def traceroute(self,
destination,
source=c.TRACEROUTE_SOURCE,
ttl=c.TRACEROUTE_TTL,
timeout=c.TRACEROUTE_TIMEOUT,
vrf=c.TRACEROUTE_VRF):
_HOP_ENTRY_PROBE = [
'\s+',
'(', # beginning of host_name (ip_address) RTT group
'(', # beginning of host_name (ip_address) group only
'([a-zA-Z0-9\.:-]*)', # hostname
'\s+',
'\(?([a-fA-F0-9\.:][^\)]*)\)?' # IP Address between brackets
')?', # end of host_name (ip_address) group only
# also hostname/ip are optional -- they can or cannot be specified
# if not specified, means the current probe followed the same path as the previous
'\s+',
'(\d+\.\d+)\s+ms', # RTT
'|\*', # OR *, when non responsive hop
')' # end of host_name (ip_address) RTT group
]
_HOP_ENTRY = [
'\s?', # space before hop index?
'(\d+)', # hop index
]
traceroute_result = {}
timeout = 5 # seconds
probes = 3 # 3 probes/jop and this cannot be changed on NXOS!
version = ''
try:
version = '6' if IPAddress(destination).version == 6 else ''
except AddrFormatError:
return {
'error':
'Destination doest not look like a valid IP Address: {}'.
format(destination)
}
source_opt = ''
if source:
source_opt = 'source {source}'.format(source=source)
command = 'traceroute{version} {destination} {source_opt}'.format(
version=version, destination=destination, source_opt=source_opt)
try:
traceroute_raw_output = self.cli([command]).get(command)
except CommandErrorException:
return {
'error':
'Cannot execute traceroute on the device: {}'.format(command)
}
hop_regex = ''.join(_HOP_ENTRY + _HOP_ENTRY_PROBE * probes)
traceroute_result['success'] = {}
if traceroute_raw_output:
for line in traceroute_raw_output.splitlines():
hop_search = re.search(hop_regex, line)
if not hop_search:
continue
hop_details = hop_search.groups()
hop_index = int(hop_details[0])
previous_probe_host_name = '*'
previous_probe_ip_address = '*'
traceroute_result['success'][hop_index] = {'probes': {}}
for probe_index in range(probes):
host_name = hop_details[3 + probe_index * 5]
ip_address_raw = hop_details[4 + probe_index * 5]
ip_address = napalm_base.helpers.convert(
napalm_base.helpers.ip, ip_address_raw, ip_address_raw)
rtt = hop_details[5 + probe_index * 5]
if rtt:
rtt = float(rtt)
else:
rtt = timeout * 1000.0
if not host_name:
host_name = previous_probe_host_name
if not ip_address:
ip_address = previous_probe_ip_address
if hop_details[1 + probe_index * 5] == '*':
host_name = '*'
ip_address = '*'
traceroute_result['success'][hop_index]['probes'][
probe_index + 1] = {
'host_name': py23_compat.text_type(host_name),
'ip_address': py23_compat.text_type(ip_address),
'rtt': rtt
}
previous_probe_host_name = host_name
previous_probe_ip_address = ip_address
return traceroute_result
def handle(self, request, context):
custom_script = context.get('script_data', '')
dev_mapping_1 = None
dev_mapping_2 = None
image_id = ''
# Determine volume mapping options
source_type = context.get('source_type', None)
if source_type in ['image_id', 'instance_snapshot_id']:
image_id = context['source_id']
elif source_type in ['volume_id', 'volume_snapshot_id']:
try:
if api.nova.extension_supported("BlockDeviceMappingV2Boot",
request):
# Volume source id is extracted from the source
volume_source_id = context['source_id'].split(':')[0]
device_name = context.get('device_name', '') \
.strip() or None
dev_source_type_mapping = {
'volume_id': 'volume',
'volume_snapshot_id': 'snapshot'
}
dev_mapping_2 = [{
'device_name':
device_name,
'source_type':
dev_source_type_mapping[source_type],
'destination_type':
'volume',
'delete_on_termination':
int(bool(context['delete_on_terminate'])),
'uuid':
volume_source_id,
'boot_index':
'0',
'volume_size':
context['volume_size']
}]
else:
dev_mapping_1 = {
context['device_name']:
'%s::%s' % (context['source_id'],
int(bool(context['delete_on_terminate'])))
}
except Exception:
msg = _('Unable to retrieve extensions information')
exceptions.handle(request, msg)
elif source_type == 'volume_image_id':
device_name = context.get('device_name', '').strip() or None
dev_mapping_2 = [{
'device_name':
device_name, # None auto-selects device
'source_type':
'image',
'destination_type':
'volume',
'delete_on_termination':
int(bool(context['delete_on_terminate'])),
'uuid':
context['source_id'],
'boot_index':
'0',
'volume_size':
context['volume_size']
}]
avail_zone = context.get('availability_zone', None)
try:
instance_count = int(context['count'])
count = 1
while count <= instance_count:
if instance_count == 1:
instance_name = context['name']
else:
instance_name = context['name'] + str(count)
nics = []
pts = []
for ptg_id in context['group_id']:
values = ptg_id.split(":")
ptg_id = values[0]
args = {
'policy_target_group_id': ptg_id,
'name': instance_name[:41] + "_gbpui"
}
if len(values) == 3:
ptg = client.policy_target_get(request, ptg_id)
fixed_ip = values[2]
for subnet_id in ptg.subnets:
