def Audit(): ## Parse the config parse = CiscoConfParse('conf.txt') for i in range(25): ## Add a new switchport at the bottom of the config... parse.append_line('interface FastEthernet0/' + str(i)) parse.append_line(' switchport') parse.append_line(' switchport mode access') parse.append_line('!') parse.commit() # commit() **must** be called before searching again ## Search and standardize the interfaces... standardize_intfs(parse) parse.commit() # commit() **must** be called before searching again ## I'm illustrating regular expression usage in has_line_with() if not parse.has_line_with(r'^service\stimestamp'): ## prepend_line() adds a line at the top of the configuration parse.prepend_line( 'service timestamps debug datetime msec localtime show-timezone') parse.prepend_line( 'service timestamps log datetime msec localtime show-timezone') ## Write the new configuration parse.save_as('conf3.txt')
has_stormcontrol = intf.has_child_with(r' storm-control broadcast') is_switchport_access = intf.has_child_with(r'switchport mode access') is_switchport_trunk = intf.has_child_with(r'switchport mode trunk') ## Add missing features if is_switchport_access and (not has_stormcontrol): intf.append_to_family(' storm-control action trap') intf.append_to_family(' storm-control broadcast level 0.4 0.3') ## Remove dot1q trunk misconfiguration... elif is_switchport_trunk: intf.delete_children_matching('port-security') intf.delete_children_matching('nonegotiate') #cust request 1 ## Parse the configs parse = CiscoConfParse('ios_audit.conf') # this is our input file ## Search and standardize the interfaces... standardize_intfs(parse) parse.commit() # commit() **must** be called before searching again ## regular expression usage in has_line_with() to find if the config has a matching line if not parse.has_line_with(r'^service\stimestamp'): ## prepend_line() adds a line at the top of the configuration parse.prepend_line('service timestamps debug datetime msec localtime show-timezone') parse.prepend_line('service timestamps log datetime msec localtime show-timezone') parse.prepend_line('this config was hacked by Robert') ## Write the new configuration #customization request: make it output to .conf.new2 parse.save_as('ios_audit.conf.new2')
elif is_switchport_trunk or has_switchport_negotiate: #use two if statement to only remove the oone it finds if is_switchport_trunk: intf.delete_children_matching('port-security') if has_switchport_negotiate: intf.delete_children_matching('negotiate') ## Parse the config parse = CiscoConfParse('ios_audit.conf') # this is our input file ## Search and standardize the interfaces... standardize_intfs(parse) parse.commit() # commit() **must** be called before searching again ## regular expression usage in has_line_with() to find if the config has a matching line if not parse.has_line_with(r'^service\stimestamp'): ## prepend_line() adds a line at the top of the configuration parse.prepend_line( 'service timestamps debug datetime msec localtime show-timezone') parse.prepend_line( 'service timestamps log datetime msec localtime show-timezone') #Add name to the top of the file if not parse.has_line_with(r'^config by: '): user = argv[1] parse.prepend_line('Config by: ' + str(user)) ## Write the new configuration parse.save_as('ios_audit.conf.new2')
intf.append_to_family(' storm-control broadcast level 0.4 0.3') ## remove dot1q trunk misconfiguration elif is_switchport_trunk: intf.delete_children_matching('port-security') ## Parse the config parse = CiscoConfParse('switch.conf') ## Add a new switchport at the bottom of the config... parse.append_line('interface GigabitEthernet1/0') parse.append_line(' switchport') parse.append_line(' switchport mode access') parse.append_line('!') parse.commit() ## Search and standardize the interfaces standardize_interfaces(parse) parse.commit() ## Add a line to the top of the config if not already there. if not parse.has_line_with(r'^service\stimestamp'): parse.prepend_line( 'service timestamps debug datetime msec localtime show-timezone') parse.prepend_line( 'service timestamps log datetime msec localtime show-timezone') ## Wrtite the config file now... parse.save_as('switch.conf.new')
## Add missing commands if is_switchport_access and (not has_stormcontrol): intf.append_to_family(' storm-control action trap') intf.append_to_family(' storm-control broadcast level 0.4 0.3') ## remove dot1q trunk misconfiguration elif is_switchport_trunk: intf.delete_children_matching('port-security') ## Parse the config parse = CiscoConfParse('switch.conf') ## Add a new switchport at the bottom of the config... parse.append_line('interface GigabitEthernet1/0') parse.append_line(' switchport') parse.append_line(' switchport mode access') parse.append_line('!') parse.commit () ## Search and standardize the interfaces standardize_interfaces(parse) parse.commit() ## Add a line to the top of the config if not already there. if not parse.has_line_with(r'^service\stimestamp'): parse.prepend_line('service timestamps debug datetime msec localtime show-timezone') parse.prepend_line('service timestamps log datetime msec localtime show-timezone') ## Wrtite the config file now... parse.save_as('switch.conf.new')
## Add missing features if is_switchport_access and (not has_stormcontrol): intf.append_to_family(' storm-control action trap') intf.append_to_family(' storm-control broadcast level 0.4 0.3') ## Remove dot1q trunk misconfiguration... elif is_switchport_trunk: intf.delete_children_matching('port-security') intf.delete_children_matching('negotiate') ## Parse the config parse = CiscoConfParse('ios_audit.conf') # this is our input file ## Search and standardize the interfaces... standardize_intfs(parse) parse.commit() # commit() **must** be called before searching again ## regular expression usage in has_line_with() to find if the config has a matching line if not parse.has_line_with(r'^service\stimestamp'): ## prepend_line() adds a line at the top of the configuration parse.prepend_line( 'service timestamps debug datetime msec localtime show-timezone') parse.prepend_line( 'service timestamps log datetime msec localtime show-timezone') ## Write the new configuration parse.prepend_line('Saved by: Kyle Jorgensen') parse.save_as('ios_audit.conf.new2')