def go():
####CODE GOES BELOW HERE#########
resp = cgx_session.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("======== TENANT NAME", tenant_name, "========")
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
csvfilename = CLIARGS['csvfile']
csv_out_array = []
site_id_name_mapping = {}
resp = cgx_session.get.sites()
if resp.cgx_status:
site_list = resp.cgx_content.get(
"items", None) #EVENT_LIST contains an list of all returned events
for site in site_list:
site_id_name_mapping[site['id']] = site['name']
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
counter = 0
with open(csvfilename, 'w', newline='') as csvfile:
csvwriter = csv.writer(csvfile,
delimiter=',',
quotechar='"',
quoting=csv.QUOTE_MINIMAL)
resp = cgx_session.get.elements()
if resp.cgx_status:
element_list = resp.cgx_content.get(
"items",
None) #EVENT_LIST contains an list of all returned events
for element in element_list:
counter += 1
csvwriter.writerow([
site_id_name_mapping[element['site_id']], element['name'],
element['software_version'], element['model_name']
])
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
print("Wrote to CSV File:", csvfilename, " - ", counter, 'rows')
def listALG(cgx, args, sites):
"""
list the alg objects for all IONs
"""
for element in cgx.get.elements().cgx_content["items"]:
# check if element is a spoke
if element["site_id"] in sites:
log.info("Listin ALG for {element} at {site}".format(
element=element["name"], site=sites[element["site_id"]]))
for extension in cgx.get.element_extensions(
element["site_id"], element["id"]).cgx_content["items"]:
if extension["namespace"] == "algconfig":
jd(extension)
def match_app(sdk, search_app):
if not sdk.tenant_id:
sys.exit("Error SDK not authenticated")
search_ratio = 0
resp = sdk.get.appdefs()
if resp.cgx_status:
app_list = resp.cgx_content.get("items", None)
for app in app_list:
check_ratio = fuzz.ratio(search_app.lower(),
app['display_name'].lower())
if (check_ratio >
search_ratio): ###Find the "best" matching site name
search_ratio = check_ratio
app_dict = app
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
print("Found APP ")
print(" APP Name: ", app_dict['display_name'])
print(" APP ID: ", app_dict['id'])
print(" Description: ", app_dict["description"])
return app_dict
def go(sdk, CLIARGS):
####CODE GOES BELOW HERE#########
resp = sdk.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("======== TENANT NAME",tenant_name,"========")
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
site_count = 0
resp = sdk.get.sites()
if resp.cgx_status:
site_list = resp.cgx_content.get("items", None) #EVENT_LIST contains an list of all returned events
for site in site_list: #Loop through each EVENT in the EVENT_LIST
site_count += 1
print("site ","{:03d}".format(site_count)," ID:", site['id'])
print(" ","{:03d}".format(site_count)," NAME:", site['name'])
print("")
else:
logout()
print("ERROR: API Call failure when enumerating SITES in tenant! Exiting!")
sys.exit((jd(resp)))
def match_site(sdk, search_site):
if not sdk.tenant_id:
sys.exit("Error SDK not authenticated")
search_ratio = 0
resp = sdk.get.sites()
if resp.cgx_status:
site_list = resp.cgx_content.get(
"items", None) #site_list contains an list of all returned sites
for site in site_list: #Loop through each site in the site_list
check_ratio = fuzz.ratio(search_site.lower(), site['name'].lower())
if (check_ratio >
search_ratio): ###Find the "best" matching site name
search_ratio = check_ratio
site_dict = site
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
print("Found SITE ")
print(" Site Name: ", site_dict['name'])
print(" Site ID: ", site_dict['id'])
print(" Description: ", site_dict["description"])
return site_dict
def match_site():
print_array = []
global CLIARGS, global_vars
search_site = CLIARGS['site_name']
search_ratio = 0
resp = cgx_session.get.sites()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("TENANT NAME:", tenant_name)
site_list = resp.cgx_content.get(
"items", None) #EVENT_LIST contains an list of all returned events
for site in site_list: #Loop through each EVENT in the EVENT_LIST
check_ratio = fuzz.ratio(search_site.lower(), site['name'].lower())
if (check_ratio > search_ratio):
site_id = site['id']
site_name = site['name']
search_ratio = check_ratio
site_dict = site
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
print("Found SITE ")
print(" Site Name: ", site_dict['name'])
print(" Site ID: ", site_dict['id'])
print(" Description: ", site_dict["description"])
global_vars['site_id'] = site_id
global_vars['site_name'] = site_name
global_vars['site_dict'] = site_dict
def do_acl(sdk, new_ipv4_list):
"""
Download, update ACL.
