def post(self, request, *args, **kwargs): # mengambil nilai dari form formm = NacmForm(request.POST or None) ipform = IpFormset(request.POST) upform = UploadForm(request.POST, request.FILES) userValue = formm['username'].value() passValue = formm['password'].value() confValue = formm['conft'].value() bgp_name = str(request.POST['bgp_name']) asn = str(request.POST['bgp_asn']) router_id = str(request.POST['bgp_router_id']) neighbor_address = str(request.POST['bgp_neighbor_address']) neighbor_asn = str(request.POST['bgp_neighbor_asn']) networkx = (request.POST.getlist('bgp_network')) prefixs = (request.POST.getlist('bgp_prefix')) # jika form valid if ipform.is_valid() and formm.is_valid(): collect_data = "" count_form = 0 simpanForm = formm.save() # perulangan data pada form ipform for form in ipform: ipaddr = form.cleaned_data.get('ipaddr') vendor = form.cleaned_data.get('vendor') collect_config = "<b>Configure on " + str( ipaddr) + " | vendor = " + str(vendor) + "</b></br>" networks = netmask = wildcard = "" # mengkoneksikan ke perangkat via protokol SSH menggunakan library Paramiko try: ssh_client = paramiko.SSHClient() ssh_client.set_missing_host_key_policy( paramiko.AutoAddPolicy()) # memasukkan informasi username, password SSH ssh_client.connect(hostname=ipaddr, username=userValue, password=passValue, look_for_keys=False, allow_agent=False, timeout=5) remote_conn = ssh_client.invoke_shell() shell = remote_conn.recv(65535) config_read = str(vendor.sett_dynamic_routing_bgp) # split memakai \r dulu array_read = config_read.split('\r') # hasilnya akan ada \n output_line = "" # membuat perulangan pada network yang di advertise, karena pada advertise network menggunakan form dinamis for x in range(len(networkx)): network = networkx[x] print(network) prefix = prefixs[x] if prefix != '': networks = str(network + "/" + prefix) print(networks) netmask = IPNetwork(networks).netmask print(netmask) wildcard = IPNetwork(networks).hostmask print(wildcard) print(vendor) # membaca code tiap line for line in array_read: # menghilangkan \n new_line = re.sub(r'\n', '', line) # print new_line # akan error karena ada nilai kosong dan eval tidak bisa membacanya # sehingga mengeleminasi nilai kosong if new_line != '': config_send = eval(new_line) collect_config = collect_config + config_send + "</br>" print(config_send + " ini config send") # mengirim perintah yang akan dikonfig # menggunakan non-interactive shell try: stdin, stdout, stderr = ssh_client.exec_command( config_send + "\n") time.sleep(1) results = stdout.read() print(str(results)) except: # jika gagal menggunakan interactive shell try: remote_conn.send(config_send + "\n") time.sleep(1) results = remote_conn.recv(65535) print(results.decode('ascii')) # print (results) except: print("error paramiko") # menyimpan data ke sqlite count_form = count_form + 1 collect_data = collect_data + collect_config if count_form == len(ipform): simpanForm.conft = collect_data messages.success(request, collect_config) ssh_client.close() simpanIp = form.save(commit=False) simpanIp.connect_id = simpanForm print(simpanIp) simpanIp.save() simpanForm.save() # jika gagal terkoneksi except paramiko.AuthenticationException: error_conf( request, collect_config, "</br>Authentication failed, please verify your credentials" ) except paramiko.SSHException as sshException: error_conf( request, collect_config, "</br>Could not establish SSH connection: %s" % sshException) except socket.timeout as e: error_conf(request, collect_config, "</br>Connection timed out") except Exception as e: ssh_client.close() error_conf(request, collect_config, "</br>Exception in connecting to the server") return HttpResponseRedirect('routing_bgp')
def oob_provision(self, equips): log.info("AutoprovisionOOB") variablestochangecore1 = dict() variablestochangecore2 = dict() variablestochangeoob = dict() fileincore1 = None fileoutcore1 = None fileincore2 = None fileoutcore2 = None dcroom = model_to_dict(self.rack.dcroom) log.debug("type: %s" % str(type(dcroom.get("config")))) fabricconfig = dcroom.get("config") try: fabricconfig = json.loads(fabricconfig) log.debug("type -ast: %s" % str(type(fabricconfig))) except: pass try: fabricconfig = ast.literal_eval(fabricconfig) log.debug("config -ast: %s" % str(fabricconfig)) except: pass envconfig = fabricconfig BASE_CHANNEL = int(envconfig.get("Channel").get( "channel")) if envconfig.get("Channel") else 10 try: path_to_guide = get_variable("path_to_guide") path_to_add_config = get_variable("path_to_add_config") path_to_config = get_variable("path_to_config") except ObjectDoesNotExist: raise var_exceptions.VariableDoesNotExistException( "Erro buscando a variável PATH_TO_GUIDE") try: vlan_name = "VLAN_GERENCIA_" + self.rack.nome vlan = models_vlan.Vlan.objects.filter( nome=vlan_name).uniqueResult() except Exception as e: log.debug("Error while getting %s. Error: %s" % (vlan_name, e)) vlan = False if not vlan: try: vlan_name = "OOB_SO_" + self.rack.nome vlan = models_vlan.Vlan.objects.filter( nome=vlan_name).uniqueResult() except Exception as e: raise Exception("O rack não tem vlan de gerencia. Error: %s" % e) log.debug("Vlan OOB: %s" % vlan.nome) log.debug("Rede OOB: %s" % IPNetwork(vlan.networks_ipv4[0].networkv4)) log.debug("equips: %s" % str(equips)) if not vlan.networks_ipv4: raise Exception("Vlan de OOB do rack não possui rede associada.") variablestochangeoob["VLAN_SO"] = str(vlan.num_vlan) equips_sorted = sorted(equips, key=operator.itemgetter('sw')) oob = equips_sorted[-1] variablestochangeoob["OWN_IP_MGMT"] = oob.get("ip_mngt") variablestochangeoob["HOSTNAME_OOB"] = oob.get("nome") variablestochangeoob["HOSTNAME_RACK"] = self.rack.nome fileinoob = path_to_guide + oob.get("roteiro") fileoutoob = path_to_config + oob.get("nome") + ".cfg" for equip in oob.get("interfaces"): nome = equip.get("nome") log.debug(str(nome)) roteiro = equip.get("roteiro") if nome[:3] == self.leaf_prefix: if nome[-1] == "1": variablestochangeoob["HOSTNAME_LF1"] = nome else: variablestochangeoob["HOSTNAME_LF2"] = nome elif nome[:3] == self.oob_prefix: intoob = equip.get("eq_interface") intcore = equip.get("interface") if nome[-1] == "1": log.info(str(nome)) variablestochangeoob["INT_OOBC1_UPLINK"] = intoob variablestochangeoob["INTERFACE_CORE1"] = intcore variablestochangeoob["HOSTNAME_CORE1"] = nome variablestochangecore1["INT_OOB_UPLINK"] = intoob variablestochangecore1["INTERFACE_CORE"] = intcore variablestochangecore1["HOSTNAME_RACK"] = self.rack.nome variablestochangecore1["SO_HOSTNAME_OOB"] = "SO_" + str( self.rack.nome) variablestochangecore1["VLAN_SO"] = str(vlan.num_vlan) variablestochangecore1['IPCORE'] = str( IPNetwork(vlan.networks_ipv4[0].networkv4).broadcast - 2) variablestochangecore1['IPHSRP'] = str( IPNetwork(vlan.networks_ipv4[0].networkv4).ip + 1) variablestochangecore1['NUM_CHANNEL'] = str( BASE_CHANNEL + int(self.rack.numero)) if (1 + int(self.rack.numero)) % 2 == 0: variablestochangecore1["HSRP_PRIORITY"] = "100" else: variablestochangecore1["HSRP_PRIORITY"] = "101" fileincore1 = path_to_guide + roteiro fileoutcore1 = path_to_add_config + nome + "-ADD-" + str( self.rack.nome) + ".cfg" elif nome[-1] == "2": log.info(str(nome)) variablestochangeoob["INT_OOBC2_UPLINK"] = intoob variablestochangeoob["INTERFACE_CORE2"] = intcore variablestochangeoob["HOSTNAME_CORE2"] = nome variablestochangecore2["INT_OOB_UPLINK"] = intoob variablestochangecore2["INTERFACE_CORE"] = intcore variablestochangecore2["HOSTNAME_RACK"] = self.rack.nome variablestochangecore2["SO_HOSTNAME_OOB"] = "SO_" + str( self.rack.nome) variablestochangecore2["VLAN_SO"] = str(vlan.num_vlan) variablestochangecore2['IPCORE'] = str( IPNetwork(vlan.networks_ipv4[0].networkv4).broadcast - 1) variablestochangecore2['IPHSRP'] = str( IPNetwork(vlan.networks_ipv4[0].networkv4).ip + 1) variablestochangecore2['NUM_CHANNEL'] = str( BASE_CHANNEL + int(self.rack.numero)) if (2 + int(self.rack.numero)) % 2 == 0: variablestochangecore2["HSRP_PRIORITY"] = "100" else: variablestochangecore2["HSRP_PRIORITY"] = "101" fileincore2 = path_to_guide + roteiro fileoutcore2 = path_to_add_config + nome + "-ADD-" + str( self.rack.nome) + ".cfg" self.replace_file(fileincore1, fileoutcore1, variablestochangecore1) self.replace_file(fileincore2, fileoutcore2, variablestochangecore2) self.replace_file(fileinoob, fileoutoob, variablestochangeoob) return True
def get_ipv4_prefixes(prefixes=[]): return [ prefix for prefix in prefixes or [] if IPNetwork(prefix).version == 4 ]
