def login():
client_args = APIClientArgs(server=config.api_server)
client = APIClient(client_args)
client.debug_file = "api_calls.json"
if client.check_fingerprint() is False:
print(
"Could not get the server's fingerprint - Check connectivity with the server."
)
logging.warning(
"Could not get the server's fingerprint - Check connectivity with the server."
)
sys.exit(1)
login_res = client.login(config.username, config.password, "True",
config.domain)
if login_res.success is False:
print("Login failed: {}".format(login_res.error_message))
logging.warning("Login failed: {}".format(login_res.error_message))
sys.exit(1)
config.session = client
def main(argv):
# Initialize arguments
global_domain = "Global"
auto_assign = False
if argv:
parser = argparse.ArgumentParser()
parser.add_argument("-s", type=str, action="store", help="Server IP address or hostname", dest="server")
parser.add_argument("-u", type=str, action="store", help="User name", dest="username")
parser.add_argument("-p", type=str, action="store", help="Password", dest="password")
parser.add_argument("-o", type=str, action="store", help="Original host IP", dest="origin_ip")
parser.add_argument("-n", type=str, action="store", help="New host name", dest="new_name")
parser.add_argument("-m", type=str, action="store", help="New host IP", dest="new_ip")
parser.add_argument("-g", type=str, action="store", help="Global domain name", dest="global_name")
parser.add_argument("-a", action="store_true", default=False,
help="Indicates that the script will do assign of global domain")
args = parser.parse_args()
required = "server username password origin_ip new_name new_ip".split()
for r in required:
if args.__dict__[r] is None:
parser.error("parameter '%s' required" % r)
server = args.server
username = args.username
password = args.password
orig_host_ip = args.origin_ip
cloned_host_name = args.new_name
cloned_host_ip = args.new_ip
auto_assign = args.a
if args.global_name is not None:
global_domain = args.global_name
else:
server = raw_input("Enter server IP address or hostname:")
username = raw_input("Enter username: "******"Enter password: "******"Attention! Your password will be shown on the screen!")
password = raw_input("Enter password: "******"Enter host IP address: ")
cloned_host_name = raw_input("Enter new host name: ")
cloned_host_ip = raw_input("Enter new host server IP :")
global_domain_input = raw_input("Enter global domain name in case of MDS server: [In order to use the default "
"value ('Global') or in case of CMA hit 'Enter']")
if global_domain_input != "":
global_domain = global_domain_input
auto_assign_input = raw_input("Enter 'True' if you want the script to do "
"assign of the global domain [In order to use the default value "
"('False') hit 'Enter']")
if auto_assign_input != "" and auto_assign_input == "True":
auto_assign = auto_assign_input
with APIClient(APIClientArgs(server=server)) as client:
# Creates debug file. The debug file contains all the communication
# between the python script and Check Point's management server.
client.debug_file = "api_calls.json"
global log_file
log_file = open('logfile.txt', 'w+')
# The API client, would look for the server's certificate SHA1 fingerprint in a file.
# If the fingerprint is not found on the file, it will ask the user if he
# accepts the server's fingerprint.
# In case the user does not accept the fingerprint, exit the program.
log("\n\tChecking the fingerprint for server {}...".format(server))
if client.check_fingerprint() is False:
write_message_close_log_file_and_exit("Could not get the server's fingerprint"
" - Check connectivity with the server.")
# login to server
log("\n\tLogging in to server {}...".format(server))
login_res = client.login(username, password)
if login_res.success is False:
write_message_close_log_file_and_exit("Login failed:\n{}".format(login_res.error_message))
# show session details in order to check if the server is MDS
log("\n\tVerifying the type of server {}...".format(server))
session_res = client.api_call("show-session", {}, login_res.data["sid"])
if session_res.success is False:
write_message_close_log_file_and_exit("Login failed:\n{}".format(session_res.error_message))
# the server is not MDS, perform clone host only on the this server
if session_res.data["domain"]["domain-type"] != "mds":
log("\n\tLogged into SM server {}".format(server))
find_host_by_ip_and_clone(client, orig_host_ip, cloned_host_name, cloned_host_ip)
# the server is MDS, run clone host on each of the existing domains
else:
log("\n\tLogged into MD server {}".format(server))
client_domain = APIClient(APIClientArgs(server=server))
client_domain.debug_file = "api_domain_calls.json"
try:
# handle global domain
log("\n\tChecking on Global Domain...")
handle_global_domain(client, username, password, client_domain, global_domain, auto_assign,
orig_host_ip, cloned_host_name, cloned_host_ip)
# get list of domains
domains = client.api_query("show-domains")
if domains.success is False:
discard_write_to_log_file(client,
"Failed to get the domains data:\n{}".format(domains.error_message))
# login out the MDS server
client.api_call("logout", {})
log_file.close()
exit(1)
# go over all the existing domains
for domain in domains.data:
log("\n\tChecking on Local Domain {}".format(domain["name"]))
handle_local_domain(client_domain, domain, username, password, orig_host_ip, cloned_host_name,
cloned_host_ip)
finally:
client_domain.save_debug_data()
# close the log file
log_file.close()