:param sdk: Authenticated CloudGenix SDK
:param new_ipv4_list: new ipv4 list to use.
:return: Boolean status, old_ipv4_list
"""
tenant_template = pull_acl(sdk, whole_resp=True)
old_ipv4_list = tenant_template.get('ipv4_list', [])
# update template
tenant_template['ipv4_list'] = new_ipv4_list
# send the update
resp = sdk.patch.tenants(tenant_template)
cloudgenix.jd(tenant_template)
if not resp.cgx_status:
sdk.throw_error("Failed to PATCH tenant ACL", resp)
return old_ipv4_list
def go():
global exclude_hub_sites
bfdmode = CLIARGS['bfd_mode']
match_text = CLIARGS['matchtext']
change_lqm = CLIARGS['lqm']
change_bwm = CLIARGS['bwm']
####CODE GOES BELOW HERE#########
resp = cgx_session.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("======== TENANT NAME",tenant_name,"========")
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
site_count = 0
matched_wan_labels = {}
##Generate WAN Interface Labels:
wan_label_dict = {}
wan_label_resp = cgx_session.get.waninterfacelabels()
if wan_label_resp:
wan_labels = wan_label_resp.cgx_content.get("items", None)
for label in wan_labels:
wan_label_dict[label['id']] = {}
wan_label_dict[label['id']]["name"] = label['name']
wan_label_dict[label['id']]["label"] = label['label']
wan_label_dict[label['id']]["description"] = label['description']
resp = cgx_session.get.sites()
if resp.cgx_status:
site_list = resp.cgx_content.get("items", None) #EVENT_LIST contains an list of all returned events
for site in site_list: #Loop through each EVENT in the EVENT_LIST
site_count += 1
if (exclude_hub_sites and site['element_cluster_role'] != "HUB"):
wan_int_resp = cgx_session.get.waninterfaces(site['id'])
if wan_int_resp:
wan_interfaces = wan_int_resp.cgx_content.get("items", None)
for interface in wan_interfaces:
if (match_on == "CIRCUIT_NAME"):
if string_match(interface['name'],match_text):
matched_wan_labels[interface['id']] = {}
matched_wan_labels[interface['id']]['site_id'] = site['id']
matched_wan_labels[interface['id']]['data'] = interface
print("Found Circuit Match at SITE:", site['name'])
print(" Circuit Name :",interface['name'])
print(" Circuit Category :",wan_label_dict[interface['label_id']]['name'])
print(" Circuit Label :",wan_label_dict[interface['label_id']]['label'])
print(" Circuit Description :",wan_label_dict[interface['label_id']]['description'])
print(" Circuit BFD MODE :",interface['bfd_mode'])
print(" Circuit LQM Enabled :",interface['lqm_enabled'])
print(" Circuit BWM MODE :",interface['bw_config_mode'])
print("")
addended_prompt = ""
if (change_lqm != "nochange"): addended_prompt += ", change LQM,"
if (change_bwm != "nochange"): addended_prompt += ", change BWM,"
if(verify_change("This will change all circuits found above to a BFD Mode of " + str(bfdmode) + addended_prompt +" are you sure")):
print("Changing Sites:")
print("")
for waninterface in matched_wan_labels:
print("Site ID:", matched_wan_labels[waninterface]['site_id'], "Current BFD Mode", matched_wan_labels[waninterface]['data']['bfd_mode'],"changing to",bfdmode)
matched_wan_labels[waninterface]['data']['bfd_mode'] = str(bfdmode)
site_id = matched_wan_labels[waninterface]['site_id']
waninterface_id = waninterface
put_data = matched_wan_labels[waninterface]['data']
if (change_lqm == "on"):
print(" Current LQM Mode", matched_wan_labels[waninterface]['data']['lqm_enabled'],"changing to",change_lqm)
put_data['lqm_enabled'] = "true"
if (change_lqm == "off"):
print(" Current LQM Mode", matched_wan_labels[waninterface]['data']['lqm_enabled'],"changing to",change_lqm)
put_data['lqm_enabled'] = "false"
current_bwm_state = "unknown"
if (matched_wan_labels[waninterface]['data']['bw_config_mode'] == "manual_bwm_disabled"):
current_bwm_state = "Off"
