def test_ip_subnet_tag(self): t = taglib.ip_subnet_tag("127.0.0.0/8") eq_(t.kind, "IPv4 subnet") eq_(t.name, "127.0.0.0/8") eq_(t.sort_name, "v4 7f000000/08") t = taglib.ip_subnet_tag("127.0.0.0/8", "interface subnet") eq_(t.kind, "interface subnet") eq_(t.name, "127.0.0.0/8") eq_(t.sort_name, "v4 7f000000/08")
def test_ip_subnet_tag(self): t = taglib.ip_subnet_tag("127.0.0.0/8") eq_(t.kind, "IPv4 subnet") eq_(t.name, "127.0.0.0/8") eq_(t.sort_name, "v4 7f000000/08") t = taglib.ip_subnet_tag("127.0.0.0/8", "interface subnet") eq_(t.kind, "interface subnet") eq_(t.name, "127.0.0.0/8") eq_(t.sort_name, "v4 7f000000/08")
def tag_addresses(family_elem): for address_elem in family_elem.xpath("address/name"): ifa_tag = taglib.ip_address_tag(address_elem.text, kind="interface address") ifa_tag.implied_by(unit_tag, address_elem.sourceline) t = taglib.ip_address_tag(address_elem.text) t.implied_by(ifa_tag, address_elem.sourceline) t.implies(taglib.ip_subnet_tag(address_elem.text), address_elem.sourceline)
def tag_addresses(family_elem): for address_elem in family_elem.xpath("address/name"): ifa_tag = taglib.ip_address_tag(address_elem.text, kind="interface address") ifa_tag.implied_by(unit_tag, address_elem.sourceline) t = taglib.ip_address_tag(address_elem.text) t.implied_by(ifa_tag, address_elem.sourceline) t.implies(taglib.ip_subnet_tag(address_elem.text), address_elem.sourceline)
def interface(self): # preconfigure is inserted into the config before the interface name when the matching # hardware isn't found. for now, lets just ignore these interfaces. inactive = self.accept(Keyword) name = self.expect(Name) if_tag = None if not inactive: if_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name)) if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum) if_tag.implies(taglib.env_tags.device, self.lineNum) if_tag.implies( taglib.tag("interface type", re.sub(r"[0-9/.]+$", "", name)), self.lineNum) self.expect(EndOfCommand) while True: if self.accept(Token.EndOfMode) is not None: return if self.accept(Whitespace) is not None: continue if self.accept(Comment) is not None: self.skipTo(EndOfCommand) continue try: op = self.accept(Operator) cmd = self.expect(Keyword) if False: pass elif cmd == "description": description = self.expect(String) if not inactive: t = taglib.tag("interface description", description) t.implied_by(if_tag, self.lineNum) self.expect(EndOfCommand) elif cmd == "ipv4": self.ip(if_tag=if_tag, version="IPv4", active=not inactive) elif cmd == "ipv6": ra = self.ip(if_tag=if_tag, version="IPv6", active=not inactive) # (ra_suppress, ra_line, if_prefix, ra_prefix) if not ra[0] and ra[1]: ratag = taglib.tag("ra server", if_tag.name) if len(ra[3]): for p in ra[3]: ratag.implies(taglib.ip_subnet_tag(p), ra[1]) else: for p in ra[2]: ratag.implies(taglib.ip_subnet_tag(p), ra[1]) else: self.skipTo(EndOfCommand) except UnexpectedToken: self.skipTo(EndOfCommand)
def ip(self, if_tag=None, if_name=None, version=None): ra_line = None ra_suppress = False ra_prefix = [] if_prefix = [] cmd = self.expect(Keyword) if False: pass elif cmd == 'address': name = self.accept(String) ipaddress = self.accept(Literal) if ipaddress: self.accept(Punctuation) # allow detection of address/prefix length if name: ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6) address = ipaddress + "/" + self.expect(Literal) if if_name: if version == 'IPv4': if_addrs4.setdefault(if_name, ipaddress) elif version == 'IPv6': if_addrs6.setdefault(if_name, ipaddress) ifaddr_tag = taglib.ip_address_tag(address, kind="interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) ifaddr_tag.implied_by(if_tag, self.lineNum) address_tag.implied_by(ifaddr_tag, self.lineNum) subnet_tag.implied_by(address_tag, self.lineNum) if version: version_tag = taglib.tag("IP version", version) version_tag.implied_by(if_tag, self.lineNum) # add router advertisement by default on multi-access networks if version == 'IPv6': ipv6_addresses = True if re.search(r"eth|fddi|port-channel", if_tag.name, re.I): if_prefix.append(subnet_tag.name) ra_line = self.lineNum self.skipTo(EndOfCommand) elif cmd == 'cef': if not version: version = "IPv4" distributed = self.accept(Keyword) if distributed == "distributed": cef = " ".join((version, distributed)) else: cef = version t = taglib.tag("Cisco express forwarding", cef) t.implied_by(device_tag, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'domain name' or cmd == 'domain-name': t = taglib.tag("domain name", self.expect(String)) t.implied_by(taglib.env_tags.device, self.lineNum) self.expect(EndOfCommand) elif cmd == 'general-prefix': name = self.expect(String) ipaddress = self.expect(Literal) self.expect(Punctuation) address = ipaddress + "/" + self.expect(Literal) ipv6_general_prefixes[name] = IPy.IP(address) self.expect(EndOfCommand) elif cmd == 'helper-address': t = taglib.tag("BOOTP relay", self.expect(Literal)) t.implied_by(taglib.env_tags.device, self.lineNum) self.expect(EndOfCommand) elif cmd == 'http': nextCmd = self.expect(Keyword) if nextCmd == 'server': t = taglib.tag("service", "HTTP") t.implied_by(taglib.env_tags.device, self.lineNum) elif nextCmd == 'secure-server': t = taglib.tag("service", "HTTPS") t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'name-server': t = taglib.tag("name