-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSRXlsysextract.py
146 lines (137 loc) · 6.05 KB
/
SRXlsysextract.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
__author__ = 'MMahdy'
########################################################################################################################
######################This project aims to ease the extraction of zones, ###############################################
######################################### interfacesrelated to certain IPs from SRX with Logical system enabled#########
########################################################################################################################
#Import list
import paramiko
import csv
import pyexcel as pe
###################################################################################################################
################### Functions creation################################
####################################################################################################################
##Check interfaces
def Interface(x):
datain, dataout, dataerr = SRX.exec_command(
'show route forwarding-table matching ' + x + ' extensive | match "Next-hop interface" | trim 22')
intf = dataout.read()
return(intf)
##Zone info for zones at the internal side (Services side)requires IP as input
def Zone(y):
datain, dataout, dataerr = SRX.exec_command("show interface " + y + " | match zone | trim 20 ")
zonetmp = dataout.read()
zonetmp = zonetmp[:zonetmp.index('\n')]
return(zonetmp)
##Logical system information requires IP as input
def LSYS(x):
index = 0
index1 = 0
datain, dataout1, dataerr = SRX.exec_command(
"show route forwarding-table matching " + x + " extensive ")
intf = dataout1.readlines()
for i in intf:
if "Destination" in i:
index = intf.index(i)
index1 = index - 4
LSYStemp = intf[index1]
temp = LSYStemp[LSYStemp.index(': '):]
LSYS = temp[temp.index(' '):]
return (LSYS)
##provide logical system and interface requires IP as input
def RoutingTable(x):
datain, dataout1, dataerr = SRX.exec_command(
"show route forwarding-table matching " + x + " extensive ")
intf = dataout1.readlines()
for i in intf:
if "Destination" in i:
index= intf.index(i)
index1 = index -3
Rinsttemp = intf[index1]
temp = Rinsttemp[Rinsttemp.index(': '):Rinsttemp.index('.inet')]
Rinst = temp[temp.index(' '):]
return(Rinst)
##Checking the external interfaces (out towards PE side) requires (Logical system, routing instance, IP)
def ExternalIntf(x,y,z):
datain, dataout, dataerr = SRX.exec_command("show route logical-system " + x + " table " + y +" " +z +
" | match via | trim 40")
Exint = dataout.read()
Exint = Exint[Exint.index(' '):Exint.index('\n')]
return(Exint)
##Function used to handle the device related info, requires (Input file, output file, Username, password, device IP)
def SRXinfoextract(file,Ofile):
SourceIP = []
DestinationIP = []
i = 0
SourceInterface = []
SourceZone = []
LogicalSystem = []
RoutingInstance = []
DestinationInterface = []
DestinationZone = []
with open(file, 'r') as f:
reader = csv.reader(f)
next(reader)
for row in reader:
SourceIP.append(row[0])
DestinationIP.append(row[1])
while i < len(SourceIP):
Sintf = Interface(SourceIP[i])
if Sintf.find('reth') != -1:
SourceInterface.append(Sintf)
lsys = LSYS(SourceIP[i])
LogicalSystem.append(lsys)
rt = RoutingTable(SourceIP[i])
RoutingInstance.append(rt)
else:
lsys = LSYS(DestinationIP[i])
LogicalSystem.append(i)
rt = RoutingTable(DestinationIP[i])
RoutingInstance.append(rt)
eXInterface = ExternalIntf(lsys, rt, SourceIP[i])
SourceInterface.append(eXInterface)
i += 1
i = 0
while i < len(DestinationIP):
Dintf = Interface(DestinationIP[i])
if Dintf.find('reth') != -1:
DestinationInterface.append(Dintf)
rt = RoutingTable(DestinationIP[i])
RoutingInstance.append(rt)
else:
lsys = LSYS(SourceIP[i])
rt = RoutingTable(SourceIP[i])
RoutingInstance.append(rt)
eXInterface = ExternalIntf(lsys, rt, DestinationIP[i])
DestinationInterface.append(eXInterface)
i += 1
for Sintf in SourceInterface:
Szone = Zone(Sintf)
SourceZone.append(Szone)
for Dintf in DestinationInterface:
Dzone = Zone(Dintf)
DestinationZone.append(Dzone)
data = [SourceZone, SourceIP, SourceInterface, DestinationZone, DestinationIP, DestinationInterface, LogicalSystem, RoutingInstance]
Transdata = zip(*data)
sheet = pe.Sheet(Transdata)
sheet.save_as(Ofile)
return(Ofile)
########################********************#############################**************###############################
########################################Program ********************* Program ########################################
########################********************#############################**************###############################
Check = 'Y'
file = raw_input("Please enter the source file containing the source and destination IPs: ")
Ofile = raw_input("Please enter the Destination file to send the output: ")
UN = raw_input("Please enter the user name: ")
PWD = raw_input("Please enter the password: ")
while Check =='Y':
IP = raw_input("Please enter the Firewall IP to be checked: ")
print "Connecting..."
SRX = paramiko.SSHClient()
SRX.set_missing_host_key_policy(paramiko.AutoAddPolicy())
SRX.connect(IP, username=UN, password=PWD)
print "Connected"
print "Process in progress it may take few minutes..."
SRXLSYSinfo = SRXinfoextract(file,Ofile)
print "Process completed please check the output file location!"
Check = raw_input("Check another Firewall (Y or N): ")
SRX.close()