try:
subnet = api.neutron.subnet_get(
request, subnet_id)
except Exception:
continue
if IPAddress(fixed_ip) in \
IPNetwork(subnet['cidr']):
args['fixed_ips'] = [{
'subnet_id': subnet['id'],
'ip_address': fixed_ip
}]
break
ep = client.pt_create(request, **args)
nics.append({'port-id': ep.port_id})
pts.append(ep.id)
meta_data = {'pts': ','.join(pts)}
api.nova.server_create(
request,
instance_name,
image_id,
context['flavor'],
context['keypair_id'],
normalize_newlines(custom_script),
security_groups=None,
block_device_mapping=dev_mapping_1,
block_device_mapping_v2=dev_mapping_2,
nics=nics,
availability_zone=avail_zone,
instance_count=1,
admin_pass=context['admin_pass'],
disk_config=context.get('disk_config'),
config_drive=context.get('config_drive'),
meta=meta_data)
count += 1
return True
except Exception as e:
error = _("Unable to launch member %(count)s with name %(name)s")
msg = error % {'count': count, 'name': instance_name}
LOG.error(str(e))
u = "horizon:project:policytargets:policy_targetdetails"
policy_target_id = self.request.path.split("/")[-2]
redirect = reverse(u,
kwargs={'policy_target_id': policy_target_id})
exceptions.handle(request, msg, redirect=redirect)
return False
class SetNHop(ctypes.Structure):
_fields_ = [("nhop_ipv4", ctypes.c_uint32), ("port", ctypes.c_uint16)]
class IPv4Union(ctypes.Union):
_fields_ = [("set_nhop", SetNHop), ("_drop", Drop)]
class IPv4Value(ctypes.Structure):
_fields_ = [("action", ctypes.c_uint32), ("u", IPv4Union)]
eth4_ipv4_val = IPv4Value()
eth4_ipv4_val.action = 0
eth4_ipv4_val.u.set_nhop.nhop_ipv4 = int(IPAddress('11.0.0.14'))
eth4_ipv4_val.u.set_nhop.port = eth4_idx
eth5_ipv4_val = IPv4Value()
eth5_ipv4_val.action = 0
eth5_ipv4_val.u.set_nhop.nhop_ipv4 = int(IPAddress('11.0.0.15'))
eth5_ipv4_val.u.set_nhop.port = eth5_idx
print("Populating IPv4 table from the control plane")
ipv4_tbl[ipv4_tbl.Key(int(IPAddress('10.0.0.14')))] = eth4_ipv4_val
ipv4_tbl[ipv4_tbl.Key(int(IPAddress('10.0.0.15')))] = eth5_ipv4_val
class SetDMAC(ctypes.Structure):
_fields_ = [("dmac", ctypes.c_ubyte * 6)]
def target_ip(self):
"""Returns a netaddr.IPAddress representing the target IP address."""
return IPAddress(self.target_protocol_bytes)
def get_first_address_in_network_minus_one(cidr):
ip_network = IPNetwork(cidr)
return IPAddress(ip_network.first).__sub__(1)
def update(self, obj=None):
changed = self.update_vnc_obj(obj)
if 'instance_ip_address' in changed and self.instance_ip_address:
self.ip_version = IPAddress(self.instance_ip_address).version
return changed
def resourceList(self, id, target, targetType):
targetDom = ''
# Get the base domain if we're supplied a domain
if targetType == "domain":
targetDom = self.sf.hostDomain(target, self.opts['_internettlds'])
if not targetDom:
return None
for check in list(malchecks.keys()):
cid = malchecks[check]['id']
if id == cid:
data = dict()
url = malchecks[check]['url']
data['content'] = self.sf.cacheGet("sfmal_" + cid, self.opts.get('cacheperiod', 0))
if data['content'] is None:
data = self.sf.fetchUrl(url, timeout=self.opts['_fetchtimeout'], useragent=self.opts['_useragent'])
if data['content'] is None:
self.sf.error("Unable to fetch " + url)
return None
else:
self.sf.cachePut("sfmal_" + cid, data['content'])
# If we're looking at netblocks
if targetType == "netblock":
iplist = list()
# Get the regex, replace {0} with an IP address matcher to
# build a list of IP.
# Cycle through each IP and check if it's in the netblock.
if 'regex' in malchecks[check]:
rx = malchecks[check]['regex'].replace("{0}", r"(\d+\.\d+\.\d+\.\d+)")
pat = re.compile(rx, re.IGNORECASE)
self.sf.debug("New regex for " + check + ": " + rx)
for line in data['content'].split('\n'):
grp = re.findall(pat, line)
if len(grp) > 0:
# self.sf.debug("Adding " + grp[0] + " to list.")
iplist.append(grp[0])
else:
iplist = data['content'].split('\n')
for ip in iplist:
if len(ip) < 8 or ip.startswith("#"):
continue
ip = ip.strip()
try:
if IPAddress(ip) in IPNetwork(target):
self.sf.debug(f"{ip} found within netblock/subnet {target} in {check}")
return url
except Exception as e:
self.sf.debug(f"Error encountered parsing: {e}")
continue
return None
# If we're looking at hostnames/domains/IPs
if 'regex' not in malchecks[check]:
for line in data['content'].split('\n'):
if line == target or (targetType == "domain" and line == targetDom):
self.sf.debug(target + "/" + targetDom + " found in " + check + " list.")
return url
else:
# Check for the domain and the hostname
try:
rxDom = str(malchecks[check]['regex']).format(targetDom)
rxTgt = str(malchecks[check]['regex']).format(target)
for line in data['content'].split('\n'):
if (targetType == "domain" and re.match(rxDom, line, re.IGNORECASE)) or \
re.match(rxTgt, line, re.IGNORECASE):
self.sf.debug(target + "/" + targetDom + " found in " + check + " list.")
