def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") map_list = cisco_cfg.find_objects(r"^crypto map CRYPTO") for cryptoMap in map_list: print cryptoMap.text mapChildren = cryptoMap.children for child in mapChildren: print child.text print '\nCrypto maps using PFS group 2:\n' pfs2_list = cisco_cfg.find_objects_w_child(parentspec=r"^crypto map CRYPTO", childspec=r"set pfs group2") for cryptoMap in pfs2_list: print cryptoMap.text print '\nCrypto maps not using AES:\n' noaes_list = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") for cryptoMap in noaes_list: print cryptoMap.text mapChildren = cryptoMap.children transformSetLine = mapChildren[1] (head,transformSet) = transformSetLine.text.split('set transform-set') print transformSet
def main(): """ Find all crypto map entires that do not use AES Encryption. """ cisco_file = "cisco_ipsec.txt" cisco_cfg = CiscoConfParse(cisco_file) crypto_maps = cisco_cfg.find_objects_wo_child( parentspec=r"^crypto map CRYPTO", childspec=r"AES") print("Printing crypto_maps content") print(crypto_maps) print('\n\n') print("#" * 3) print("#" * 3, 'crypto_maps Type:') print("#" * 3) print(type(crypto_maps)) for c_map in crypto_maps: print("#" * 3) print("#" * 3, 'c_map Type:') print("#" * 3) print(type(c_map)) print() print(c_map.text) for child in c_map.children: print(child.text) print()
def main(): cfg = CiscoConfParse('cisco_ipsec.txt') crypto_not_AES = cfg.find_objects_wo_child(r"^crypto map CRYPTO", r"set transform-set AES") print "Crypto maps not using AES:" for line in crypto_not_AES: transform_set = line.re_search_children(r"transform")[0].text.split()[-1] print line.parent.text + ">>>>> " + transform_set
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") cryptomaps = cisco_cfg.find_objects_wo_child(parentspec=r"crypto map CRYPTO", childspec=r"AES") print "\ncrypto maps not using AES:" for entry in cryptomaps: print "{0}".format(entry.text) for text in entry.children: if "transform-set" in text.text: print re.sub("set transform-set ", "", text.text)
def main(): cisco_test_file = 'cisco_ipsec.txt' parse_file = CiscoConfParse(cisco_test_file) crypto_maps = parse_file.find_objects_wo_child(parentspec=r'crypto ipsec transform-set', childspec=r'AES') print "\nCrypto Maps noy using AES:" for entry in crypto_maps: print " {0}".format(entry.text) print
def main(): ''' Main Function ''' my_cisco_cfg = CiscoConfParse("cisco_ipsec.txt") out = my_cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") for item in out: print item.text out2 = my_cisco_cfg.find_objects_w_parents(parentspec=str(item.text), childspec=r"set transform-set") for item2 in out2: print item2.text
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") intf = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"AES") print "Crypto maps not using AES:" for i in intf: print i.text for j in i.children: if 'transform' in j.text: print j.text
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") crypto_g2 = cisco_cfg.find_objects_wo_child( parentspec=r"^crypto map CRYPTO", childspec=r"AES") for parent in crypto_g2: print parent.text for child in parent.children: print child.text
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") crypto_g2 = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"AES") for parent in crypto_g2: print parent.text for child in parent.children: print child.text
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") crypto_maps = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map", childspec="AES") for crypto_map in crypto_maps: print "crypto map: %s" % crypto_map.text for child in crypto_map.children: m = re.search(r'set transform-set (?P<transform>\w+)', child.text) if m: print "transform: %s" % m.group('transform')
def main(): cfg=CiscoConfParse('Config-file.txt') temp_list=cfg.find_objects_wo_child(parentspec=r"^crypto map", childspec="AES") print temp_list #print temp_list for entry in temp_list: for child in entry.children: if "transform" in child.text: match=re.search(r"set transform-set (.*)$", child.text) encryption=match.group(1) print "Entry not using AES is " , entry.text , " and its encryption is " , encryption