elif (matched_wan_labels[waninterface]['data']['bw_config_mode'] == "manual"):
current_bwm_state = "On"
if (change_bwm == "on"):
if (current_bwm_state == "unknown"):
print(" Ignoring BWM Mode change due to unknown state: ", matched_wan_labels[waninterface]['data']['bw_config_mode'])
else:
print(" Current BWM Mode", matched_wan_labels[waninterface]['data']['bw_config_mode'],"changing to",change_bwm)
put_data['bw_config_mode'] = "manual"
if (change_bwm == "off" and current_bwm_state != "unknown"):
if (current_bwm_state == "unknown"):
print(" Ignoring BWM Mode change due to unknown state: ", matched_wan_labels[waninterface]['data']['bw_config_mode'])
else:
print(" Current BWM Mode", matched_wan_labels[waninterface]['data']['bw_config_mode'],"changing to",change_bwm)
put_data['bw_config_mode'] = "manual_bwm_disabled"
change_wan_bfd_resp = cgx_session.put.waninterfaces(site_id, waninterface_id, put_data)
if (change_wan_bfd_resp):
print(" Success, BFD Mode now", bfdmode)
else:
print(" Failed to make change")
print("")
else:
print("CHANGES ABORTED!")
else:
logout()
print("ERROR: API Call failure when enumerating SITES in tenant! Exiting!")
sys.exit((jd(resp)))
def go():
global exclude_hub_sites
cost = CLIARGS['cost']
match_text = CLIARGS['matchtext']
####CODE GOES BELOW HERE#########
resp = cgx_session.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("======== TENANT NAME", tenant_name, "========")
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
site_count = 0
matched_wan_labels = {}
##Generate WAN Interface Labels:
wan_label_dict = {}
wan_label_resp = cgx_session.get.waninterfacelabels()
if wan_label_resp:
wan_labels = wan_label_resp.cgx_content.get("items", None)
for label in wan_labels:
wan_label_dict[label['id']] = {}
wan_label_dict[label['id']]["name"] = label['name']
wan_label_dict[label['id']]["label"] = label['label']
wan_label_dict[label['id']]["description"] = label['description']
resp = cgx_session.get.sites()
if resp.cgx_status:
site_list = resp.cgx_content.get(
"items", None) #EVENT_LIST contains an list of all returned events
for site in site_list: #Loop through each EVENT in the EVENT_LIST
site_count += 1
if (exclude_hub_sites and site['element_cluster_role'] != "HUB"):
wan_int_resp = cgx_session.get.waninterfaces(site['id'])
if wan_int_resp:
wan_interfaces = wan_int_resp.cgx_content.get(
"items", None)
for interface in wan_interfaces:
if (match_on == "CIRCUIT_NAME"):
if string_match(interface['name'], match_text):
matched_wan_labels[interface['id']] = {}
matched_wan_labels[
interface['id']]['site_id'] = site['id']
matched_wan_labels[
interface['id']]['data'] = interface
print("Found Circuit Match at SITE:",
site['name'])
print(" Circuit Name :",
interface['name'])
print(
" Circuit Category :", wan_label_dict[
interface['label_id']]['name'])
print(
" Circuit Label :", wan_label_dict[
interface['label_id']]['label'])
print(
" Circuit Description :", wan_label_dict[
interface['label_id']]['description'])
print(" Circuit COST :",
interface['cost'])
print("")
if (verify_change(
"This will change all circuits found above to a cost of " +
str(cost) + ", are you sure")):
print("Changing Sites:")
print("")
for waninterface in matched_wan_labels:
print("Site ID:", matched_wan_labels[waninterface]['site_id'],
"Current COST",
matched_wan_labels[waninterface]['data']['cost'],
"changing to", cost)
matched_wan_labels[waninterface]['data']['cost'] = cost
site_id = matched_wan_labels[waninterface]['site_id']
waninterface_id = waninterface
put_data = matched_wan_labels[waninterface]['data']
change_wan_cost_resp = cgx_session.put.waninterfaces(
site_id, waninterface_id, put_data)
if (change_wan_cost_resp):
print(" Success, cost now", cost)
else:
print(" Failed to make change")
print("")
else:
print("CHANGES ABORTED!")
