def main():
argument_spec = dict(
src=dict(type='str', default=None),
filter=dict(type='str', default=""),
)
argument_spec.update(fortios_argument_spec)
required_if = fortios_required_if
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=required_if,
)
result = dict(changed=False)
# fail if pyFG not present
if not HAS_PYFG:
module.fail_json(
msg=
'Could not import the python library pyFG required by this module')
#define device
f = FortiOS(module.params['host'],
username=module.params['username'],
password=module.params['password'],
timeout=module.params['timeout'],
vdom=module.params['vdom'])
#connect
try:
f.open()
except:
module.fail_json(msg='Error connecting device')
#get config
try:
f.load_config(path=module.params['filter'])
result['running_config'] = f.running_config.to_text()
except:
module.fail_json(msg='Error reading running config')
#backup config
if module.params['backup']:
backup(module, f.running_config.to_text())
#update config
if module.params['src'] is not None:
#store config in str
try:
conf_str = module.params['src']
f.load_config(in_candidate=True, config_text=conf_str)
except:
module.fail_json(
msg="Can't open configuration file, or configuration invalid")
#get updates lines
change_string = f.compare_config()
#remove not updatable parts
c = FortiConfig()
c.parse_config_output(change_string)
for o in NOT_UPDATABLE_CONFIG_OBJECTS:
c.del_block(o)
change_string = c.to_text()
if change_string != "":
result['change_string'] = change_string
result['changed'] = True
#Commit if not check mode
if module.check_mode is False and change_string != "":
try:
f.commit(change_string)
except CommandExecutionException as e:
module.fail_json(
msg=
"Unable to execute command, check your args, the error was {0}"
.format(e.message))
except FailedCommit as e:
module.fail_json(
msg="Unable to commit, check your args, the error was {0}".
format(e.message))
except ForcedCommit as e:
module.fail_json(
msg=
"Failed to force commit, check your args, the error was {0}"
.format(e.message))
module.exit_json(**result)
continue
if 'snmp-index' in line:
continue
line = line.strip()
result = regexp.match(line)
#print 'check result'
if result is not None:
action = result.group(1).strip()
detail = result.group(2).strip()
if action == 'config' or action == 'edit':
detail = detail.replace('"', '')
if detail not in current_block.get_block_names():
config_block = FortiConfig(detail, action, current_block)
current_block[detail] = config_block
else:
config_block = current_block[detail]
current_block = config_block
#print current_block.to_text()
results['current_block'] = current_block.to_text()
elif action == 'end' or action == 'next':
current_block = current_block.get_parent()
elif action == 'delete':
current_block.del_block(detail)
#print current_block.to_text()
results['current_block'] = current_block.to_text()
#print d.candidate_config.to_text()
def get_empty_configuration_block(self, block_name, block_type):
return FortiConfig(block_name, block_type)
#!/usr/bin/env python
# Gets router bgp config from the device, then do some changes to the BGP parameters, deletes a neighbor,
# creates a new one, modifies another and computes the difference
from pyFG import FortiOS, FortiConfig
import sys
if __name__ == '__main__':
hostname = sys.argv[1]
d = FortiOS(hostname, vdom='vpn')
d.open()
d.load_config('router bgp')
new_neigh = FortiConfig('10.6.6.8', 'edit')
new_neigh.set_param('remote-as', '123')
new_neigh.set_param('remotas', '123')
d.candidate_config['router bgp']['neighbor'].set_block(new_neigh)
d.candidate_config['router bgp']['neighbor']['10.6.6.6'].set_param(
'remote-as', '444')
d.candidate_config['router bgp']['neighbor'].del_block('10.6.6.7')
print "This is the diff of the configs:"
for line in d.compare_config(text=True):
print line
print "This is how to reach the desired state:"
config_changes = d.compare_config()
print config_changes
