class Replaycenter: def __init__(self, interface=None): # singleton logger self.logger = CustomLogger().get_logger() # error codes self.codes = DotMap() self.codes.ok = 0 self.codes.error = -1 self.codes.missing_iface = -2 self.codes.missing_pcap = -3 if interface is not None: self.interface = interface else: pass def replay(self, bundle, interface="eth1", inter_pkt_delay=0): replay_status = None # Check if interface is provided if self.interface is None: self.logger.error("Replay interface must be provided.") return self.codes.missing_iface else: pass # Check if pcaps are provided if "pcaps" not in bundle: self.logger.warning("Pcaps not found, skipping.") return self.codes.missing_pcap else: pass # Replay pcap after done with checks pcaps = bundle["pcaps"] for pcap in pcaps: self.logger.info("Replay Pcap: {}".format(pcap)) if os.path.isfile(pcap): try: pkts = rdpcap(pcap) for pkt in pkts: sendp(pkt, verbose=False, iface=interface, inter=inter_pkt_delay) except Exception as e: self.logger.error(e) replay_status = self.codes.error # Done replaying pcaps without error replay_status = self.codes.ok return replay_status
class StandaloneTool(object): def __init__(self): # Logger self.logger = CustomLogger().get_logger() def show_system_info(self, ip=None, username=None, password=None): if all([ip, username, password]): self.logger.info("Get system info.") # REST Session sx_session = SxSession(ip=ip, username=username, password=password) # Login sx_session.login() # System Management sys_mgmt = SysMgmt(sx_session) sys_info = sys_mgmt.get_system_info() self.logger.info("System Info: {}".format(sys_info)) # Logout sx_session.logout() else: self.logger.error("Missing parameters.")
class JobsApis(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # fetched data self.data = None # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URLs specific to Jobs API self.jobs_url = "jobs/" def get_jobs(self): # Jobs jobs = [] # Craft the URL url = self.rest_session.base_url + self.jobs_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data jobs = list(response.json()) return jobs def get_job_by_id(self, job_id): # Job job = None # Craft the URL url = self.rest_session.base_url + self.jobs_url + str(job_id) # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data job = dict(response.json()) return job def wait_on_job_by_id(self, job_id): job_completed = False try: # Craft the URL url = self.rest_session.base_url + self.jobs_url + str( job_id) + "/wait" # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) if response.status_code == requests.codes.ok: job_completed = True self.logger.info("Job completed successfully") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return job_completed def get_tasks_by_job_id(self, job_id): # Tasks tasks = [] # Craft the URL url = self.rest_session.base_url + self.jobs_url + str( job_id) + "/tasks" # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) tasks = list(response.json()) return tasks def abort_job_by_id(self, job_id): is_job_aborted = False try: # Craft the URL url = self.rest_session.base_url + self.jobs_url + str( job_id) + "/abort" # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query(url=url, verify=False, headers=headers) if response.status_code == requests.codes.ok: is_job_aborted = True self.logger.info("Job aborted successfully") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return is_job_aborted
password = "******" action = args["action"] # Initialize logger logger = CustomLogger().get_logger() if username is None or password is None: logger.warning("Please set username and password as environment variables.") sys.exit() # Establish REST connection sx_session = SxSession(ip=ip, username=username, password=password) sx_session.login() try: virtual_patch_rg = VirtualPatchRG(sx_session, logger, ip_list) except KeyboardInterrupt as e: logger.info("Task done. Goodbye.") except Exception as e: logger.error(e) # Logout sx_session.logout() # Sample Run # python create_resourcegroup.py -i 172.16.27.73 -f hosts_cves.json # Payload #{"infraIDs":[],"dynamic":false,"id":0,"name":"b","regex":null,"resourceType":"CIDR","description":"b","purpose":"POLICY","memberList":[{"id":0,"cidr":"192.168.131.5/32"},{"id":0,"cidr":"192.168.131.51/32"}]}
class GroupandInsert(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # fetched data self.data = None # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URLs specific to Resource group and Network set self.resource_group_create_url = "infras/resourcegroup" self.network_set_create_url = "infras/networkset" def rgany_vmname_noinsertion(self, rname, regexpr, descrip): rg_created = False rgid = None payload = [{ "infraIDs": [0], "dynamic": True, "id": 0, "name": "RG-WL-2", "regex": "name='tony-frog-WL-4';", "resourceType": "VM", "description": "RG-2", "purpose": "INSERTION_AND_POLICY" }] for i in payload: if i["infraIDs"] == [0]: i["name"] = rname i["regex"] = regexpr i["description"] = descrip data = json.dumps(payload) data = str(data)[1:-1] try: # Craft the URL url = self.rest_session.base_url + self.resource_group_create_url # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query(url=url, headers=headers, verify=False, data=data) if response.status_code == requests.codes.ok: rgid = list(response.json()) rgid = rgid[0] rg_created = True self.logger.info("New resource group added") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return rgid def nset_create_noinsertion(self, rname, regexpr, descrip): ns_created = False nsid = None payload = [{ "cloudId": 1, "id": 0, "name": "NSET-1-PG63-2", "regex": "ic='1';.*name='tony-PG63-2';", "description": "NSET-1-PG63-2", "isExclusion": False }] for i in payload: if i["cloudId"] == 1: i["name"] = rname i["regex"] = regexpr i["description"] = descrip data = json.dumps(payload) data = str(data)[1:-1] try: # Craft the URL url = self.rest_session.base_url + self.network_set_create_url # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query(url=url, headers=headers, verify=False, data=data) if response.status_code == requests.codes.ok: nsid = list(response.json()) nsid = nsid[0] ns_created = True self.logger.info("New network set added") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return nsid
class SystemUnderTest(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # Aspects of system under test self.acl_mgmt = ACL_Mgmt(rest_session) self.audit_log_mgmt = AuditLog(rest_session) self.jobs_mgmt = JobsMgmt(rest_session) self.sps_mgmt = SPS_Mgmt(rest_session) self.sys_mgmt = SysMgmt(rest_session) def assign_sps(self, acl_container, policy_name): is_updated = False if policy_name is not None: # SPS - map name to ID sps_id = None # Get SPS by name sps = self.sps_mgmt.get_sps_by_name(policy_name) if sps is not None: sps_id = sps["id"] else: pass else: # SPS is Null policy_name = "null" sps_id = "null" # Resolve ACL container acl_policy = self.acl_mgmt.get_acl_by_name(acl_container) if acl_policy is not None: self.logger.info( "Update ACL with SPS Name: {}".format(policy_name)) self.logger.info("Update ACL with SPS ID: {}".format(sps_id)) # Modify the ACL Rule in the Default ACL Policy acl_policy["spsId"] = sps_id acl_policy["aclRules"][0]["spsId"] = sps_id # Update the ACL self.logger.info("Update ACL: {}".format(acl_policy)) is_updated = self.acl_mgmt.update_acl(acl_policy) else: # ACL