def _get_all_l2_int_entries(self): parse = CiscoConfParse(self.file_input) self.hostname = parse.re_match_iter_typed(r'^hostname\s+(\S+)', default='None') for obj in parse.find_objects_wo_child(r'^interface', r'^\s*(no)?\s*ip address'): print(f'Hostname: {self.hostname} Interface: {obj.text}') cisco = L2Interface() cisco.get_all_properties(obj.text) for obj_child in obj.children: cisco.get_all_properties(obj_child.text) self.l2_int_entries.append(cisco)
def main(): cisco_cfg = CiscoConfParse('cisco_ipsec.txt') crypto_maps = cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') print "\nThe entry(s) not using AES is/are:" for crypto_map in crypto_maps: print crypto_map.text print "\nCorresponding transform set for the entry:" for child in crypto_map.children: if "transform" in child.text: print child
def main(): cisco_cfg=CiscoConfParse("cisco_ipsec.txt") crypto_map=cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') for child in crypto_map: #print child.text for ch in child.children: if 'transform-set' in ch.text: match=re.search(r'set transform-set (.*)',ch.text) result=match.group(1) print "{0}>>> {1}".format(child.text,result)
def main(): cisco_file = 'cisco_ipsec.txt' cisco_cfg = CiscoConfParse(cisco_file) crypto_maps = cisco_cfg.find_objects_wo_child( parentspec=r'crypto map CRYPTO', childspec=r'AES') print("\nCrypto maps not using AES:") for entry in crypto_maps: for child in entry.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print(" {} >>> {}".format(entry.text.strip(), encryption)) print()
def main(): text_file = 'cisco_ipsec.txt' config = CiscoConfParse(text_file) maps = config.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') for i in maps: print(i.text) for x in i.children: print(x.text) if 'transform' in x.text: found = re.search(r"set transform-set (.*)$", x.text) print("{} | {}".format(i.text.strip(), found.group(1)))
def _get_all_l2_int_entries(self): self.__logger.info("Get Info L2 interfaces") parse = CiscoConfParse(self.file_input) self.hostname = parse.re_match_iter_typed(r'^hostname\s+(\S+)', default='None') self.__logger.info(f"Hostname: {self.hostname}") for obj in parse.find_objects_wo_child(r'^interface', r'^\s*(no)?\s*ip address'): cisco = L2Interface(self.__dbg) cisco.get_all_properties(obj.text) for obj_child in obj.children: cisco.get_all_properties(obj_child.text) self.l2_int_entries.append(cisco) self.__logger.debug(f"L2 int: {cisco.name}")
def main(): ''' Main Function ''' my_cisco_cfg = CiscoConfParse("cisco_ipsec.txt") out = my_cisco_cfg.find_objects_wo_child( parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") for item in out: print item.text out2 = my_cisco_cfg.find_objects_w_parents( parentspec=str(item.text), childspec=r"set transform-set") for item2 in out2: print item2.text
def main(): cisco_cfg = CiscoConfParse("cisco_ipsec.txt") crypto_map = cisco_cfg.find_objects_wo_child( parentspec=r'crypto map CRYPTO', childspec=r'AES') for child in crypto_map: #print child.text for ch in child.children: if 'transform-set' in ch.text: match = re.search(r'set transform-set (.*)', ch.text) result = match.group(1) print "{0}>>> {1}".format(child.text, result)
def parse_conf_file_cm(file1): cisco_conf = CiscoConfParse(file1) target = cisco_conf.find_objects_wo_child(parentspec=r'^' + P_PARSE_STRING, childspec=C_PARSE_STRING) for p_elmt in target: print 'Found target:\n{}'.format(p_elmt.text) for c_elmt in p_elmt.all_children: print c_elmt.text if c_elmt.text.find('set transform-set') >= 0: target_ts = parse_conf_file_ts(cisco_conf, c_elmt.text) target_ts_parent = target_ts[0] print '\n{}'.format(target_ts_parent.text) for c_elmt in target_ts_parent.all_children: print c_elmt.text print ''
