# # Usage: # python script_name.py [ip_address] [username] [password] [ip_to_shutdown] [1/0] # This script uses the onep_connect.py module from onep_connect import connect from onep.interfaces import InterfaceFilter import sys if len(sys.argv) < 5: print 'Usage: python script_name.py [ip_address] [username] [password] [ip_to_shutdown] [1/0]' quit() # Connect using passed in connection values # (will raise a ValueError if bad IP address or credentials) ne = connect(sys.argv[1], sys.argv[2], sys.argv[3]) try: #Create Interface Filter and find interface by IP if_filter = InterfaceFilter(interface_type=1) for interface in ne.get_interface_list(if_filter): if sys.argv[4] in interface.get_address_list(): # Use passed in shutdown command, or just shutdown try: interface.shut_down(int(sys.argv[5])) if int(sys.argv[5]) == 1: print '%s has been shutdown.' % interface.name elif int(sys.argv[5]) == 0: print '%s has been re-enabled.' % interface.name except IndexError, ValueError: interface.shut_down(1)
# Usage: # python script_name.py [ip_address] [username] [password] # This script uses the onep_connect.py module from onep_connect import connect from onep.interfaces import InterfaceFilter import sys if len(sys.argv) != 4: print 'Usage: python script_name.py [ip_address] [username] [password]' quit() # Connect using passed in connection values # (will raise a ValueError if bad IP address or credentials) ne = connect(sys.argv[1], sys.argv[2], sys.argv[3]) try: #Create Interface Filter and print interface list if_filter = InterfaceFilter(interface_type=1) for interface in ne.get_interface_list(if_filter): print '%s: %s' % (interface.name, interface.get_address_list()) # Optionally, can print full interface switchport info # print interface.get_config() finally: # Finally have the application disconnect from the Network Element ne.disconnect()
l3_ace.dst_prefix = ip_addresses[1].split('/')[0] l3_ace.dst_prefix_len = 32 dst_port = int(ip_addresses[1].split('/')[1]) l3_ace.set_dst_port_range(dst_port, dst_port) l3_ace.src_prefix = ip_addresses[0].split('/')[0] l3_ace.src_prefix_len = 32 src_port = int(ip_addresses[0].split('/')[1]) l3_ace.set_src_port_range(src_port, src_port) return l3_ace try: # Connect to a router inline with the attacker's traffic ne = connect('1.1.1.1', 'admin', 'admin') #specify the interface towards the attacker interface = ne.get_interface_by_name('gi2') # Create a IPv4 L3 ACL l3_acl = L3Acl(ne, OnepConstants.OnepAddressFamilyType.ONEP_AF_INET, L3Acl.OnepLifetime.ONEP_PERSISTENT) # Run function to create ACE based on syslog addresses l3_ace_10 = create_dynamic_ace(10, False, syslog_message) # Create ACE to allow all other traffic l3_ace_20 = L3Ace(20, True) #True == permit l3_ace_20.protocol = OnepConstants.AclProtocol.ALL l3_ace_20.set_src_prefix_any() l3_ace_20.set_dst_prefix_any()