return url
except Exception as e:
self.sf.debug("Error encountered parsing 2: " + str(e))
continue
return None
def test_release_ips(self, args, m_release):
result = calico_mesos.release(args)
m_release.assert_called_with(set([IPAddress(ip) for ip in args["ips"]]))
self.assertEqual(result, m_release())
def make_dhcp_packet(
self,
transaction_id: bytes = None,
truncated: bool = False,
truncated_option_value: bool = False,
bad_cookie: bool = False,
truncated_option_length: bool = False,
include_server_identifier: bool = False,
server_ip: str = "127.1.1.1",
include_end_option: bool = True,
) -> bytes:
"""Returns a [possibly invalid] DHCP packet."""
if transaction_id is None:
transaction_id = self.make_bytes(size=4)
options = b""
if include_server_identifier:
# 0x36 == 54 (Server Identifier option)
ip_bytes = int(IPAddress(server_ip).value).to_bytes(4, "big")
options += b"\x36\x04" + ip_bytes
if truncated_option_value:
options += b"\x36\x04\x7f\x01"
include_end_option = False
if truncated_option_length:
options += b"\x36"
include_end_option = False
# Currently, we only validation the transaction ID, and the fact that
# the reply packet has a "Server Identifier" option. This might be
# considered a bug, but in practice it works out.
packet = (
# Message type: 0x02 (BOOTP operation: reply).
b"\x02"
# Hardware type: Ethernet
b"\x01"
# Hardware address length: 6
b"\x06"
# Hops: 0
b"\x00"
+
# Transaction ID
transaction_id
+
# Seconds
b"\x00\x00"
# Flags
b"\x00\x00"
# Client IP address: 0.0.0.0
b"\x00\x00\x00\x00"
# Your (client) IP address: 0.0.0.0
b"\x00\x00\x00\x00"
# Next server IP address: 0.0.0.0
b"\x00\x00\x00\x00"
# Relay agent IP address: 0.0.0.0
b"\x00\x00\x00\x00"
+
# Client hardware address
b"\x01\x02\x03\x04\x05\x06"
# Hardware address padding
b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+
# Server host name
(b"\x00" * 67)
+
# Boot filename
(b"\x00" * 125)
+
# Cookie
(b"\x63\x82\x53\x63" if not bad_cookie else b"xxxx")
+
# "DHCP Offer" option
b"\x35\x01\x02"
+ options
+
# End options.
(b"\xff" if include_end_option else b"")
)
if truncated:
packet = packet[:200]
return packet
def ipaddr(value, action):
if action == "revdns":
return IPAddress(value).reverse_dns.strip('.')
raise NotImplementedError
def side_effect(address, handle_id, attributes, host=None):
if address == IPAddress("192.168.1.2"):
# Arbitrarily throw an error when the second address is passed in
raise exception
'''
print "1. Scan your local network"
print "2. Scan another network"
## WHILE LOOP START
user_input = raw_input(
"Would you like to scan your local network or another network? ")
print ""
## WHILE LOOP END
if (user_input == 1):
host_log = regex_host_ip_mask()
ip_addr = locate_host_ip(host_log)
subnet_mask = locate_host_subnet(host_log)
cidr = IPAddress(subnet_mask).netmask_bits()
network_ip = ipaddress.ip_network(unicode(ip_addr + '/' + str(cidr)),
strict=False)
elif (user_input == 2):
ip_addr = raw_input("Please enter the IP you want to analyze: ")
subnet_mask = raw_input(
"Please enter the subnet mask (e.g. 255.255.255.0): ")
cidr = IPAddress(subnet_mask).netmask_bits()
print cidr
network_ip = ipaddress.ip_network(unicode(ip_addr + '/' + str(cidr)),
strict=False)
print '-' * 50
print "ABOUT YOUR SYSTEM:"
print '=' * 50
def ip_in_subnet(self, ip):
ipo = IPAddress(ip)
net = IPNetwork("%s/%s" % (self.get_ip(), self.get_size()))
return ipo in net
def warn_loopback(ip):
"""Warn if the given IP address is in the loopback network."""
if IPAddress(ip) in IPNetwork('127.0.0.1/8'):
logger.warn(WARNING_MESSAGE % ip)
def _get_nodes(self):
os_auth_url, os_tenant_name, os_username, os_password, \
os_user_domain_name, os_project_domain_name = \
CredentialHelper.get_undercloud_creds()
auth_url = os_auth_url + "v3"
provisioning_network = NetworkHelper.get_provisioning_network()
kwargs = {
'os_username': os_username,
'os_password': os_password,
'os_auth_url': os_auth_url,
'os_tenant_name': os_tenant_name,
'os_user_domain_name': os_user_domain_name,
'os_project_domain_name': os_project_domain_name
}
i_client = ironic_client.get_client(1, **kwargs)
auth = v3.Password(auth_url=auth_url,
username=os_username,
password=os_password,
project_name=os_tenant_name,
user_domain_name=os_user_domain_name,
project_domain_name=os_project_domain_name)
sess = session.Session(auth=auth)
n_client = nova_client.Client(2, session=sess)
# Build up a dictionary that maps roles to a list of IPs for that role
self.node_roles_to_nodes = {}
self.logger.debug("Querying ironic and nova for nodes")
nodes = i_client.node.list(
fields=["uuid", "instance_uuid", "properties"])
for node in nodes:
uuid = node.uuid
instance_uuid = node.instance_uuid
# Handle the case where we have a node in ironic that's not in nova
# (possibly due to the node being in maintenance mode in ironic or
# the user not assigning a role to a node, etc)
if instance_uuid is None:
self.logger.debug("Ironic node " + uuid + " has no "
"corresponding instance in nova. Skipping")
continue
capabilities = node.properties["capabilities"]
capabilities = dict(c.split(':') for c in capabilities.split(','))
