def get_ipam_subnets(username, password, server):
username = username
appcode = password
ipam = PhpIpamClient(
url=server,
app_id=username,
username=username,
password=appcode,
user_agent='snmpscanner', # custom user-agent header
ssl_verify=False)
all_subnets = list()
sections = ipam.get('/sections/')
for section in sections:
id = section["id"]
subnets = ""
try:
subnets = ipam.get(f"/sections/{id}/subnets")
except:
pass
for subnet in subnets:
net = subnetobj()
net.section_id = id
net.subnet_id = subnet["id"]
net.network = subnet["subnet"]
net.netmask = subnet["mask"]
net.name = subnet["description"]
net.ips = get_subnet_addresses(net, username, password, server)
all_subnets.append(net)
return all_subnets
def CreateCustomerSlash56(description):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMv6subnets = ipam.get('/subnets/432/first_subnet/56/')
# Das neue Netz wird angelegt
IPAMvlans = ipam.post('/subnets/432/first_subnet/56/',
{'description': description})
searchstring = '/subnets/cidr/' + IPAMv6subnets + '/'
v6Info = ipam.get(searchstring, {
'filter_by': 'sectionId',
'filter_value': 2,
})
v6Info = json.dumps(v6Info[0])
v6Info = json.loads(v6Info)
bluev6Id = v6Info['id']
return bluev6Id
def FortiRoutev4(bluevlanID, cust):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'vlanId',
'filter_value': bluevlanID,
})
intblue = IPAMvlans[0]['number']
nummer = cust.replace('customer', '')
querystring = "/vlan/" + bluevlanID + "/subnets/"
blue = ipam.get(querystring)
for b in blue:
idb = b['id']
querystring = "/subnets/" + idb + "/addresses/"
bb = ipam.get(querystring)
for add in bb:
if add['hostname'] == 'AnycastGateway':
test = ipaddress.ip_address(add['ip'])
if isinstance(test, ipaddress.IPv4Address):
blueipv4 = add['ip']
if isinstance(test, ipaddress.IPv6Address):
blueipv6 = add['ip']
cfgblue = """
edit 0
set dst 185.213.35.0 255.255.255.0
set gateway %s
set device "cust%s_blue1"
next
""" % (blueipv4, nummer)
cfgblue2 = """
edit 0
set dst 100.64.247.0 255.255.255.0
set gateway %s
set device "cust%s_blue1"
next
""" % (blueipv4, nummer)
cfgblue = cfgblue + cfgblue2
return cfgblue
def CreateRedSubnetv6(vlanid, description):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMv6subnets = ipam.get('/subnets/915/first_subnet/64/')
v6subnet = IPAMv6subnets.split("/")
# Das neue Netz wird angelegt
IPAMvlans = ipam.post('/subnets/915/first_subnet/64/', {
'description': description,
'vlanId': vlanid
})
# Wir suchen uns die ID des Netzwerks
searchstring = '/subnets/cidr/' + IPAMv6subnets + '/'
bluev6Info = ipam.get(searchstring, {
'filter_by': 'sectionId',
'filter_value': 2,
})
bluev6Info = json.dumps(bluev6Info[0])
bluev6Info = json.loads(bluev6Info)
bluev6Id = bluev6Info['id']
searchstring = '/addresses/first_free/' + bluev6Id + '/'
IPAMvlans = ipam.post(searchstring, {
'description': 'NA',
'hostname': 'NA'
})
searchstring = '/addresses/first_free/' + bluev6Id + '/'
IPAMvlans = ipam.post(
searchstring, {
'description': 'AnycastGateway',
'hostname': 'AnycastGateway',
'deviceId': 83
})
searchstring = '/addresses/first_free/' + bluev6Id + '/'
IPAMvlans = ipam.post(searchstring, {
'description': 'Fortigate',
'hostname': 'Fortigate',
'deviceId': 84
})
return bluev6Id
def CreateRedSubnetv4(vlanid, description):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMsubnets = ipam.get('/subnets/921/first_subnet/31/')