def main(cisco_file='cisco_ipsec.txt'): ''' Using ciscoconfparse find the crypto maps that are not using AES (based-on the transform set name). Print these entries and their corresponding transform set name. ''' cisco_cfg = CiscoConfParse(cisco_file) for crypto_map in cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES'): for child in crypto_map.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) print "{0} : {1}".format(crypto_map.text.strip(), match.group(1))
def main(): """ 10. Using ciscoconfparse find the crypto maps that are not using AES (based-on the transform set name). Print these entries and their corresponding transform set name. """ cisco_conf = CiscoConfParse("cisco_ipsec.txt") tscrypto_map = cisco_conf.find_objects_wo_child(parentspec=r"^crypto map", childspec=r"AES") for ts_map in tscrypto_map: print(ts_map.text) for tr_set in ts_map.all_children: if "transform-set" in tr_set.text: print(tr_set.text)
def main(): cisco_file = 'cisco_ipsec.txt' output = CiscoConfParse(cisco_file) crypto_output = output.find_objects_wo_child( parentspec=r'crypto map CRYPTO', childspec=r'AES') for i in crypto_output: for child in i.children: if 'transform' in child.text: match = re.search(r'set transform-set (\S*)', child.text) # print(match) encryption = match.group(1) print( 'crypto maps that don\'t use AES and what they are using instead:') print(i.text.strip(), "|", encryption)
def main(): ''' Using ciscoconfparse find the crypto maps that are not using AES (based-on th transform set name). Print these entries and thier correspinding transfo rm set name. ''' cisco_file = ('cisco_ipsec.txt') cisco_cfg = CiscoConfParse(cisco_file) crypto_maps = cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') print "\nCrypto Maps not using AES:" for entry in crypto_maps: for child in entry.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print " {0} >>> {1}".format(entry.text.strip(), encryption) print
def main(cisco_file='cisco_ipsec.txt'): ''' Using ciscoconfparse find the crypto maps that are not using AES (based-on the transform set name). Print these entries and their corresponding transform set name. ''' cisco_cfg = CiscoConfParse(cisco_file) for crypto_map in cisco_cfg.find_objects_wo_child( parentspec=r'crypto map CRYPTO', childspec=r'AES'): for child in crypto_map.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) print "{0} : {1}".format(crypto_map.text.strip(), match.group(1))
def main(): cisco_cfg_file = "cisco_ipsec.txt" cisco_cfg = CiscoConfParse(cisco_cfg_file) crypto_not_aes = cisco_cfg.find_objects_wo_child( parentspec=r"crypto map CRYPTO", childspec=r"AES") print("Crypto Maps not using AES:") for c_map in crypto_not_aes: #print(" {0}").format(c_map.text) for child in c_map.children: #print (" {0}").format(child.text) if "transform" in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print(" {0} >>> {1}".format(c_map.text.strip(), encryption)) print
def main(): cisco_file = 'cisco_config.txt' cisco_cfg = CiscoConfParse(cisco_file) crypto_maps = cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') print "\nCryto maps not using AES:" for entry in crypto_maps: for child in entry.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print " {0} >>> {1}".format(entry.text.strip(), encryption) print
def Cisco_Parser(filename): cisco_cfg=CiscoConfParse(filename) interfaces=cisco_cfg.find_objects(r"^interface") vtys=cisco_cfg.find_objects(r"^line vty ") for intf in interfaces: output= str(intf) output+= '\n' + str(intf.children) for vty in vtys: output+= '\n' + '#' * 80 output+= "Configuration for Line vty is: \n {}".format(vty.children) l2_interfaces=cisco_cfg.find_objects_w_child(parentspec=r"^interface", childspec="no ip address") l3_interfaces=cisco_cfg.find_objects_wo_child(parentspec=r"^interface", childspec="no ip address") output+= '\n' +'#' * 80 output+= "\nL2 Interfaces are {}".format(l2_interfaces) output+= '\n' +'#' * 80 output+= "\nL3 Interfaces are {}".format(l3_interfaces) return output