def test_node_start(self, m_root, m_attach_and_stream, m_find_or_pull_node_image, m_docker, m_docker_client, m_client, m_conntrack, m_setup_ip, m_check_system, m_container, m_call, m_os_makedirs, m_os_path_exists, m_ipv6_enabled): """ Test that the node_Start function does not make Docker calls function returns """ # Set up mock objects m_container.return_value = False m_root.return_value = False m_os_path_exists.return_value = False ip_2 = '2.2.2.2' m_docker_client.create_host_config.return_value = 'host_config' container = {'Id': 666} m_docker_client.create_container.return_value = container m_check_system.return_value = [True, True, True] ipv4_pools = [ IPPool(IPNetwork("10.0.0.0/16")), IPPool(IPNetwork("10.1.0.0/16"), ipip=True) ] ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)] m_client.get_ip_pools.return_value = ipv4_pools # Set up arguments node_image = 'node_image' runtime = 'docker' log_dir = './log_dir' ip = '2.2.2.2' ip6 = 'aa:bb::zz' as_num = '' detach = False libnetwork = False # Don't pull the node image no_pull = True # Call method under test node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach, libnetwork, no_pull) # Set up variables used in assertion statements environment = [ "HOSTNAME=%s" % node.hostname, "IP=%s" % ip_2, "IP6=%s" % ip6, "CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT, "AS=", "NO_DEFAULT_POOLS=", "ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port "ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT, ] binds = { log_dir: { "bind": "/var/log/calico", "ro": False }, "/var/run/calico": { "bind": "/var/run/calico", "ro": False }, "/lib/modules": { "bind": "/lib/modules", "ro": False } } # Assert m_os_path_exists.assert_called_once_with(log_dir) m_os_makedirs.assert_called_once_with(log_dir) m_check_system.assert_called_once_with(quit_if_error=False, libnetwork=libnetwork, check_docker=True, check_modules=True) m_setup_ip.assert_called_once_with() m_docker_client.remove_container.assert_called_once_with('calico-node', force=True) m_docker_client.create_host_config.assert_called_once_with( privileged=True, restart_policy={"Name": "always"}, network_mode="host", binds=binds) self.assertFalse(m_find_or_pull_node_image.called) m_docker_client.create_container.assert_called_once_with( node_image, name='calico-node', detach=True, environment=environment, host_config='host_config', volumes=['/var/log/calico', "/var/run/calico", "/lib/modules"]) m_docker_client.start.assert_called_once_with(container) m_attach_and_stream.assert_called_once_with(container, False)
def generate_subnet(self, ip, sn="24"): subnet = IPNetwork('{ip}/{sn}'.format(ip=ip, sn=sn)) for ip in IPNetwork(subnet): yield ip
def handleEvent(self, event): eventName = event.eventType srcModuleName = event.module eventData = event.data scanIps = list() if self.errorState: return None self.sf.debug("Received event, %s, from %s" % (eventName, srcModuleName)) if not self.portlist: self.sf.error('No ports specified in port list', False) self.errorState = True return None try: if eventName == "NETBLOCK_OWNER" and self.opts['netblockscan']: net = IPNetwork(eventData) if net.prefixlen < self.opts['netblockscanmax']: self.sf.debug("Skipping port scanning of " + eventData + ", too big.") return None for ip in net: ipaddr = str(ip) if ipaddr.split(".")[3] in ['255', '0']: continue if '255' in ipaddr.split("."): continue scanIps.append(ipaddr) else: scanIps.append(eventData) except BaseException as e: self.sf.error( "Strange netblock identified, unable to parse: " + eventData + " (" + str(e) + ")", False) return None for ipAddr in scanIps: # Don't look up stuff twice if ipAddr in self.results: self.sf.debug("Skipping " + ipAddr + " as already scanned.") return None else: self.results[ipAddr] = True i = 0 portArr = [] for port in self.portlist: if self.checkForStop(): return None if i < self.opts['maxthreads']: portArr.append(port) i += 1 else: self.sendEvent(self.tryPortWrapper(ipAddr, portArr), event) i = 1 portArr = [port] # Scan whatever is remaining self.sendEvent(self.tryPortWrapper(ipAddr, portArr), event)
def handleEvent(self, event): eventName = event.eventType srcModuleName = event.module eventData = event.data if self.errorState: return None self.sf.debug(f"Received event, {eventName}, from {srcModuleName}") if self.opts['api_key'] == "": self.sf.error("You enabled sfp_shodan but did not set an API key!", False) self.errorState = True return None # Don't look up stuff twice if eventData in self.results: self.sf.debug(f"Skipping {eventData}, already checked.") return None else: self.results[eventData] = True if eventName == "DOMAIN_NAME": hosts = self.searchHosts(eventData) if hosts is None: return None evt = SpiderFootEvent("RAW_RIR_DATA", str(hosts), self.__name__, event) self.notifyListeners(evt) if eventName == 'WEB_ANALYTICS_ID': try: network = eventData.split(": ")[0] analytics_id = eventData.split(": ")[1] except BaseException as e: self.sf.error( f"Unable to parse WEB_ANALYTICS_ID: {eventData} ({e})", False) return None if network not in [ 'Google AdSense', 'Google Analytics', 'Google Site Verification' ]: self.sf.debug("Skipping " + eventData + ", as not supported.") return None rec = self.searchHtml(analytics_id) if rec is None: return None evt = SpiderFootEvent("RAW_RIR_DATA", str(rec), self.__name__, event) self.notifyListeners(evt) return None if eventName == 'NETBLOCK_OWNER': if not self.opts['netblocklookup']: return None else: if IPNetwork(eventData).prefixlen < self.opts['maxnetblock']: self.sf.debug("Network size bigger than permitted: " + str(IPNetwork(eventData).prefixlen) + " > " + str(self.opts['maxnetblock'])) return None qrylist = list() if eventName.startswith("NETBLOCK_"): for ipaddr in IPNetwork(eventData): qrylist.append(str(ipaddr)) self.results[str(ipaddr)] = True else: qrylist.append(eventData) for addr in qrylist: rec = self.query(addr) if rec is None: continue # For netblocks, we need to create the IP address event so that # the threat intel event is more meaningful. if eventName.startswith('NETBLOCK_'): pevent = SpiderFootEvent("IP_ADDRESS", addr, self.__name__, event) self.notifyListeners(pevent) else: pevent = event evt = SpiderFootEvent("RAW_RIR_DATA", str(rec), self.__name__, pevent) self.notifyListeners(evt) if self.checkForStop(): return None if rec.get('os') is not None: # Notify other modules of what you've found evt = SpiderFootEvent("OPERATING_SYSTEM", rec.get('os') + " (" + addr + ")", self.__name__, pevent) self.notifyListeners(evt) if rec.get('devtype') is not None: # Notify other modules of what you've found evt = SpiderFootEvent("DEVICE_TYPE", rec.get('devtype') + " (" + addr + ")", self.__name__, pevent) self.notifyListeners(evt) if rec.get('country_name') is not None: location = ', '.join([ _f for _f in [rec.get('city'), rec.get('country_name')] if _f ]) evt = SpiderFootEvent("GEOINFO", location, self.__name__, pevent) self.notifyListeners(evt) if 'data' in rec: self.sf.info("Found SHODAN data for " + eventData) ports = list() banners = list() asns = list() products = list() vulnlist = list() for r in rec['data']: port = str(r.get('port')) banner = r.get('banner') asn = r.get('asn') product = r.get('product') vulns = r.get('vulns') if port is not None: # Notify other modules of what you've found cp = addr + ":" + port if cp not in ports: ports.append(cp) evt = SpiderFootEvent("TCP_PORT_OPEN", cp, self.__name__, pevent) self.notifyListeners(evt) if banner is not None: if banner not in banners: banners.append(banner) # Notify other modules of what you've found evt = SpiderFootEvent("TCP_PORT_OPEN_BANNER", banner, self.__name__, pevent) self.notifyListeners(evt) if product is not None: if product not in products: products.append(product) evt = SpiderFootEvent("SOFTWARE_USED", product, self.__name__, pevent) self.notifyListeners(evt) if asn is not None: if asn not in asns: asns.append(asn) evt = SpiderFootEvent("BGP_AS_MEMBER", asn.replace("AS", ""), self.__name__, pevent) self.notifyListeners(evt) if vulns is not None: for vuln in vulns.keys(): if vuln not in vulnlist: vulnlist.append(vuln) evt = SpiderFootEvent('VULNERABILITY', vuln, self.__name__, pevent) self.notifyListeners(evt) return None
def blacklistedSubnets(self): for subnet in self.blacklist: try: self.blacklisted_subnets.append(IPNetwork(str(subnet))) except: pass
def resourceList(self, id, target, targetType): targetDom = '' # Get the base domain if we're supplied a domain if targetType == "domain": targetDom = self.sf.hostDomain(target, self.opts['_internettlds']) for check in malchecks.keys(): cid = malchecks[check]['id'] if id == cid and malchecks[check]['type'] == "list": data = dict() url = malchecks[check]['url'] data['content'] = self.sf.cacheGet( "sfmal_" + cid, self.opts.get('cacheperiod', 0)) if data['content'] is None: data = self.sf.fetchUrl(url, timeout=self.opts['_fetchtimeout'], useragent=self.opts['_useragent']) if data['content'] is None: self.sf.error("Unable to fetch " + url, False) return None else: self.sf.cachePut("sfmal_" + cid, data['content']) # If we're looking at netblocks if targetType == "netblock": iplist = list() # Get the regex, replace {0} with an IP address matcher to # build a list of IP. # Cycle through each IP and check if it's in the netblock. if 'regex' in malchecks[check]: rx = malchecks[check]['regex'].replace( "{0}", "(\d+\.\d+\.\d+\.\d+)") pat = re.compile(rx, re.IGNORECASE) self.sf.debug("New regex for " + check + ": " + rx) for line in data['content'].split('\n'): grp = re.findall(pat, line) if len(grp) > 0: #self.sf.debug("Adding " + grp[0] + " to list.") iplist.append(grp[0]) else: iplist = data['content'].split('\n') for ip in iplist: if len(ip) < 8 or ip.startswith("#"): continue ip = ip.strip() try: if IPAddress(ip) in IPNetwork(target): self.sf.debug( ip + " found within netblock/subnet " + target + " in " + check) return url except Exception as e: self.sf.debug("Error encountered parsing: " + str(e)) continue return None # If we're looking at hostnames/domains/IPs if 'regex' not in malchecks[check]: for line in data['content'].split('\n'): if line == target or (targetType == "domain" and line == targetDom): self.sf.debug(target + "/" + targetDom + " found in " + check + " list.") return url else: # Check for the domain and the hostname try: rxDom = unicode( malchecks[check]['regex']).format(targetDom) rxTgt = unicode( malchecks[check]['regex']).format(target) for line in data['content'].split('\n'): if (targetType == "domain" and re.match(rxDom, line, re.IGNORECASE)) or \ re.match(rxTgt, line, re.IGNORECASE): self.sf.debug(target + "/" + targetDom + " found in " + check + " list.") return url except BaseException as e: self.sf.debug("Error encountered parsing 2: " + str(e)) continue return None
