def isolate_nodes(self, configuration):
succeed = False
target_ips = []
for node in self.get_nodes():
denyMACAddress(configuration, node['macaddr'])
target_ips.append(node['ipaddr'])
try:
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
if not edge_api.validate_edgeurl():
return succeed
if not edge_api.login(self.get_value('edge_client_id'),
self.get_value('edge_secret')):
return succeed
policy = edge_api.get_policy_by_name(
self.get_value('edge_policy_name'))
if policy is None:
return succeed
id = policy.pop('id')
del policy['timestamp']
del policy['policyVersionId']
policy['sourceIps']['ranges'].extend(target_ips)
succeed = edge_api.update_policy(id, policy)
except Exception as e:
if self._debug:
print('DEBUG: Exceptin <%s>' % str(e))
self.clear_nodes()
return succeed
def register_job(self):
succeed = False
try:
edge_api = EdgeAPI(self.get_value('edge_url'), debug=False)
if not edge_api.validate_edgeurl():
return succeed
if self._scheduler is None:
self._scheduler = BackgroundScheduler(daemon=True,
timezone=pytz.utc)
self._scheduler.start()
if self._job is not None:
self._job.remove()
self._job = None
interval = self.get_value('execution_interval')
if interval is not None and 0 < interval:
self.watch_service_points()
self._job = \
self._scheduler.add_job(self.watch_service_points, 'interval', seconds=interval)
succeed = True
except Exception as e:
if self._debug:
print('DEBUG: Exceptin <%s>' % str(e))
return succeed
def force_synchronize_endpoints(self):
ep_api = EndpointsAPI(self.get_value('o365_client_id'), debug=True)
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
meraki_api = MerakiAPI(self.get_value('sdwan_key'), debug=True)
# Checking Office 365 endpoints
if not ep_api.validate_client_id():
return False
latest_version = ep_api.get_current_version(
self.get_value('o365_instance'))
endpoints = self._get_endpoints(ep_api)
# Checking DNS Edge CI
if not edge_api.validate_edgeurl():
return False
succeed = False
if self._update_domainlist(edge_api, endpoints):
#Checking Meraki
if meraki_api.validate_api_key():
self._update_firewall_rules(meraki_api, endpoints)
self.set_value('current_version', latest_version)
timestamp = datetime.datetime.now().strftime(
"%Y/%m/%d %H:%M:%S.%f UTC")
self.set_value('last_execution', timestamp)
self.save()
succeed = True
return succeed
def register_synchronize_job(self):
succeed = False
try:
interval = self.get_value('execution_interval')
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
meraki_api = MerakiAPI(self.get_value('sdwan_key'), debug=True)
if not edge_api.validate_edgeurl() or \
not meraki_api.validate_api_key():
return succeed
if self._scheduler is None:
self._scheduler = BackgroundScheduler(daemon=True, timezone=pytz.utc)
self._scheduler.start()
if self._job is not None:
self._job.remove()
self._job = None
if interval is not None and 0 < interval:
self._job = \
self._scheduler.add_job(self.synchronize_domainlists, 'interval', seconds=interval)
succeed = True
except Exception as e:
if self._debug:
print('DEBUG: Exceptin <%s>' % str(e))
return succeed
def force_synchronize_domainlists(self):
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
meraki_api = MerakiAPI(self.get_value('sdwan_key'), debug=True)
if not edge_api.validate_edgeurl() or not meraki_api.validate_api_key():
return False
succeed = False
if edge_api.login(self.get_value('edge_client_id'), self.get_value('edge_secret')):
self._update_domainlist_ids(edge_api)
domainlists = {}
self._updates_domainlists(edge_api, domainlists)
if self._debug:
print("Now Synhronizing....")
network_id = self._get_network_id(meraki_api)
if network_id is not None:
rules = meraki_api.get_firewall_rules(network_id)
new_rules = self._update_firewall_rules_by_dls(meraki_api, rules, domainlists)
meraki_api.update_firewall_rules(network_id, new_rules)
timestamp = datetime.datetime.now().strftime("%Y/%m/%d %H:%M:%S.%f UTC")
self.set_value('last_execution', timestamp)
self.save()
succeed = True
edge_api.logout()
return succeed
def collect_service_points(self):
succeed = False
try:
interval = self.get_value('execution_interval')
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
if not edge_api.validate_edgeurl():
return succeed
if edge_api.login(self.get_value('edge_client_id'), self.get_value('edge_secret')):
service_points = self._collect_service_points(edge_api)
self.set_service_points(service_points)
edge_api.logout()
except Exception as e:
if self._debug:
print('DEBUG: Exceptin <%s>' % str(e))
return succeed
def clear_endpoints(self):
edge_api = EdgeAPI(self.get_value('edge_url'), debug=True)
meraki_api = MerakiAPI(self.get_value('sdwan_key'), debug=True)
endpoints = []
# Checking DNS Edge CI
if not edge_api.validate_edgeurl():
return False
succeed = False
if self._update_domainlist(edge_api, endpoints):
#Checking Meraki
if meraki_api.validate_api_key():
self._update_firewall_rules(meraki_api, endpoints)
self.set_value('current_version', "")
self.set_value('last_execution', "")
self.save()
succeed = True
return succeed