subnet = IPAMsubnets.split("/")
IPAMvlans = ipam.post(
'/subnets/', {
'subnet': subnet[0],
'mask': subnet[1],
'sectionId': '1',
'description': description,
'masterSubnetId': 921,
'vlanId': vlanid
})
searchstring = '/subnets/cidr/' + IPAMsubnets + '/'
redv4Info = ipam.get(searchstring, {
'filter_by': 'sectionId',
'filter_value': 1,
})
netid = redv4Info[0]['id']
searchstring = '/addresses/first_free/' + netid + '/'
IPAMvlans = ipam.post(
searchstring, {
'description': 'AnycastGateway',
'hostname': 'AnycastGateway',
'deviceId': 83
})
IPAMvlans = ipam.post(searchstring, {
'description': 'Fortigate',
'hostname': 'Fortigate',
'deviceId': 84
})
return netid
def CreateExternVlan(vlanid, name, description, customcb3, customl3):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipamurl = config.get('IPAM', 'url')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url=ipamurl,
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.post(
'/vlan/', {
'domainId': 3,
'name': name,
'number': vlanid,
'description': description,
'custom_CB3': customcb3,
'custom_L3': customl3,
'custom_VRF': 'Extern'
})
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
for IPAMVlan in IPAMvlans:
current = int(IPAMVlan['number'])
if current == vlanid:
ipamid = IPAMVlan['vlanId']
return ipamid
def CLIGreen(bluevlanID):
"""Erstellen CLI fuer Fortimanager
Args:
bluevlanID (int): IPAM Vlan ID
cust (str): customer123 Bezeichnung
Returns:
str: Fortigate CLI fuer Blue
"""
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'vlanId',
'filter_value': bluevlanID,
})
intblue = IPAMvlans[0]['number']
return cfgblue
def DCNMv6Route(vrf, vlanidred, subnetid, description):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
bluevlanID = vlanidred
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'vlanId',
'filter_value': bluevlanID,
})
intblue = IPAMvlans[0]['number']
querystring = "/vlan/" + bluevlanID + "/subnets/"
blue = ipam.get(querystring)
for b in blue:
idb = b['id']
querystring = "/subnets/" + idb + "/addresses/"
bb = ipam.get(querystring)
for add in bb:
if add['hostname'] == 'Fortigate':
test = ipaddress.ip_address(add['ip'])
if isinstance(test, ipaddress.IPv4Address):
v4ipred = add['ip']
if isinstance(test, ipaddress.IPv6Address):
v6ipred = add['ip']
querystring = "/subnets/" + subnetid + "/"
blue = ipam.get(querystring)
v6iporange = blue['subnet'] + "/" + blue['mask']
scriptstring = "& python c:/Temp/Git/Cisco/DCNM/new-route6.py --v %s --p %s --n %s --r %s --t %s" % (
vrf, v6iporange, v6ipred, description, "FIXME")
return scriptstring
def NextFreeVlan(minimum, maximum):
"""[summary]
Args:
minimum (int): Freies VLAN suchen groesser als
maximum (int): Freies VLAN suchen kleiner als
Returns:
int: Freie VLAN Nummer
"""
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipamurl = config.get('IPAM', 'url')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url=ipamurl,
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
networks = []
for IPAMVlan in IPAMvlans:
if int(IPAMVlan['number']) > minimum and int(
IPAMVlan['number']) < 4000:
networks.append(int(IPAMVlan['number']))
# Sortieren
networks = sorted(networks)
bluevlan = 0
# Lücke finden
last = minimum
for network in networks:
if network > minimum and network < 4000:
if (last + 1) == network:
last = network
elif (last + 1) != network:
bluevlan = last + 1
if bluevlan == 0:
return None
return bluevlan
def ForcepointNew(customerID, kuerzel, vlanidorange, customerslash56):
namelang = customerID + "-" + kuerzel
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
querystring = "/vlan/" + vlanidorange + "/subnets/"
blue = ipam.get(querystring)
for b in blue:
idb = b['id']
querystring = "/subnets/" + idb + "/addresses/"
bb = ipam.get(querystring)
for add in bb:
if add['hostname'] == 'Fortigate':
test = ipaddress.ip_address(add['ip'])
if isinstance(test, ipaddress.IPv4Address):
v4iporange = add['ip']
if isinstance(test, ipaddress.IPv6Address):
v6iorange = add['ip']
querystring = "/subnets/" + customerslash56 + "/"
blue = ipam.get(querystring)
v6customer = blue['subnet'] + "/" + blue['mask']
scriptstring = "& python c:/Temp/Git/Forcepoint/new-customer.py --c %s --n %s --p %s" % (
namelang, v4iporange, v6customer)
return scriptstring
def CreateNewSection(name, cust):
"""Erstellen neuer Section in Ipam
Args:
name (str): Kunden Name (z. B. Dokumental)
cust (str): Firewall vdom Name (z. B. customer023)
Returns:
str: Returnt neue Section id
"""
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
secname = name + " IPv4"
secdesc = cust + '_' + name
IPAMvlans = ipam.post(
'/sections/', {
'name': secname,
'description': secdesc,
'masterSection': '4',
'permissions': '{"2":"2","3":"1","4":"3"}',
'strictMode': '1',
'subnetOrdering': 'default',
'order': None,
'showVLAN': '1',
'showVRF': '1',
'showSupernetOnly': '1',
'DNS': None
})
searchstring = "/sections/"
sectionid = ipam.get(searchstring, {
'filter_by': 'name',
'filter_value': secname,
})
return sectionid[0]['id']
def CreateServiceVlan(vlanid, name, description):
"""[summary]
Args:
vlanid (int): VLAN ID
name (str): customer123 customer ID
description (str): Kunden Name
Returns:
[type]: [description]
"""
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipamurl = config.get('IPAM', 'url')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url=ipamurl,
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.post(
'/vlan/', {
'domainId': 3,
'name': name,
'number': vlanid,
'description': description,
'custom_CB3': 1,
'custom_L3': 1,
'custom_VRF': 'Service'
})
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
for IPAMVlan in IPAMvlans:
current = int(IPAMVlan['number'])
if current == vlanid:
ipamid = IPAMVlan['vlanId']
return ipamid
def get_subnet_addresses(subnetobj, username, password, server):
username = username
appcode = password
ipam = PhpIpamClient(
url=server,
app_id=username,
username=username,
password=appcode,
user_agent='snmpscanner', # custom user-agent header
ssl_verify=False)
ips = list()
addresses = list()
try:
addresses = ipam.get(f"/subnets/{subnetobj.subnet_id}/addresses/")
except:
pass
for address in addresses:
ips.append(address["ip"])
return ips
def NewGreenSubnet():
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
for start in range(75, 100):
searchstring = "/subnets/search/10.113." + str(start) + ".0/24/"
bluev6Info = ipam.get(searchstring)
if bluev6Info == 0:
return start
def CreateGreenSubnetv4(vlanid, network, description):
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
subnet = "10.113." + str(network) + ".0"