server", self.expect(Literal)) t.implied_by(taglib.env_tags.device, self.lineNum) self.expect(EndOfCommand) elif cmd == 'nd': nextCmd = self.expect(Keyword) if nextCmd == 'prefix': ra_line = self.lineNum nd_prefix = None default_prefix = self.accept(Keyword) if not default_prefix: nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal) keyword = self.accept(Keyword) if keyword is None or not 'no-ad' in keyword: if nd_prefix: ra_prefix.append(nd_prefix) elif nextCmd == 'suppress-ra': ra_line = self.lineNum ra_suppress = True self.skipTo(EndOfCommand) elif cmd == 'scp': nextCmd = self.expect(Keyword) if nextCmd == 'server': nextCmd = self.expect(Keyword) if nextCmd == 'enable': t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'ssh': if self.sshEnabled == False: t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) self.sshEnabled = True nextCmd = self.expect(Keyword) if nextCmd == 'version': version = self.expect(Literal) if version == '2': t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) t = taglib.tag("service", "SSHv2") t.implied_by(taglib.env_tags.device, self.lineNum) elif version == '1': t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) t = taglib.tag("service", "SSHv1") t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'unicast-routing': ipv6_unicast_routing = self.lineNum self.expect(EndOfCommand) else: self.skipTo(EndOfCommand) return (ra_suppress, ra_line, if_prefix, ra_prefix)
def interface(self): ra_list = [] name = self.expect(Name) # TODO: make interface names sort in ascending numeric order if_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name)) if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum) if_tag.implies(taglib.env_tags.device, self.lineNum) if_tag.implies(taglib.tag("interface type", re.sub(r"[0-9/.]+$", "", name)), self.lineNum) m = re.match(r"(Dot11Radio[0-9]+)(\.)?([0-9]+)?$", name) if m: if not m.group(2): ssidsForInterface[m.group(1)] = [] if_tag.implies(taglib.tag("interface type", "wireless"), self.lineNum) if m.group(3): t = taglib.tag("VLAN ID", m.group(3), sort_name="%05d" % int(m.group(3))) t.implied_by(if_tag, self.lineNum) if ssidDict[m.group(3)] in ssidsForInterface[m.group(1)]: t = taglib.tag("SSID", ssidDict[m.group(3)]) t.implied_by(if_tag, ssidLineDict[m.group(3)]) self.expect(EndOfCommand) while True: if self.accept(Whitespace) is None: ra_suppress = False ra_prefix_line = None ra_if_prefix_line = None ra_prefix = [] if_prefix = [] # (ra_suppress, ra_line, if_prefix, ra_prefix) for ra in ra_list: ra_suppress |= ra[0] if ra[0]: admin = taglib.tag("admin disabled", "ND router advertisement server") admin.implied_by(if_tag, ra[1]) if len(ra[2]): if_prefix = ra[2] ra_if_prefix_line = ra[1] if len(ra[3]): ra_prefix = intra[3] ra_prefix_line = ra[1] if ra_prefix_line or ra_if_prefix_line: if not ra_suppress: rp = taglib.tag("routing protocol", "router advertisement") if ra_if_prefix_line: rp.used(ra_if_prefix_line) elif ra_prefix_line: rp.used(ra_prefix_line) ratag = taglib.tag("ND router advertisement server", if_tag.name) if len(ra_prefix): for p in ra_prefix: ratag.implies(taglib.ip_subnet_tag(p), ra_prefix_line) else: for p in if_prefix: ratag.implies(taglib.ip_subnet_tag(p), ra_if_prefix_line) return if self.accept(Comment) is not None: self.skipTo(EndOfCommand) continue try: op = self.accept(Operator) cmd = self.expect(Keyword) if False: pass elif cmd == "description": description = self.expect(String) t = taglib.tag("interface description", description) t.implied_by(if_tag, self.lineNum) self.expect(EndOfCommand) elif cmd == "ip": self.ip(if_tag=if_tag, if_name=name, version="IPv4") elif cmd == "ipv6": ra_list.append(self.ip(if_tag=if_tag, if_name=name, version="IPv6")) elif cmd == "ssid": if m and not m.group(2): ssidsForInterface[m.group(1)].append(self.expect(Literal)) self.expect(EndOfCommand) elif cmd == "tunnel": self.skipTo(EndOfCommand) else: self.skipTo(EndOfCommand) except UnexpectedToken: self.skipTo(EndOfCommand)
def main(filename): lines = open(filename, 'rU') n = 0 for line in lines: n += 1 if re.match(r'Syntax error at token detail', line): lines.close() taglib.default_filename = filename = re.sub(r'-detail', '', filename) main(filename) return # time m = re.match(r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?', line) if m: which, server, vr = m.groups() taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n) continue # dns m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?', line) if m: ignore, server, vr = m.groups() taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n) continue # radius m = re.match(r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line) if m: which, server, port, client, vr = m.groups() taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n) continue # tacacs+ m = re.match(r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line) if m: which, server, port, client, vr = m.groups() taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n) continue # interfaces m = re.match(r'create vlan "?([\w\d.