def main(): # this is a script that can find the crypto maps that are not using certain encryption method cisco_cfg = CiscoConfParse("cisco_ipsec.txt") crypto_map = cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') print "\n", "=="*4, "The crypto maps without AES:", "=="*4, "\n" for each_map in crypto_map: # I have printed so many things to make sure I can get a good data type in while loop # print type(each_map.children) # print len(each_map.children) # print type (each_map.children[child_number]) # print str(each_map.children[child_number]) print each_map.text child_number = 0 while child_number < (len(each_map.children)): if "transform-set" in str(each_map.children[child_number]): print each_map.children[child_number].text, "\n" child_number = child_number + 1 else: child_number = child_number + 1
def main(): file = "cisco.txt" config = CiscoConfParse(file) crypto_maps = config.find_objects_wo_child(parentspec=r"crypto map CRYPTO", childspec=r"AES") print "Crypto Maps not using AES: " for txt in crypto_maps: for child in txt.children: if "transform" in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print " {0} >>> {1}".format(txt.text.strip(), encryption) print
def main(): ''' finds all of the crypto map entires and prints all that are not using AES ''' file_in = 'cisco_ipsec.txt' config_file = CiscoConfParse(file_in) crypto_maps = config_file.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'AES') print "\nCrypto maps not using AES:" for entry in crypto_maps: for child in entry.children: if 'transform' in child.text: match = re.search(r"set transform-set (.*)$", child.text) encryption = match.group(1) print " {0} >>> {1}".format(entry.text.strip(), encryption) print
def main(): ''' Using ciscoconfparse find the crypto maps that are not using AES (based-on the transform set name). Print these entries and their corresponding transform set name. ''' # Create a new CiscoConfParse object using our sample config file cisco_cfg = CiscoConfParse("cisco_ipsec.txt") # Find all entries with children that do NOT have "set transform-set AES-SHA", and a parent of "crypto map CRYPTO" crypto = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") # Loop over the list, printing each object, and it's associated children for i in crypto: print i.text for child in i.children: print child.text
def find_active_interfaces(file): all_interfaces = [] # Parser set to look at running config parse = CiscoConfParse(file) retval = '' # find objects matching interface and not shutdown for obj in parse.find_objects_wo_child(parentspec=r"^interface", childspec=r"shutdown"): # Make a list that will contain the parent and the children interface_list = [] # Add the parent to the list as a string interface_list.append(obj.text) retval += obj.text + '\n' # For all the parent's children for line in obj.all_children: # Add the child to the list as a string retval += line.text + '\n' # A return retval
def no_aes(config): ''' Accepts Cisco configuration and finds crypto map entries not using AES transform sets. ''' # Create CiscoConfParse object with config passed into function. cisco_cfg = CiscoConfParse(config) # Find only crypto maps not using AES transform set. cmap = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r".+ AES") # Iterate over lines matched previously. Print the line. for seq_num in cmap: print seq_num.text # Iterate over children of the config line, print children. for child in seq_num.children: print child.text
def main(): ''' Find all of the crypto map entries in the file (lines that begin with 'crypto map CRYPTO') and print out the entries that are not using AES based on the transform set name. ''' cisco_conf = CiscoConfParse("cisco_ipsec.txt") crypto_maps = cisco_conf.find_objects_wo_child( parentspec=r"crypto map CRYPTO", childspec=r"AES") print "\nCrypto Maps not using AES:" for map in crypto_maps: for child in map.children: if "transform" in child.text: match = re.search(r"set transform-set (.*)$", child.text) encrypt_type = match.group(1) print " {0} ->->-> {1}".format(map.text.strip(), encrypt_type) print