IPAMsubnets = "10.113." + str(network) + ".0/24"
IPAMvlans = ipam.post(
'/subnets/', {
'subnet': subnet,
'mask': 24,
'sectionId': '1',
'description': description,
'vlanId': vlanid
})
searchstring = '/subnets/cidr/' + IPAMsubnets + '/'
redv4Info = ipam.get(searchstring, {
'filter_by': 'sectionId',
'filter_value': 1,
})
netid = redv4Info[0]['id']
searchstring = '/addresses/first_free/' + netid + '/'
IPAMvlans = ipam.post(searchstring, {
'description': 'Fortigate',
'hostname': 'Fortigate',
'deviceId': 84
})
return netid
async def List_all_subnet(self, url, username, password, app, api):
print("1")
import sys
print("2")
import warnings
print("3")
if not sys.warnoptions:
warnings.simplefilter("ignore")
from phpipam_client import PhpIpamClient
ipam = PhpIpamClient(
ssl_verify=False,
url=url,
app_id=app,
username=username,
password=password,
token=api,
user_agent='Splunk_lookup',
)
subnet = ipam.get('/subnets/')
info = []
for line in subnet:
if (isinstance(line['location'], list) or not line['location']):
location = 'N/A'
else:
location = line['location']["name"]
info.append([
line['subnet'],
str(line['mask']),
str(line['vlanId']),
str(line['description']),
str(location)
])
return info[0][0]
folder = folder + "/settings.ini"
config.read(folder)
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
#{'vlanId': '2230', 'domainId': '3', 'name': 'DOP-LAB-DOP-INTERN', 'number': '844', 'description': None,
# 'editDate': None, 'customer_id': None, 'custom_vni': '1', 'custom_CB3': '1', 'custom_L3': '0', 'custom_VRF': None}
#
# Aus DCNM holen und in Class Object verwandeln
for dvrf in dcnmvrf:
decodedvrf = json.loads(dvrf['vrfTemplateConfig'])
ivrf = None
ivrf = Cb3VRF(decodedvrf['vrfVlanId'], dvrf['vrfName'], False, 0,
dvrf['vrfId'], True)
for ipamvl in IPAMvlans:
if (decodedvrf['vrfVlanId'] == ipamvl['number']):
ipv6data['TAG'][x]))
switches = []
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=dcnmuser,
ssl_verify=False,
password=dcnmpassword,
user_agent='myapiclient', # custom user-agent header
)
# Alle VLANs aus dem IPAM holen
FabIXN = ipam.get('/devices/', {
'filter_by': 'custom_Fabric',
'filter_value': 'DOP-FAB-DEIXN001',
})
FabCYO = ipam.get('/devices/', {
'filter_by': 'custom_Fabric',
'filter_value': 'DOP-FAB-DECYO001',
})
# Array um die Switche aufzunehmen
FabIXN = json.dumps(FabIXN)
FabIXN = json.loads(FabIXN)
for switch in FabIXN:
switches.append(FabricSwitch(switch['hostname'], switch['custom_Serial']))
for switch in FabCYO:
switches.append(FabricSwitch(switch['hostname'], switch['custom_Serial']))
# In jeden Switch rein, und die Route Templates einfügen
ipamsettings = IPAMSetup()
ipam = PhpIpamClient(
url=ipamsettings.url,
app_id='network',
username=ipamsettings.ipamuser,
ssl_verify=False,
password=ipamsettings.ipampassword,
user_agent='myapiclient', # custom user-agent header
)
#IPAMvlans = ipam.patch('/vlan/2503', {
# 'name': 'FID_SDWorx_HB',
# 'custom_vni': '12345',
# 'custom_VRF': 'Boller',
# 'custom_CB3': '1',
# 'custom_L3': '1',
#})
#{'id': '30', 'hostname': 'DOP-SWL-DECYO004', 'ip': '10.110.126.16', 'type': '1', 'description': None, 'sections': '1;2',