check_ip(ip_address) except Exception as e: with print_lock: print "[ERROR] [%s] - %s" % (ip_address, e) finally: semaphore.release() if ip: check_ip(ip) elif filename: with open(filename, "r") as fp: for line in fp: semaphore.acquire() ip_address = line.strip() t = threading.Thread(target=threaded_check, args=(ip_address, )) t.start() elif net: from netaddr import IPNetwork network = IPNetwork(net) for addr in network: # Skip the network and broadcast addresses if ((network.size != 1) and ((addr == network.network) or (addr == network.broadcast))): continue semaphore.acquire() ip_address = str(addr) t = threading.Thread(target=threaded_check, args=(ip_address, )) t.start()
# exibe protocolo detectado e os hosts #print ("Protocolo : %s De: %s -> Para: %s" % (ip_header.protocol, ip_header.src_address, ip_header.dst_address)) # se for ICMP, nos queremos o pacote if ip_header.protocol == "ICMP": #(2) # calcula em que ponto nosso pacote ICMP comeca offset = ip_header.ihl * 4 #(3) buf = raw_buffer[offset:offset + sys.getsizeof(ICMP)] # cria nossa estrutura ICMP icmp_header = ICMP(buf) #(4) #print ("ICMP -> Type: %d Code: %d" % (icmp_header.type, icmp_header.code)) # verifica se type e code sao iguais a 3 if icmp_header.code == 3 and icmp_header.type == 3: # garantir que o host esta em nossa sub-rede if IPAddress(ip_header.src_address) in IPNetwork(SUBNET): # garante que contem nossa mensagem if raw_buffer[len(raw_buffer) - len(MAGIC_STRING):] == MAGIC_STRING: print("Host Up: %s" % ip_header.src_address) # tratando ctrl-c except KeyboardInterrupt: # se usando Windows, desabilitar modo promiscuo if os.name == "nt": sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF) print("Exiting...") sys.exit(0)
async def process_system(device_id, host, community, port): device_repository = repository.get('device') system_info = await snmp_async.get_system_info(host, community, port) interfaces = await snmp_async.get_interfaces(host, community, port) interface_update_time = time.time() ip_addrs = await snmp_async.get_ip_addr(host, community, port) if not system_info: logging.info("SNMP (Process system [sys info]): host {} is down".format(host)) return None if not ip_addrs: logging.info("SNMP (Process system [ip addr]): host {} is down".format(host)) return None if not interfaces: logging.info("SNMP (Process system [interface]): host {} is down".format(host)) return None # Todo optimize this for if_index, interface in enumerate(interfaces): for ip_index, ip_addr in enumerate(ip_addrs): if interface['index'] == ip_addr['if_index']: interface['ipv4_address'] = ip_addr['ipv4_address'] interface['subnet'] = ip_addr['subnet'] break my_device = device_repository.get_device_by_mgmt_ip(host) diff_interface_update_time = interface_update_time - my_device.get('interfaces_update_time', 0) diff_interface_update_time *= 100 try: if my_device.get('interfaces'): for if_index, interface in enumerate(interfaces): for my_interface in my_device['interfaces']: if interface['description'] == my_interface['description']: # In in_octets = interface['in_octets'] - my_interface['in_octets'] # in_in_time = system_info['uptime'] - my_device['uptime'] bw_in_usage_percent = sdn_utils.cal_bw_usage_percent( in_octets, interface['speed'], diff_interface_update_time) # Out out_octets = interface['out_octets'] - my_interface['out_octets'] # out_in_time = system_info['uptime'] - my_device['uptime'] bw_out_usage_percent = sdn_utils.cal_bw_usage_percent( out_octets, interface['speed'], diff_interface_update_time) # Add information interface['bw_in_usage_octets'] = in_octets interface['bw_in_usage_persec'] = sdn_utils.bandwidth_usage_percent_to_bit(interface['speed'], bw_in_usage_percent) interface['bw_in_usage_percent'] = bw_in_usage_percent interface['bw_out_usage_octets'] = out_octets # interface['bw_out_usage_persec'] = (out_octets / out_in_time) * 8 interface['bw_out_usage_persec'] = sdn_utils.bandwidth_usage_percent_to_bit(interface['speed'], bw_out_usage_percent) interface['bw_out_usage_percent'] = bw_out_usage_percent interface['bw_usage_update'] = time.time() if interface.get('ipv4_address'): ip = IPNetwork("{}/{}".format(interface['ipv4_address'], interface['subnet'])) if ip.size == 1: start_ip = ip.first end_ip = ip.first elif ip.size == 2: start_ip = ip.first end_ip = ip.last else: start_ip = ip.first end_ip = ip.last interface['start_ip'] = start_ip interface['end_ip'] = end_ip break except Exception as e: logging.info("Except: %s", e) system_info['interfaces'] = interfaces system_info['interfaces_update_time'] = interface_update_time # Set update time system_info['updated_at'] = time.time() # Update device info device_repository.set(host, system_info) return True
from netaddr import IPNetwork import sys ip_list = sys.argv[1] cidr_list = [] with open(ip_list, 'r') as f: for line in f: cidr = line.strip() cidr_list.append(cidr) with open("iplist.txt", 'wb') as g: for subnet in cidr_list: for ip in IPNetwork(subnet): g.write(str(ip) + "\n")
def create_network(self, name, cidr=None, dhcp=True, nat=True, domain=None, plan='kvirt', overrides={}): if nat: externalnets = [ n for n in self.neutron.list_networks()['networks'] if n['router:external'] ] externalnet_id = externalnets[0]['id'] if externalnets else None routers = [ router for router in self.neutron.list_routers()['routers'] if router['name'] == 'kvirt' ] router_id = routers[0]['id'] if routers else None try: IPNetwork(cidr) except: return {'result': 'failure', 'reason': "Invalid Cidr %s" % cidr} neutron = self.neutron network_id = None networks = { net['name']: net['id'] for net in neutron.list_networks()['networks'] } if name not in networks: network = {'name': name, 'admin_state_up': True} if 'port_security_enabled' in overrides: network['port_security_enabled'] = bool( overrides['port_security_enabled']) network = neutron.create_network({'network': network}) network_id = network['network']['id'] tenant_id = network['network']['tenant_id'] else: common.pprint("Network already there. Creating subnet", color='yellow') if cidr is not None: if network_id is None: network_id = networks[name] cidrs = [ s['cidr'] for s in neutron.list_subnets()['subnets'] if s['network_id'] == network_id ] if cidr not in cidrs: subnet = { 'name': cidr, 'network_id': network_id, 'ip_version': 4, "cidr": cidr, 'enable_dhcp': dhcp } if domain is not None: subnet['dns_nameservers'] = [domain] subnet = neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] tenant_id = subnet['subnet']['tenant_id'] else: common.pprint("Subnet already there. Leaving", color='yellow') return {'result': 'success'} if nat: if externalnet_id is not None: if router_id is None: router = {'name': 'kvirt', 'tenant_id': tenant_id} # router['external_gateway_info'] = {"network_id": externalnet_id, "enable_snat": True} router = neutron.create_router({'router': router}) router_id = router['router']['id'] router_dict = {"network_id": externalnet_id} neutron.add_gateway_router(router_id, router_dict) neutron.add_interface_router(router_id, {'subnet_id': subnet_id}) return {'result': 'success'}
def test_route_exclusion_list(self): """ This is strips part of a network out of another. There could be multiple cases here, but a simple smoke test probably covers the intent. """ _input = [ IPNetwork('10.50.0.0/24'), IPNetwork('10.51.0.0/24'), IPNetwork('10.52.0.0/24') ] remove_routes = [ IPNetwork('10.50.0.0/28'), IPNetwork('10.51.0.128/25'), ] proper_output = [ IPNetwork('10.50.0.16/28'), IPNetwork('10.50.0.32/27'), IPNetwork('10.50.0.64/26'), IPNetwork('10.50.0.128/25'), IPNetwork('10.51.0.0/25'), IPNetwork('10.52.0.0/24'), ] ret = self.library.route_exclusion(_input, remove_routes) self.assertEqual(proper_output, ret)