Container not found pass return is_updated def get_sps(self, acl_container, acl_rule_order_num=0): policy_name = None # Resolve ACL container acl_policy = self.acl_mgmt.get_acl_by_name(acl_container) # Get ACL Rules acl_rules = acl_policy.get("aclRules", []) self.logger.info("ACL Rules: {}".format(acl_rules)) # Get SPS of specified ACL Rule sps_id = acl_rules[acl_rule_order_num]["spsId"] sps = self.sps_mgmt.get_sps_by_id(sps_id) self.logger.info("SPS: {}".format(sps)) if sps is not None: # Get SPS Name policy_name = sps.get("name", None) else: pass return policy_name def get_system_info(self): system_info = {} # Get the software and content versions versions = self.sys_mgmt.get_system_info() system_info["software_version"] = versions["version"] system_info["content_version"] = versions["contentVersion"] # Get the license info license_info = self.sys_mgmt.get_license() system_info["capacity"] = license_info["expected_capacity"] return system_info def get_audit_log_by_action(self, start_time, end_time, action): # Craft query query = json.dumps({ "eventType": "AUDIT_LOG", "gte": start_time, "lte": end_time, "queryType": "TABLE", "size": 100 }) # Get Audit Log audit_log_entries = self.audit_log_mgmt.get_audit_log(query=query) # Filter logs by action filtered_logs = [ entry for entry in audit_log_entries if action in entry["log"]["action"] ] return filtered_logs def get_last_completed_job(self): # Check last completed job jobs = self.jobs_mgmt.get_jobs() completed_jobs = [job for job in jobs if job["state"] == "COMPLETED"] # Get Job ID job_id = completed_jobs[0]["id"] # Fetch and return job based on job ID return self.jobs_mgmt.get_job_by_id(job_id) def update_content_by_file(self, filename): # Update content is_content_update_initiated = self.sys_mgmt.file_based_update_content( filename) # Return status return is_content_update_initiated
class SxDemo(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # fetched data self.data = None # REST Session self.rest_session = rest_session # URL specific to this Module self.license_url = "manage/license/" def get_capacity1(self): # Dummy should not be needed for this call! license = "dummy" # Expected Capacity capacity = None try: url = self.rest_session.base_url + self.license_url + license self.logger.info("URL: {}".format(url)) self.logger.info("REST Session Headers: {}".format(self.rest_session.headers)) self.logger.info("Payload: {}".format(license)) with closing( requests.get( url, headers = self.rest_session.headers, timeout = self.rest_session.timeout, verify=False ) ) as response: self.logger.info("Response Code: {}".format(response.status_code)) if response.status_code == requests.codes.ok: # Fetch capacity from license call. for license_key, license_value in response.json().items(): if license_key == "expected_capacity": capacity = license_value break else: pass else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return capacity def get_capacity2(self): # Dummy should not be needed for this call! license = "dummy" # Expected Capacity capacity = None try: url = self.rest_session.base_url + self.license_url + license self.logger.info("URL: {}".format(url)) self.logger.info("REST Session Headers: {}".format(self.rest_session.headers)) self.logger.info("Payload: {}".format(license)) with closing( requests.get( url, headers = self.rest_session.headers, timeout = self.rest_session.timeout, verify = False ) ) as response: self.logger.info("Response Code: {}".format(response.status_code)) if response.status_code == requests.codes.ok: # Fetch capacity from license call. license_dict = dict(response.json()) if "expected_capacity" in license_dict: capacity = license_dict["expected_capacity"] else: pass else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return capacity def get_capacity3(self): # Dummy should not be needed for this call! license = "dummy" # Expected Capacity capacity = None try: url = self.rest_session.base_url + self.license_url + license self.logger.info("URL: {}".format(url)) self.logger.info("REST Session Headers: {}".format(self.rest_session.headers)) self.logger.info("Payload: {}".format(license)) with closing( requests.get( url, headers = self.rest_session.headers, timeout = self.rest_session.timeout, verify = False ) ) as response: self.logger.info("Response Code: {}".format(response.status_code)) if response.status_code == requests.codes.ok: license_dict = json.loads(response.text) if "expected_capacity" in license_dict: capacity = license_dict["expected_capacity"] else: pass else: # debugging self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return capacity
class RestSession(object): """ IXIA REST Session """ def __init__(self, protocol=None, ip=None, username=None, password=None): # Default Parameters, manual location redirection if protocol is None: protocol = "https" else: pass # Account self.username = username self.password = password # Singleton Logger self.logger = CustomLogger().get_logger() # Timeout self.timeout = 60 # Header self.headers = { "content-type": "application/json;charset=utf-8", } # Base URL + API Version self.proto_ip_url = "{protocol}://{ip}/".format(protocol=protocol, ip=ip) self.api_version = "bps/api/v1/" # Login/Logout - Session URL self.session_url = "auth/session" # This is a base URL self.base_url = self.proto_ip_url + self.api_version def login(self): # Basic Auth data = json.dumps({ "username": self.username, "password": self.password }) # Disable warnings requests.packages.urllib3.disable_warnings(InsecureRequestWarning) requests.packages.urllib3.disable_warnings(InsecurePlatformWarning) requests.packages.urllib3.disable_warnings(SNIMissingWarning) url = self.base_url + self.session_url self.logger.info("URL: {url}".format(url=url)) self.logger.info( "Login Headers: {headers}".format(headers=self.headers)) # Timeout self.timeout = 60 # Login: POST - establish connection response = requests.post(url, headers=self.headers, data=data, timeout=self.timeout, verify=False) if response.status_code == requests.codes.ok: # Session Info session_info = dict(response.json()) self.api_key = session_info["apiKey"] self.session_name = session_info["sessionName"] self.session_id = session_info["sessionId"] self.user_account_url = session_info["userAccountUrl"] # Create Cookie self.cookie = "{}={}".format(self.session_name, self.session_id) # Login is successful self.logger.info("Login OK - {username}/{password}".format( username=self.username, password=self.password)) self.logger.info("API Key - {}".format(self.api_key)) self.logger.info("Cookie - {}".format(self.cookie)) self.logger.info("User Acct URL - {}".format( self.user_account_url)) else: self.logger.error("Logged Fail - {username}/{password}".format( username=self.username, password=self.password)) def logout(self): url = self.base_url + self.session_url self.logger.info("URL: {url}".format(url=url)) self.logger.info( "Login Headers: {headers}".format(headers=self.headers)) # Headers self.headers = {"Cookie": self.cookie} # Timeout self.timeout = 60 # Logout: DELETE - close connection response = requests.delete(url, headers=self.headers, timeout=self.timeout, verify=False) if response.status_code == requests.codes.no_content: self.logger.info("Response Text: {}".format(response.text)) self.logger.info("Logout successful.") else: self.logger.error("Unable to logout.")