# 'snmp_community': None, 'snmp_version': '0', 'snmp_port': '161', 'snmp_timeout': '1000', 'snmp_queries': None, 'snmp_v3_sec_level': 'none',
# 'snmp_v3_auth_protocol': 'none', 'snmp_v3_auth_pass': None, 'snmp_v3_priv_protocol': 'none', 'snmp_v3_priv_pass': None, 'snmp_v3_ctx_name': None,
# 'snmp_v3_ctx_engine_id': None, 'rack': '8', 'rack_start': '1', 'rack_size': '1', 'location': '1', 'editDate': '2021-12-20 08:47:06',
# 'custom_Serial': 'FDO23270DEW', 'custom_Fabric': 'DOP-FAB-DECYO001', 'custom_Switch-Role': 'Shared-Leaf'
IPAMDevices = ipam.get('/devices/', {
'filter_by': 'hostname',
'filter_value': "DOP-SWL-DECYO004",
})
print(IPAMDevices)
config system interface
""" % (cust)
# IPAM Abfragen und IP Informationen ziehen
# ipam Konfiguration
ipam = PhpIpamClient(
url=ipamurl,
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
for IPAMVlan in IPAMvlans:
if int(IPAMVlan['number']) == intblue:
idblue = IPAMVlan['vlanId']
#if int(IPAMVlan['number']) == intgreen:
# idgreen = IPAMVlan['vlanId']
#if int(IPAMVlan['number']) == intred:
# idred = IPAMVlan['vlanId']
#if int(IPAMVlan['number']) == intorange:
# idorange = IPAMVlan['vlanId']
# blue
querystring = "/vlan/" + idblue + "/subnets/"
blue = ipam.get(querystring)
def CLIRed(bluevlanID, cust):
"""Erstellen CLI fuer Fortimanager
Args:
bluevlanID (int): IPAM Vlan ID
cust (str): customer123 Bezeichnung
Returns:
str: Fortigate CLI fuer Blue
"""
config = ConfigParser()
config.read('C:/Temp/Git/Fortinet/Fortigate/settings.ini')
ipamuser = config.get('IPAM', 'ipamuser')
ipampassword = config.get('IPAM', 'ipampassword')
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'vlanId',
'filter_value': bluevlanID,
})
intblue = IPAMvlans[0]['number']
nummer = cust.replace('customer', '')
querystring = "/vlan/" + bluevlanID + "/subnets/"
blue = ipam.get(querystring)
for b in blue:
idb = b['id']
querystring = "/subnets/" + idb + "/addresses/"
bb = ipam.get(querystring)
for add in bb:
if add['hostname'] == 'Fortigate':
test = ipaddress.ip_address(add['ip'])
if isinstance(test, ipaddress.IPv4Address):
blueipv4 = add['ip'] + "/" + b['mask']
if isinstance(test, ipaddress.IPv6Address):
blueipv6 = add['ip'] + "/" + b['mask']
cfgred = """
edit "cust%s_red1"
set alias "cust%s_red-Extern"
set vdom "%s"
set status down
set ip %s
set allowaccess ping
config ipv6
set ip6-address %s
set ip6-allowaccess ping
end
set interface "Port-Channel13"
set vlanid %s
next
""" % (nummer, nummer, cust, blueipv4, blueipv6, intblue)
return cfgred
def handler(context, inputs):
global logging
setup_logger()
cert = None
try:
auth_credentials = get_auth_credentials(context, inputs)
username = auth_credentials["privateKeyId"]
password = auth_credentials["privateKey"]
phpIPAMProperties = get_properties(inputs)
appId = phpIPAMProperties["phpIPAM.appId"]
# cert = get_cert(inputs)
from phpipam_client import PhpIpamClient, GET, PATCH
logging.info("Preparing phpIPAM connection")
ipam = PhpIpamClient(
url=inputs["endpoint"]["endpointProperties"]["hostName"],
app_id=appId,
username=username,
password=password,
user_agent='vra-ipam', # custom user-agent header
)
sectionId = getSectionId(phpIPAMProperties["phpIPAM.sectionName"],
ipam)
# sectionId = "3"
subnets = ipam.get('/sections/' + sectionId + '/subnets')
ipRanges = []
for subnet in subnets:
if (subnet["allowRequests"] is "1"):
subnetPrefixLength = subnet["mask"]
cidr = subnet["subnet"] + "/" + subnetPrefixLength
network = ipaddress.IPv4Network(cidr)
startIpAddress = ipam.get('/subnets/' + subnet["id"] +