def handleEvent(self, event): eventName = event.eventType srcModuleName = event.module eventData = event.data if self.errorState: return None self.sf.debug("Received event, " + eventName + ", from " + srcModuleName) # Don't look up stuff twice if eventData in self.results: self.sf.debug("Skipping " + eventData + " as already mapped.") return None else: self.results[eventData] = True if eventName == 'NETBLOCK_OWNER': if not self.opts['netblocklookup']: return None else: if IPNetwork(eventData).prefixlen < self.opts['maxnetblock']: self.sf.debug("Network size bigger than permitted: " + str(IPNetwork(eventData).prefixlen) + " > " + str(self.opts['maxnetblock'])) return None if eventName == 'NETBLOCK_MEMBER': if not self.opts['subnetlookup']: return None else: if IPNetwork(eventData).prefixlen < self.opts['maxsubnet']: self.sf.debug("Network size bigger than permitted: " + str(IPNetwork(eventData).prefixlen) + " > " + str(self.opts['maxsubnet'])) return None qrylist = list() if eventName.startswith("NETBLOCK_"): for ipaddr in IPNetwork(eventData): qrylist.append(str(ipaddr)) self.results[str(ipaddr)] = True else: # If user has enabled affiliate checking if eventName == "AFFILIATE_IPADDR" and not self.opts[ 'checkaffiliates']: return None qrylist.append(eventData) for addr in qrylist: if self.checkForStop(): return None data = self.queryIPAddress(addr) if data is None: break maliciousIP = data.get('ip_addr') if maliciousIP is None: continue if addr != maliciousIP: self.sf.error( "Reported address doesn't match requested, skipping", False) continue blacklistedRecords = data.get('blacklist') if blacklistedRecords is None or len(blacklistedRecords) == 0: self.sf.debug("No blacklist information found for IP") continue # Data is reported about the IP Address if eventName.startswith("NETBLOCK_"): ipEvt = SpiderFootEvent("IP_ADDRESS", addr, self.__name__, event) self.notifyListeners(ipEvt) evt = SpiderFootEvent("RAW_RIR_DATA", str(data), self.__name__, event) self.notifyListeners(evt) maliciousIPDesc = "Maltiverse [ " + str(maliciousIP) + " ]\n" for blacklistedRecord in blacklistedRecords: lastSeen = blacklistedRecord.get('last_seen') if lastSeen is None: continue try: lastSeenDate = datetime.strptime(str(lastSeen), "%Y-%m-%d %H:%M:%S") except: self.sf.error("Invalid date in JSON response, skipping", False) continue today = datetime.now() difference = (today - lastSeenDate).days if difference > int(self.opts["age_limit_days"]): self.sf.debug( "Record found is older than age limit, skipping") continue maliciousIPDesc += " - DESCRIPTION : " + str( blacklistedRecord.get("description")) + "\n" maliciousIPDescHash = self.sf.hashstring(maliciousIPDesc) if maliciousIPDescHash in self.results: continue self.results[maliciousIPDescHash] = True if eventName.startswith("NETBLOCK_"): evt = SpiderFootEvent("MALICIOUS_IPADDR", maliciousIPDesc, self.__name__, ipEvt) else: evt = SpiderFootEvent("MALICIOUS_IPADDR", maliciousIPDesc, self.__name__, event) self.notifyListeners(evt) return None
def is_public_ip(ip): ip = IPAddress(ip) if (ip in IPNetwork("10.0.0.0/8") or ip in IPNetwork("172.16.0.0/12") or ip in IPNetwork("192.168.0.0/16")): return False return True
def _create_spnlfenv(user, rack): log.debug("_create_spnlfenv") envfathers = models_env.Ambiente.objects.filter( dcroom=int(rack.dcroom.id), father_environment__isnull=True, grupo_l3__nome=str(rack.dcroom.name), ambiente_logico__nome="SPINES") log.debug("SPN environments" + str(envfathers)) environment_spn_lf = None environment_spn_lf_list = list() spines = int(rack.dcroom.spines) fabric = rack.dcroom.name try: id_grupo_l3 = models_env.GrupoL3().get_by_name(fabric).id except: grupo_l3_dict = models_env.GrupoL3() grupo_l3_dict.nome = fabric grupo_l3_dict.save() id_grupo_l3 = grupo_l3_dict.id pass for env in envfathers: config_subnet = list() for net in env.configs: # verificar se o ambiente possui range associado. cidr = IPNetwork(net.ip_config.subnet) prefix = int(net.ip_config.new_prefix) network = { 'cidr': list(cidr.subnet(prefix)), 'type': net.ip_config.type, 'network_type': net.ip_config.network_type.id } config_subnet.append(network) for spn in range(spines): amb_log_name = "SPINE0" + str(spn + 1) + "LEAF" try: id_amb_log = models_env.AmbienteLogico().get_by_name( amb_log_name).id except: amb_log_dict = models_env.AmbienteLogico() amb_log_dict.nome = amb_log_name amb_log_dict.save() id_amb_log = amb_log_dict.id pass config = list() for sub in config_subnet: config_spn = { 'subnet': str(sub.get("cidr")[spn]), 'new_prefix': str(31) if str(sub.get("type"))[-1] is "4" else str(127), 'type': str(sub.get("type")), 'network_type': sub.get("network_type") } config.append(config_spn) obj = { 'grupo_l3': id_grupo_l3, 'ambiente_logico': id_amb_log, 'divisao_dc': env.divisao_dc.id, 'acl_path': env.acl_path, 'ipv4_template': env.ipv4_template, 'ipv6_template': env.ipv6_template, 'link': env.link, 'min_num_vlan_2': env.min_num_vlan_2, 'max_num_vlan_2': env.max_num_vlan_2, 'min_num_vlan_1': env.min_num_vlan_1, 'max_num_vlan_1': env.max_num_vlan_1, 'vrf': env.vrf, 'father_environment': env.id, 'default_vrf': env.default_vrf.id, 'configs': config, 'fabric_id': rack.dcroom.id } return environment_spn_lf_list
# create an IP header from the first 20 bytes of the buffer ip_header = IP(raw_buffer[0:20]) # if it's ICMP, we want it if ip_header.protocol == 'ICMP': # calculate where our ICMP packet starts offset = ip_header.ihl * 4 buf = raw_buffer[offset:offset + sizeof(ICMP)] # create our ICMP structure icmp_header = ICMP(buf) # now check for TYPE 3 and Code 3 if icmp_header.code == 3 and icmp_header.type == 3: # make sure host is in our target subnet if IPAddress(ip_header.src_address) in IPNetwork(subnet): # make sure it has our magic messge if raw_buffer[len(raw_buffer)-len(magic_message):] == magic_message: print('Host Up: %s' % ip_header.src_address) # handle CTRL-C except KeyboardInterrupt: # if we're using Windows, turn off promiscuous mode if os.name == 'nt': sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
def _create_prod_envs(rack, user): log.debug("_create_prod_envs") prod_envs = models_env.Ambiente.objects.filter( dcroom=int(rack.dcroom.id), father_environment__isnull=True, grupo_l3__nome=str(rack.dcroom.name), ambiente_logico__nome="PRODUCAO").exclude(divisao_dc__nome="BO_DMZ") log.debug("PROD environments: " + str(prod_envs)) try: id_grupo_l3 = models_env.GrupoL3().get_by_name(rack.nome).id except: grupo_l3_dict = models_env.GrupoL3() grupo_l3_dict.nome = rack.nome grupo_l3_dict.save() id_grupo_l3 = grupo_l3_dict.id pass if rack.dcroom.config: fabricconfig = rack.dcroom.config else: log.debug("sem configuracoes do fabric %s" % str(rack.dcroom.id)) fabricconfig = list() try: fabricconfig = json.loads(fabricconfig) except: pass try: fabricconfig = ast.literal_eval(fabricconfig) log.debug("config -ast: %s" % str(fabricconfig)) except: pass environment = list() for env in prod_envs: father_id = env.id for fab in fabricconfig.get("Ambiente"): if int(fab.get("id")) == int(father_id): details = fab.get("details") config_subnet = list() for net in env.configs: cidr = IPNetwork(str(net.ip_config.subnet)) prefix = int(net.ip_config.new_prefix) bloco = list(cidr.subnet(int(prefix)))[int(rack.numero)] if details[0].get(str(net.ip_config.type)): new_prefix = details[0].get(str( net.ip_config.type)).get("new_prefix") else: new_prefix = 31 if net.ip_config.type == "v4" else 127 network = { 'subnet': str(bloco), 'type': net.ip_config.type, 'network_type': net.ip_config.network_type.id, 'new_prefix': new_prefix } config_subnet.append(network) obj = { 'grupo_l3': id_grupo_l3, 'ambiente_logico': env.ambiente_logico.id, 'divisao_dc': env.divisao_dc.id, 'acl_path': env.acl_path, 'ipv4_template': env.ipv4_template, 'ipv6_template': env.ipv6_template, 'link': env.link, 'min_num_vlan_2': env.min_num_vlan_1, 'max_num_vlan_2': env.max_num_vlan_1, 'min_num_vlan_1': env.min_num_vlan_1, 'max_num_vlan_1': env.max_num_vlan_1, 'vrf': env.vrf, 'father_environment': father_id, 'default_vrf': env.default_vrf.id, 'configs': config_subnet, 'fabric_id': rack.dcroom.id } obj_env = facade_env.create_environment(obj) environment.append(obj_env) log.debug("Environment object: %s" % str(obj_env)) for switch in [rack.id_sw1, rack.id_sw2]: try: equipamento_ambiente = EquipamentoAmbiente() equipamento_ambiente.ambiente = obj_env equipamento_ambiente.equipamento = switch equipamento_ambiente.is_router = True equipamento_ambiente.create(user) except EquipamentoAmbienteDuplicatedError: pass return environment
def generate_heat_model(input_model, virt_config): """ Create a data structure that more or less describes the heat resources required to deploy the input model. The data structure can then later be used to generate a heat orchestration template. :param input_model: enhanced input model data structure :param virt_config: additional information regarding the virtual setup (images, flavors, disk sizes) :return: dictionary describing heat resources """ heat_template = dict(description='Template for deploying Ardana {}'.format( input_model['cloud']['name'])) clm_cidr = IPNetwork(input_model['baremetal']['subnet'], input_model['baremetal']['netmask']) clm_network = None heat_networks = heat_template['networks'] = dict() # First, add L2 neutron provider networks defined in the input # model's neutron configuration for neutron_network in input_model['neutron-networks'].itervalues(): heat_network = dict(name=neutron_network['name'], is_mgmt=False, external=neutron_network['external']) if neutron_network.get('cidr'): heat_network['cidr'] = neutron_network['cidr'] if neutron_network.get('gateway'): heat_network['gateway'] = neutron_network['gateway'] if neutron_network.get('provider'): provider = neutron_network['provider'][0] if provider['network_type'] == 'vlan': if not provider.get('segmentation_id'): # Neutron network is incompletely defined (VLAN tag is # dynamically allocated), so it cannot be defined as an # individual heat network continue heat_network['vlan'] = provider['segmentation_id'] elif provider['network_type'] not in ['flat', 'vlan']: # Only layer 2 neutron provider networks are considered continue heat_networks[heat_network['name']] = heat_network # Collect all the routers required by routes configured in the input model, # as pairs of networks routers = set() # Next, add global networks for network in input_model['networks'].itervalues(): cidr = None vlan = network['vlanid'] if network.get('tagged-vlan') else None gateway = IPAddress( network['gateway-ip']) if network.get('gateway-ip') else None if network.get('cidr'): cidr = IPNetwork(network['cidr']) heat_network = dict(name=network['name'], is_mgmt=False, external=False) if cidr: heat_network['cidr'] = str(cidr) if gateway: heat_network['gateway'] = str(gateway) # There is the special case of global networks being used to implement # flat neutron provider networks. For these networks, we need to # create a heat network based on the global network parameters # (i.e. VLAN) and a heat subnet based on the neutron network # parameters for neutron_network in network['network-group'].get( 'neutron-networks', {}).itervalues(): heat_neutron_network = heat_networks.get(neutron_network['name']) if not heat_neutron_network or heat_neutron_network.get('vlan'): # Ignore neutron networks that: # - were not already considered at the previous step (i.e. # are not fully defined or are not layer 2 based) # - have a vlan (i.e. are not flat) continue # Replace the heat neutron network with this global network # This is the same as updating the heat global network with subnet # attributes taken from the neutron network del heat_networks[neutron_network['name']] heat_network = heat_neutron_network heat_network['name'] = network['name'] # Only one flat neutron provider network can be associated with a # global network break if vlan: heat_network['vlan'] = vlan # For each route, track down the target network for route in network['network-group']['routes']: if route == 'default': # The default route is satisfied by adding the network to the # external router heat_network['external'] = True else: routers.add(( heat_network['name'], route['name'], )) if cidr and cidr in clm_cidr: clm_network = heat_network heat_network['external'] = heat_network['is_mgmt'] = True # Create an address pool range that excludes the list of server # static IP addresses fixed_ip_addr_list = \ [IPAddress(server['ip-addr']) for server in input_model['servers'].itervalues()] if gateway: fixed_ip_addr_list.append(gateway) start_addr = cidr[1] end_addr = cidr[-2] for fixed_ip_addr in sorted(list(set(fixed_ip_addr_list))): if start_addr <= fixed_ip_addr <= end_addr: if fixed_ip_addr - start_addr < end_addr - fixed_ip_addr: start_addr = fixed_ip_addr + 1 else: end_addr = fixed_ip_addr - 1 heat_network['allocation_pools'] = \ [[str(start_addr), str(end_addr)]] heat_networks[network['name']] = heat_network heat_template['routers'] = [] for network1, network2 in routers: if network1 not in heat_template['networks'] or \ network2 not in heat_template['networks']: continue network1 = heat_template['networks'][network1] network2 = heat_template['networks'][network2] # Re-use the external router, if at least one of the networks is # already attached to it if network1['external'] or network2['external']: network1['external'] = network2['external'] = True else: heat_template['routers'].append( [network1['name'], network2['name']]) heat_interface_models = heat_template['interface_models'] = dict() for interface_model in input_model['interface-models'].itervalues(): heat_interface_model = \ heat_interface_models[interface_model['name']] = \ dict( name=interface_model['name'], ports=[] ) ports = dict() clm_ports = dict() for interface in interface_model['network-interfaces'].itervalues(): devices = interface['bond-data']['devices'] \ if 'bond-data' in interface \ else [interface['device']] for device in devices: port_list = ports port = dict(name=device['name'], networks=[]) if 'bond-data' in interface: port['bond'] = interface['device']['name'] port['primary'] = \ (device['name'] == interface['bond-data']['options'].get('primary', device['name'])) for network_group in \ interface.get('network-groups', []) + \ interface.get('forced-network-groups', []): port['networks'].extend([ network['name'] for network in network_group['networks'].itervalues() ]) # Attach the port only to those neutron networks that have # been validated during the previous steps port['networks'].extend([ network['name'] for network in network_group.get( 'neutron-networks', dict()).itervalues() if network['name'] in heat_networks ]) if clm_network['name'] in network_group['networks']: # if the CLM port is a bond port, then only the # primary is considered if configured if not clm_ports and port.get('primary', True): # Collect the CLM port separately, to put it at # the top of the list and to mark it as the # "management" port - the port to which the # server's management IP address is assigned port_list = clm_ports port_list[device['name']] = port # Add a port for each device, starting with those ports attached to # the CLM network while at the same time preserving the order of the # original ports. Ultimately, the port names will be re-aligned to # those in the input model by an updated NIC mappings input model # configuration heat_interface_model['ports'] = [ p[1] for _, p in enumerate( sorted(clm_ports.items()) + sorted(ports.items())) ] # Generate storage setup (volumes) # # General strategy: # - one volume for each physical volume specified in the disk model # - the size of each volume cannot be determined from the input model, # so this information needs to be supplied separately (TBD) heat_disk_models = heat_template['disk_models'] = dict() disks = virt_config['disks'] for disk_model in input_model['disk-models'].itervalues(): heat_disk_model = heat_disk_models[disk_model['name']] = dict( name=disk_model['name'], volumes=[]) devices = [] for volume_group in disk_model.get('volume-groups', []): devices += volume_group['physical-volumes'] for device_group in disk_model.get('device-groups', []): devices += [device['name'] for device in device_group['devices']] for device in sorted(list(set(devices))): if device.endswith('da_root'): continue device = device.replace('/dev/sd', '/dev/vd') volume_name = device.replace('/dev/', '') size = virt_config['disk_size'] # Check if disk size is configured explicitly for the disk model if disk_model['name'] in disks: size = disks[disk_model['name']] if isinstance(size, dict): # Use the disk size specified for the volume name, or # the disk model default, or the global default size = size.get(volume_name) or \ size.get('default') or \ virt_config['disk_size'] heat_disk_model['volumes'].append( dict(name=volume_name, mountpoint=device, size=size)) # Generate VM setup (servers) # # General strategy: # - one server for each server specified in the disk model # - the CLM server is special: # - identification: server hosting the lifecycle-manager # service component # - the floating IP is associated with the "CLM" port attached to it # - the image and flavor used for the server cannot be determined from # the input model so this information needs to be supplied separately heat_servers = heat_template['servers'] = [] images = virt_config['images'] flavors = virt_config['flavors'] clm_server = None for server in input_model['servers'].itervalues(): distro_id = server.get('distro-id', virt_config['sles_distro_id']) image = None # Check if image is configured explicitly # for the server or for the role if server['id'] in images: image = images[server['id']] elif server['role']['name'] in images: image = images[server['role']['name']] if isinstance(image, dict): # Use the image specified for the distribution, or # the global default image = image.get(distro_id) if not image: image = virt_config['sles_image'] if distro_id == virt_config['rhel_distro_id']: image = virt_config['rhel_image'] flavor = None # Check if image is configured explicitly # for the server or for the role if server['id'] in flavors: flavor = flavors[server['id']] elif server['role']['name'] in flavors: flavor = flavors[server['role']['name']] heat_server = dict( name=server['id'], ip_addr=server['ip-addr'], role=server['role']['name'], interface_model=server['role']['interface-model']['name'], disk_model=server['role']['disk-model']['name'], image=image, flavor=flavor, is_admin=False, is_controller=False, is_compute=False) # Figure out which server is the CLM host, which are controllers # and which are computes. This information is used e.g. to determine # the reboot order during the MU workflow and to identify flavors # unless explicitly specified for each server or server role service_groups = server['role'].get('clusters', {}).values() service_groups += server['role'].get('resources', {}).values() for service_group in service_groups: # The CLM server is the first server hosting the lifecycle-manager # service component. # Compute nodes host the nova-compute service component if 'nova-compute' in service_group['service-components']: heat_server['is_compute'] = True if not heat_server['flavor']: heat_server['flavor'] = virt_config['compute_flavor'] # Every server that is not a compute node and hosts service # components other than those required by the CLM is considered # a controller node else: ctrl_service_components = filter( lambda sc: sc not in virt_config['clm_service_components'], service_group['service-components']) if ctrl_service_components: heat_server['is_controller'] = True if not heat_server['flavor']: heat_server['flavor'] = \ virt_config['controller_flavor'] if not clm_server and \ 'lifecycle-manager' in service_group['service-components']: clm_server = heat_server heat_server['is_admin'] = True if not heat_server['flavor']: heat_server['flavor'] = virt_config['clm_flavor'] heat_servers.append(heat_server) return heat_template