-]+)"?', line) if m: vlan = m.group(1) vlanTag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlanTag.implied_by(taglib.env_tags.snapshot, line=n) taglib.env_tags.device.implied_by(vlanTag, line=n) continue m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line) if m: vlan, vlan_id = m.group(1), int(m.group(2)) vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_id_tag = taglib.tag("VLAN ID", vlan_id, sort_name="%05d" % vlan_id) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(vlan_id_tag, line=n) continue m = re.match(r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+', line) if m: vlan, ipaddress, mask = m.groups() address = ipaddress + "/" + mask ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue m = re.match(r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+', line) if m: vlan, ipaddress, mask = m.groups() address = ipaddress + "/" + mask ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue # dhcp/bootp m = re.match(r'configure bootprelay add ([\w\d.-]+)', line) if m: relay = m.group(1) taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device, line=n) continue # accounts m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line) if m: account = m.group(2) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure account (admin|user).*', line) if m: account = m.group(1) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue # protocols m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line) if m: protocolTag = taglib.tag("routing protocol", taglib.protocol_name(m.group(1))) protocolTag.implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'enable (igmp|MLD) snooping.*', line) if m: protocol = m.group(1) protocolTag = taglib.tag("routing protocol", taglib.protocol_name(protocol)) protocolTag.implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line) if m: vlan = m.group(1) vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n) continue m = re.match(r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line) if m: vlan, area = m.groups() vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPF area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n) continue m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line) if m: vlan, area = m.groups() vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPF area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n) continue m = re.match(r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)', line) if m: domain, vlan, instance, area = m.groups() vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPFv3 area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n) continue # services serviceLabelDict = {'ssh':'SSHv1', 'ssh1':'SSHv1', 'ssh2':'SSHv2', 'telnet':'TELNET', 'web':'HTTP'} m = re.match(r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?', line) if m: service = m.group(1) taglib.tag("service", serviceLabelDict[service]).implied_by(taglib.env_tags.device, n) continue m = re.match(r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?', line) if m: taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device, n) continue
def ip(self, if_tag=None, version=None, active=True): ra_line = None ra_suppress = False ra_prefix = [] if_prefix = [] cmd = self.expect(Keyword) if False: pass elif cmd == 'address': name = self.accept(String) ipaddress = self.accept(Literal) if ipaddress: self.accept(Punctuation) # allow detection of address/prefix length if name: ipaddress = IPy.intToIp(IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6) address = ipaddress + "/" + self.expect(Literal) if active: ifaddr_tag = taglib.ip_address_tag(address, kind="interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) ifaddr_tag.implied_by(if_tag, self.lineNum) address_tag.implied_by(ifaddr_tag, self.lineNum) subnet_tag.implied_by(address_tag, self.lineNum) if version: version_tag = taglib.tag("IP version", version) version_tag.implied_by(if_tag, self.lineNum) # add router advertisement by default on multi-access networks if version == 'IPv6' and re.search(r"eth|srp", if_tag.name, re.I): if_prefix.append(subnet_tag.name) ra_line = self.lineNum self.skipTo(EndOfCommand) elif cmd == 'general-prefix': name = self.expect(String) ipaddress = self.expect(Literal) self.expect(Punctuation) address = ipaddress + "/" + self.expect(Literal) ipv6_general_prefixes[name] = IPy.IP(address) self.expect(EndOfCommand) elif cmd == 'helper-address': if self.accept(Keyword): self.expect(Literal) t = taglib.tag("BOOTP relay", self.expect(Literal)) t.implied_by(taglib.env_tags.device, self.lineNum) self.expect(EndOfCommand) elif cmd == 'http': nextCmd = self.expect(Keyword) if nextCmd == 'server': t = taglib.tag("service", "HTTP") t.implied_by(taglib.env_tags.device, self.lineNum) elif nextCmd == 'secure-server': t = taglib.tag("service", "HTTPS") t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'nd': nextCmd = self.expect(Keyword) if nextCmd == 'prefix': nd_prefix = None default_prefix = self.accept(Keyword) if not default_prefix: nd_prefix = self.expect(Literal) + self.expect(Punctuation) + self.expect(Literal) keyword = self.accept(Keyword) if keyword is None or not 'no-ad' in keyword: if nd_prefix: ra_prefix.append(nd_prefix) elif nextCmd == 'suppress-ra': ra_suppress = True self.skipTo(EndOfCommand) elif cmd == 'scp': nextCmd = self.expect(Keyword) if nextCmd == 'server': nextCmd = self.expect(Keyword) if nextCmd == 'enable': t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) else: self.skipTo(EndOfCommand) return (ra_suppress, ra_line, if_prefix, ra_prefix)
