_changed qyt_smtp_attachment('smtp.163.com', 'collinsctk', '1a.cisco', '*****@*****.**', '[email protected];[email protected]', Subject, Main_Body) time.sleep(30) operation_code = qyt_rec_mail('pop.163.com', 'collinsctk', '1a.cisco', id_no) if operation_code == True: print('收到管理员确认!更新数据库!') first_bak(host_list, 'admin', 'cisco') except TypeError: print('配置没有任何修改!')
def check_diff(): try: ip, config_changed = find_diff(host_list, 'admin', 'cisco') print('发现配置更改!') id_no = str(int(random.random()*10000)) Subject = ip + ' configuration changed ' + 'reply "y1" for update db ' + id_no Main_Body = config_changed qyt_smtp_attachment('smtp.163.com', 'collinsctk', '1a.cisco', '*****@*****.**', '[email protected];[email protected]', Subject, Main_Body) time.sleep(30) operation_code = qyt_rec_mail('pop.163.com', 'collinsctk', '1a.cisco', id_no) if operation_code == True: print('收到管理员确认!更新数据库!') first_bak(host_list, 'admin', 'cisco') except TypeError: print('配置没有任何修改!')
def top_talkers_smtp_alert(ip,username,password): local_ip = ip local_username = username local_password = password top_talkers_not_in_white_list = [] for i in get_top_talkers(ip,username,password)[:3]:#获取在top-talker中前三的IP! found = 0 for x in white_list: if i[1] == x: found = 1 else: continue if found == 0: #找到位于top-talker前三,并且不在白名单中的IP地址! top_talkers_not_in_white_list.append(i[1]) if top_talkers_not_in_white_list != []: new_list = []#清除重复IP地址 for i in top_talkers_not_in_white_list:#清除重复IP地址 if not i in new_list: new_list.append(i) top_talkers_not_in_white_list = new_list if top_talkers_not_in_white_list != []: #产生唯一标示ID! id_no = str(int(random.random()*10000)) Subject = 'Top Talker not in the white list'+ id_no Main_Body = 'Top Talker host not in the white list\n' for ip in top_talkers_not_in_white_list: Main_Body = Main_Body + ip + '\n' Main_Body = Main_Body + 'Pls reply in 1 min,y1 (for kill),n2 (do noting)[default]' #发送邮件通知管理员,注意主题最后有唯一标识ID! qyt_smtp_attachment('smtp.163.com', 'collinsctk', '1a.cisco', '*****@*****.**', '[email protected];[email protected]', Subject, Main_Body) time.sleep(30)#等待30秒,听候管理员处理的回复邮件! operation_code = qyt_rec_mail('pop.163.com','collinsctk','1a.cisco',id_no) if operation_code = True:#如果管理员回复'y1',表示要阻止这些IP地址 #产生配置命令 print('管理员回复邮件希望阻止流量!') print('开始配置ACL阻止流量!') cmds = ['configure terminal','ip access-list extended python_acl_'+id_no] for ip in top_talkers_not_in_white_list: cmd = 'deny ip host' + ip + 'any' cmds.append(cmd) cmd = 'permit ip any any' cmds.append(cmd) cmd = 'interface FastEthernet2/0' cmds.append(cmd) cmd = 'ip access-group python_acl_' + id_no + 'in' cmds.append(cmd) #登录到设备,并且配置命令 QYT_SSHClient_MultiCMD(local_ip,local_username,local_password,cmds) time.sleep(20)#等待20秒后,自动清除配置 print('阻止时间已过!自动清除ACL配置!') del_cmds = ['configure terminal'] cmd = 'no ip access-list extended python_acl_'+id_no del_cmds.append(cmd) cmd = 'interface FastEthernet2/0' del_cmds.append(cmd) #登录到设备,并且清除配置命令 QYT_SSHClient_MultiCMD(local_ip,local_username,local_password,del_cmds) else: print('未收到管理员处理邮件,或者回复为"n2",保持现状!')