def _create_prod_vlans(rack, user): log.debug("_create_prod_vlans") env = models_env.Ambiente.objects.filter( dcroom=int(rack.dcroom.id), divisao_dc__nome="BE", grupo_l3__nome=str(rack.nome), ambiente_logico__nome="PRODUCAO").uniqueResult() log.debug("BE environments: " + str(env)) if rack.dcroom.config: fabricconfig = rack.dcroom.config else: log.debug("sem configuracoes do fabric %s" % str(rack.dcroom.id)) fabricconfig = list() try: fabricconfig = json.loads(fabricconfig) except: pass try: fabricconfig = ast.literal_eval(fabricconfig) log.debug("config -ast: %s" % str(fabricconfig)) except: pass environment = None father_id = env.id fabenv = None for fab in fabricconfig.get("Ambiente"): if int(fab.get("id")) == int(env.father_environment.id): fabenv = fab.get("details") if not fabenv: log.debug( "Sem configuracoes para os ambientes filhos - BE, BEFE, BEBO, BECA do ambiente id=%s" % str()) return 0 fabenv.sort(key=operator.itemgetter('min_num_vlan_1')) log.debug("Order by min_num_vlan: " + str(fabenv)) for idx, amb in enumerate(fabenv): try: id_div = models_env.DivisaoDc().get_by_name(amb.get("name")).id except: div_dict = models_env.DivisaoDc() div_dict.nome = amb.get("name") div_dict.save() id_div = div_dict.id pass config_subnet = list() for net in env.configs: for net_dict in amb.get("config"): if net_dict.get("type") == net.ip_config.type: cidr = IPNetwork(net.ip_config.subnet) prefixo_inicial = 18 if net.ip_config.type == "v4" else 57 prefixo = net_dict.get("mask") if not idx: bloco = list(cidr.subnet(int(prefixo)))[0] log.debug(str(bloco)) else: bloco1 = list(cidr.subnet(prefixo_inicial))[1] bloco = list(bloco1.subnet(int(prefixo)))[idx - 1] log.debug(str(bloco)) network = { 'subnet': str(bloco), 'type': str(net.ip_config.type), 'network_type': int(net.ip_config.network_type.id), 'new_prefix': int(net_dict.get("new_prefix")) } config_subnet.append(network) obj = { 'grupo_l3': env.grupo_l3.id, 'ambiente_logico': env.ambiente_logico.id, 'divisao_dc': id_div, 'acl_path': env.acl_path, 'ipv4_template': env.ipv4_template, 'ipv6_template': env.ipv6_template, 'link': env.link, 'min_num_vlan_2': amb.get("min_num_vlan_1"), 'max_num_vlan_2': amb.get("max_num_vlan_1"), 'min_num_vlan_1': amb.get("min_num_vlan_1"), 'max_num_vlan_1': amb.get("max_num_vlan_1"), 'vrf': env.vrf, 'father_environment': father_id, 'default_vrf': env.default_vrf.id, 'configs': config_subnet, 'fabric_id': rack.dcroom.id } environment = facade_env.create_environment(obj) log.debug("Environment object: %s" % str(environment)) for switch in [rack.id_sw1, rack.id_sw2]: try: equipamento_ambiente = EquipamentoAmbiente() equipamento_ambiente.ambiente = environment equipamento_ambiente.equipamento = switch equipamento_ambiente.is_router = True equipamento_ambiente.create(user) except EquipamentoAmbienteDuplicatedError: pass return environment
def checkGuifiSubnet(ip): return IPAddress(ip) in IPNetwork("10.0.0.0/8")
def api_foreman(rack): try: NETWORKAPI_FOREMAN_URL = get_variable("foreman_url") NETWORKAPI_FOREMAN_USERNAME = get_variable("foreman_username") NETWORKAPI_FOREMAN_PASSWORD = get_variable("foreman_password") FOREMAN_HOSTS_ENVIRONMENT_ID = get_variable( "foreman_hosts_environment_id") except ObjectDoesNotExist: raise var_exceptions.VariableDoesNotExistException( "Erro buscando as variáveis relativas ao Foreman.") foreman = Foreman( NETWORKAPI_FOREMAN_URL, (NETWORKAPI_FOREMAN_USERNAME, NETWORKAPI_FOREMAN_PASSWORD), api_version=2) # for each switch, check the switch ip against foreman know networks, finds foreman hostgroup # based on model and brand and inserts the host in foreman # if host already exists, delete and recreate with new information for [switch, mac] in [[rack.id_sw1, rack.mac_sw1], [rack.id_sw2, rack.mac_sw2], [rack.id_ilo, rack.mac_ilo]]: # Get all foremand subnets and compare with the IP address of the switches until find it if mac == None: raise RackConfigError( None, rack.nome, ("Could not create entry for %s. There is no mac address." % switch.nome)) ip = _buscar_ip(switch.id) if ip == None: raise RackConfigError( None, rack.nome, ("Could not create entry for %s. There is no management IP." % switch.nome)) switch_cadastrado = 0 for subnet in foreman.subnets.index()['results']: network = IPNetwork(ip + '/' + subnet['mask']).network # check if switches ip network is the same as subnet['subnet']['network'] e subnet['subnet']['mask'] if network.__str__() == subnet['network']: subnet_id = subnet['id'] hosts = foreman.hosts.index(search=switch.nome)['results'] if len(hosts) == 1: foreman.hosts.destroy(id=hosts[0]['id']) elif len(hosts) > 1: raise RackConfigError(None, rack.nome, ( "Could not create entry for %s. There are multiple entries " "with the sam name." % switch.nome)) # Lookup foreman hostgroup # By definition, hostgroup should be Marca+"_"+Modelo hostgroup_name = switch.modelo.marca.nome + "_" + switch.modelo.nome hostgroups = foreman.hostgroups.index(search=hostgroup_name) if len(hostgroups['results']) == 0: raise RackConfigError( None, rack.nome, "Could not create entry for %s. Could not find hostgroup %s " "in foreman." % (switch.nome, hostgroup_name)) elif len(hostgroups['results']) > 1: raise RackConfigError( None, rack.nome, "Could not create entry for %s. Multiple hostgroups %s found" " in Foreman." % (switch.nome, hostgroup_name)) else: hostgroup_id = hostgroups['results'][0]['id'] foreman.hosts.create( host={ 'name': switch.nome, 'ip': ip, 'mac': mac, 'environment_id': FOREMAN_HOSTS_ENVIRONMENT_ID, 'hostgroup_id': hostgroup_id, 'subnet_id': subnet_id, 'build': 'true', 'overwrite': 'true' }) switch_cadastrado = 1 if not switch_cadastrado: raise RackConfigError( None, rack.nome, "Unknown error. Could not create entry for %s in foreman." % switch.nome)
def get_space_id_and_family(record): dhcp_on, space_id, cidr, ip = record return space_id, IPNetwork(cidr).version
def update(self): changed = False svcs = [] params = dict() current = self.read() check_mode = self.params['check_mode'] address = self.params['address'] allow_service = self.params['allow_service'] name = self.params['name'] netmask = self.params['netmask'] partition = self.params['partition'] traffic_group = self.params['traffic_group'] vlan = self.params['vlan'] route_domain = self.params['route_domain'] if address is not None and address != current['address']: raise F5ModuleError('Self IP addresses cannot be updated') if netmask is not None: # I ignore the address value here even if they provide it because # you are not allowed to change it. try: address = IPNetwork(current['address']) new_addr = "%s/%s" % (address.ip, netmask) nipnet = IPNetwork(new_addr) if route_domain is not None: nipnet = "%s%s%s" % (address.ip, route_domain, netmask) cur_addr = "%s/%s" % (current['address'], current['netmask']) cipnet = IPNetwork(cur_addr) if route_domain is not None: cipnet = "%s%s%s" % (current['address'], current['route_domain'], current['netmask']) if nipnet != cipnet: if route_domain is not None: address = "%s%s%s/%s" % (address.ip, '%', route_domain, netmask) else: address = "%s/%s" % (nipnet.ip, nipnet.prefixlen) params['address'] = address except AddrFormatError: raise F5ModuleError( 'The provided address/netmask value was invalid') if traffic_group is not None: traffic_group = "/%s/%s" % (partition, traffic_group) if traffic_group not in self.traffic_groups(): raise F5ModuleError( 'The specified traffic group was not found') if 'traffic_group' in current: if traffic_group != current['traffic_group']: params['trafficGroup'] = traffic_group else: params['trafficGroup'] = traffic_group if vlan is not None: vlans = self.get_vlans() vlan = "/%s/%s" % (partition, vlan) if 'vlan' in current: if vlan != current['vlan']: params['vlan'] = vlan else: params['vlan'] = vlan if vlan not in vlans: raise F5ModuleError('The specified VLAN was not found') if allow_service is not None: svcs = self.verify_services() if 'allow_service' in current: if svcs != current['allow_service']: params['allowService'] = self.fmt_services(svcs) else: params['allowService'] = self.fmt_services(svcs) if params: changed = True params['name'] = name params['partition'] = partition if check_mode: return changed self.cparams = camel_dict_to_snake_dict(params) if svcs: self.cparams['allow_service'] = list(svcs) else: return changed r = self.api.tm.net.selfips.selfip.load(name=name, partition=partition) r.update(**params) r.refresh() return True