def main(): cisco_cfg = CiscoConfParse(CISCO_FILENAME) print 'All crypto maps that use "pfs group2"' cisco_objs = cisco_cfg.find_objects_w_child(parentspec=r"crypto map CRYPTO", childspec=r"set pfs group2") for obj in cisco_objs: print "[-]" print obj.text for child in obj.all_children: print child.text print '\n\nAll crypto maps that are not using AES' cisco_objs = cisco_cfg.find_objects_wo_child(parentspec=r"crypto map CRYPTO", childspec=r"set transform-set AES-") for obj in cisco_objs: print "[-]" print obj.text for child in obj.all_children: print child.text
def find_sections(**kwargs): """Extract a section from a config Args: lines (list): the list of lines making up the config match (str): the regex to match against child_match (str): the regex to match children against only_child_matches (boolean): only return sections with children that match min_child_lines (int): only return section that >= this many children Returns: dict: A dict of the sections, lines """ parse = CiscoConfParse(kwargs['lines']) if kwargs['child_match'] == 'any': found_objs = parse.find_objects(kwargs['match']) else: if kwargs['children_that_match']: found_objs = parse.find_objects_w_child(parentspec=r"%s" % kwargs['match'], \ childspec=r"%s" % kwargs['child_match']) else: found_objs = parse.find_objects_wo_child(parentspec=r"%s" % kwargs['match'], \ childspec=r"%s" % kwargs['child_match']) found_objs = [ obj for obj in found_objs if len(obj.children) >= kwargs['min_child_lines'] ] response = {} response['sections'] = [] response['lines'] = [] for section in found_objs: entry = {} entry['section_name'] = section.text response['lines'].append(section.text) entry['section_content'] = [] for child in section.children: entry['section_content'].append(child.text.strip()) response['lines'].append(child.text) response['sections'].append(entry) return response
def main(): cisco_file = 'pynet-rtr1.txt' cisco_cfg = CiscoConfParse(cisco_file) crypto_maps = cisco_cfg.find_objects(r"^crypto map CRYPTO") for c_map in crypto_maps: print print c_map.text for child in c_map.children: print child.text print crypto_maps = cisco_cfg.find_objects_w_child(parentspec=r'crypto map CRYPTO', childspec=r'pfs group5') print "\nCrypto Maps using PFS group5:" for entry in crypto_maps: print " {0}".format(entry.text) print crypto_maps = cisco_cfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO', childspec=r'set peer 5.5.5.1') print "\nCrypto maps not peer 5.5.5.1:" for entry in crypto_maps: print " {0}".format(entry.text) print
from ciscoconfparse import CiscoConfParse cisco_cfg = CiscoConfParse("cisco_ipsec.txt") print cisco_cfg # find objects that begin with "crypto map CRYPTO" and are not crypto = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"transform-set AES") print "\nObjects not using AES" print "------------------------" # print the found objects and thier children for i in crypto: print i.text
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse from __future__ import unicode_literals, print_function cisco_config = CiscoConfParse("cisco_ipsec.txt") crypto_map = cisco_config.find_objects_wo_child( parentspec=r"^crypto map CRYPTO", childspec=r"AES") for c in crypto_map: print() print(c.text) for child in c.children: print(child.text) print()
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse cfg = CiscoConfParse("cisco_ipsec.txt") crypto_maps = cfg.find_objects("^crypto map CRYPTO") #Excercise 8, part1 #find all lines that begin with 'crypto map CRYPTO'& for each crypto map entry print out its children print "These are cryto map lines" for crypto in crypto_maps: print crypto.text for child in crypto.children: print child.text #Excercise 8, part2:show crypto maps that have pfs group 2 print "These Crypto maps have pfs group 2" pfs2 = cfg.find_objects_w_child(parentspec=r"^crypto map CRYPTO", childspec=r"set pfs group2") for i in pfs2: print i.text #Excercise 8, part2:show crypto maps that aren't using AES and also print transform set print "Find MAPS not using AES" #aes = cfg.find_objects_w_child(parentspec=r"^crypto map CRYPTO", childspec=r"AES-SHA") aes = cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec="set transform-set AES-SHA") for each in aes: print each.text for child in each.children: print child.text
