def set_lines(self, line_data):
temp_dict = dict()
prev_enum = 0
hit_once = False
line_data_split = line_data.split()
for enum, entry in enumerate(line_data_split):
if ipv4.ip(entry, return_tuple=False):
if not hit_once:
temp_network = None
else:
temp_network = None
elif ipv4.ip_mask(entry, return_tuple=False):
if not hit_once:
temp_dict.update({'source_network': entry})
hit_once = True
else:
temp_dict.update({'destination_network': entry})
print(temp_dict)
if line_data_split[2] == 'ip':
if ipv4.ip_mask(line_data_split[3], return_tuple=False):
temp_dict.update({'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2]})
else:
temp_dict.update({'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2],
'source_network': ' '.join(line_data_split[3:5]),
'destination_network': ' '.join(line_data_split[5:7])})
self.lines.append(temp_dict)
elif line_data_split[2] != 'ip':
if 'eq' or 'range' in line_data:
if line_data.count('eq') == 2:
pass
elif line_data.count('eq') == 1:
pass
elif line_data.count('range') == 2:
pass
elif line_data.count('range') == 1:
pass
else:
self.lines.append({'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2],
'source_network': ' '.join(line_data_split[3:5]),
'destination_network': ' '.join(line_data_split[5:7])})
else:
self.lines.append({'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2]})
def get_host_ips(ip_address_cidr):
"""
Function to get all ip address's in a ip/cidr combo
:param ip_address_cidr: IP in the following format X.X.X.X/X
:return:
A list of ip address's
"""
LOGGER.debug('Starting Function get_host_ips')
ip_net, cidr = ipv4.ip_mask(ip_address_cidr, return_tuple=True)
return ipv4.all_ip_address_in_subnet(ip_net, cidr)
def get_subnets(ip_address_cidr):
"""
Function to get all possible subnets in a ip/cidr combo
:param ip_address_cidr: IP in the following format X.X.X.X/X
:return:
A list of sets, of subnets
"""
LOGGER.debug('Starting Function get_subnets')
final_list = list()
ip_net, cidr = ipv4.ip_mask(ip_address_cidr, return_tuple=True)
test = ipv4.all_subnets_possible(ip_net, cidr)
for subnet in test:
subnet_split = subnet.split('/')
final_list.append((subnet, ipv4.mask_conversion[int(subnet_split[1])]['MASK']))
return final_list
def filter_check_subnet(value):
"""
Function to check for a subnet and mask combo in a template
:param value:
:return:
"""
error = '{value} !!!! possible error this is required to be a ipv4 subnet !!!!'.format(
value=value)
if not value:
J2_FILTER_LOGGER.info('filter_check_subnet {}'.format(error))
return error
elif ipv4.ip_mask(value, return_tuple=False):
return value
else:
J2_FILTER_LOGGER.info('filter_check_subnet {}'.format(error))
return error
def filter_check_subnet(value):
"""Function to check for a subnet and mask combo in a template
:type value: String
:param value: Value to check if it is a IPv4 Subnet in CIDR format
:rtype: String
:returns: The value or an error
"""
error = f'{value} !!!! possible error this is required to be a ipv4 subnet !!!!'
if not value: # pylint: disable=no-else-return
J2_FILTER_LOGGER.info('filter_check_subnet %s', error)
return error
elif ipv4.ip_mask(value, return_tuple=False):
return value
else:
J2_FILTER_LOGGER.info('filter_check_subnet %s', error)
return error
def set_lines(self, line_data): # pylint: disable=too-many-branches
"""Method to clean a line of ACL data
:type line_data: String
:param line_data: The ACL line
"""
temp_dict = dict()
# TODO: Need to check this variable if needed
prev_enum = 0 # pylint: disable=unused-variable
hit_once = False
line_data_split = line_data.split() # pylint: disable=unused-variable
for enum, entry in enumerate(line_data_split): # pylint: disable=unused-variable
if ipv4.ip(entry, return_tuple=False):
if not hit_once: # pylint: disable=unused-variable
# TODO: Need to check this variable if needed
temp_network = None # pylint: disable=unused-variable
else:
# TODO: Need to check this variable if needed
temp_network = None # pylint: disable=unused-variable
elif ipv4.ip_mask(entry, return_tuple=False):
if not hit_once:
temp_dict.update({'source_network': entry})
hit_once = True
else:
temp_dict.update({'destination_network': entry})
print(temp_dict)
if line_data_split[2] == 'ip':
if ipv4.ip_mask(line_data_split[3], return_tuple=False):
temp_dict.update({
'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2]
})
else:
temp_dict.update({
'sequence':
line_data_split[0],
'permit_deny':
line_data_split[1],
'protocol':
line_data_split[2],
'source_network':
' '.join(line_data_split[3:5]),
'destination_network':
' '.join(line_data_split[5:7])
})
self.lines.append(temp_dict)
elif line_data_split[2] != 'ip':
# TODO: Need to check on this
if 'eq' or 'range' in line_data: # pylint: disable=condition-evals-to-constant
if line_data.count('eq') == 2:
pass
elif line_data.count('eq') == 1:
pass
elif line_data.count('range') == 2:
pass
elif line_data.count('range') == 1:
pass
else:
self.lines.append({
'sequence':
line_data_split[0],
'permit_deny':
line_data_split[1],
'protocol':
line_data_split[2],
'source_network':
' '.join(line_data_split[3:5]),
'destination_network':
' '.join(line_data_split[5:7])
})
else:
self.lines.append({
'sequence': line_data_split[0],
'permit_deny': line_data_split[1],
'protocol': line_data_split[2]
})
def get_network_aggregator(file_a, lower_constraint, upper_constraint, input_dir, output_dir,):
"""
Function to create a spreadsheet of possible aggregates
:param file_a: The file name
:param lower_constraint: a value between 0 and 32
:param upper_constraint: a value between 0 and 32
:param input_dir: The input directory
:param output_dir: The output directory
:return:
None
"""
LOGGER.debug('Starting Function get_network_aggregator')
temp_list_good = list()
temp_list_bad = list()
temp_possible_set = set()
final_dict = dict()
top_n_dict = None
a_list = pdt.file_to_list(file_a, input_dir)
for line in a_list:
line_split = line.split()
for item in line_split:
if ipv4.ip_mask(item, return_tuple=False):
temp_list_good.append(item)
else:
temp_list_bad.append(item)
pdt.list_to_file(temp_list_good, pdt.file_name_increase('good_ip.txt', output_dir), output_dir)
pdt.list_to_file(temp_list_bad, pdt.file_name_increase('bad_ip.txt', output_dir), output_dir)
for good_cidr_subnet in temp_list_good:
good_cidr_subnet_split = good_cidr_subnet.split('/')
if good_cidr_subnet_split[0] != '0.0.0.0':
for net in ipv4.all_subnets_shorter_prefix(good_cidr_subnet_split[0], good_cidr_subnet_split[1],
include_default=False):
net_split = net.split('/')
if int(net_split[1]) >= int(lower_constraint) and int(net_split[1]) <= int(upper_constraint):
temp_possible_set.add(net)
for final_net in temp_possible_set:
final_dict[final_net] = {
'matched': list(),
'unmatched': list(),
}
for good_cidr_subnet in temp_list_good:
good_cidr_subnet_split = good_cidr_subnet.split('/')
if final_net in ipv4.all_subnets_shorter_prefix(good_cidr_subnet_split[0], good_cidr_subnet_split[1],
include_default=False):
final_dict[final_net]['matched'].append(good_cidr_subnet)
else:
final_dict[final_net]['unmatched'].append(good_cidr_subnet)
for key in final_dict:
top_n_dict = get_top_n(top_n_dict, final_dict, key, 10)
spread_sheet_file_name = pdt.file_name_increase('aggregator.xlsx', output_dir)
spread_sheet = mod.scripts.WriteXlsxAggregate(os.path.join(output_dir, spread_sheet_file_name), final_dict,
top_n_dict, len(temp_list_good))
spread_sheet.write_spreadsheet()
elif args.which_sub == 'convertmcastacltorm':
if ipv4.ucast_ip(args.rp_address, return_tuple=False):
mod.scripts.AclToRmHits(args.new_rm_name, args.rp_address,
args.matches, args.filename_a,
INPUT_DIR, OUTPUT_DIR)
else:
LOGGER.critical(
'Invalid RP address {e}'.format(e=args.rp_address))
arg_parser.print_help()
raise ValueError(
'Invalid RP address {e}'.format(e=args.rp_address))
elif args.which_sub == 'ipaddresstools':
if ipv4.ip_mask(args.ip_address_cidr, return_tuple=False):
if args.subnets:
for subnet in mod.scripts.get_subnets(
args.ip_address_cidr):
print('{subnet} or {mask}'.format(subnet=subnet[0],
mask=subnet[1]))
elif args.all_hosts:
for ip_address in mod.scripts.get_host_ips(
args.ip_address_cidr):
print(ip_address)
else:
LOGGER.critical(
'Invalid IP address {e}'.format(e=args.ip_address_cidr))