def spine_provision(self, rack, equips): log.info("AutoprovisionSPN-LF") numero_rack = self.rack.numero IPSPINEipv4 = dict() IPSPINEipv6 = dict() IPLEAFipv4 = dict() IPLEAFipv6 = dict() IPSIBGPipv4 = dict() IPSIBGPipv6 = dict() ASLEAF = dict() PODSBEipv4 = dict() redesPODSBEipv4 = dict() subnetsRackBEipv4 = dict() PODSBEipv6 = dict() redesPODSBEipv6 = dict() PODSBEFEipv6 = dict() redesPODSBEFEipv6 = dict() PODSBEBOipv6 = dict() redesPODSBEBOipv6 = dict() PODSBECAipv6 = dict() redesPODSBECAipv6 = dict() redesHostsipv6 = dict() redeHostsBEipv6 = dict() redeHostsFEipv6 = dict() redeHostsBOipv6 = dict() redeHostsCAipv6 = dict() redeHostsFILERipv6 = dict() redesPODSFEipv4 = dict() redesPODSFEipv6 = dict() VLANBELEAF = dict() VLANFELEAF = dict() VLANBORDALEAF = dict() VLANBORDACACHOSLEAF = dict() VLANBORDACACHOSBLEAF = dict() IPSPINEipv4[numero_rack] = list() IPSPINEipv6[numero_rack] = list() IPLEAFipv4[numero_rack] = list() IPLEAFipv6[numero_rack] = list() IPSIBGPipv4[numero_rack] = list() IPSIBGPipv6[numero_rack] = list() VLANBELEAF[numero_rack] = list() VLANFELEAF[numero_rack] = list() VLANBORDALEAF[numero_rack] = list() VLANBORDACACHOSLEAF[numero_rack] = list() VLANBORDACACHOSBLEAF[numero_rack] = list() ASLEAF[numero_rack] = list() PODSBEipv4[numero_rack] = list() redesPODSBEipv4[numero_rack] = list() subnetsRackBEipv4[numero_rack] = list() PODSBEipv6[numero_rack] = list() redesPODSBEipv6[numero_rack] = list() PODSBEFEipv6[numero_rack] = list() redesPODSBEFEipv6[numero_rack] = list() PODSBEBOipv6[numero_rack] = list() redesPODSBEBOipv6[numero_rack] = list() PODSBECAipv6[numero_rack] = list() redesPODSBECAipv6[numero_rack] = list() redesHostsipv6[numero_rack] = list() redeHostsBEipv6[numero_rack] = list() redeHostsFEipv6[numero_rack] = list() redeHostsBOipv6[numero_rack] = list() redeHostsCAipv6[numero_rack] = list() redeHostsFILERipv6[numero_rack] = list() redesPODSFEipv4[numero_rack] = list() redesPODSFEipv6[numero_rack] = list() variablestochangespine1 = dict() variablestochangeleaf1 = dict() VLANBE = None VLANFE = None VLANBORDA = None VLANBORDACACHOS = None VLANBORDACACHOSB = None CIDRBEipv4 = list() CIDRBO_DSRipv4interno = None CIDRBO_DSRipv6interno = None CIDRBOCAAipv4interno = None CIDRBEipv6 = list() CIDRBOCAAipv6interno = None CIDRBOCABipv4interno = None CIDRBOCABipv6interno = None try: path_to_guide = get_variable("path_to_guide") path_to_add_config = get_variable("path_to_add_config") path_to_config = get_variable("path_to_config") except ObjectDoesNotExist: raise var_exceptions.VariableDoesNotExistException( "Erro buscando a variável PATH_TO_GUIDE") try: variablestochangeleaf1["KICKSTART_SO_LF"] = get_variable( "kickstart_so_lf") variablestochangeleaf1["IMAGE_SO_LF"] = get_variable("image_so_lf") except ObjectDoesNotExist: raise var_exceptions.VariableDoesNotExistException( "Erro buscando a variável KICKSTART_SO_LF ou IMAGE_SO_LF.") equips_sorted = sorted(equips, key=operator.itemgetter('sw')) dcroom = model_to_dict(rack.dcroom) log.debug("type: %s" % str(type(dcroom.get("config")))) fabricconfig = dcroom.get("config") try: fabricconfig = json.loads(fabricconfig) log.debug("type -ast: %s" % str(type(fabricconfig))) except: pass try: fabricconfig = ast.literal_eval(fabricconfig) log.debug("config -ast: %s" % str(fabricconfig)) except: pass envconfig = fabricconfig BASE_RACK = dcroom.get("racks") BGP = envconfig.get("BGP") BASE_AS_SPN = int(BGP.get("spines")) BASE_AS_LFS = int(BGP.get("leafs")) # get fathers environments dc_name = ["BE", "FE", "BO", "BOCACHOS-A", "BOCACHOS-B"] vlan_name = list() for env in dc_name: for spn in range(1, 5): name = "VLAN_" + env + "_SPINE0" + str( spn) + "LEAF_" + self.rack.nome vlan_name.append(name) spn_vlan = models_vlan.Vlan.objects.filter( nome__in=vlan_name).order_by("nome") log.debug("spn_vlan %s" % spn_vlan) prod_envs = models_env.Ambiente.objects.filter( grupo_l3__nome=str(self.rack.nome), ambiente_logico__nome="PRODUCAO", divisao_dc__nome__in=[ "BE", "FE", "BO_DSR", "BOCACHOS-A", "BOCACHOS-B" ]) log.debug("prod_envs %s" % prod_envs) lf_env = models_env.Ambiente.objects.filter( grupo_l3__nome=str(self.rack.nome), divisao_dc__nome="BE", ambiente_logico__nome="LEAF-LEAF").uniqueResult() log.debug("lf_env %s" % lf_env) vlanBE = list() vlanFE = list() vlanBO = list() vlanBOCA = list() vlanBOCAB = list() for vlan in spn_vlan: if "_BE_" in vlan.nome: vlanBE.append(vlan.num_vlan) CIDRBEipv4.append(IPNetwork(vlan.networks_ipv4[0].networkv4)) CIDRBEipv6.append(IPNetwork(vlan.networks_ipv6[0].networkv6)) elif "_FE_" in vlan.nome: vlanFE.append(vlan.num_vlan) elif "_BO_" in vlan.nome: vlanBO.append(vlan.num_vlan) elif "_BOCACHOS-A_" in vlan.nome: vlanBOCA.append(vlan.num_vlan) elif "_BOCACHOS-B_" in vlan.nome: vlanBOCAB.append(vlan.num_vlan) for prod in prod_envs: if prod.divisao_dc.nome[:2] == "BE": for net in prod.configs: if net.ip_version == "v4": CIDRBEipv4interno = str(net.network) else: CIDRBEipv6interno = str(net.network) elif prod.divisao_dc.nome[:2] == "FE": for net in prod.configs: if net.ip_version == "v4": CIDRFEipv4interno = str(net.network) else: CIDRFEipv6interno = str(net.network) elif prod.divisao_dc.nome == "BO_DSR": for net in prod.configs: if net.ip_version == "v4": CIDRBO_DSRipv4interno = str(net.network) else: CIDRBO_DSRipv6interno = str(net.network) elif prod.divisao_dc.nome == "BOCACHOS-A": for net in prod.configs: if net.ip_version == "v4": CIDRBOCAAipv4interno = str(net.network) else: CIDRBOCAAipv6interno = str(net.network) elif prod.divisao_dc.nome == "BOCACHOS-B": for net in prod.configs: if net.ip_version == "v4": CIDRBOCABipv4interno = str(net.network) else: CIDRBOCABipv6interno = str(net.network) for netlf in lf_env.configs: if netlf.ip_version == "v4": IBGPToRLxLipv4 = IPNetwork(str(netlf.network)) elif netlf.ip_version == "v6": IBGPToRLxLipv6 = IPNetwork(str(netlf.network)) id_vlt = [ envconfig.get("VLT").get("id_vlt_lf1"), envconfig.get("VLT").get("id_vlt_lf2") ] priority_vlt = [ envconfig.get("VLT").get("priority_vlt_lf1"), envconfig.get("VLT").get("priority_vlt_lf2") ] IPSPINEipv4[numero_rack].append(CIDRBEipv4[0][0]) IPSPINEipv4[numero_rack].append(CIDRBEipv4[1][0]) IPSPINEipv4[numero_rack].append(CIDRBEipv4[2][0]) IPSPINEipv4[numero_rack].append(CIDRBEipv4[3][0]) # IPLEAFipv4[numero_rack].append(CIDRBEipv4[0][1]) IPLEAFipv4[numero_rack].append(CIDRBEipv4[1][1]) IPLEAFipv4[numero_rack].append(CIDRBEipv4[2][1]) IPLEAFipv4[numero_rack].append(CIDRBEipv4[3][1]) # IPSIBGPipv4[numero_rack].append(IBGPToRLxLipv4[0]) IPSIBGPipv4[numero_rack].append(IBGPToRLxLipv4[1]) # IPSPINEipv6[numero_rack].append(CIDRBEipv6[0][0]) IPSPINEipv6[numero_rack].append(CIDRBEipv6[1][0]) IPSPINEipv6[numero_rack].append(CIDRBEipv6[2][0]) IPSPINEipv6[numero_rack].append(CIDRBEipv6[3][0]) # IPLEAFipv6[numero_rack].append(CIDRBEipv6[0][1]) IPLEAFipv6[numero_rack].append(CIDRBEipv6[1][1]) IPLEAFipv6[numero_rack].append(CIDRBEipv6[2][1]) IPLEAFipv6[numero_rack].append(CIDRBEipv6[3][1]) # IPSIBGPipv6[numero_rack].append(IBGPToRLxLipv6[0]) IPSIBGPipv6[numero_rack].append(IBGPToRLxLipv6[1]) # log.debug("vlan subnet") log.debug(vlanBE) log.debug(BASE_RACK) log.debug(numero_rack) log.debug(vlanFE) log.debug(vlanBO) log.debug(vlanBOCA) log.debug(vlanBOCAB) log.debug(CIDRBEipv4) log.debug(CIDRBEipv6) log.debug("as") log.debug(BASE_AS_LFS) log.debug(numero_rack) ASLEAF[numero_rack].append(BASE_AS_LFS + numero_rack) for equip, spn, j in zip(equips_sorted[:2], [0, 2], [0, 1]): variablestochangeleaf1["IPLEAFSP1IPV4"] = str( IPLEAFipv4[numero_rack][spn]) variablestochangeleaf1["IPLEAFSP2IPV4"] = str( IPLEAFipv4[numero_rack][spn + 1]) variablestochangeleaf1["IPIBGPIPV4"] = str( IPSIBGPipv4[numero_rack][j]) variablestochangeleaf1["IPLEAFSP1IPV6"] = str( IPLEAFipv6[numero_rack][spn]) variablestochangeleaf1["IPLEAFSP2IPV6"] = str( IPLEAFipv6[numero_rack][spn + 1]) variablestochangeleaf1["IPIBGPIPV6"] = str( IPSIBGPipv6[numero_rack][j]) log.debug("1") variablestochangeleaf1["VLANBELEAFSP1"] = str(vlanBE[spn]) variablestochangeleaf1["VLANBELEAFSP2"] = str(vlanBE[spn + 1]) variablestochangeleaf1["VLANFELEAFSP1"] = str(vlanFE[spn]) variablestochangeleaf1["VLANFELEAFSP2"] = str(vlanFE[spn + 1]) variablestochangeleaf1["VLANBORDALEAFSP1"] = str(vlanBO[spn]) variablestochangeleaf1["VLANBORDALEAFSP2"] = str(vlanBO[spn + 1]) variablestochangeleaf1["VLANBORDACACHOSLEAFSP1"] = str( vlanBOCA[spn]) variablestochangeleaf1["VLANBORDACACHOSLEAFSP2"] = str( vlanBOCA[spn + 1]) variablestochangeleaf1["VLANBORDACACHOSBLEAFSP1"] = str( vlanBOCAB[spn]) variablestochangeleaf1["VLANBORDACACHOSBLEAFSP2"] = str( vlanBOCAB[spn + 1]) log.debug("2") variablestochangeleaf1["ASLEAF"] = str(ASLEAF[numero_rack][0]) variablestochangeleaf1["IPNEIGHSPINE1IPV4"] = str( IPSPINEipv4[numero_rack][spn]) variablestochangeleaf1["IPNEIGHSPINE2IPV4"] = str( IPSPINEipv4[numero_rack][spn + 1]) variablestochangeleaf1["IPNEIGHSPINE1IPV6"] = str( IPSPINEipv6[numero_rack][spn]) variablestochangeleaf1["IPNEIGHSPINE2IPV6"] = str( IPSPINEipv6[numero_rack][spn + 1]) if equip.get("nome")[-1] == "1": log.debug("lf-name: %s. Ip: %s" % (equip.get("nome"), IPSIBGPipv4[numero_rack][1])) variablestochangeleaf1["IPNEIGHIBGPIPV4"] = str( IPSIBGPipv4[numero_rack][1]) variablestochangeleaf1["IPNEIGHIBGPIPV6"] = str( IPSIBGPipv6[numero_rack][1]) else: log.debug("lf-name: %s. Ip: %s" % (equip.get("nome"), IPSIBGPipv4[numero_rack][0])) variablestochangeleaf1["IPNEIGHIBGPIPV4"] = str( IPSIBGPipv4[numero_rack][0]) variablestochangeleaf1["IPNEIGHIBGPIPV6"] = str( IPSIBGPipv6[numero_rack][0]) try: variablestochangeleaf1["NET_HOST_BE_IPV4"] = CIDRBEipv4interno variablestochangeleaf1["NET_HOST_FE_IPV4"] = CIDRFEipv4interno except Exception as e: raise Exception( "Error while getting IPv4 CIDR from BE or FE production environment. E: %s" % e) if CIDRBO_DSRipv4interno: variablestochangeleaf1[ "NET_HOST_BO_DSR_IPV4"] = CIDRBO_DSRipv4interno if CIDRBOCAAipv4interno: variablestochangeleaf1[ "NET_HOST_BOCAA_IPV4"] = CIDRBOCAAipv4interno if CIDRBOCABipv4interno: variablestochangeleaf1[ "NET_HOST_BOCAB_IPV4"] = CIDRBOCABipv4interno log.debug("3") variablestochangeleaf1["NET_SPINE1_LF_IPV4"] = str(CIDRBEipv4[0]) variablestochangeleaf1["NET_SPINE2_LF_IPV4"] = str(CIDRBEipv4[1]) variablestochangeleaf1["NET_LF_LF_IPV4"] = str(IBGPToRLxLipv4) try: variablestochangeleaf1["NET_HOST_BE_IPV6"] = CIDRBEipv6interno variablestochangeleaf1["NET_HOST_FE_IPV6"] = CIDRFEipv6interno except Exception as e: raise Exception( "Error while getting IPv6 CIDR from BE or FE production environment. E: %s" % e) if CIDRBO_DSRipv6interno: variablestochangeleaf1[ "NET_HOST_BO_DSR_IPV6"] = CIDRBO_DSRipv6interno