'/first_free/')
endIpAddress = str(network[-2])
# Build ipRange Object
ipRange = {}
ipRange["id"] = subnet["id"]
ipRange["name"] = cidr
ipRange["description"] = subnet["description"]
ipRange["startIPAddress"] = startIpAddress
ipRange["endIPAddress"] = endIpAddress
ipRange["ipVersion"] = 'IPv4'
if "gatewayId" in subnet:
gatewayIp = ipam.get("/addresses/" + subnet["gatewayId"] +
"/")
ipRange["gatewayAddress"] = gatewayIp["ip"]
if "nameservers" in subnet:
ipRange["dnsServerAddresses"] = subnet["nameservers"][
"namesrv1"].split(';')
ipRange["subnetPrefixLength"] = subnetPrefixLength
#ipRange["addressSpaceId"] = addressSpaceId
ipRange["domain"] = phpIPAMProperties["phpIPAM.domain"]
#ipRange["dnsSearchDomains"] = None
#ipRange["properties"] = None
#ipRange["tags"] = None
#logging.info(subnet["id"], cidr, subnet["description"], startIpAddress, endIpAddress, 'IPv4', addressSpaceId, gatewayAddress, subnetPrefixLength, dnsServerAddresses)
ipRanges.append(ipRange)
#logging.info(ipRanges)
result = {"ipRanges": ipRanges}
return result
except Exception as e:
return build_error_response("5000", str(e))
finally:
if cert is not None and type(cert) is str:
os.unlink(cert)
# ipam Konfiguration
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=ipamuser,
ssl_verify=False,
password=ipampassword,
user_agent='myapiclient', # custom user-agent header
)
# BLUE
# Blue braucht ein VLAN im Bereich 3000 - 3499
# Alle VLANs aus dem IPAM holen
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
# Liste bauen der VLAN Nummern
for IPAMVlan in IPAMvlans:
networks.append(int(IPAMVlan['number']))
# Sortieren
networks = sorted(networks)
bluevlan = 0
# Lücke finden
last = 3000
for network in networks:
if network > 3000 and network < 3500:
# DCNM Token abholen
token = getRestToken(dcnmuser, dcnmpassword, dcnmserver)
# ipam Konfiguration
ipam = PhpIpamClient(
url='https://ipam.consinto.com',
app_id='network',
username=dcnmuser,
ssl_verify=False,
password=dcnmpassword,
user_agent='myapiclient', # custom user-agent header
)
# Ipam Abfrage definieren und auslösen
IPAMvlans = ipam.get('/vlan/', {
'filter_by': 'domainId',
'filter_value': 3,
})
# Abgefragte Daten aus IPAM verarbeitbar machen
IPAMvlans = json.dumps(IPAMvlans)
IPAMvlans = json.loads(IPAMvlans)
count = 0
exists = True
# Durch IPAM Daten iterieren und in das Array aufnehmen
for IPAMvlan in IPAMvlans:
if IPAMvlan['custom_CB3'] == "1":
networks.append(
Cb3Vlan(IPAMvlan['number'], IPAMvlan['name'], exists,
logger.info("+++++++++++++++++++++++++NEW+++++++++++++++++++++++++++++")
logger.info('Settings %s', args)
# Switche aufloesen
vrflist = vrfstring.split(",")
switchsplit = switchstring.split(",")
switchlist = []
# wir holen uns hostname, serial und fabric aus dem ipam
for switch in switchsplit:
if "DOP" in switch:
IPAMDevices = ipam.get('/devices/', {
'filter_by': 'hostname',
'filter_value': switch,
})
switchlist.append(
FabricSwitch(IPAMDevices[0]['hostname'],
IPAMDevices[0]['custom_Serial'],
IPAMDevices[0]['custom_Fabric']))
logger.info('Switch %s', IPAMDevices[0]['hostname'])
else:
IPAMDevices = ipam.get('/devices/', {
'filter_by': 'custom_Serial',
'filter_value': switch,
})
switchlist.append(
FabricSwitch(IPAMDevices[0]['hostname'],
IPAMDevices[0]['custom_Serial'],
IPAMDevices[0]['custom_Fabric']))