class SystemManagement(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URL specific to this Module self.license_url = "manage/license" self.activate_license_url = "manage/license/activate" self.system_info_url = "manage/systeminfo" self.staged_software_url = "manage/software/stagedversion" self.deployed_software_url = "manage/software/deployed" self.latest_software_url = "manage/software/latest" self.update_content_url = "manage/updatecontent" self.update_software_url = "manage/software/update" self.update_hotfix_url = "manage/software/update/hotfix" self.file_based_update_content_url = "manage/filebasedupdatecontent" self.users_url = "manage/users" # URL separator self.sep_url = "/" def get_system_info(self): # System Info system_info = {} # This is a special variable, license, showing the license used for this library # self.logger.info("Test Infra License: {}".format(license)) # Craft the URL url = self.rest_session.base_url + self.system_info_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data system_info = dict(response.json()) return system_info def set_license(self, license=None): # Action is_license_set = False # No license to activate if license == None: # No-op, just get out return is_license_set else: # Proceed in activating license pass # Craft the URL url = self.rest_session.base_url + self.activate_license_url # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query(url=url, verify=False, headers=headers, data=license) # Convert response to expected data if response.status_code == requests.codes.ok: is_license_set = True else: is_license_set = False return is_license_set def get_license(self, license=None): # License Info license_info = {} # Craft the URL if license == None: # Get whatever license is currently applied url = self.rest_session.base_url + self.license_url + self.sep_url + "dummy" else: # Get the specific license applied url = self.rest_session.base_url + self.license_url + self.sep_url + license # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data license_info = dict(response.json()) self.logger.info("License: {}".format(license_info)) return license_info def create_user(self, user_info): is_user_created = False # Craft the URL url = self.rest_session.base_url + self.users_url # Headers headers = self.rest_session.headers # Craft the payload data = json.dumps(user_info) # Call REST - POST response = self.rest_call.post_query(url=url, headers=headers, verify=False, data=data) # Convert response to expected data if response.status_code == requests.codes.ok: is_user_created = True else: is_user_created = False return is_user_created def update_user(self, user_info): is_user_updated = False # Craft the URL url = self.rest_session.base_url + self.users_url # Headers headers = self.rest_session.headers # Craft the payload data = json.dumps(user_info) # Call REST - PUT response = self.rest_call.put_query(url=url, headers=headers, verify=False, data=data) # Convert response to expected data if response.status_code == requests.codes.ok: is_user_updated = True else: is_user_updated = False return is_user_updated def get_user(self, user_login): # Info for specific user user_info = {} # Craft the URL url = self.rest_session.base_url + self.users_url + self.sep_url + user_login # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data user_info = dict(response.json()) return user_info def get_users(self): # List of users users = {} # Craft the URL url = self.rest_session.base_url + self.users_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data users = list(response.json()) return users def delete_user(self, user_login): # Action is_user_deleted = False # Craft the URL url = self.rest_session.base_url + self.users_url + self.sep_url + user_login # Headers headers = self.rest_session.headers # Call REST - DELETE response = self.rest_call.delete_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_user_deleted = True else: is_user_deleted = False return is_user_deleted def update_content(self): # Action is_content_update_initiated = False # Craft the URL url = self.rest_session.base_url + self.update_content_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_content_update_initiated = True else: is_content_update_initiated = False return is_content_update_initiated def file_based_update_content(self, filename): # Action is_content_update_initiated = False try: # Craft the URL url = self.rest_session.base_url + self.file_based_update_content_url # File to import files = { "file": (filename, open(filename, "rb"), "application/x-compressed") } # Customize header, remove "content-type". headers = dict(**self.rest_session.headers) headers.pop("content-type") # Call REST - POST response = self.rest_call.post_query(url=url, files=files, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_content_update_initiated = True else: pass except Exception as e: self.logger.error(e) return is_content_update_initiated def update_hotfix(self, microservice, swversion, hotfix): # Action is_update_initiated = False try: # Craft the URL url = self.rest_session.base_url + self.update_hotfix_url # Payload data = { "microservice": microservice, "swversion": swversion, "hotfixbuild": hotfix } # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query(url=url, data=data, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_update_initiated = True else: pass except Exception as e: self.logger.error(e) return is_update_initiated def get_staged_version(self): # Staged Version staged_version = [] # Craft the URL url = self.rest_session.base_url + self.staged_software_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: staged_version = list(response.json()) else: pass return staged_version def get_latest_version(self): # Latest Version latest_version = [] # Craft the URL url = self.rest_session.base_url + self.latest_software_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: latest_version = list(response.json()) else: pass return latest_version def apply_staged_software(self): # Staged Version is_update_initiated = False # Craft the URL url = self.rest_session.base_url + self.update_software_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_update_initiated = True else: pass return is_update_initiated
class Blacklist(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URLs specific to IP Blacklist self.blacklist_url = "accesscontrol/ipblacklist" self.disable_blacklist_url = "accesscontrol/ipblacklist/disable" self.import_by_file_url = "accesscontrol/importlistedip" self.import_by_feed_url = "accesscontrol/urlfeed/blacklistedips" self.export_listed_ip_url = "accesscontrol/export/blacklist" self.response_action_url = "accesscontrol/ipblacklist/action" self.global_settings_url = "accesscontrol/ipblacklist/globalsettings" def get_ip_blacklist(self): # Blacklists blacklists = None # Craft the URL url = self.rest_session.base_url + self.blacklist_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify = False, headers = headers ) # Convert response to expected data blacklists = list(response.json()) return blacklists def disable_ip_blacklist(self): # Action is_disabled = False # Craft the URL url = self.rest_session.base_url + self.disable_blacklist_url # Headers headers = self.rest_session.headers # Call REST - DELETE response = self.rest_call.delete_query( url = url, verify = False, headers = headers ) # Convert response to expected data if response.status_code == requests.codes.ok: is_disabled = True else: is_disabled = False return is_disabled def import_listed_ip(self, filename): # Action is_imported = False try: # Craft the URL url = self.rest_session.base_url + self.import_by_file_url # File to import, opened files = {"file": (filename, open(filename), "text/plain")} # Use file name and exclude full path _, file_name = os.path.split(filename) # Customize header, remove "content-type". headers = dict(**self.rest_session.headers) headers.pop("content-type") # "param" is the name of the imported file data = { "param": file_name, } # Call REST - POST response = self.rest_call.post_query( url = url, files = files, headers = headers, verify = False, data = data ) except Exception as e: self.logger.error(e) # Convert response to expected data if response.status_code == requests.codes.ok: is_imported = True else: is_imported = False return is_imported def import_listed_feed(self, urlfeed): # Action is_imported = False try: # Craft the URL url = self.rest_session.base_url + self.import_by_feed_url # Fetch the resource name feed_name = urlfeed.split("/")[-1] # Payload data = json.dumps({ "enable" : "false", "tenantId" : 1, "tenants" : [{"id": 1, "name": "default-tenant"}], "name" : feed_name, "type" : "2", "url" : urlfeed, "urlmd5" : "" }) # Headers headers = self.rest_session.headers # Call REST - POST response = self.rest_call.post_query( url = url, headers = headers, verify = False, data = data ) except Exception as e: self.logger.error(e) # Convert response to expected data if response.status_code == requests.codes.ok: is_imported = True else: is_imported = False return is_imported def export_listed_ip(self, export_file = None): # Action is_exported = False # Blacklist ip_blacklist = None try: # Craft the