if CIDRBOCAAipv6interno: variablestochangeleaf1[ "NET_HOST_BOCAA_IPV6"] = CIDRBOCAAipv6interno if CIDRBOCABipv6interno: variablestochangeleaf1[ "NET_HOST_BOCAB_IPV6"] = CIDRBOCABipv6interno log.debug("4") variablestochangeleaf1["NET_SPINE1_LF_IPV6"] = str(CIDRBEipv6[0]) variablestochangeleaf1["NET_SPINE2_LF_IPV6"] = str(CIDRBEipv6[1]) variablestochangeleaf1["NET_LF_LF_IPV6"] = str(IBGPToRLxLipv6) variablestochangeleaf1["ID_LEAF"] = str( equip.get("sw")) # lf1 ou lf2 variablestochangeleaf1["OWN_IP_MGMT"] = equip.get("ip_mngt") variablestochangeleaf1["LF_HOSTNAME"] = equip.get("nome") log.debug("5") for i in equip.get("interfaces"): if i.get("nome")[:3] == self.leaf_prefix: variablestochangeleaf1["LFNEIGH_HOSTNAME"] = i.get("nome") variablestochangeleaf1["LFNEIGH_IP_MGMT"] = i.get( "ip_mngt") elif i.get("nome")[:3] == self.spine_prefix: spine_num = int(i.get("nome")[-1]) variablestochangespine1["ASSPINE"] = str(BASE_AS_SPN + spine_num - 1) variablestochangespine1["INTERFACE"] = i.get("interface") variablestochangespine1["LEAFNAME"] = equip.get("nome") variablestochangespine1["INT_LF_UPLINK"] = i.get( "eq_interface") log.debug("ok if spn") variablestochangespine1["IPSPINEIPV4"] = str( IPSPINEipv4[numero_rack][spine_num - 1]) variablestochangespine1["IPSPINEIPV6"] = str( IPSPINEipv6[numero_rack][spine_num - 1]) variablestochangespine1["VLANBELEAF"] = str( vlanBE[spine_num - 1]) variablestochangespine1["VLANFELEAF"] = str( vlanFE[spine_num - 1]) variablestochangespine1["VLANBORDALEAF"] = str( vlanBO[spine_num - 1]) variablestochangespine1["VLANBORDACACHOSLEAF"] = str( vlanBOCA[spine_num - 1]) variablestochangespine1["VLANBORDACACHOSB"] = str( vlanBOCAB[spine_num - 1]) variablestochangespine1["ASLEAF"] = str( ASLEAF[numero_rack][0]) variablestochangespine1["IPNEIGHLEAFIPV4"] = str( IPLEAFipv4[numero_rack][spine_num - 1]) variablestochangespine1["IPNEIGHLEAFIPV6"] = str( IPLEAFipv6[numero_rack][spine_num - 1]) if spine_num in [1, 3]: variablestochangeleaf1["SP1_HOSTNAME"] = i.get("nome") variablestochangeleaf1["INTERFACE_SP1"] = i.get( "interface") variablestochangeleaf1["ASSPINE1"] = str(BASE_AS_SPN + spine_num - 1) else: variablestochangeleaf1["SP2_HOSTNAME"] = i.get("nome") variablestochangeleaf1["INTERFACE_SP2"] = i.get( "interface") variablestochangeleaf1["ASSPINE2"] = str(BASE_AS_SPN + spine_num - 1) fileinspine1 = path_to_guide + i.get("roteiro") fileoutspine1 = path_to_add_config + i.get( "nome") + "-ADD-" + rack.nome + ".cfg" self.replace_file(fileinspine1, fileoutspine1, variablestochangespine1) variablestochangespine1 = dict() elif i.get("nome")[:3] == self.oob_prefix: variablestochangeleaf1["HOSTNAME_OOB"] = i.get("nome") variablestochangeleaf1["INTERFACE_OOB"] = i.get( "interface") variablestochangeleaf1["ID_VLT"] = str(id_vlt[j]) variablestochangeleaf1["PRIORITY_VLT"] = str(priority_vlt[j]) fileinleaf1 = path_to_guide + equip.get("roteiro") fileoutleaf1 = path_to_config + equip.get("nome") + ".cfg" self.replace_file(fileinleaf1, fileoutleaf1, variablestochangeleaf1) log.debug(fileoutleaf1) variablestochangeleaf1 = dict() return True
def create(self): params = dict() svcs = [] check_mode = self.params['check_mode'] address = self.params['address'] allow_service = self.params['allow_service'] name = self.params['name'] netmask = self.params['netmask'] partition = self.params['partition'] traffic_group = self.params['traffic_group'] vlan = self.params['vlan'] route_domain = self.params['route_domain'] if address is None or netmask is None: raise F5ModuleError('An address and a netmask must be specififed') if vlan is None: raise F5ModuleError('A VLAN name must be specified') else: vlan = "/%s/%s" % (partition, vlan) try: ipin = "%s/%s" % (address, netmask) ipnet = IPNetwork(ipin) if route_domain is not None: params['address'] = "%s%s%s/%s" % (ipnet.ip, '%', route_domain, ipnet.prefixlen) else: params['address'] = "%s/%s" % (ipnet.ip, ipnet.prefixlen) except AddrFormatError: raise F5ModuleError( 'The provided address/netmask value was invalid') if traffic_group is None: params['trafficGroup'] = "/%s/%s" % (partition, DEFAULT_TG) else: traffic_group = "/%s/%s" % (partition, traffic_group) if traffic_group in self.traffic_groups(): params['trafficGroup'] = traffic_group else: raise F5ModuleError( 'The specified traffic group was not found') vlans = self.get_vlans() if vlan in vlans: params['vlan'] = vlan else: raise F5ModuleError('The specified VLAN was not found') if allow_service is not None: svcs = self.verify_services() params['allowService'] = self.fmt_services(svcs) params['name'] = name params['partition'] = partition self.cparams = camel_dict_to_snake_dict(params) if svcs: self.cparams['allow_service'] = list(svcs) if check_mode: return True d = self.api.tm.net.selfips.selfip d.create(**params) if self.exists(): return True else: raise F5ModuleError("Failed to create the self IP")
def has_ipv4_prefixes(prefixes=[]): return any(IPNetwork(prefix).version == 4 for prefix in prefixes or [])
def post(self, request, *args, **kwargs): # mengambil nilai dari form formm = NacmForm(request.POST or None) ipform = IpFormset(request.POST) upform = UploadForm(request.POST, request.FILES) userValue = formm['username'].value() passValue = formm['password'].value() confValue = formm['conft'].value() rd_select = str(request.POST['dynamic_routing_select']) print(rd_select) id_ospf = str(request.POST['id_ospf']) router_id = str(request.POST['rid_ospf']) print(router_id) # kondisi menentukan routing dynamic yang dipilih if rd_select == 'ospf': networkx = (request.POST.getlist('network_ospf')) prefixs = (request.POST.getlist('prefix_ospf')) elif rd_select == 'ripv1': networkx = (request.POST.getlist('network_ripv1')) prefixs = (request.POST.getlist('prefix_ripv1')) elif rd_select == 'ripv2': networkx = (request.POST.getlist('network_ripv2')) prefixs = (request.POST.getlist('prefix_ripv2')) areas = (request.POST.getlist('area')) interface_ospf = str(request.POST['interface_ospf']) interface_ripv1 = str(request.POST['interface_ripv1']) interface_ripv2 = str(request.POST['interface_ripv2']) # jika form valid if ipform.is_valid() and formm.is_valid(): collect_data = "" count_form = 0 simpanForm = formm.save() # perulangan data pada form ipform for form in ipform: ipaddr = form.cleaned_data.get('ipaddr') vendor = form.cleaned_data.get('vendor') networks = netmask = wildcard = "" collect_config = "<b>Configure on " + str( ipaddr) + " | vendor = " + str(vendor) + "</b></br>" # mengkoneksikan ke perangkat via protokol SSH menggunakan library Paramiko try: ssh_client = paramiko.SSHClient() ssh_client.set_missing_host_key_policy( paramiko.AutoAddPolicy()) # memasukkan informasi username, password SSH ssh_client.connect(hostname=ipaddr, username=userValue, password=passValue) remote_conn = ssh_client.invoke_shell() output = remote_conn.recv(65535) config_read = None # menentukan routing dynamic yang digunakan dan membaca template syntax yang tersimpan dari database if rd_select == 'ospf': config_read = str(vendor.sett_dynamic_routing_ospf) elif rd_select == 'ripv1': config_read = str(vendor.sett_dynamic_routing_ripv1) elif rd_select == 'ripv2': config_read = str(vendor.sett_dynamic_routing_ripv2) # split memakai \r dulu array_read = config_read.split('\r') # hasilnya akan ada \n counter = 0 # membuat perulangan pada network yang di advertise, karena pada advertise network menggunakan form dinamis for x in range(len(networkx)): if rd_select == 'ospf': network = networkx[x] prefix = prefixs[x] area = areas[x] elif rd_select == 'ripv1' or rd_select == 'ripv2': network = networkx[x] prefix = prefixs[x] if prefix != '': networks = str(network + "/" + prefix) print(networks) netmask = IPNetwork(networks).netmask print(netmask) wildcard = IPNetwork(networks).hostmask print(wildcard) print(vendor) # membaca code tiap line for line in array_read: # menghilangkan \n new_line = re.sub(r'\n', '', line) # akan error karena ada nilai kosong dan eval tidak bisa membacanya # sehingga mengeleminasi nilai kosong if new_line != '': config_send = eval(new_line) collect_config = collect_config + config_send + "</br>" print(config_send) # mengirim perintah yang akan dikonfig # menggunakan non-interactive shell try: ssh_client.exec_command(config_send + "\n") time.sleep(1) except: # jika gagal menggunakan interactive shell try: if counter == 0: print("try shell interactive") counter += 1 remote_conn.send(config_send + "\n") time.sleep(1) except: print("error paramiko") # menyimpan data ke sqlite count_form = count_form + 1 collect_data = collect_data + collect_config if count_form == len(ipform): simpanForm.conft = collect_data messages.success(request, collect_config) ssh_client.close() simpanIp = form.save(commit=False) simpanIp.connect_id = simpanForm print(simpanIp) simpanIp.save() simpanForm.save() # jika gagal terkoneksi except paramiko.AuthenticationException: error_conf( request, collect_config, "</br>Authentication failed, please verify your credentials" ) except paramiko.SSHException as sshException: error_conf( request, collect_config, "</br>Could not establish SSH connection: %s" % sshException) except socket.timeout as e: error_conf(request, collect_config, "</br>Connection timed out") except Exception as e: ssh_client.close() error_conf( request, collect_config, "</br>Exception in connecting to the server :%s" % e) print(e) return HttpResponseRedirect('routing_dynamic')