def do_summary(self, line):
"""Print results summary."""
if self.myconfig.CONFIG == {}:
print("Current configuration is empty. First enter configuration mode and load a file or run the wizard.")
else:
print
print(ruler("*"))
print("SUMMARY")
print(ruler("*"))
def __init__(self):
Cmd.__init__(self)
self.prompt = "hephaestus> "
self.intro = (
"\n"
+ ruler("*")
+ "WELCOME to hephaestus\n"
+ ruler("*")
+ "hephaestus is the stateless firewall configuration parser for JunOS.\nGet help with 'help (<cmd>)' or '?', or issue 'userguide' to get started.\n"
+ ruler("*")
+ "\n"
)
self.myconfig = Baseconfig()
self.configinterpreter = Interpreter_config()
self.configinterpreter.myconfig = self.myconfig
self.scaninterpreter = Interpreter_scan()
self.scaninterpreter.myconfig = self.myconfig
self.updateinterpreter = Interpreter_update()
self.updateinterpreter.myconfig = self.myconfig
self.queryinterpreter = Interpreter_query()
self.queryinterpreter.myconfig = self.myconfig
self.resultsinterpreter = Interpreter_results()
self.resultsinterpreter.myconfig = self.myconfig
def __init__(self):
"""Constructor calls parent constructor, sets the interpreter prompt and welcome message"""
Cmd.__init__(self)
self.prompt = "hephaestus(config)# "
self.intro = "\n" + ruler("*") + "\nCONFIGURATION MODE\n" + ruler("*") + "\nDifferent commands are available, get help with 'help' or '?'\n" + ruler("*") + "\n"
elif overwrite == 'n':
filename = raw_input("Enter new filename:")
path = "etc/" + filename
self.myconfig.CONFIGpath = path
configparser.write_config(self.myconfig.CONFIGpath, self.myconfig.CONFIG)
return
elif validconfig and not validpath:
filename = raw_input("Enter new filename:")
path = "etc/" + filename
self.myconfig.CONFIGpath = path
configparser.write_config(self.myconfig.CONFIGpath, self.myconfig.CONFIG)
elif not validconfig:
print("Cannot save an empty configuration.")
return
else:
print("Something went wrong here, perhaps your configuration or path is somehow invalid.")
return
def help_save(self):
print("Save current configuration to disk.")
if __name__ == '__main__':
print("\n" + ruler("*") + "\nSelf-test\n" + ruler("*") + "\nInstantiating self...")
obj = Interpreter_config()
print("\nInstantiation successful, " + str(obj))
print("\nPrinting attributes...")
print(dir(obj))
print("\nPrinting docstring...")
print(inspect.getdoc(obj))
print("\n" + ruler("*") + "\n...done!\n")
def do_autoscan(self, line):
"""Automatically scan the network and identify any routers present."""
if self.myconfig.CONFIG == {}:
print("Current configuration is empty. First enter configuration mode and load a file or run the wizard.")
else:
print
print(ruler("*"))
print("NETWORK SCAN")
print(ruler("*"))
print("Using current configuration, \"" + self.myconfig.CONFIG['info']) + "\""
print("Scanning for routers in prefixes " + self.myconfig.CONFIG['routerprefixes'])
print(ruler("*"))
print
prefixes = self.myconfig.CONFIG['routerprefixes'].split()
self.myconfig.CONFIG['routerips'] = []
for prefix in prefixes:
network = ipaddr.IPNetwork(prefix)
for ip in network.iterhosts():
self.myconfig.CONFIG['routerips'].append(str(ip))
numscanned = len(self.myconfig.CONFIG['routerips'])
def autoscanThread(ip):
client = paramiko.SSHClient()
client.load_system_host_keys()
key = paramiko.DSSKey.from_private_key_file(self.myconfig.CONFIG['jumpboxsshkey'])
print(ip + '\t: connecting...')
client.connect(self.myconfig.CONFIG['jumpboxhost'], username=self.myconfig.CONFIG['jumpboxsshuser'], pkey=key)
command = 'snmpget -v 2c -c ' + self.myconfig.CONFIG['routersnmpcommunity'] + ' ' + str(ip) + ' 1.3.6.1.4.1.2636.3.1.2.0'
print(ip + '\t: executing ' + "`" + command + "`")
stdin, stdout, stderr = client.exec_command(str(command))
print(ip + '\t: waiting...')
output = stdout.read()
if "Router" in output:
print(ip + '\t: is a router (' + output.split('"')[1] + ')')
else:
print(ip + '\t: is not a router')
# prune from list
self.myconfig.CONFIG['routerips'].remove(ip)
executor = concurrentfutures.ThreadPoolExecutor(10)
start = time.time()
futures = [executor.submit(autoscanThread, ip) for ip in self.myconfig.CONFIG['routerips']]
concurrentfutures.wait(futures)
end = time.time()
numfound = len(self.myconfig.CONFIG['routerips'])
print
print('Scanned\t\t: ' + str(numscanned) + ' IPs')
print('Found\t\t: ' + str(numfound) + ' routers')
diff = end - start
print('Wall time\t: ' + "%.2f" % diff + ' seconds')
print
print("...done!")
print
# Now we've found which IPs belong to routers, we need to determine the unique loopback IPs, ignoring physical interface IPs
self.myconfig.CONFIG['routerloopbackips'] = []
# Tell user what we're doing...
print
print('Now determining unique loopback interface IPs using these physical interface IPs...')
print
def autoscanCleanupThread(ip):
client = paramiko.SSHClient()
client.load_system_host_keys()
key = paramiko.DSSKey.from_private_key_file(self.myconfig.CONFIG['jumpboxsshkey'])
print(ip + '\t: connecting...')
client.connect(self.myconfig.CONFIG['jumpboxhost'], username=self.myconfig.CONFIG['jumpboxsshuser'], pkey=key)
command = 'ssh ' + self.myconfig.CONFIG['routersshuser'] + '@' + ip + ' -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "show configuration interfaces lo0 unit 0 family inet | grep address"'
print(ip + '\t: executing ' + "`" + command + "`")
stdin, stdout, stderr = client.exec_command(str(command))
print(ip + '\t: waiting...')
output = stdout.read()
if "address" in output:
loopback = output.split()[1].split('/')[0]
fqdn = check_output(["host", loopback]).split()[4]
print(ip + '\t: is a physical interface on ' + fqdn[:-1] + ' with loopback address ' + loopback)
self.myconfig.CONFIG['routerloopbackips'].append(str(loopback))
else:
print(ip + '\t: unknown response: ' + output + ' (ignoring...possible phy->lo0 firewall issue)')
start = time.time()
futures = [executor.submit(autoscanCleanupThread, ip) for ip in self.myconfig.CONFIG['routerips']]
concurrentfutures.wait(futures)
end = time.time()
numscanned = len(self.myconfig.CONFIG['routerips'])
foolist = self.myconfig.CONFIG['routerloopbackips']
self.myconfig.CONFIG['routerloopbackips'] = list(set(foolist))
numfound = len(self.myconfig.CONFIG['routerloopbackips'])
print
print('Scanned\t\t: ' + str(numscanned) + ' physical interface IPs')
print('Found\t\t: ' + str(numfound) + ' loopback IPs')
diff = end - start
print('Wall time\t: ' + "%.2f" % diff + ' seconds')