def main(filename): lines = open(filename, 'rU') n = 0 for line in lines: n += 1 if re.match(r'Syntax error at token detail', line): lines.close() taglib.default_filename = filename = re.sub( r'-detail', '', filename) main(filename) return # time m = re.match( r'configure sntp-client (primary|secondary) (?:server )? "?([\w\d.-]+)"?( vr [\w\d.]+)?', line) if m: which, server, vr = m.groups() taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n) continue # dns m = re.match(r'configure dns-client add domain-suffix ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match( r'configure dns-client add (name-server )?([\w\d.-]+)( vr [\w\d.]+)?', line) if m: ignore, server, vr = m.groups() taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure dns-client default-domain ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("domain name", server).implied_by(taglib.env_tags.device, line=n) continue # radius m = re.match( r'configure radius (?:mgmt-access )?(primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line) if m: which, server, port, client, vr = m.groups() taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n) continue # tacacs+ m = re.match( r'configure tacacs (primary|secondary) server ([\w\d.-]+)( [\d]+)? client-ip ([\w\d.-]+)( vr [\w\d.]+)?', line) if m: which, server, port, client, vr = m.groups() taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n) continue # interfaces m = re.match(r'create vlan "?([\w\d.-]+)"?', line) if m: vlan = m.group(1) vlanTag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlanTag.implied_by(taglib.env_tags.snapshot, line=n) taglib.env_tags.device.implied_by(vlanTag, line=n) continue m = re.match(r'configure vlan "?([\w\d]+)"? tag ([\d]+)', line) if m: vlan, vlan_id = m.group(1), int(m.group(2)) vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_id_tag = taglib.tag("VLAN ID", vlan_id, sort_name="%05d" % vlan_id) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(vlan_id_tag, line=n) continue m = re.match( r'config(?:ure)? vlan "?([\w\d]+)"? ipaddress ([\d.]+)\s+([\d.]+)\s+', line) if m: vlan, ipaddress, mask = m.groups() address = ipaddress + "/" + mask ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue m = re.match( r'configure "?([\w\d]+)"? ipaddress ([a-fA-F\d:]+)/([\d]+)\s+', line) if m: vlan, ipaddress, mask = m.groups() address = ipaddress + "/" + mask ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue # dhcp/bootp m = re.match(r'configure bootprelay add ([\w\d.-]+)', line) if m: relay = m.group(1) taglib.tag("BOOTP relay", relay).implied_by(taglib.env_tags.device, line=n) continue # accounts m = re.match(r'create account (admin|user) "?([\w\d.-]+)"?\s+.*', line) if m: account = m.group(2) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure account (admin|user).*', line) if m: account = m.group(1) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue # protocols m = re.match(r'enable (bgp|igmp|MLD|msdp|rip|ripng)$', line) if m: protocolTag = taglib.tag("routing protocol", taglib.protocol_name(m.group(1))) protocolTag.implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'enable (igmp|MLD) snooping.*', line) if m: protocol = m.group(1) protocolTag = taglib.tag("routing protocol", taglib.protocol_name(protocol)) protocolTag.implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'configure DVMRP add vlan "?([\w\d.-]+)"?', line) if m: vlan = m.group(1) vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) taglib.tag("routing protocol", "DVMRP").implied_by(vlan_tag, n) continue m = re.match( r'configure ospf add vlan "?([\w\d.-]+)"? area ([\d.]+).*', line) if m: vlan, area = m.groups() vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPF area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n) continue m = re.match(r'configure ospf vlan ([\w\d.-]+) area ([\d.]+)', line) if m: vlan, area = m.groups() vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPF area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPF"), line=n) continue m = re.match( r'configure ospfv3 domain ([\w\d.-]+) add vlan ([\w\d.-]+) instance-id ([\d]+) area ([\d.]+)', line) if m: domain, vlan, instance, area = m.groups() vlan_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, vlan)) area_tag = taglib.tag("OSPFv3 area", area) area_tag.implied_by(vlan_tag, line=n) area_tag.implies(taglib.tag("routing protocol", "OSPFv3"), line=n) continue # services serviceLabelDict = { 'ssh': 'SSHv1', 'ssh1': 'SSHv1', 'ssh2': 'SSHv2', 'telnet': 'TELNET', 'web': 'HTTP' } m = re.match( r'enable (ssh2|telnet|web)( access-profile ([\w\d.-]+)( port ([\d]+))?)?', line) if m: service = m.group(1) taglib.tag("service", serviceLabelDict[service]).implied_by( taglib.env_tags.device, n) continue m = re.match( r'configure telnet( access-profile ([\w\d.-]+))?( port ([\d]+))?( vr ([\w\d.-]+))?', line) if m: taglib.tag("service", "TELNET").implied_by(taglib.env_tags.device, n) continue