#!/usr/bin/env python """ Class 1, Exercise 10 Find the crypto maps that are not using AES (based-on the transform set name). Print these entries and their corresponding transform set name. """ from ciscoconfparse import CiscoConfParse cisco_config = CiscoConfParse("cisco_ipsec.txt") print """\nThis script lists the crypto maps that are not using AES in the transform set and the transform set name""" print"-" * 114 no_AES_crymaps = cisco_config.find_objects_wo_child(r'crypto map CRYPTO', r'AES') for obj in no_AES_crymaps: print "Crypto-map name: %s" % obj.text for child in obj.children: if "transform-set" in child.text: mystring = child.text mystringlist = mystring.split() count = 0 for i in mystringlist: if mystringlist[count] == "transform-set": count = count + 1 print "Transform-set name is: %s\n" % mystringlist[count] exit() else: count = count + 1 print"-" * 114
#open the configfile config = CiscoConfParse("cisco_ipsec.txt") #question 8 print "question 8:------------------------" crypto = config.find_objects(r"crypto map CRYPTO") for entry in crypto: print entry.text for child in entry.all_children: print child.text #question 9 print "question 9:--------------------------" crypto_pfs = config.find_objects_w_child(parentspec=r"crypto map CRYPTO", childspec=r"pfs group2") for entry in crypto_pfs: print entry.text for child in entry.all_children: print child.text #question 10 print "question 10:--------------------------" crypto_pfs = config.find_objects_wo_child(parentspec=r"crypto map CRYPTO", childspec=r"transform-set AES-SHA") for entry in crypto_pfs: print entry.text for child in entry.all_children: print child.text
#!/usr/bin/env python #coding:utf-8 from ciscoconfparse import CiscoConfParse, IOSCfgLine cfg = open("isis_junos.cfg").read().splitlines() parse = CiscoConfParse(cfg, syntax='junos', comment='#!') print("\n".join(parse.ioscfg)) print("Check interface without 'point-to-point' config line:") for obj in parse.find_objects_wo_child("interface", "point-to-point"): print(obj.text)
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse crypto_file = CiscoConfParse("cisco_ipsec.txt") c_maps = crypto_file.find_objects(r"^crypto map CRYPTO") for c_map in c_maps: for i in c_map.children: print i.text pfs2 = crypto_file.find_objects_w_child(parentspec=r"crypto map CRYPTO", childspec="set pfs group2") print "\nPFS group2 crypto maps:" for group in pfs2: print group.text non_aes = crypto_file.find_objects_wo_child(parentspec=r"crypto map CRYPTO", childspec="AES-SHA") print "\nNon-AES crypto map(s):" for group in non_aes: print group.text for i in group.children: print i.text
from ciscoconfparse import CiscoConfParse import yaml import json from pprint import pprint as pp ciscocfg = CiscoConfParse('cisco_ipsec.txt') nonaes = ciscocfg.find_objects_wo_child(parentspec=r'crypto map CRYPTO',childspec=r'set transform-set AES-SHA') for item in range(len(nonaes)): print nonaes[item].text cryptemp = nonaes[item] for line in cryptemp.children: tset = line.text.strip() if tset.startswith('set transform-set'): print tset
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse cfg_file = CiscoConfParse("cisco_ipsec.txt") crypto_maps_g2 = cfg_file.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") for crypto_map in crypto_maps_g2: print crypto_map.text
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse config = CiscoConfParse('input-cisco.txt') lines = config.find_objects_wo_child(parentspec=r'^crypto map CRYPTO', childspec=r'set transform-set AES-SHA') for i in lines: print i.parent.text print i.children[1].text.split(' ')[3] # BELOW IS ANOTHER WAY TO ACCOMPLISH THE SAME THING # NOT AS ELEGANT (MORE LINES OF CODE) # AND IT DOESN'T LEVERAGE FEATURES OF CISCOCONFPARSE # BUT IT REPLACES THE LAST LINE IN THE PROGRAM ABOVE # AND USES STANDARD STRING PROCESSING METHODS # AND IT YIELDS THE SAME RESULT # # for j in i.all_children: # if 'transform' in j.text: # line = j.text # print line.strip().split(' ')[-1]
