def login(): client_args = APIClientArgs(server=config.api_server) client = APIClient(client_args) client.debug_file = "api_calls.json" if client.check_fingerprint() is False: print( "Could not get the server's fingerprint - Check connectivity with the server." ) logging.warning( "Could not get the server's fingerprint - Check connectivity with the server." ) sys.exit(1) login_res = client.login(config.username, config.password, "True", config.domain) if login_res.success is False: print("Login failed: {}".format(login_res.error_message)) logging.warning("Login failed: {}".format(login_res.error_message)) sys.exit(1) config.session = client
def main(argv): # Initialize arguments global_domain = "Global" auto_assign = False if argv: parser = argparse.ArgumentParser() parser.add_argument("-s", type=str, action="store", help="Server IP address or hostname", dest="server") parser.add_argument("-u", type=str, action="store", help="User name", dest="username") parser.add_argument("-p", type=str, action="store", help="Password", dest="password") parser.add_argument("-o", type=str, action="store", help="Original host IP", dest="origin_ip") parser.add_argument("-n", type=str, action="store", help="New host name", dest="new_name") parser.add_argument("-m", type=str, action="store", help="New host IP", dest="new_ip") parser.add_argument("-g", type=str, action="store", help="Global domain name", dest="global_name") parser.add_argument("-a", action="store_true", default=False, help="Indicates that the script will do assign of global domain") args = parser.parse_args() required = "server username password origin_ip new_name new_ip".split() for r in required: if args.__dict__[r] is None: parser.error("parameter '%s' required" % r) server = args.server username = args.username password = args.password orig_host_ip = args.origin_ip cloned_host_name = args.new_name cloned_host_ip = args.new_ip auto_assign = args.a if args.global_name is not None: global_domain = args.global_name else: server = raw_input("Enter server IP address or hostname:") username = raw_input("Enter username: "******"Enter password: "******"Attention! Your password will be shown on the screen!") password = raw_input("Enter password: "******"Enter host IP address: ") cloned_host_name = raw_input("Enter new host name: ") cloned_host_ip = raw_input("Enter new host server IP :") global_domain_input = raw_input("Enter global domain name in case of MDS server: [In order to use the default " "value ('Global') or in case of CMA hit 'Enter']") if global_domain_input != "": global_domain = global_domain_input auto_assign_input = raw_input("Enter 'True' if you want the script to do " "assign of the global domain [In order to use the default value " "('False') hit 'Enter']") if auto_assign_input != "" and auto_assign_input == "True": auto_assign = auto_assign_input with APIClient(APIClientArgs(server=server)) as client: # Creates debug file. The debug file contains all the communication # between the python script and Check Point's management server. client.debug_file = "api_calls.json" global log_file log_file = open('logfile.txt', 'w+') # The API client, would look for the server's certificate SHA1 fingerprint in a file. # If the fingerprint is not found on the file, it will ask the user if he # accepts the server's fingerprint. # In case the user does not accept the fingerprint, exit the program. log("\n\tChecking the fingerprint for server {}...".format(server)) if client.check_fingerprint() is False: write_message_close_log_file_and_exit("Could not get the server's fingerprint" " - Check connectivity with the server.") # login to server log("\n\tLogging in to server {}...".format(server)) login_res = client.login(username, password) if login_res.success is False: write_message_close_log_file_and_exit("Login failed:\n{}".format(login_res.error_message)) # show session details in order to check if the server is MDS log("\n\tVerifying the type of server {}...".format(server)) session_res = client.api_call("show-session", {}, login_res.data["sid"]) if session_res.success is False: write_message_close_log_file_and_exit("Login failed:\n{}".format(session_res.error_message)) # the server is not MDS, perform clone host only on the this server if session_res.data["domain"]["domain-type"] != "mds": log("\n\tLogged into SM server {}".format(server)) find_host_by_ip_and_clone(client, orig_host_ip, cloned_host_name, cloned_host_ip) # the server is MDS, run clone host on each of the existing domains else: log("\n\tLogged into MD server {}".format(server)) client_domain = APIClient(APIClientArgs(server=server)) client_domain.debug_file = "api_domain_calls.json" try: # handle global domain log("\n\tChecking on Global Domain...") handle_global_domain(client, username, password, client_domain, global_domain, auto_assign, orig_host_ip, cloned_host_name, cloned_host_ip) # get list of domains domains = client.api_query("show-domains") if domains.success is False: discard_write_to_log_file(client, "Failed to get the domains data:\n{}".format(domains.error_message)) # login out the MDS server client.api_call("logout", {}) log_file.close() exit(1) # go over all the existing domains for domain in domains.data: log("\n\tChecking on Local Domain {}".format(domain["name"])) handle_local_domain(client_domain, domain, username, password, orig_host_ip, cloned_host_name, cloned_host_ip) finally: client_domain.save_debug_data() # close the log file log_file.close()