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
import sys
if __name__ == "__main__":
sdk, args = cgxinit.go()
# read lines from file
prefixes = [prefix.strip() for prefix in args["list"].readlines()]
# find the prefix
prefix = None
natprefixes = sdk.get.natglobalprefixes().cgx_content["items"]
for natprefix in natprefixes:
if natprefix['name'] == args['prefix']:
prefix = natprefix
if not prefix:
print("Prefix wasn't found")
sys.exit()
# add to the existing ipv4 list
prefix['ipv4_prefixes'].extend(prefixes)
# make sure all the entries are unique
prefix['ipv4_prefixes'] = list(set(prefix['ipv4_prefixes']))
resp = sdk.put.natglobalprefixes(prefix['id'], prefix)
if not resp:
print("Error. Couldn't update the global prefix list")
jd(resp)
else:
print("Prefix updated succesfully")
if not s_interface:
log.error(
f"Couln't find source interface {args['s_interface']} of element {args['s_element']}"
)
sys.exit(-1)
s_interfaceid = s_interface["id"]
# get existing device access policy for the source interface
s_ext = getDeviceManagementExtensionByInterface(cgx, s_siteid, s_eid,
s_interfaceid)
if not s_ext:
log.error("Source interface has no configurations")
sys.exit(-1)
if args["list"]:
jd(s_ext)
elif args["t_element"] and args["t_interface"]:
# update a single target
pasteDeviceManagementAccessToInterface(cgx, s_ext, args["t_element"],
args["t_interface"])
elif args["interface_file"]:
# read targets from file
with open(args["interface_file"]) as f:
interfaces = csv.reader(f)
for interface in interfaces:
# check if there are two and only two items in each line
if len(interface) != 2:
log.error(
f"Invalid line. Should have 'element name,interfacename' but got {','.join(interface)}"
)
sys.exit(-1)
# extract element ID
element_id = logentry["request_uri"].split("/")[6]
# the element might have been already unclaimed, so we dont' care
if element_id in elements:
# extract element information
element_name= elements[element_id]["name"]
element_site_id= elements[element_id]["site_id"]
if element_site_id in ['1','0']:
element_site = "NO SITE BOUND"
else:
element_site= sites[element_site_id]["name"]
# get software image name
image_id = json.loads(logentry["request_body"])["image_id"]
if not image_id:
jd(logentry)
image_name=images[image_id]
#extract time
timestamp=time.strftime("%Y-%m-%d %H:%M:%S",time.gmtime(logentry["request_ts"]/1000))
#extract operator name
if logentry["operator_id"] in operators:
op_name=operators[logentry["operator_id"]]
else:
op_name = "OP no longer valid"
print(f"{timestamp},{element_site},{element_name},{image_name},{op_name}")
# check if we are at the end of the list
if logs.cgx_content["count"] < 100:
break
page += 1
def go():
name_to_id = cloudgenix_idname.generate_id_name_map(cgx_session)
####CODE GOES BELOW HERE#########
resp = cgx_session.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
print("======== TENANT NAME", tenant_name, "========")
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
csvfilename = CLIARGS['csvfile']
counter = 0
with open(csvfilename, 'w', newline='') as csvfile:
csvwriter = csv.writer(csvfile,
delimiter=',',
quotechar='"',
quoting=csv.QUOTE_MINIMAL)
resp = cgx_session.get.elements()
if resp.cgx_status:
element_list = resp.cgx_content.get("items", None)
csvwriter.writerow([
"ION-Name", "ION-Interface", "Rule-Name", "Rule-Status",
"Rule-Prefix", "Rule-App", "Rule-Action"
])
for element in element_list:
result = cgx_session.get.element_extensions(
element['site_id'], element['id'])