URL url = self.rest_session.base_url + self.export_listed_ip_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify = False, headers = headers ) # Convert response to expected data if response.status_code == requests.codes.ok: # IP Blacklist Count self.logger.info("IP Blacklist Count: {}".format(len(response.text.split()))) ip_blacklist = response.text is_exported = True else: self.logger.error(response.status_code) self.logger.error(response.content) except Exception as e: self.logger.error(e) try: if export_file is not None: with open(export_file, "w") as txt_file: txt_file.write(ip_blacklist) else: pass except Exception as e: self.logger.error(e) return is_exported def get_ip_blacklist_global_settings(self): # Global settings ip_blacklist_globalsettings = {} try: # Craft the URL url = self.rest_session.base_url + self.global_settings_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify = False, headers = headers ) # Convert response to expected data if response.status_code == requests.codes.ok: ip_blacklist_globalsettings = dict(response.json()) else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return ip_blacklist_globalsettings def set_ip_blacklist_action(self, action, frequency=30): # Action is_action_set = False # Blacklist - Response Action # 1 - Alert Only # 2 - Block and Alert # Blacklist - Frequency # Currently not used data = json.dumps({ "action" : action, "frequency" : frequency }) try: # Craft the URL url = self.rest_session.base_url + self.response_action_url # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url = url, headers = headers, verify = False, data = data ) # Convert response to expected data if response.status_code == requests.codes.ok: is_action_set = True self.logger.info("Blacklist Action Set.") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return is_action_set
class AccessControl(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # fetched data self.data = None # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URLs specific to ACL's self.accesscontrol_policy_url = "policy/accesscontrolpolicy" self.accesscontrol_policy_ruleadd = "policy/accesscontrolpolicy" self.accesscontrol_policy_nondefaultacl = "policy/accesscontrolpolicy" self.accesscontrol_policy_nondefaultacl_del = "policy/accesscontrolpolicy/" self.accesscontrol_policy_byruleid = "policy/accesscontrolpolicy/rules/" self.accesscontrol_policy_bychassisid = "policy/accesscontrolpolicy/chassis/" self.accesscontrol_policy_byinfraid = "policy/accesscontrolpolicy/infra/" self.accesscontrol_policy_byaclid = "policy/accesscontrolpolicy/" self.accesscontrol_policy_bytenantid = "policy/accesscontrolpolicy/tenant/" self.accesscontrol_policy_ruleadd_policyid = "policy/accesscontrolpolicy/rule" def get_access_controllist(self): accesscontrol = None # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrol = list(response.json()) return accesscontrol def add_access_control_rule(self): rule_added = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'Default ACL Policy': aclpolicyid = int(aid['id']) break data = json.dumps({ "id": aclpolicyid, "name": "Default ACL Policy", "tenantId": None, "aclRules": [ { "action": "PERMIT", "description": "", "destinationApps": "", "destinationCidrs": "", "destinationPortRanges": "", "name": "rule-51", "destinationResourceGroupList": [ ], "enableTLSInspection": False, "enabled": True, "orderNum": 1, "resourcegroupNames": [ ], "sourceResourceGroupList": [ ], "destinationProtocol": None, "spsId": 5, "tcpSessionTimeout": 1800, "hitStats": None, "tlsInspection": "DISABLED", "serviceList": [ ] }, { "id": 4, "name": "Default", "description": None, "orderNum": 2, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": "DISABLED", "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": None, "userType": "HUMAN", "user": "******", "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { "2": "tonyinf" }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }) try: # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data ) if response.status_code == requests.codes.ok: rule_added = True self.logger.info("New rule added to Default ACL.") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return rule_added def add_srcdst_access_control_rule(self, dstrg_id, srcrg_id, rule_nm): rules_added = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'Default ACL Policy': aclpolicyid = int(aid['id']) break group_handle = GroupandInsert(self.rest_session) rgid1 = str(dstrg_id) rgid2 = str(srcrg_id) newacl_add = [{ "id": aclpolicyid, "name": "Default ACL Policy", "tenantId": None, "aclRules": [ { "action": "PERMIT", "description": "", "destinationApps": "", "destinationCidrs": "", "destinationPortRanges": "", "name": "RG-1 to RG-2", "destinationResourceGroupList": [ 15 ], "enableTLSInspection": False, "enabled": True, "orderNum": 1, "resourcegroupNames": [ ], "sourceResourceGroupList": [ 14 ], "destinationProtocol": None, "spsId": 5, "tcpSessionTimeout": 1800, "hitStats": None, "tlsInspection": "DISABLED", "serviceList": [ 215 ] }, { "id": 4, "name": "Default", "description": None, "orderNum": 2, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": "DISABLED", "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": None, "userType": "HUMAN", "user": "******", "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { "2": "tonyinf-test2" }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }] for srcdstid in newacl_add: if srcdstid["name"] == "Default ACL Policy": srcdstid["aclRules"][0]["name"] = rule_nm srcdstid["aclRules"][0]["destinationResourceGroupList"] = [rgid1] srcdstid["aclRules"][0]["sourceResourceGroupList"] = [rgid2] data = json.dumps(newacl_add) data = str(data)[1:-1] try: # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data ) if response.status_code == requests.codes.ok: rules_added = True self.logger.info("New rules added with src and dst.") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return rules_added def add_nondefault_acl_policy(self): # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_nondefaultacl # Headers headers = self.rest_session.headers # Payload-1 data1 = json.dumps({ "id": 0, "name": "nondefault_acl_policy", "tenantId": 1, "aclRules": [ { "action": "PERMIT", "description": "Default rule", "destinationApps": "", "destinationCidrs": "", "destinationPortRanges": "", "name": "Default", "destinationResourceGroupList": [ ], "enableTLSInspection": False, "enabled": True, "id": 0, "orderNum": 1, "resourcegroupNames": [ ], "sourceResourceGroupList": [ ], "destinationProtocol": None, "spsId": 5, "tcpSessionTimeout": 1800, "hitStats": None, "tlsInspection": "DISABLED" } ] }) # Call REST - POST response = self.rest_call.post_query( url = url, headers = headers, verify=False, data = data1 ) nondefault_acl_id = int(response.json()) # Payload-2 payload = [{ "id": 0, "name": "nondefault_acl_policy", "tenantId": 1, "aclRules": [ { "id": 0, "name": "Default", "description": "Default rule", "orderNum": 1, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": None, "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": "", "userType": "HUMAN", "user": None, "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }] for aid in payload: if aid["id"] == 0: aid["id"] = nondefault_acl_id aid["aclRules"][0]["id"] = nondefault_acl_id+1 data2 = json.dumps(payload) data2 = str(data2)[1:-1] # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data2 ) if response.status_code == requests.codes.ok: print("Non Default ACL policy created successfully") else: print("Non default ACL creation not successful") return nondefault_acl_id def add_tls_rule(self): tls_rule_added = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'Default ACL Policy': aclpolicyid = int(aid['id']) break data = json.dumps({ "id": aclpolicyid, "name": "Default ACL Policy", "tenantId": None, "aclRules": [ { "action": "PERMIT", "description": "", "destinationApps": "", "destinationCidrs": "", "destinationPortRanges": "", "name": "Enable_TLS", "destinationResourceGroupList": [ ], "enableTLSInspection": True, "enabled": True, "orderNum": 1, "resourcegroupNames": [ ], "sourceResourceGroupList": [ ], "destinationProtocol": None, "spsId": 5, "tcpSessionTimeout": 1800, "hitStats": None, "tlsInspection": "INBOUND", "serviceList": [ 92 ], "syslog": False, "packetCapture": "DISABLED" }, { "id": 4, "name": "Default", "description": None, "orderNum": 2, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": "DISABLED", "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": None, "userType": "HUMAN", "user": "******", "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { "2": "tonyinf" }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }) try: # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data ) if response.status_code == requests.codes.ok: tls_rule_added = True self.logger.info("TLS policy enabled successfully.") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return tls_rule_added def add_multirule_httpping_service(self): multi_rule_added = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'Default ACL Policy': aclpolicyid = int(aid['id']) break data = json.dumps({ "id": aclpolicyid, "name": "Default ACL Policy", "tenantId": None, "aclRules": [ { "action": "DENY", "description": "", "destinationApps": "", "destinationCidrs": "", "destinationPortRanges": "", "name": "rule-2", "destinationResourceGroupList": [ ], "enableTLSInspection": False, "enabled": True, "orderNum": 1, "resourcegroupNames": [ ], "sourceResourceGroupList": [ ], "destinationProtocol": None, "spsId": 5, "tcpSessionTimeout": 1800, "hitStats": None, "tlsInspection": "DISABLED", "serviceList": [ 215 ] }, { "id": 165, "name": "rule-1", "description": "", "orderNum": 2, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ 25 ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": None, "spsId": 5, "action": "PERMIT", "hitStats": { "ruleId": 165, "hitCount": 0 }, "destinationProtocol": None, "destinationPortRanges": "", "userType": "HUMAN", "user": None, "mapOfChangeLogPerTS": None, "gmId": None, "enableTLSInspection": True }, { "id": 4, "name": "Default", "description": None, "orderNum": 3, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": "DISABLED", "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": None, "userType": "HUMAN", "user": "******", "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { "2": "tonyinf" }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }) try: # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data ) if response.status_code == requests.codes.ok: multi_rule_added = True self.logger.info("ACL rules with HTTP and Ping services added") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return multi_rule_added def del_all_defaultacl_rules(self): all_rule_del = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'Default ACL Policy': aclpolicyid = int(aid['id']) break data = json.dumps({ "id": aclpolicyid, "name": "Default ACL Policy", "tenantId": None, "aclRules": [ { "id": 4, "name": "Default", "description": None, "orderNum": 1, "enabled": True, "destinationResourceGroupList": [ ], "sourceResourceGroupList": [ ], "serviceList": [ ], "destinationApps": "", "syslog": False, "tcpSessionTimeout": 1800, "tlsInspection": "DISABLED", "packetCapture": "DISABLED", "spsId": 5, "action": "PERMIT", "destinationProtocol": None, "destinationPortRanges": None, "userType": "HUMAN", "user": "******", "mapOfChangeLogPerTS": None, "gmId": None } ], "infraMap": { "2": "tonyinf" }, "rgNameMap": None, "spsNameMap": None, "serviceNameMap": None }) try: # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url=url, headers=headers, verify=False, data=data ) if response.status_code == requests.codes.ok: all_rule_del = True self.logger.info("All rules deleted from the default ACL policy") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return all_rule_del def del_nondefaultacl_policy(self): del_nondefault_acl = False # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) accesscontrollist = list(response.json()) for aid in accesscontrollist: if aid["name"] == 'nondefault_acl_policy': aclpolicyid = str(aid['id']) break # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_nondefaultacl_del + aclpolicyid # Headers headers = self.rest_session.headers # Call REST - DELETE response = self.rest_call.delete_query( url = url, verify=False, headers = headers ) # Convert response to expected data if response.status_code == requests.codes.ok: del_nondefault_acl = True else: del_nondefault_acl = False return del_nondefault_acl def del_aclpolicy_aclid(self,acl_policy_id): del_aclpolicy_aclid = False aclid_policy = str(acl_policy_id) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_byaclid + aclid_policy # Headers headers = self.rest_session.headers # Call REST - DELETE response = self.rest_call.delete_query( url = url, verify=False, headers = headers ) # Convert response to expected data if response.status_code == requests.codes.ok: del_aclpolicy_aclid = True else: del_aclpolicy_aclid = False return del_aclpolicy_aclid def get_aclrule_ruleid(self,aclruleid): obtain_aclrule_byid = False aclruleid = str(aclruleid) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_byruleid + aclruleid # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) if response.status_code == requests.codes.ok: accesscontrollist = response.content obtain_aclrule_byid = True else: obtain_aclrule_byid = False return accesscontrollist def get_aclpolicy_chassisid(self,aclpolicychassisid): obtain_aclpolicy_bychassisid = False aclpolicychassisid = str(aclpolicychassisid) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_bychassisid + aclpolicychassisid # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) if response.status_code == requests.codes.ok: accesscontrol_list = response.content obtain_aclpolicy_bychassisid = True else: obtain_aclpolicy_bychassisid = False return accesscontrol_list def get_aclpolicy_infraid(self,aclpolicyinfraid): obtain_aclpolicy_byinfraid = False aclpolicyinfraid = str(aclpolicyinfraid) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_byinfraid + aclpolicyinfraid # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) if response.status_code == requests.codes.ok: ac_list = response.content obtain_aclpolicy_byinfraid = True else: obtain_aclpolicy_byinfraid = False return ac_list def get_aclpolicy_aclid(self,aclpolicyid): obtain_aclpolicy_byaclid = False aclpolicyid = str(aclpolicyid) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_byaclid + aclpolicyid # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) if response.status_code == requests.codes.ok: accesscontrolpolicy = response.content obtain_aclpolicy_byaclid = True else: obtain_aclpolicy_byaclid = False return accesscontrolpolicy def get_aclpolicy_tenantid(self,aclpolicytenantid): obtain_aclpolicy_bytenantid = False aclpolicytenantid = str(aclpolicytenantid) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_bytenantid + aclpolicytenantid # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query( url = url, verify=False, headers = headers ) if response.status_code == requests.codes.ok: accesscontrol_policy = response.content obtain_aclpolicy_bytenantid = True else: obtain_aclpolicy_bytenantid = False return accesscontrol_policy def add_aclrule_aclpolicyid(self,aclrule,aclpolicy_id): aclrule_addbypolicyid = False data = json.dumps(aclrule) aclpolid = "?aclPolicyId={0}".format(aclpolicy_id) # Craft the URL url = self.rest_session.base_url + self.accesscontrol_policy_ruleadd_policyid + aclpolid # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query( url = url, verify=False, headers = headers, data = data ) if response.status_code == requests.codes.ok: aclrule_addbypolicyid = True else: aclrule_addbypolicyid = False return aclrule_addbypolicyid
class CloudManagement(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URL specific to this Module self.infras_url = "infras" self.resource_group_url = "infras/resourcegroup" self.resource_groups_url = "infras/resourcegroups" self.ip_pool_url = "ippool" # URL separator self.sep_url = "/" def create_cloud(self, cloud_info): # Cloud ID cloud_id = None # Craft the URL url = self.rest_session.base_url + self.infras_url # Headers headers = self.rest_session.headers # Data data = json.dumps(cloud_info) # Create Infra Connector - POST response = self.rest_call.post_query(url=url, data=data, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: cloud_id = int(response.json()) else: pass return cloud_id def delete_cloud(self, cloud_id): # Craft the URL url = self.rest_session.base_url + self.infras_url + self.sep_url + str( cloud_id) # Headers headers = self.rest_session.headers # Delete Infra Connector - DELETE response = self.rest_call.delete_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: return True else: return False def get_cloud_objects(self, cloud_id): cloud_objects = None # Craft the URL url = self.rest_session.base_url + self.infras_url + self.sep_url + str( cloud_id) + self.sep_url + "objects" # Headers headers = self.rest_session.headers # Infra Objects - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: cloud_objects = dict(response.json()) else: return False return cloud_objects def create_cloud_infra(self, **cloud_info): # Infra ID infra_id = None # Verify necessary info are defined try: # Verify cloud info is not None if not all([ cloud_info["cloud_type"], cloud_info["username"], cloud_info["password"], ]): self.logger.error("One of the cloud info is None.") return infra_id else: # Proceed with cloud infra creation pass except KeyError as e: self.logger.error("Missing necessary cloud information.") return infra_id # Verify cloud information if cloud_info["cloud_type"] == "VMWARE": self.logger.info("Cloud Type: {}".format(cloud_info["cloud_type"])) elif cloud_info["cloud_type"] == "AWS": self.logger.info("Cloud Type: {}".format(cloud_info["cloud_type"])) elif cloud_info["cloud_type"] == "MS Azure": self.logger.info("Cloud Type: {}".format(cloud_info["cloud_type"])) else: self.logger.error("Cloud Type: {}".format( cloud_info["cloud_type"])) # Craft the URL url = self.rest_session.base_url + self.infras_url # Headers headers = self.rest_session.headers # Create Infra Connector - POST # Convert response to expected data return infra_id def get_cloud_infra(self): # Cloud list cloud_list = None # Craft the URL url = self.rest_session.base_url + self.infras_url # Headers headers = self.rest_session.headers # Get Cloud Infras - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: cloud_list = list(response.json()) else: pass return cloud_list def get_cloud_infra_by_name(self, cloud_name): # Cloud (Infra Connectors) cloud_list = self.get_cloud_infra() for cloud in cloud_list: if cloud_name == cloud["name"]: return cloud return None def update_cloud_infra(self, cloud_info): is_updated = False # Craft the URL url = self.rest_session.base_url + self.infras_url # Payload data = json.dumps(cloud_info) # Headers headers = self.rest_session.headers # Update Cloud Infra - PUT response = self.rest_call.put_query(url=url, data=data, verify=False, headers=headers) # Convert response to expected data if response.status_code == requests.codes.ok: is_updated = True else: pass return is_updated def create_resource_group(self, resource_group): rg_id = None # Craft the URL url = self.rest_session.base_url + self.resource_group_url # Headers headers = self.rest_session.headers # Payload data = json.dumps(resource_group) # Create Resource Group - POST response = self.rest_call.post_query(url=url, headers=headers, data=data, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: rg_id, _ = list(response.json()) else: pass return rg_id def get_resource_groups(self): resource_groups = [] # Craft the URL url = self.rest_session.base_url + self.resource_groups_url # Headers headers = self.rest_session.headers # Get Resource Groups - GET response = self.rest_call.get_query(url=url, headers=headers, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: resource_groups = list(response.json()) else: pass return resource_groups def get_resource_group_by_name(self, rg_name): resource_group = None # Craft the URL url = self.rest_session.base_url + self.resource_groups_url # Headers headers = self.rest_session.headers # Get Resource Groups - GET response = self.rest_call.get_query(url=url, headers=headers, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: for rg in list(response.json()): if rg["name"] == rg_name: resource_group = rg break else: pass return resource_group def remove_resource_group_by_name(self, rg_name): is_deleted = False rg = self.get_resource_group_by_name(rg_name) if rg is not None: # Craft the URL url = self.rest_session.base_url + self.resource_group_url + self.sep_url + str( rg["id"]) # Headers headers = self.rest_session.headers # Delete Resource Groups - DELETE response = self.rest_call.delete_query(url=url, headers=headers, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: is_deleted = True else: pass else: pass return is_deleted def create_ip_pool(self, ip_pool): ip_pool_id = None # Craft the URL url = self.rest_session.base_url + self.ip_pool_url # Data data = json.dumps(ip_pool) # Headers headers = self.rest_session.headers # Create IP Pool - POST response = self.rest_call.post_query(url=url, headers=headers, data=data, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: ip_pool_id = int(response.text) else: pass return ip_pool_id def get_ip_pools(self, infra_id): ip_pools = [] # Craft the URL url = self.rest_session.base_url + str( infra_id) + self.sep_url + self.ip_pool_url # Headers headers = self.rest_session.headers # Get IP Pools - GET response = self.rest_call.get_query(url=url, headers=headers, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: ip_pools = list(response.json()) else: pass return ip_pools def get_ip_pool_by_name(self, infra_id, ip_pool_name): ip_pools = self.get_ip_pools(infra_id) for ip_pool in ip_pools: if ip_pool["name"] == ip_pool_name: return ip_pool else: continue return None def delete_ip_pool_by_name(self, infra_id, ip_pool_name): is_deleted = False ip_pools = self.get_ip_pools(infra_id) ip_pool_id = None for ip_pool in ip_pools: if ip_pool["name"] == ip_pool_name: ip_pool_id = ip_pool["id"] break else: continue if ip_pool_id is not None: # Craft URL url = self.rest_session.base_url + self.ip_pool_url + self.sep_url + str( ip_pool_id) # Headers headers = self.rest_session.headers # Delete IP Pool - DELETE response = self.rest_call.delete_query(url=url, headers=headers, verify=False) # Convert response to expected data if response.status_code == requests.codes.ok: is_deleted = True else: pass else: # NOOP pass return is_deleted
class BreakingPoint: def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # Test Info self.test_id = None self.test_iteration = None self.model_name = None # URLs specific to Breaking Point self.ports_url = "bps/ports" self.reserve_ports_url = "bps/ports/operations/reserve" self.unreserve_ports_url = "bps/ports/operations/unreserve" self.chassis_config_url = "bps/ports/chassisconfig" self.change_card_config_url = "bps/ports/operations/changecardconfig" self.reboot_card_url = "bps/ports/operations/rebootcard" self.running_tests_url = "bps/tests" self.start_test_url = "bps/tests/operations/start" self.stop_test_url = "bps/tests/operations/stop" self.get_rts_url = "bps/tests/operations/getrts" self.result = "bps/tests/operations/getrts" # Breaking Point constants self.TEST_COMPLETE = 100.0 # 100% complete self.BETWEEN_CHECKS = 1 * 60 # period for checking the stats self.RAMP_UP = 20.0 # Ramp up self.RAMP_DOWN = 80.0 # Ramp down def get_ports_status(self): # Port status ports_status = None # Craft the URL url = self.rest_session.base_url + self.ports_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Call REST - GET response = self.rest_call.get_query( url = url, headers = headers, verify = False ) # Convert response to expected data ports_status = dict(response.json()) return ports_status def reserve_ports(self, slot, ports): # Action is_reserved = False # Craft the URL url = self.rest_session.base_url + self.reserve_ports_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"slot": slot, "portList": ports, "group": "1", "force": "true"}) # Call REST - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) # Convert response to expected data if response.status_code == requests.codes.ok: is_reserved = True else: is_reserved = False return is_reserved def unreserve_ports(self, slot, ports): # Action is_unreserved = False # Craft the URL url = self.rest_session.base_url + self.unreserve_ports_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"slot": slot, "portList": ports}) # Call REST - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) # Convert response to expected data if response.status_code == requests.codes.ok: is_unreserved = True else: is_unreserved = False return is_unreserved def check_chassis_config(self, slot): # Action is_chassis_ready = False # Craft the URL url = self.rest_session.base_url + self.chassis_config_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Get chassis config - GET response = self.rest_call.get_query( url = url, headers = headers, verify = False ) if response.status_code == requests.codes.ok: # Port Status chassis_config = dict(response.json()) self.logger.info("Chassis Config: {}".format(chassis_config)) if (len(chassis_config) > 0) and ("state" in chassis_config[slot]): if chassis_config[slot]["state"] == u"ok": is_chassis_ready = True else: self.logger.error("Chassis - ports are not ready.") self.logger.error("State: {}".format(chassis_config[slot]["state"])) else: self.logger.error("Unable to fetch chassis config.") else: self.logger.error("Unable to fetch chassis config.") return is_chassis_ready def change_card_config(self, slot, action, mode): # Action is_card_config_changed = False # Craft the URL url = self.rest_session.base_url + self.change_card_config_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"slot": slot, "action": action, "mode": mode}) # Change Card Config response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) # Convert response to expected data if response.status_code == requests.codes.ok: is_card_config_changed = True else: is_card_config_changed = False return is_card_config_changed def reboot_card(self, card_number): # Action is_rebooted = False # Craft the URL url = self.rest_session.base_url + self.reboot_card_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"cardNumber": card_number}) # Reboot card response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) # Convert response to expected data if response.status_code == requests.codes.ok: is_rebooted = True else: is_rebooted = False return is_rebooted def start_test(self, model_name): # Action is_started = False # Craft the URL url = self.rest_session.base_url + self.start_test_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"modelname": model_name, "group": "1"}) # Start Test - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) test_info = dict(response.json()) # Get test info self.model_name = model_name self.test_id = test_info["testid"] self.test_iteration = test_info["iteration"] if response.status_code == requests.codes.ok: is_started = True self.logger.info("Model Name: {}".format(self.model_name)) self.logger.info("Test ID: {}".format(self.test_id)) self.logger.info("Test Iteration: {}".format(self.test_iteration)) else: self.logger.error("Status Code: {}".format(response.status_code)) return is_started def stop_test(self, test_id): # Action is_stopped = False # Craft the URL url = self.rest_session.base_url + self.stop_test_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"testid": test_id}) # Stop Test - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) if response.status_code == requests.codes.ok: is_stopped = True else: is_stopped = False return is_stopped def get_real_time_stats(self, test_id, stats_group="summary"): rts = None # Craft the URL url = self.rest_session.base_url + self.get_rts_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload if stats_group in RealTimeStats.STATSGROUP: data = json.dumps({"runid": test_id, "statsGroup": stats_group}) else: data = json.dumps({"runid": test_id, "statsGroup": RealTimeStats.STATSGROUP[RealTimeStats.SUMMARY]}) # Get RTS - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) if response.status_code == requests.codes.ok: rts = dict(response.json()) self.logger.info("RTS: {}".format(rts)) else: self.logger.error("Error: %d" % response.status_code) self.logger.error("Unable to get RTS.") return rts def get_running_tests(self, user): # test ID test_id = None # Craft the URL url = self.rest_session.base_url + self.running_tests_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Get Running Tests - GET response = self.rest_call.get_query( url = url, headers = headers, verify = False ) # Test output testInfoRegExp = re.compile(r""" TestId:\s+\[(.*?)\]\s+ # Test ID, index 1 Run\s+by:\s+\[(.*?)\]\s+ # Run by, index 2 State:\s+\[(.*?)\]\s+ # State Progress:\s+\[(.*?)\] # Progress """, re.VERBOSE) if response.status_code == requests.codes.ok: self.logger.info("Response Text: %s" % response.text) runningTestsData = response.json() if len(runningTestsData) == 0: # Test is done, return testId = None return testId else: # Proceed pass try: for runningTestKey, runningTestValue in runningTestsData.items(): self.logger.debug("Running Test Key: >>%s<<, Running Test Value: >>%s<<" % (runningTestKey, runningTestValue)) if runningTestKey == 'runningTestInfo': self.logger.info("%s -> %s" % (runningTestKey, runningTestValue)) # search test info for testItem in runningTestValue.split(','): testInfo = re.search(testInfoRegExp, testItem) if user == testInfo.group(2): self.logger.info("Test ID: %s" % testInfo.group(1)) testId = testInfo.group(1) break else: self.logger.error("Test run by: >>%s<< == >>%s<<" % (user, testInfo.group(2))) testId = None else: pass except Exception as e: self.logger.error("Running test not found, test is done.") self.logger.error(e) else: self.logger.error("Error: %d" % response.status_code) self.logger.error("Unable to get running tests.") return testId def get_result(self, test_id): result = None # Craft the URL url = self.rest_session.base_url + self.result_url # Headers headers = { 'content-type': 'application/json;charset=utf-8', 'Cookie': self.rest_session.cookie } # Payload data = json.dumps({"runid": test_id}) # Get result - POST response = self.rest_call.post_query( url = url, headers = headers, data = data, verify = False ) if response.status_code == requests.codes.ok: result = dict(response.json()) else: self.logger.error("Error: %d" % response.status_code) self.logger.error("Unable to get result.") return result def get_model_name(self): return self.model_name def get_test_id(self): if self.test_id is not None: return self.test_id else: return None def get_test_iteration(self): return self.test_iteration def send_strikes_traffic(self, slot, ports, traffic_profile): # BP - Real Time Stats bp_stats = RealTimeStats() # Summary Stats summary_stats = None # Processed Stats processed_stats = { "model_name": None, "test_id": None, "test_iteration": None, "total_strikes": None, "total_allowed": None, "total_blocked": None, } # Reserve Ports ports_reserved = self.reserve_ports(slot, ports) if ports_reserved: # Start test test_started = self.start_test(traffic_profile) if test_started: # Get test info test_id = self.get_test_id() test_iteration = self.get_test_iteration() # Breaking Point - Real Time Stats, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] # Monitor progress and proceed after test completed while float(progress) < self.TEST_COMPLETE: # Wait before the next progress check time.sleep(self.BETWEEN_CHECKS) # Get RTS based on Test ID, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] # Breaking Point - Test run completed, extract results self.logger.critical("RTS[rts]: {}".format(rts["rts"])) summary_stats = bp_stats.parse_stats(rts["rts"]) self.logger.info("Total Strikes: {}".format(summary_stats["totalStrikes"])) self.logger.info("Total Allowed: {}".format(summary_stats["totalAllowed"])) self.logger.info("Total Blocked: {}".format(summary_stats["totalBlocked"])) # Populate processed stats processed_stats["model_name"] = traffic_profile processed_stats["test_id"] = test_id.lstrip("TEST-") processed_stats["test_iteration"] = test_iteration processed_stats["total_strikes"] = summary_stats["totalStrikes"] processed_stats["total_allowed"] = summary_stats["totalAllowed"] processed_stats["total_blocked"] = summary_stats["totalBlocked"] else: self.logger.error("Unable to start test.") else: self.logger.error("Unable to reserve ports.") # Release Ports ports_freed = self.unreserve_ports(slot, ports) if ports_freed: self.logger.info("Ports released.") else: self.logger.error("Unable to release ports.") return processed_stats def send_perf_traffic(self, slot, ports, traffic_profile): # BP - Real Time Stats bp_stats = RealTimeStats() # Summary Stats summary_stats = None # Processed Stats processed_stats = { "model_name": None, "test_id": None, "test_iteration": None, "avg_tx_tput": None, "avg_rx_tput": None, "avg_tcp_response_time": None, } # Stats precision for throughput and response time PRECISION = 2 tx_frame_data_rate = [] rx_frame_data_rate = [] tcp_response_time = [] # Reserve Ports ports_reserved = self.reserve_ports(slot, ports) if ports_reserved: # Start test test_started = self.start_test(traffic_profile) if test_started: # Get test info test_id = self.get_test_id() test_iteration = self.get_test_iteration() # Breaking Point - Real Time Stats, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] # Monitor progress and proceed after test completed while float(progress) < self.TEST_COMPLETE: # Wait before the next progress check time.sleep(self.BETWEEN_CHECKS) # Get RTS based on Test ID, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] if (progress >= self.RAMP_UP and progress <= self.RAMP_DOWN): # Capture stats during "Steady State" summary_stats = bp_stats.parse_stats(rts["rts"]) # Append stats tx_frame_data_rate.append(float(summary_stats["ethTxFrameDataRate"])) rx_frame_data_rate.append(float(summary_stats["ethRxFrameDataRate"])) tcp_response_time.append(float(summary_stats["tcpAvgResponseTime"])) else: # Ignore stats during "Ramp Up" and "Ramp Down" pass # Test completed, progress is 100% # Compute average avg_tx_frame_data_rate = (sum(tx_frame_data_rate) / len(tx_frame_data_rate)) avg_rx_frame_data_rate = (sum(rx_frame_data_rate) / len(rx_frame_data_rate)) avg_tcp_response_time = (sum(tcp_response_time) / len(tcp_response_time)) # Populate processed stats processed_stats["model_name"] = traffic_profile processed_stats["test_id"] = test_id.lstrip("TEST-") processed_stats["test_iteration"] = test_iteration processed_stats["avg_tx_tput"] = round(avg_tx_frame_data_rate, PRECISION) processed_stats["avg_rx_tput"] = round(avg_rx_frame_data_rate, PRECISION) processed_stats["avg_tcp_response_time"] = round(float(avg_tcp_response_time), PRECISION) else: self.logger.error("Unable to start test.") else: self.logger.error("Unable to reserve ports.") # Release Ports ports_freed = self.unreserve_ports(slot, ports) if ports_freed: self.logger.info("Ports released.") else: self.logger.error("Unable to release ports.") return processed_stats def send_cps_traffic(self, slot, ports, traffic_profile): # BP - Real Time Stats bp_stats = RealTimeStats() # Summary Stats summary_stats = None # Processed Stats processed_stats = { "model_name": None, "test_id": None, "test_iteration": None, "avg_tcp_client_established_rate": None, "avg_tcp_server_established_rate": None, "avg_tcp_response_time": None, } # Stats precision for CPS and response time PRECISION = 2 tcp_client_established_rate = [] tcp_server_established_rate = [] tcp_response_time = [] # Reserve Ports ports_reserved = self.reserve_ports(slot, ports) if ports_reserved: # Start test test_started = self.start_test(traffic_profile) if test_started: # Get test info test_id = self.get_test_id() test_iteration = self.get_test_iteration() # Breaking Point - Real Time Stats, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] # Monitor progress and proceed after test completed while float(progress) < self.TEST_COMPLETE: # Wait before the next progress check time.sleep(self.BETWEEN_CHECKS) # Get RTS based on Test ID, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] if (progress >= self.RAMP_UP and progress <= self.RAMP_DOWN): # Capture stats during "Steady State" summary_stats = bp_stats.parse_stats(rts["rts"]) # Append stats