# Role is the 'profile' capability when node placement is not
# in use. Otherwise it's encoded in the 'node' capability.
if 'profile' in capabilities:
role = capabilities['profile']
elif 'node' in capabilities:
role = capabilities['node']
# Trim the trailing "-N" where N is the node number
role = role[:role.rindex('-')]
else:
self.logger.error(
"Failed to determine role of node {}".format(node))
sys.exit(1)
server = n_client.servers.get(instance_uuid)
for address in server.addresses["ctlplane"]:
ip = address["addr"]
if IPAddress(ip) in provisioning_network:
break
self.logger.debug("Got node:\n"
" uuid=" + uuid + "\n"
" ip=" + ip + "\n"
" role=" + role + "\n"
" instance_uuid=" + instance_uuid)
if role not in self.node_roles_to_nodes:
self.node_roles_to_nodes[role] = []
self.node_roles_to_nodes[role].append(ip)
self.logger.debug("node_roles_to_nodes: " +
str(self.node_roles_to_nodes))
def ping(self, targets=list(), filename=str(), status=str()):
"""
Attempt to ping a list of hosts or networks (can be a single host)
:param targets: List - Name(s) or IP(s) of the host(s).
:param filename: String - name of the file containing hosts to ping
:param status: String - if one of ['alive', 'dead', 'noip'] then only
return results that have that status. If this is not specified,
then all results will be returned.
:return: Type and results depends on whether status is specified:
if status == '': return dict: {targets: results}
if status != '': return list: targets if targets == status
"""
if targets and filename:
raise SyntaxError("You must specify only one of either targets=[] "
"or filename=''.")
elif not targets and not filename:
raise SyntaxError("You must specify either a list of targets or "
"filename='', but not both.")
elif filename:
targets = self.read_file(filename)
my_targets = {'hosts': [], 'nets': []}
addresses = []
# Check for valid networks and add hosts and nets to my_targets
for target in targets:
# Targets may include networks in the format "network mask", or,
# a file could contain multiple hosts or IP's on a single line.
if len(target.split()) > 1:
target_items = target.split()
for item in target_items:
try:
ip = IPAddress(item)
# If it is an IPv4 address or mask put in in addresses
if ip.version == 4:
addresses.append(str(ip))
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(item)
except ValueError:
# CIDR network detected
net = IPNetwork(item)
# Make sure it is a CIDR address acceptable to fping
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target_items[0])
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
# Iterate over the IP strings in addresses
while len(addresses) > 1:
ip = IPAddress(addresses[0])
mask = IPAddress(addresses[1])
# Test to see if IP is unicast, and mask is an actual mask
if ip.is_unicast() and mask.is_netmask():
net = IPNetwork(str(ip) + '/' + str(
mask.netmask_bits()))
# Convert ip and mask to CIDR and remove from addresses
my_targets['nets'].append(str(net.cidr))
addresses.pop(0)
addresses.pop(0)
elif ip.is_unicast() and not ip.is_netmask():
# mask was not a mask so only remove IP and start over
my_targets['hosts'].append(str(ip))
addresses.pop(0)
# There could be one more item in addresses, so check it
if addresses:
ip = IPAddress(addresses[0])
if ip.is_unicast() and not ip.is_netmask():
my_targets['hosts'].append(addresses[0])
addresses.pop()
# target has only one item, so check it
else:
try:
ip = IPAddress(target)
if ip.version == 4 and ip.is_unicast() and \
not ip.is_netmask():
my_targets['hosts'].append(target)
else:
msg = str(target + 'Only IPv4 unicast addresses are '
'supported.')
raise AttributeError(msg)
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(target)
except ValueError:
# CIDR network detected
net = IPNetwork(target)
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target)
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
"""
Build the list of commands to run.
"""
commands = []
if len(my_targets['hosts']) != 0:
for target in range(len(my_targets['hosts'])):
commands.append([self.fping, '-V', my_targets['hosts'][
target]])
if len(my_targets['nets']) != 0:
for target in range(len(my_targets['nets'])):
commands.append([self.fping, '-gV', my_targets['nets'][
target]])
"""
Start pinging each item in my_targets and return the requested results
when done.
"""
try:
pool = ThreadPool(len(commands))
raw_results = pool.map(self.get_results, commands)
self.results = {host: result for host, result in csv.reader(
''.join(raw_results).splitlines())}
if not status:
return self.results
elif status == 'alive':
return self.alive
elif status == 'dead':
return self.dead
elif status == 'noip':
return self.noip
else:
raise SyntaxError("Valid status options are 'alive', 'dead' or "
"'noip'")
finally:
pool.close()
pool.join()
def _next_hops_from_gateway_ips(self, gw_ips):
if gw_ips:
return {IPAddress(ip).version: ip for ip in gw_ips}
return {}
def getIPfromInterface():
ip = ni.ifaddresses(gc.INTERFACE)[ni.AF_INET][0]['addr']
subnet = ni.ifaddresses(gc.INTERFACE)[ni.AF_INET][0]['netmask']
CIDR = IPAddress(subnet).netmask_bits()
return ip, subnet, CIDR
def update_interface(module, array, interface):
"""Modify Interface settings"""
changed = True
if not module.check_mode:
current_state = {
'mtu': interface['mtu'],
'gateway': interface['gateway'],
'address': interface['address'],
'netmask': interface['netmask']
}
if not module.params['address']:
address = interface['address']
else:
if module.params['gateway'] and module.params[
'gateway'] not in IPNetwork(module.params['address']):
module.fail_json(msg='Gateway and subnet are not compatible.')