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse cisco_cfg = CiscoConfParse("cisco_conf_example.txt") crypto_map = cisco_cfg.find_objects(r"^crypto map CRYPTO") pfs_grp2 = cisco_cfg.find_objects_w_child(parentspec=r"^crypto map CRYPTO", childspec=r"pfs group2") not_aes = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"AES-SHA") print "Here are all the crypto maps configured:" for i in crypto_map: print i.text for child in i.children: print child.text print "*******" print "\ncrypto maps with PFS group2 are:" for entry in pfs_grp2: print entry.text for child in entry.children: print " {0}".format(child.text) print "*******" print "\ncrypto maps not using AES:" for i in not_aes: print i.text for child in i.children: print " {0}".format(child.text)
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse cisco_cfg = CiscoConfParse("cisco_config.txt") print cisco_cfg intf = cisco_cfg.find_objects(r"^interface") print intf for i in intf: print i.text interface_4 = intf[4] print interface_4 print interface_4.children for child in interface_4.children: print child.text no_ip = cisco_cfg.find_objects_w_child(parentspec=r"interface", childspec=r"no ip address") print no_ip with_ip = cisco_cfg.find_objects_wo_child(parentspec=r"interface", childspec=r"no ip address") print with_ip
from ciscoconfparse import CiscoConfParse config = CiscoConfParse("cisco_ipsec.txt") list1 = config.find_objects(r"^crypto map CRYPTO") list2 = config.find_objects_w_child(parentspec=r"^crypto map CRYPTO", childspec=r"set pfs group2") list3 = config.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES*") for i in list1: for child in i.children: print child.text for i in list2: for child in i.children: print child.text for i in list3: for child in i.children: print child.text
f.rename(os.path.join(NEW_DIR, new_name)) #print(" ") #print("-------------------Finshed removing -Running.config from file name-------------------") #print(" ") header = "Switch" + " " + "Port W/O Dot1x" + " " + "Port Description" print(header) # #Start Examining configs for missing port security # for host in os.listdir(NEW_DIR): if host.startswith("p"): config_path = os.path.join(NEW_DIR, host) parse = CiscoConfParse(config_path) all_intfs = parse.find_objects(r"^interf") NoDot1x = list() NoDot1x = parse.find_objects_wo_child(r'^interface', r'authentication') #Remove Non Gig Ports because all user ports are 1 gig GigPorts = [ x.text.split()[1] for x in NoDot1x if x.text.startswith("interface Gig") ] #Remove Cisco 3750 Exansion module final_list = [ w for w in GigPorts if not re.match(r'GigabitEthernet./1/.', w) ] #Gets Port Descriptions for ports in final_list: port = "interface" + " " + ports intconfig = parse.find_children(port, exactmatch=True) desc = [x for x in intconfig if re.search("description", x)] result = host + ' ' + ''.join(ports) + ' ' + ''.join(desc)
crypto_map = cisco_cfg.find_objects(r"^crypto map CRYPTO") # Now print the CRYPTO map entries found print "\nPrinting the crypto map CRYPTO entries found\n" for i in crypto_map: print i.text print "\n" # Find all entries that are using pfs group2 crypto_PFS = cisco_cfg.find_objects_w_child(parentspec=r"^crypto map", childspec=r"pfs group2") # Print all crypto map using pfs group2 print "\nPrinting the crypto map entries using pfs group2\n" for i in crypto_PFS: print i.text print "\n" # Find all crypto maps that are not usind AES transform-set crypto_noAES = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map", childspec=r"set transform-set AES") # Print all maps without AES and config under eact. print "\nPrinting the crypto map entries using pfs group2\n" for i in crypto_noAES: print i.text for j in i.children: print j.text
#!/usr/bin/env python from ciscoconfparse import CiscoConfParse import os os.system('clear') cisco_cfg = CiscoConfParse("cisco.txt") crypto_PFS2 = cisco_cfg.find_objects_wo_child(parentspec=r"^crypto map CRYPTO", childspec=r"set transform-set AES-SHA") for c in crypto_PFS2: print c.text print (c.children[1]).text print "\n"