def tag_protocols(top): protocol = "BGP" routing_options_local_as_list = top.xpath( "routing-options/autonomous-system/as-number") routing_options_router_id_list = top.xpath("routing-options/router-id") protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol, "%s %s" % (device_tag.name, name_elem.text)) group_tag.implied_by(device_tag, name_elem.sourceline) for peer_name_elem in group_elem.xpath("neighbor/name"): local_address_elem_list = peer_name_elem.xpath( "ancestor::*/local-address") if local_address_elem_list: local_address_elem = local_address_elem_list[0] elif routing_options_router_id_list: local_address_elem = routing_options_router_id_list[0] local_elem_list = peer_name_elem.xpath( "ancestor::*/local-as/as-number") if local_elem_list: local_elem = local_elem_list[0] elif routing_options_local_as_list: local_elem = routing_options_local_as_list[0] if local_elem is not None: localasn_tag = taglib.as_number_tag( local_elem.text, "local AS") localasn_tag.implies(taglib.as_number_tag(local_elem.text), local_elem.sourceline) asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as") if asn_elem_list: asn_elem = asn_elem_list[0] else: asn_elem = local_elem asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS") asn_tag.implies(taglib.as_number_tag(asn_elem.text), asn_elem.sourceline) if asn_elem.text == local_elem.text: peering_relationship = "iBGP" else: peering_relationship = "eBGP" address_tag = taglib.ip_address_tag(peer_name_elem.text) peering_tag = taglib.tag( "%s peering" % peering_relationship, "%s %s" % (device_tag.name, peer_name_elem.text), sort_name="%s %s" % (device_tag.name, address_tag.sort_name)) peering_tag.implies(protocol_tag, peer_name_elem.sourceline) peering_tag.implied_by(device_tag, peer_name_elem.sourceline) peering_tag.implied_by(group_tag, peer_name_elem.sourceline) asn_tag.implied_by(peering_tag, asn_elem.sourceline) localasn_tag.implied_by(peering_tag, local_elem.sourceline) peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="%s peer" % protocol) peer_tag.implies(address_tag, peer_name_elem.sourceline) if local_address_elem is not None: peer2_tag = taglib.ip_address_tag(local_address_elem.text, kind="%s peer" % protocol.upper()) address2_tag = taglib.ip_address_tag( local_address_elem.text) peer2_tag.implies(address2_tag, local_address_elem.sourceline) local_peer_tag = taglib.ip_address_tag( local_address_elem.text, kind="local %s peer" % protocol) local_peer_tag.implied_by(peering_tag, local_address_elem.sourceline) local_peer_tag.implies(peer2_tag, peer_name_elem.sourceline) remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="remote %s peer" % protocol) remote_peer_tag.implied_by(peering_tag, peer_name_elem.sourceline) remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline) protocol = "MSDP" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol, "%s %s" % (device_tag.name, name_elem.text)) group_tag.implied_by(device_tag, name_elem.sourceline) for peer_name_elem in group_elem.xpath("peer/name"): peer_tag = taglib.tag("%s peer" % protocol, peer_name_elem.text) address_tag = taglib.ip_address_tag(peer_name_elem.text) peer_tag.implies(address_tag, peer_name_elem.sourceline) peer_tag.implied_by(group_tag, peer_name_elem.sourceline) peer_tag.implies(protocol_tag, peer_name_elem.sourceline) ospf_version_dict = {'ospf': 'OSPF', 'ospf3': 'OSPFv3'} for protocol_key, protocol in ospf_version_dict.items(): protocol_elem_list = top.xpath("protocols/%s" % protocol_key) if not protocol_elem_list: continue protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for area_elem in protocol_elem.xpath("area"): name_elem = area_elem.xpath("name")[0] area_tag = taglib.tag("%s area" % protocol, name_elem.text) area_tag.implies(protocol_tag, name_elem.sourceline) for interface_name_elem in area_elem.xpath("interface/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag( "interface", "%s %s" % (device_tag.name, interface_name_elem.text)) ] for t in interface_tags: t.implies(area_tag, interface_name_elem.sourceline) protocol = "PIM" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for interface_name_elem in protocol_elem.xpath("interface/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag( "interface", "%s %s" % (device_tag.name, interface_name_elem.text)) ] for t in interface_tags: t.implies(protocol_tag, interface_name_elem.sourceline) for protocol in ("RIP", "RIPng"): protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if not protocol_elem_list: continue protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol, name_elem.text) group_tag.implies(protocol_tag, name_elem.sourceline) for interface_name_elem in group_elem.xpath("neighbor/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag( "interface", "%s %s" % (device_tag.name, interface_name_elem.text)) ] for t in interface_tags: t.implies(group_tag, interface_name_elem.sourceline) protocol = "router-advertisement" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for interface_elem in protocol_elem.xpath("interface"): interface_name_elem = interface_elem.xpath("name")[0] if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag( "interface", "%s %s" % (device_tag.name, interface_name_elem.text)) ] for t in interface_tags: ratag = taglib.tag( "ND router advertisement server", "%s %s" % (device_tag.name, interface_name_elem.text)) ratag.implied_by(t, interface_name_elem.sourceline) for prefix_name_elem in interface_elem.xpath("prefix/name"): ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text), prefix_name_elem.sourceline)