elif not module.params['gateway'] and interface['gateway'] not in [
None, IPNetwork(module.params['address'])
]:
module.fail_json(msg='Gateway and subnet are not compatible.')
address = str(module.params['address'].split("/", 1)[0])
if not module.params['mtu']:
mtu = interface['mtu']
else:
if not 1280 <= module.params['mtu'] <= 9216:
module.fail_json(msg='MTU {0} is out of range (1280 to 9216)'.
format(module.params['mtu']))
else:
mtu = module.params['mtu']
if module.params['address']:
netmask = str(IPNetwork(module.params['address']).netmask)
else:
netmask = interface['netmask']
if not module.params['gateway']:
gateway = interface['gateway']
else:
cidr = str(IPAddress(netmask).netmask_bits())
full_addr = address + "/" + cidr
if module.params['gateway'] not in IPNetwork(full_addr):
module.fail_json(msg='Gateway and subnet are not compatible.')
gateway = module.params['gateway']
new_state = {
'address': address,
'mtu': mtu,
'gateway': gateway,
'netmask': netmask
}
if new_state == current_state:
changed = False
else:
if 'management' in interface['services'] or 'app' in interface[
'services'] and address == "0.0.0.0/0":
module.fail_json(
msg=
"Removing IP address from a management or app port is not supported"
)
try:
if new_state['gateway'] is not None:
array.set_network_interface(interface['name'],
address=new_state['address'],
mtu=new_state['mtu'],
netmask=new_state['netmask'],
gateway=new_state['gateway'])
else:
array.set_network_interface(interface['name'],
address=new_state['address'],
mtu=new_state['mtu'],
netmask=new_state['netmask'])
except Exception:
module.fail_json(
msg="Failed to change settings for interface {0}.".format(
interface['name']))
if not interface['enabled'] and module.params['state'] == 'present':
try:
array.enable_network_interface(interface['name'])
changed = True
except Exception:
module.fail_json(msg="Failed to enable interface {0}.".format(
interface['name']))
if interface['enabled'] and module.params['state'] == 'absent':
try:
array.disable_network_interface(interface['name'])
changed = True
except Exception:
module.fail_json(msg="Failed to disable interface {0}.".format(
interface['name']))
module.exit_json(changed=changed)
byte_counts = {}
for dump in output:
derived_fields = {}
match_fields = re.split(',\s*(?![^()]*\))', dump)
for match in match_fields[1:]:
if "(" in match and ")" in match and "," in match:
start_key = match.split("(")[0]
for item in match.split("(")[1].replace(")",
"").split(","):
sub_key = item.split("=")[0]
key = start_key + "_" + sub_key
sub_value = item.split("=")[1]
if key == "ipv4_src" or key == "ipv4_dst":
if "/" in sub_value:
ip_addr = sub_value.split("/")[0]
subnet = IPAddress(
sub_value.split("/")[1]).netmask_bits()
sub_value = ip_addr + "/" + str(subnet)
derived_fields[key] = sub_value
continue
if "(" in match and ")" in match and "," not in match:
key = match.split("(")[0]
item = match.split("(")[1].replace(")", "")
if key == "eth_type":
item = int(item, 0)
derived_fields[key] = item
continue
if ":" in match and "(" not in match and ")" not in match:
key = match.split(":")[0]
item = match.split(":")[1]
derived_fields[key] = item
total = 0
def source_ip(self):
"""Returns a netaddr.IPAddress representing the source IP address."""
return IPAddress(self.sender_protocol_bytes)
def __init__(self, host, name, ip=None, image="busybox", network=None):
"""
Create the workload and detect its IPs.
:param host: The host container on which this workload is instantiated.
All commands executed by this container will be passed through the host
via docker exec.
:param name: The name given to the workload container. This name is
passed to docker and can be used inside docker commands.
:param ip: The IP to be assigned to this workload via calico. May be
either IPv4 or IPv6. May also be None or 'auto' in which case it will
be assigned one by IPAM. Calico supports multiple IPs per workload, but
this testing framework does not yet.
:param image: The docker image to be used to instantiate this
container. busybox used by default because it is extremely small and
has ping.
:param network: The DockerNetwork to connect to. Set to None to use
default Docker networking.
"""
self.host = host
self.name = name
args = [
"docker",
"run",
"--tty",
"--interactive",
"--detach",
"--name",
name,
]
assert ip is None, "Static IP assignment not supported by libnetwork."
if network:
if network is not NET_NONE:
assert isinstance(network, DockerNetwork)
# We don't yet care about service names and they are buggy.
# Currently they aren't deleted properly, so to ensure no
# clashes between tests, just use a uuid
args.append("--publish-service=%s.%s" %
(str(uuid.uuid4()), network))
args.append(image)
command = ' '.join(args)
host.execute(command)
# There is an unofficial ip=auto option in addition to ip=None.
if ip is None:
version = None
else:
version = IPAddress(ip).version
if version == 6:
version_key = "GlobalIPv6Address"
else:
version_key = "IPAddress"
self.ip = host.execute(
"docker inspect --format "
"'{{ .NetworkSettings.%s }}' %s" % (version_key, name), ).rstrip()
if ip:
# Currently unhittable until libnetwork lets us configure IPs.
assert ip == self.ip, "IP param = %s, configured IP = %s." % \
(ip, self.ip)
def get_last_address_in_network(cidr):
ip_network = IPNetwork(cidr)
return IPAddress(ip_network.last)
def is_ip_in_network(self, interface_ip, cidr):
return IPAddress(interface_ip) in IPNetwork(cidr)
def get_last_address_in_network_plus_one(cidr):
ip_network = IPNetwork(cidr)
return IPAddress(ip_network.last).__add__(1)
def clone(self):
"""
Command Section: clone
Clone a VM from a template
"""
self.config['hostname'] = self.config['hostname'].lower()
self.config['mem'] = int(self.config['mem'] * 1024) # convert GB to MB
print("Cloning %s to new host %s with %sMB RAM..." % (
self.config['template'],
self.config['hostname'],
self.config['mem']
))
# initialize a list to hold our network settings
ip_settings = list()
# Get network settings for each IP
for key, ip_string in enumerate(self.config['ips']):
# convert ip from string to the 'IPAddress' type
ip = IPAddress(ip_string)
# determine network this IP is in
for network in self.config['networks']:
if ip in IPNetwork(network):
self.config['networks'][network]['ip'] = ip
ipnet = IPNetwork(network)
self.config['networks'][network]['subnet_mask'] = str(
ipnet.netmask
)
ip_settings.append(self.config['networks'][network])
# throw an error if we couldn't find a network for this ip
if not any(d['ip'] == ip for d in ip_settings):
print("I don't know what network %s is in. You can supply "
"settings for this network in config.yml." % ip_string)
sys.exit(1)
# network to place new VM in
self.get_obj([vim.Network], ip_settings[0]['network'])
datacenter = self.get_obj([vim.Datacenter],
ip_settings[0]['datacenter']
)
# get the folder where VMs are kept for this datacenter
if self.config['destination_folder']:
destfolder = self.content.searchIndex.FindByInventoryPath(
self.config['destination_folder']
)
else:
destfolder = datacenter.vmFolder
cluster = self.get_obj([vim.ClusterComputeResource],
ip_settings[0]['cluster']
)
resource_pool_str = self.config['resource_pool']
# resource_pool setting in config file takes priority over the
# default 'Resources' pool
if resource_pool_str == 'Resources' \
and ('resource_pool' in ip_settings[key]):
resource_pool_str = ip_settings[key]['resource_pool']
resource_pool = self.get_resource_pool(cluster, resource_pool_str)
host_system = self.config['host']
if host_system != "":
host_system = self.get_obj([vim.HostSystem],
self.config['host']
)
if self.debug:
self.print_debug(
"Destination cluster",
cluster
)
self.print_debug(
"Resource pool",
resource_pool
)
if resource_pool is None:
# use default resource pool of target cluster
resource_pool = cluster.resourcePool
datastore = None
if self.config['datastore']:
datastore = self.get_obj(
[vim.Datastore], self.config['datastore'])
elif 'datastore' in ip_settings[0]:
datastore = self.get_obj(
[vim.Datastore],
ip_settings[0]['datastore'])
if datastore is None:
print("Error: Unable to find Datastore '%s'"
% ip_settings[0]['datastore'])
sys.exit(1)
if self.config['template_folder']:
template_vm = self.get_vm_failfast(
self.config['template'],
False,
'Template VM',
path=self.config['template_folder']
)
else:
template_vm = self.get_vm_failfast(
self.config['template'],
False,
'Template VM'
)
# Relocation spec
relospec = vim.vm.RelocateSpec()
relospec.datastore = datastore
if host_system:
relospec.host = host_system
if resource_pool:
relospec.pool = resource_pool
# Networking self.config for VM and guest OS
devices = []
adaptermaps = []
# add existing NIC devices from template to our list of NICs
# to be created
try:
for device in template_vm.config.hardware.device:
if hasattr(device, 'addressType'):
# this is a VirtualEthernetCard, so we'll delete it
nic = vim.vm.device.VirtualDeviceSpec()
nic.operation = \
vim.vm.device.VirtualDeviceSpec.Operation.remove
nic.device = device
devices.append(nic)
except:
# not the most graceful handling, but unable to reproduce
# user's issues in #57 at this time.
pass
# create a Network device for each static IP
for key, ip in enumerate(ip_settings):
# VM device
nic = vim.vm.device.VirtualDeviceSpec()
# or edit if a device exists
nic.operation = vim.vm.device.VirtualDeviceSpec.Operation.add
nic.device = vim.vm.device.VirtualVmxnet3()
nic.device.wakeOnLanEnabled = True
nic.device.addressType = 'assigned'
# 4000 seems to be the value to use for a vmxnet3 device
nic.device.key = 4000
nic.device.deviceInfo = vim.Description()
nic.device.deviceInfo.label = 'Network Adapter %s' % (key + 1)
if 'dvportgroup' in ip_settings[key]:
dvpg = ip_settings[key]['dvportgroup']
nic.device.deviceInfo.summary = dvpg
pg_obj = self.get_obj([vim.dvs.DistributedVirtualPortgroup], dvpg) # noqa
dvs_port_connection = vim.dvs.PortConnection()
dvs_port_connection.portgroupKey = pg_obj.key
dvs_port_connection.switchUuid = (
pg_obj.config.distributedVirtualSwitch.uuid
)
# did it to get pep8
e_nic = vim.vm.device.VirtualEthernetCard
nic.device.backing = (
e_nic.DistributedVirtualPortBackingInfo()
)
nic.device.backing.port = dvs_port_connection
else:
nic.device.deviceInfo.summary = ip_settings[key]['network']
nic.device.backing = (
vim.vm.device.VirtualEthernetCard.NetworkBackingInfo()
)
nic.device.backing.network = (