if result.cgx_status:
extension_list = result.cgx_content.get("items", None)
for extension in extension_list:
if ("namespace" in extension.keys()
and extension['namespace']
== "devicemanagement/interface"):
rule_device = name_to_id[element['id']]
rule_interface = name_to_id[extension['entity_id']]
rule_name = extension['name']
if (extension['disabled'] == False):
rule_status = "Enabled"
else:
rule_status = "Disabled"
for rule in extension['conf']['rules']:
rule_prefix = rule['prefix']
rule_app = rule['app']
rule_action = rule['action']
counter += 1
csvwriter.writerow([
rule_device, rule_interface, rule_name,
rule_status, rule_prefix, rule_app,
rule_action
])
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
print("Wrote to CSV File:", csvfilename, " - ", counter, 'rows')
def go():
global CLIARGS, global_vars
site_id = global_vars['site_id']
####CODE GOES BELOW HERE#########
resp = cgx_session.get.tenants()
if resp.cgx_status:
tenant_name = resp.cgx_content.get("name", None)
else:
logout()
print("ERROR: API Call failure when enumerating TENANT Name! Exiting!")
print(resp.cgx_status)
sys.exit((vars(resp)))
change_elem_array = []
element_count = 0
resp = cgx_session.get.elements()
if resp.cgx_status:
element_change_list = {}
element_list = resp.cgx_content.get(
"items", None) #EVENT_LIST contains an list of all returned events
for element in element_list: #Loop through each EVENT in the EVENT_LIST
if (element['site_id'] == site_id):
element_count += 1
print("Found ION to add static route to: ", element['name'])
change_elem_array.append(element)
else:
logout()
print(
"ERROR: API Call failure when enumerating SITES in tenant! Exiting!"
)
sys.exit((jd(resp)))
#get ip prefix
ip_valid = False
ip_prefix_str = CLIARGS['prefix']
while (ip_valid == False):
try:
ip_prefix = ipaddress.ip_network(ip_prefix_str, strict=False)
ip_valid = True
except:
if (ip_prefix_str != ""):
print("")
print("Invalid IP Prefix Detected...")
ip_valid = False
ip_prefix_str = str(
input("Please enter the DEST PREFIX (x.x.x.x/z): "))
#get ip address/next-hop
ip_valid = False
ip_next_hop_str = CLIARGS['next_hop']
while (ip_valid == False):
try:
ip_next_hop = ipaddress.ip_address(ip_next_hop_str)
ip_valid = True
except:
if (ip_next_hop_str != ""):
print("")
print("Invalid IP Next-HOP Detected...")
ip_valid = False
ip_next_hop_str = str(
input("Please enter the NEXTHOP IP (x.x.x.x): "))
#get METRIC
ip_valid = False
ip_metric_str = CLIARGS['admin_distance']
while (ip_valid == False):
try:
ip_metric = str(int(ip_metric_str))
ip_valid = True
except:
print("Invalid IP Admin Distance Detected...")
ip_valid = False
ip_metric_str = str(
input("Please enter the ADMIN Distance (Default 1): "))
#post to site_id and elements in site
json_request = '{"description":null,"tags":null,"destination_prefix":"' + str(
ip_prefix) + '","nexthops":[{"nexthop_ip":"' + str(
ip_next_hop
) + '","nexthop_interface_id":null,"admin_distance":"' + str(
ip_metric
) + '","self":false}],"scope":"global","network_context_id":null}'
for element in change_elem_array:
user_input = ""
while (user_input != "y" and user_input != "n"):
user_input = str(
input("Would you like to add the static route to " +
str(element['name'] + " ?(y/n) ")))
if (user_input == "y"):
result = cgx_session.post.staticroutes(site_id, element['id'],
json_request)
if result.cgx_status:
print("Route added Successfully")
else:
print(
"ERROR: API Call failure when enumerating TENANT Name! Exiting!"
)
print(result.cgx_status)