def main(filename): lines = open(filename, 'rU') n = 0 ssh_version = None ssh_enable = False for line in lines: n += 1 # hostname m = re.match(r'set hostname ([\w\d.-]+)', line) if m: host = m.group(1) taglib.tag("hostname", host).implied_by(taglib.env_tags.device, line=n) continue # time m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line) if m: server = m.group(2) if not server == '0.0.0.0': taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n) continue # dns m = re.match(r'set domain ([\w\d.-]+)', line) if m: domain = m.group(1) taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set dns host dns\d ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line) if m: server = m.group(2) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue # interfaces m = re.match( r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line) if m: name, ipaddress, plen, secondary = m.groups() address = ipaddress + "/" + plen ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) name_tag = taglib.tag( "interface", "%s %s" % (taglib.env_tags.device.name, name)) name_tag.implied_by(taglib.env_tags.snapshot, line=n) name_tag.implies(taglib.env_tags.device, line=n) name_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue # accounts m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line) if m: account = m.group(1) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue # services m = re.match(r'set ssh version ([\w\d]+)', line) if m: ssh_version = m.group(1) ssh_version_line = n continue m = re.match(r'set ssh enable', line) if m: ssh_enable = True taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n) continue m = re.match(r'set scp enable', line) if m: taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n) continue # post parse phase if ssh_enable: if ssh_version: taglib.tag("service", 'SSH' + ssh_version).implied_by(taglib.env_tags.device, ssh_version_line)
def main(filename): lines = open(filename, 'rU') n = 0 for line in lines: n += 1 if re.match(r'Syntax error at token detail', line): lines.close() taglib.default_filename = filename = re.sub(r'-detail', '', filename) main(filename) return # time m = re.match(r'set ntp server "?([\w\d.-]+)"?( key [\d]+)?', line) if m: server, key = m.groups() taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n) continue # dns m = re.match(r'set ip dns domain ([\w\d.-]+)', line) if m: domain = m.group(1) taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set ip dns server ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue # radius m = re.match(r'set radius server ([\w\d.-]+)\s+auth-port ([\d]+)( acct-port [\d]+)?( primary)?', line) if m: server, port, acct, which = m.groups() taglib.tag("RADIUS server", server).implied_by(taglib.env_tags.device, line=n) continue # tacacs+ m = re.match(r'set tacacs server ([\w\d.-]+)( primary)?', line) if m: server, which = m.groups() taglib.tag("TACACS+ server", server).implied_by(taglib.env_tags.device, line=n) continue # interfaces m = re.match(r'set interface "?([\w\d]+)"? ([\d]+)\s+([\d.]+)/([\d.]+)\s+([\d.]+)', line) if m: vlan, vlan, ipaddress, mask, broadcast = m.groups() address = ipaddress + "/" + mask ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) vlan_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, vlan)) vlan_tag.implied_by(taglib.env_tags.snapshot, line=n) vlan_tag.implies(taglib.env_tags.device, line=n) vlan_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue # accounts m = re.match(r'set localuser user "?([\w\d.-]+)"?\s+.*', line) if m: account = m.group(1) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue # services m = re.match(r'set ip http server enable', line) if m: taglib.tag("service", 'HTTP').implied_by(taglib.env_tags.device, n) continue
def ip(self, if_tag=None, version=None, active=True): ra_line = None ra_suppress = False ra_prefix = [] if_prefix = [] cmd = self.expect(Keyword) if False: pass elif cmd == 'address': name = self.accept(String) ipaddress = self.accept(Literal) if ipaddress: self.accept( Punctuation) # allow detection of address/prefix length if name: ipaddress = IPy.intToIp( IPy.IP(ipaddress).int() | ipv6_general_prefixes[name].int(), 6) address = ipaddress + "/" + self.expect(Literal) if active: ifaddr_tag = taglib.ip_address_tag( address, kind="interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) ifaddr_tag.implied_by(if_tag, self.lineNum) address_tag.implied_by(ifaddr_tag, self.lineNum) subnet_tag.implied_by(address_tag, self.lineNum) if version: version_tag = taglib.tag("IP version", version) version_tag.implied_by(if_tag, self.lineNum) # add router advertisement by default on multi-access networks if version == 'IPv6' and re.search( r"eth|srp", if_tag.name, re.I): if_prefix.append(subnet_tag.name) ra_line = self.lineNum self.skipTo(EndOfCommand) elif cmd == 'general-prefix': name = self.expect(String) ipaddress = self.expect(Literal) self.expect(Punctuation) address = ipaddress + "/" + self.expect(Literal) ipv6_general_prefixes[name] = IPy.IP(address) self.expect(EndOfCommand) elif cmd == 'helper-address': if self.accept(Keyword): self.expect(Literal) t = taglib.tag("BOOTP relay", self.expect(Literal)) t.implied_by(taglib.env_tags.device, self.lineNum) self.expect(EndOfCommand) elif cmd == 'http': nextCmd = self.expect(Keyword) if nextCmd == 'server': t = taglib.tag("service", "HTTP") t.implied_by(taglib.env_tags.device, self.lineNum) elif nextCmd == 'secure-server': t = taglib.tag("service", "HTTPS") t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) elif