self.get_obj([vim.Network], ip_settings[key]['network'])
)
nic.device.backing.deviceName = ip_settings[key]['network']
nic.device.backing.useAutoDetect = False
nic.device.connectable = vim.vm.device.VirtualDevice.ConnectInfo()
nic.device.connectable.startConnected = True
nic.device.connectable.allowGuestControl = True
devices.append(nic)
if 'customspecname' in ip_settings[key]:
custom_spec_name = ip_settings[key]['customspecname']
customspec = (
self.get_customization_settings(custom_spec_name)
)
guest_map = customspec.nicSettingMap[0]
else:
customspec = vim.vm.customization.Specification()
# guest NIC settings, i.e. 'adapter map'
guest_map = vim.vm.customization.AdapterMapping()
guest_map.adapter = vim.vm.customization.IPSettings()
guest_map.adapter.ip = vim.vm.customization.FixedIp()
guest_map.adapter.ip.ipAddress = str(ip_settings[key]['ip'])
if 'subnet_mask' in ip_settings[key]:
guest_map.adapter.subnetMask = (
str(ip_settings[key]['subnet_mask'])
)
if 'gateway' in ip_settings[key]:
guest_map.adapter.gateway = ip_settings[key]['gateway']
if self.config['domain']:
guest_map.adapter.dnsDomain = self.config['domain']
adaptermaps.append(guest_map)
# DNS settings
if 'dns_servers' in self.config:
globalip = vim.vm.customization.GlobalIPSettings()
globalip.dnsServerList = self.config['dns_servers']
globalip.dnsSuffixList = self.config['domain']
customspec.globalIPSettings = globalip
# Hostname settings
ident = vim.vm.customization.LinuxPrep()
ident.domain = self.config['domain']
ident.hostName = vim.vm.customization.FixedName()
ident.hostName.name = self.config['hostname']
customspec.nicSettingMap = adaptermaps
customspec.identity = ident
# VM config spec
vmconf = vim.vm.ConfigSpec()
vmconf.numCPUs = self.config['cpus']
vmconf.memoryMB = self.config['mem']
vmconf.cpuHotAddEnabled = True
vmconf.memoryHotAddEnabled = True
vmconf.deviceChange = devices
# Clone spec
clonespec = vim.vm.CloneSpec()
clonespec.location = relospec
clonespec.config = vmconf
clonespec.customization = customspec
clonespec.powerOn = True
clonespec.template = False
self.addDisks(template_vm, clonespec)
if self.debug:
self.print_debug("CloneSpec", clonespec)
# fire the clone task
tasks = [template_vm.Clone(folder=destfolder,
name=self.config['hostname'],
spec=clonespec
)]
result = self.WaitForTasks(tasks)
if self.config['post_clone_cmd']:
try:
# helper env variables
os.environ['EZMOMI_CLONE_HOSTNAME'] = self.config['hostname']
print("Running --post-clone-cmd %s"
% self.config['post_clone_cmd'])
os.system(self.config['post_clone_cmd'])
except Exception as e:
print("Error running post-clone command. Exception: %s" % e)
pass
# send notification email
if self.config['mail']:
self.send_email()
def test_reverse_zone_file(self):
# DNSReverseZoneConfig calculates the reverse zone file name
# correctly for IPv4 and IPv6 networks.
# As long as the network size ends on a "nice" boundary (multiple of
# 8 for IPv4, multiple of 4 for IPv6), then there will be one reverse
# zone for the subnet. When it isn't, then there will be 2-128
# individual reverse zones for the subnet.
# A special case is the small subnet (less than 256 hosts for IPv4,
# less than 16 hosts for IPv6), in which case, we follow RFC2317 with
# the modern adjustment of using '-' instead of '/'.
zn = "%d.0.0.0.0.0.0.0.0.0.0.0.4.0.1.f.1.0.8.a.b.0.1.0.0.2.ip6.arpa"
expected = [
# IPv4 networks.
# /22 ==> 4 /24 reverse zones
(
IPNetwork("192.168.0.1/22"),
[
DomainInfo(
IPNetwork("192.168.%d.0/24" % i),
"%d.168.192.in-addr.arpa" % i,
)
for i in range(4)
],
),
# /24 ==> 1 reverse zone
(
IPNetwork("192.168.0.1/24"),
[
DomainInfo(
IPNetwork("192.168.0.0/24"), "0.168.192.in-addr.arpa"
)
],
),
# /29 ==> 1 reverse zones, per RFC2317
(
IPNetwork("192.168.0.241/29"),
[
DomainInfo(
IPNetwork("192.168.0.240/29"),
"240-29.0.168.192.in-addr.arpa",
)
],
),
# IPv6 networks.
# /32, 48, 56, 64 ==> 1 reverse zones
(
IPNetwork("3ffe:801::/32"),
[
DomainInfo(
IPNetwork("3ffe:801::32"), "1.0.8.0.e.f.f.3.ip6.arpa"
)
],
),
(
IPNetwork("2001:db8:0::/48"),
[
DomainInfo(
IPNetwork("2001:db8:0::/48"),
"0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa",
)
],
),
(
IPNetwork("2001:ba8:1f1:400::/56"),
[
DomainInfo(
IPNetwork("2001:ba8:1f1:400::/56"),
"4.0.1.f.1.0.8.a.b.0.1.0.0.2.ip6.arpa",
)
],
),
(
IPNetwork("2610:8:6800:1::/64"),
[
DomainInfo(
IPNetwork("2610:8:6800:1::/64"),
"1.0.0.0.0.0.8.6.8.0.0.0.0.1.6.2.ip6.arpa",
)
],
),
# /2 with hex digits ==> 4 /4 reverse zones
(
IPNetwork("8000::/2"),
[
DomainInfo(IPNetwork("8000::/4"), "8.ip6.arpa"),
DomainInfo(IPNetwork("9000::/4"), "9.ip6.arpa"),
DomainInfo(IPNetwork("a000::/4"), "a.ip6.arpa"),
DomainInfo(IPNetwork("b000::/4"), "b.ip6.arpa"),
],
),
# /103 ==> 2 /104 reverse zones
(
IPNetwork("2001:ba8:1f1:400::/103"),
[
DomainInfo(
IPNetwork("2001:ba8:1f1:400:0:0:%d00:0000/104" % i),
zn % i,
)
for i in range(2)
],
),
# /125 ==> 1 reverse zone, based on RFC2317
(
IPNetwork("2001:ba8:1f1:400::/125"),
[
DomainInfo(
IPNetwork("2001:ba8:1f1:400::/125"),
"0-125.%s"
% (IPAddress("2001:ba8:1f1:400::").reverse_dns[2:-1]),
)
],
),
]
results = []
for network, _ in expected:
domain = factory.make_name("zone")
dns_zone_config = DNSReverseZoneConfig(domain, network=network)
results.append((network, dns_zone_config.zone_info))