tcp_client_established_rate.append(float(summary_stats["tcpClientEstablishRate"])) tcp_server_established_rate.append(float(summary_stats["tcpServerEstablishRate"])) tcp_response_time.append(float(summary_stats["tcpAvgResponseTime"])) else: # Ignore stats during "Ramp Up" and "Ramp Down" pass # Test completed, progress is 100% # Compute average avg_tcp_client_established_rate = (sum(tcp_client_established_rate) / len(tcp_client_established_rate)) avg_tcp_server_established_rate = (sum(tcp_server_established_rate) / len(tcp_server_established_rate)) avg_tcp_response_time = (sum(tcp_response_time) / len(tcp_response_time)) # Populate processed stats processed_stats["model_name"] = traffic_profile processed_stats["test_id"] = test_id.lstrip("TEST-") processed_stats["test_iteration"] = test_iteration processed_stats["avg_tcp_client_established_rate"] = round(avg_tcp_client_established_rate, PRECISION) processed_stats["avg_tcp_server_established_rate"] = round(avg_tcp_server_established_rate, PRECISION) processed_stats["avg_tcp_response_time"] = round(float(avg_tcp_response_time), PRECISION) else: self.logger.error("Unable to start test.") else: self.logger.error("Unable to reserve ports.") # Release Ports ports_freed = self.unreserve_ports(slot, ports) if ports_freed: self.logger.info("Ports released.") else: self.logger.error("Unable to release ports.") return processed_stats def send_app_traffic(self, slot, ports, traffic_profile): # BP - Real Time Stats bp_stats = RealTimeStats() # Summary Stats summary_stats = None # Processed Stats processed_stats = { "model_name": None, "test_id": None, "test_iteration": None, "avg_tx_tput": None, "avg_rx_tput": None, "avg_tcp_client_established_rate": None, "avg_tcp_server_established_rate": None, "avg_tcp_response_time": None, } # Stats precision PRECISION = 2 # Stats tx_frame_data_rate = [] rx_frame_data_rate = [] tcp_client_established_rate = [] tcp_server_established_rate = [] tcp_response_time = [] # Reserve Ports ports_reserved = self.reserve_ports(slot, ports) if ports_reserved: # Start test test_started = self.start_test(traffic_profile) if test_started: # Get test info test_id = self.get_test_id() test_iteration = self.get_test_iteration() # Breaking Point - Real Time Stats, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] # Monitor progress and proceed after test completed while float(progress) < self.TEST_COMPLETE: # Wait before the next progress check time.sleep(self.BETWEEN_CHECKS) # Get RTS based on Test ID, extract progress rts = self.get_real_time_stats(test_id) progress = rts["progress"] if (progress >= self.RAMP_UP and progress <= self.RAMP_DOWN): # Capture stats during "Steady State" summary_stats = bp_stats.parse_stats(rts["rts"]) # Append stats - data rate tx_frame_data_rate.append(float(summary_stats["ethTxFrameDataRate"])) rx_frame_data_rate.append(float(summary_stats["ethRxFrameDataRate"])) # Append stats - establish rate tcp_client_established_rate.append(float(summary_stats["tcpClientEstablishRate"])) tcp_server_established_rate.append(float(summary_stats["tcpServerEstablishRate"])) # Append stats - response time tcp_response_time.append(float(summary_stats["tcpAvgResponseTime"])) else: # Ignore stats during "Ramp Up" and "Ramp Down" pass # Test completed, progress is 100% # Compute average data rate avg_tx_frame_data_rate = (sum(tx_frame_data_rate) / len(tx_frame_data_rate)) avg_rx_frame_data_rate = (sum(rx_frame_data_rate) / len(rx_frame_data_rate)) avg_tcp_response_time = (sum(tcp_response_time) / len(tcp_response_time)) # Compute average establish rate avg_tcp_client_established_rate = (sum(tcp_client_established_rate) / len(tcp_client_established_rate)) avg_tcp_server_established_rate = (sum(tcp_server_established_rate) / len(tcp_server_established_rate)) # Compute average TCP response time avg_tcp_response_time = (sum(tcp_response_time) / len(tcp_response_time)) # Populate processed stats processed_stats["model_name"] = traffic_profile processed_stats["test_id"] = test_id.lstrip("TEST-") processed_stats["test_iteration"] = test_iteration # Data rate processed_stats["avg_tx_tput"] = round(avg_tx_frame_data_rate, PRECISION) processed_stats["avg_rx_tput"] = round(avg_rx_frame_data_rate, PRECISION) # CPS processed_stats["avg_tcp_client_established_rate"] = round(avg_tcp_client_established_rate, PRECISION) processed_stats["avg_tcp_server_established_rate"] = round(avg_tcp_server_established_rate, PRECISION) # TCP response time processed_stats["avg_tcp_response_time"] = round(float(avg_tcp_response_time), PRECISION) else: self.logger.error("Unable to start test.") else: self.logger.error("Unable to reserve ports.") # Release Ports ports_freed = self.unreserve_ports(slot, ports) if ports_freed: self.logger.info("Ports released.") else: self.logger.error("Unable to release ports.") return processed_stats
class DataplaneManagement(object): def __init__(self, rest_session): # singleton logger self.logger = CustomLogger().get_logger() # fetched data self.data = None # REST Session self.rest_session = rest_session # Common REST Calls self.rest_call = RestCall(rest_session) # URLs specific to Resource group and Network set self.chassis_list_url = "chassislist" self.chassis_redeploy_id = "chassis/" self.network_set_insertionstaging_elements = "chassis/insertionstagingelements" self.network_set_chassis_bulkinsertion = "chassisbulkinsertion" def get_chassis_list(self): dp_list = None # Craft the URL url = self.rest_session.base_url + self.chassis_list_url # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) dp_list = list(response.json()) return dp_list def get_redeploy_chassisid(self, dp_id): job_id = None chassisid = str(dp_id) # Craft the URL url = self.rest_session.base_url + self.chassis_redeploy_id + chassisid + "/redeploy" # Headers headers = self.rest_session.headers # Call REST - GET response = self.rest_call.get_query(url=url, verify=False, headers=headers) job_id = response.json() return job_id def ns_insertionstaging_elements(self, ns_id, nsname, chassis_id, insertion_type): ns_staged = False insert_type = insertion_type.upper() payload = [{ "id": 19, "name": "NSET-1-PG63-200", "infraId": 1, "type": "NETWORK_SET", "chassisSubscriptionMap": { "2": { "subscription": { "chassisId": 2, "insertable": True, "insertionType": "SEGMENTATION", "markForDeletion": False, "precedence": 1, "resourceGroupId": 19 } } }, "status": "STAGING", "action": "EDIT" }] for i in payload: if i["type"] == "NETWORK_SET": i["id"] = ns_id i["name"] = nsname i["chassisSubscriptionMap"]["2"]["subscription"][ "chassisId"] = chassis_id i["chassisSubscriptionMap"]["2"]["subscription"][ "insertionType"] = insert_type i["chassisSubscriptionMap"]["2"]["subscription"][ "resourceGroupId"] = ns_id data = json.dumps(payload) try: # Craft the URL url = self.rest_session.base_url + self.network_set_insertionstaging_elements # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query(url=url, headers=headers, verify=False, data=data) if response.status_code == requests.codes.ok: ns_staged = True self.logger.info("New network set staged for insertion") else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return ns_staged def ns_chassis_bulkinsertion(self, ns_id, chassis_id, insertion_type): ns_insert = False insert_type = insertion_type.upper() payload = [{ "id": 22, "action": "EDIT", "infraId": 1, "status": "STAGING", "type": "NETWORK_SET", "chassisSubscriptionMap": { "2": { "subscription": { "chassisId": 2, "insertable": True, "insertionType": "SEGMENTATION", "markForDeletion": False, "precedence": 1, "resourceGroupId": 22 } } } }] for i in payload: if i["type"] == "NETWORK_SET": i["id"] = ns_id i["chassisSubscriptionMap"]["2"]["subscription"][ "chassisId"] = chassis_id i["chassisSubscriptionMap"]["2"]["subscription"][ "insertionType"] = insert_type i["chassisSubscriptionMap"]["2"]["subscription"][ "resourceGroupId"] = ns_id data = json.dumps(payload) try: # Craft the URL url = self.rest_session.base_url + self.network_set_chassis_bulkinsertion # Headers headers = self.rest_session.headers # Call REST - PUT response = self.rest_call.put_query(url=url, headers=headers, verify=False, data=data) if response.status_code == requests.codes.ok: ns_insert = True self.logger.info("New network set submitted for insertion") ns_jid = list(response.json()) for nsjid in ns_jid: if nsjid["type"] == 'NETWORK_SET': ns_jobid = int( nsjid["chassisSubscriptionMap"]["2"]["jobId"]) else: self.logger.error(response.status_code) except Exception as e: self.logger.error(e) return ns_jobid
# Pick URL and update periodically if action == "url1": url = "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/stopforumspam_180d.ipset" else: # Default URL url = "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/bi_any_2_1d.ipset" try: # Initialize bl_update = BlacklistUpdate(sx_session, logger) while True: is_updated = bl_update.update(url) if is_updated: logger.info("Update is successful.") else: logger.error("Update has failed.") # Sleep until next update time.sleep(5 * 60) # 5 minutes except KeyboardInterrupt as e: logger.info("Update task done. Goodbye.") except Exception as e: logger.error("Unknown exception: {}".format(e)) # Logout sx_session.logout() # Sample Run # python update_blacklist.py -i 172.16.27.73 -u sxapi -p sxpass -a url1