cmd == 'nd': nextCmd = self.expect(Keyword) if nextCmd == 'prefix': nd_prefix = None default_prefix = self.accept(Keyword) if not default_prefix: nd_prefix = self.expect(Literal) + self.expect( Punctuation) + self.expect(Literal) keyword = self.accept(Keyword) if keyword is None or not 'no-ad' in keyword: if nd_prefix: ra_prefix.append(nd_prefix) elif nextCmd == 'suppress-ra': ra_suppress = True self.skipTo(EndOfCommand) elif cmd == 'scp': nextCmd = self.expect(Keyword) if nextCmd == 'server': nextCmd = self.expect(Keyword) if nextCmd == 'enable': t = taglib.tag("service", taglib.protocol_name(cmd)) t.implied_by(taglib.env_tags.device, self.lineNum) self.skipTo(EndOfCommand) else: self.skipTo(EndOfCommand) return (ra_suppress, ra_line, if_prefix, ra_prefix)
def tag_protocols(top): protocol = "BGP" routing_options_local_as_list = top.xpath("routing-options/autonomous-system/as-number") routing_options_router_id_list = top.xpath("routing-options/router-id") protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol, "%s %s" % (device_tag.name, name_elem.text)) group_tag.implied_by(device_tag, name_elem.sourceline) for peer_name_elem in group_elem.xpath("neighbor/name"): local_address_elem_list = peer_name_elem.xpath("ancestor::*/local-address") if local_address_elem_list: local_address_elem = local_address_elem_list[0] elif routing_options_router_id_list: local_address_elem = routing_options_router_id_list[0] local_elem_list = peer_name_elem.xpath("ancestor::*/local-as/as-number") if local_elem_list: local_elem = local_elem_list[0] elif routing_options_local_as_list: local_elem = routing_options_local_as_list[0] if local_elem is not None: localasn_tag = taglib.as_number_tag(local_elem.text, "local AS") localasn_tag.implies(taglib.as_number_tag(local_elem.text), local_elem.sourceline) asn_elem_list = peer_name_elem.xpath("ancestor::*/peer-as") if asn_elem_list: asn_elem = asn_elem_list[0] else: asn_elem = local_elem asn_tag = taglib.as_number_tag(asn_elem.text, kind="remote AS") asn_tag.implies(taglib.as_number_tag(asn_elem.text), asn_elem.sourceline) if asn_elem.text == local_elem.text: peering_relationship = "iBGP" else: peering_relationship = "eBGP" address_tag = taglib.ip_address_tag(peer_name_elem.text) peering_tag = taglib.tag("%s peering" % peering_relationship, "%s %s" % (device_tag.name, peer_name_elem.text), sort_name="%s %s" % (device_tag.name, address_tag.sort_name)) peering_tag.implies(protocol_tag, peer_name_elem.sourceline) peering_tag.implied_by(device_tag, peer_name_elem.sourceline) peering_tag.implied_by(group_tag, peer_name_elem.sourceline) asn_tag.implied_by(peering_tag, asn_elem.sourceline) localasn_tag.implied_by(peering_tag, local_elem.sourceline) peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="%s peer" % protocol) peer_tag.implies(address_tag, peer_name_elem.sourceline) if local_address_elem is not None: peer2_tag = taglib.ip_address_tag(local_address_elem.text, kind="%s peer" % protocol.upper()) address2_tag = taglib.ip_address_tag(local_address_elem.text) peer2_tag.implies(address2_tag, local_address_elem.sourceline) local_peer_tag = taglib.ip_address_tag(local_address_elem.text, kind="local %s peer" % protocol) local_peer_tag.implied_by(peering_tag, local_address_elem.sourceline) local_peer_tag.implies(peer2_tag, peer_name_elem.sourceline) remote_peer_tag = taglib.ip_address_tag(peer_name_elem.text, kind="remote %s peer" % protocol) remote_peer_tag.implied_by(peering_tag, peer_name_elem.sourceline) remote_peer_tag.implies(peer_tag, peer_name_elem.sourceline) protocol = "MSDP" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol, "%s %s" % (device_tag.name, name_elem.text)) group_tag.implied_by(device_tag, name_elem.sourceline) for peer_name_elem in group_elem.xpath("peer/name"): peer_tag = taglib.tag("%s peer" % protocol, peer_name_elem.text) address_tag = taglib.ip_address_tag(peer_name_elem.text) peer_tag.implies(address_tag, peer_name_elem.sourceline) peer_tag.implied_by(group_tag, peer_name_elem.sourceline) peer_tag.implies(protocol_tag, peer_name_elem.sourceline) ospf_version_dict = {'ospf':'OSPF', 'ospf3':'OSPFv3'} for protocol_key, protocol in ospf_version_dict.items(): protocol_elem_list = top.xpath("protocols/%s" % protocol_key) if not protocol_elem_list: continue protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for area_elem in protocol_elem.xpath("area"): name_elem = area_elem.xpath("name")[0] area_tag = taglib.tag("%s area" % protocol, name_elem.text) area_tag.implies(protocol_tag, name_elem.sourceline) for interface_name_elem in area_elem.xpath("interface/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag("interface", "%s %s" % (device_tag.name, interface_name_elem.text))] for t in interface_tags: t.implies(area_tag, interface_name_elem.sourceline) protocol = "PIM" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for interface_name_elem in protocol_elem.xpath("interface/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag("interface", "%s %s" % (device_tag.name, interface_name_elem.text))] for t in interface_tags: t.implies(protocol_tag, interface_name_elem.sourceline) for protocol in ("RIP", "RIPng"): protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if not protocol_elem_list: continue protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for group_elem in protocol_elem.xpath("group"): name_elem = group_elem.xpath("name")[0] group_tag = taglib.tag("%s group" % protocol,name_elem.text) group_tag.implies(protocol_tag, name_elem.sourceline) for interface_name_elem in group_elem.xpath("neighbor/name"): if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag("interface", "%s %s" % (device_tag.name, interface_name_elem.text))] for t in interface_tags: t.implies(group_tag, interface_name_elem.sourceline) protocol = "router-advertisement" protocol_elem_list = top.xpath("protocols/%s" % protocol.lower()) if protocol_elem_list: protocol_elem = protocol_elem_list[0] protocol_tag = taglib.tag("routing protocol", protocol) protocol_tag.used(protocol_elem.sourceline) for interface_elem in protocol_elem.xpath("interface"): interface_name_elem = interface_elem.xpath("name")[0] if interface_name_elem.text == "all": interface_tags = all_interface_tags else: interface_tags = [ taglib.tag("interface", "%s %s" % (device_tag.name, interface_name_elem.text))] for t in interface_tags: ratag = taglib.tag("ND router advertisement server", "%s %s" % (device_tag.name, interface_name_elem.text)) ratag.implied_by(t, interface_name_elem.sourceline); for prefix_name_elem in interface_elem.xpath("prefix/name"): ratag.implies(taglib.ip_subnet_tag(prefix_name_elem.text), prefix_name_elem.sourceline)
def main(filename): lines = open(filename, 'rU') n = 0 ssh_version = None ssh_enable = False for line in lines: n += 1 # hostname m = re.match(r'set hostname ([\w\d.-]+)', line) if m: host = m.group(1) taglib.tag("hostname", host).implied_by(taglib.env_tags.device, line=n) continue # time m = re.match(r'set ntp server( backup\d)? "?([\w\d.-]+)"?', line) if m: server = m.group(2) if not server == '0.0.0.0': taglib.tag("NTP server", server).implied_by(taglib.env_tags.device, line=n) continue # dns m = re.match(r'set domain ([\w\d.-]+)', line) if m: domain = m.group(1) taglib.tag("domain name", domain).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set dns host dns\d ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set xauth ([\w\d.-]+) dns\d ([\w\d.-]+)', line) if m: server = m.group(2) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue m = re.match(r'set l2tp dns\d ([\w\d.-]+)', line) if m: server = m.group(1) taglib.tag("name server", server).implied_by(taglib.env_tags.device, line=n) continue # interfaces m = re.match(r'set interface ([\w\d]+) ip ([\d.]+)/([\d.]+)( secondary)?', line) if m: name, ipaddress, plen, secondary = m.groups() address = ipaddress + "/" + plen ifaddr_tag = taglib.ip_address_tag(address, "interface address") address_tag = taglib.ip_address_tag(address) subnet_tag = taglib.ip_subnet_tag(address) name_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name)) name_tag.implied_by(taglib.env_tags.snapshot, line=n) name_tag.implies(taglib.env_tags.device, line=n) name_tag.implies(ifaddr_tag, line=n) ifaddr_tag.implies(address_tag, line=n) address_tag.implies(subnet_tag, line=n) continue # accounts m = re.match(r'set admin user "?([\w\d.-]+)"?\s+.*', line) if m: account = m.group(1) taglib.tag("user", account).implied_by(taglib.env_tags.device, line=n) continue # services m = re.match(r'set ssh version ([\w\d]+)', line) if m: ssh_version = m.group(1) ssh_version_line = n continue m = re.match(r'set ssh enable', line) if m: ssh_enable = True taglib.tag("service", 'SSH').implied_by(taglib.env_tags.device, n) continue m = re.match(r'set scp enable', line) if m: taglib.tag("service", 'SCP').implied_by(taglib.env_tags.device, n) continue # post parse phase if ssh_enable: if ssh_version: taglib.tag("service", 'SSH' + ssh_version).implied_by(taglib.env_tags.device, ssh_version_line)
def interface(self): # preconfigure is inserted into the config before the interface name when the matching # hardware isn't found. for now, lets just ignore these interfaces. inactive = self.accept(Keyword) name = self.expect(Name) if_tag = None if not inactive: if_tag = taglib.tag("interface", "%s %s" % (taglib.env_tags.device.name, name)) if_tag.implied_by(taglib.env_tags.snapshot, self.lineNum) if_tag.implies(taglib.env_tags.device, self.lineNum) if_tag.implies(taglib.tag("interface type", re.sub(r"[0-9/.]+$", "", name)), self.lineNum) self.expect(EndOfCommand) while True: if self.accept(Token.EndOfMode) is not None: return if self.accept(Whitespace) is not None: continue if self.accept(Comment) is not None: self.skipTo(EndOfCommand) continue try: op = self.accept(Operator) cmd = self.expect(Keyword) if False: pass elif cmd == "description": description = self.expect(String) if not inactive: t = taglib.tag("interface description", description) t.implied_by(if_tag, self.lineNum) self.expect(EndOfCommand) elif cmd == "ipv4": self.ip(if_tag=if_tag, version="IPv4", active=not inactive) elif cmd == "ipv6": ra = self.ip(if_tag=if_tag, version="IPv6", active=not inactive) # (ra_suppress, ra_line, if_prefix, ra_prefix) if not ra[0] and ra[1]: ratag = taglib.tag("ra server", if_tag.name) if len(ra[3]): for p in ra[3]: ratag.implies(taglib.ip_subnet_tag(p), ra[1]) else: for p in ra[2]: ratag.implies(taglib.ip_subnet_tag(p), ra[1]) else: self.skipTo(EndOfCommand) except UnexpectedToken: self.skipTo(EndOfCommand)