# Make sure we have the right number of elements.
self.assertEqual(len(expected), len(results))
# And that the zone names chosen for each element are correct.
for net in range(len(expected)):
for zi in range(len(expected[net][1])):
self.assertItemsEqual(
expected[net][1][zi].zone_name,
results[net][1][zi].zone_name,
)
def do_inject(self):
LOG.info('* Cloning mode *')
bulk_sql = []
ip_offset = self.options.ip_offset
with EMInterface(**self.emicparams) as emicifc:
LOG.info('Disable auto-refresh on EM...')
EMAPI.device.set_config(auto_refresh=False, ifc=emicifc)
with SSHInterface(**self.emparams) as emsshifc:
version = SCMD.ssh.get_version(ifc=emsshifc)
has_groups = version < 'em 2.3.0'
rows = SQL.query('SELECT MAX(device.uid) AS device, MAX(device_slot.uid) AS slot FROM device, device_slot;', ifc=emsshifc)
max_device_uid = int(rows[0].device)
max_slot_uid = int(rows[0].slot)
bpmgmt = self.bigipparams.address
template = self.do_get_template(bpmgmt, emsshifc)
assert template.access_address != template.mgmt_address, \
"Template device must be discovered by its self IP."
device_uid = int(template.uid)
LOG.info('Template: %s', template.host_name)
start_ip = IPAddress(START_IP)
LOG.info('Inserting device rows...')
for i in range(1, self.options.clones + 1, 1):
template.uid = max_device_uid + UIDOFFSET + i
template.access_address = str(start_ip + ip_offset + i)
template.system_id = None
template.last_refresh = None
query = "INSERT INTO `device` %s" % self.do_prep_insert(template)
bulk_sql.append(query)
if has_groups:
bulk_sql.append("INSERT INTO device_2_device_group VALUES (NULL,%d,1)" % template.uid)
while bulk_sql:
SQL.query(";".join(bulk_sql[:MAXSQL]), ifc=emsshifc)
bulk_sql[:MAXSQL] = []
# Prepare device slot
rows = SQL.query("SELECT * FROM device_slot WHERE device_id=%d;" % device_uid, ifc=emsshifc)
last_device_slot_uid = max_slot_uid + UIDOFFSET
LOG.info('Inserting device_slot rows...')
for row in rows:
last_device_uid = max_device_uid + UIDOFFSET
for i in range(1, self.options.clones + 1, 1):
last_device_slot_uid += 1
last_device_uid += 1
row.uid = last_device_slot_uid
row.device_id = last_device_uid
query = "INSERT INTO `device_slot` %s" % self.do_prep_insert(row)
bulk_sql.append(query)
while bulk_sql:
SQL.query(";".join(bulk_sql[:MAXSQL]), ifc=emsshifc)
bulk_sql[:MAXSQL] = []
LOG.info('Creating SelfIPs on %s...', bpmgmt)
self_ips = [str(start_ip + ip_offset + x)
for x in range(1, self.options.clones + 1, 1)]
vlan_names = ['internal'] * self.options.clones
netmasks = ['255.255.0.0'] * self.options.clones
unit_ids = [0] * self.options.clones
floating_states = ['STATE_DISABLED'] * self.options.clones
with IcontrolInterface(**self.bigipparams) as bigipicifc:
ic = bigipicifc.api
ic.Networking.SelfIP.create(self_ips=self_ips, vlan_names=vlan_names,
netmasks=netmasks, unit_ids=unit_ids,
floating_states=floating_states)
access_lists = [dict(self_ip=x, mode='ALLOW_MODE_ALL', protocol_ports=[])
for x in self_ips]
ic.Networking.SelfIPPortLockdown.add_allow_access_list(access_lists=access_lists)
def _is_v4_ip(ip):
return IPAddress(ip['ip_address']).version == 4
# ICMPであればそれを処理
if ip_header.protocol == "ICMP":
# ICMPパケットの位置を計算
offset = ip_header.ihl * 4
buf = raw_buffer[offset:offset + sizeof(ICMP)]
# ICMP構造体を作成
icmp_header = ICMP(buf)
print "ICMP -> Type: %d Code: %d" % (icmp_header.type,
icmp_header.code)
# コードとタイプが3であるかチェック
if icmp_header.code == 3 and icmp_header.type == 3:
# 標的サブネットのホストかを確認
if IPAddress(ip_header.src_address) in IPNetwork(subnet):
# マジック文字列を含むか確認
if raw_buffer[len(raw_buffer) -
len(magic_message):] == magic_message:
print "Host Up: %s" % ip_header.src_address
# Ctrl-Cを処理
except KeyboardInterrupt:
# Windowsの場合はプロミスキャスモードを無効化
if os.name == "nt":
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
