def main(): argument_spec = dict( src=dict(type='str', default=None), filter=dict(type='str', default=""), ) argument_spec.update(fortios_argument_spec) required_if = fortios_required_if module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=required_if, ) result = dict(changed=False) # fail if pyFG not present if not HAS_PYFG: module.fail_json( msg= 'Could not import the python library pyFG required by this module') #define device f = FortiOS(module.params['host'], username=module.params['username'], password=module.params['password'], timeout=module.params['timeout'], vdom=module.params['vdom']) #connect try: f.open() except: module.fail_json(msg='Error connecting device') #get config try: f.load_config(path=module.params['filter']) result['running_config'] = f.running_config.to_text() except: module.fail_json(msg='Error reading running config') #backup config if module.params['backup']: backup(module, f.running_config.to_text()) #update config if module.params['src'] is not None: #store config in str try: conf_str = module.params['src'] f.load_config(in_candidate=True, config_text=conf_str) except: module.fail_json( msg="Can't open configuration file, or configuration invalid") #get updates lines change_string = f.compare_config() #remove not updatable parts c = FortiConfig() c.parse_config_output(change_string) for o in NOT_UPDATABLE_CONFIG_OBJECTS: c.del_block(o) change_string = c.to_text() if change_string != "": result['change_string'] = change_string result['changed'] = True #Commit if not check mode if module.check_mode is False and change_string != "": try: f.commit(change_string) except CommandExecutionException as e: module.fail_json( msg= "Unable to execute command, check your args, the error was {0}" .format(e.message)) except FailedCommit as e: module.fail_json( msg="Unable to commit, check your args, the error was {0}". format(e.message)) except ForcedCommit as e: module.fail_json( msg= "Failed to force commit, check your args, the error was {0}" .format(e.message)) module.exit_json(**result)
continue if 'snmp-index' in line: continue line = line.strip() result = regexp.match(line) #print 'check result' if result is not None: action = result.group(1).strip() detail = result.group(2).strip() if action == 'config' or action == 'edit': detail = detail.replace('"', '') if detail not in current_block.get_block_names(): config_block = FortiConfig(detail, action, current_block) current_block[detail] = config_block else: config_block = current_block[detail] current_block = config_block #print current_block.to_text() results['current_block'] = current_block.to_text() elif action == 'end' or action == 'next': current_block = current_block.get_parent() elif action == 'delete': current_block.del_block(detail) #print current_block.to_text() results['current_block'] = current_block.to_text() #print d.candidate_config.to_text()
def get_empty_configuration_block(self, block_name, block_type): return FortiConfig(block_name, block_type)
#!/usr/bin/env python # Gets router bgp config from the device, then do some changes to the BGP parameters, deletes a neighbor, # creates a new one, modifies another and computes the difference from pyFG import FortiOS, FortiConfig import sys if __name__ == '__main__': hostname = sys.argv[1] d = FortiOS(hostname, vdom='vpn') d.open() d.load_config('router bgp') new_neigh = FortiConfig('10.6.6.8', 'edit') new_neigh.set_param('remote-as', '123') new_neigh.set_param('remotas', '123') d.candidate_config['router bgp']['neighbor'].set_block(new_neigh) d.candidate_config['router bgp']['neighbor']['10.6.6.6'].set_param( 'remote-as', '444') d.candidate_config['router bgp']['neighbor'].del_block('10.6.6.7') print "This is the diff of the configs:" for line in d.compare_config(text=True): print line print "This is how to reach the desired state:" config_changes = d.compare_config() print config_changes