-
Notifications
You must be signed in to change notification settings - Fork 7
/
get_property.py
210 lines (175 loc) · 7.05 KB
/
get_property.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
"""
This module holds properties that superloop is required to retrieve.
"""
import datetime
import hvac
import os
import socket
import time
def get_home_directory():
home_directory = os.getenv('HOME')
return home_directory
def get_real_path():
real_path = os.path.dirname(os.path.realpath(__file__))
return real_path
def get_port(node_object,element,ssh_id):
if node_object[element[ssh_id]]['type'] == 'switch':
port = '22'
elif node_object[element[ssh_id]]['type'] == 'nas':
port = '2222'
else:
port = '22'
return port
def get_type(name):
if('fw' in name):
device_type = 'firewall'
elif('rt' in name):
device_type = 'router'
elif('sw' in name):
device_type = 'switch'
return device_type
def get_template_directory(hardware_vendor,opersys,device_type):
"""
This will return the appropreiate directory based on the device
hardware_vendor, operating system and type
"""
directory = ''
if hardware_vendor == 'cisco' and opersys == 'asa' and device_type == 'firewall':
directory = '{}/superloop_code/templates/hardware_vendors/cisco/asa/firewall/'.format(get_home_directory())
elif hardware_vendor == 'cisco' and opersys == 'ios'and device_type == 'router':
directory = '{}/superloop_code/templates/hardware_vendors/cisco/ios/router'.format(get_home_directory())
elif hardware_vendor == 'cisco' and opersys == 'ios'and device_type == 'switch':
directory = '{}/superloop_code/templates/hardware_vendors/cisco/ios/switch/'.format(get_home_directory())
elif hardware_vendor == 'cisco' and opersys == 'nxos'and device_type == 'switch':
directory = '{}/superloop_code/templates/hardware_vendors/cisco/nxos/switch/'.format(get_home_directory())
elif hardware_vendor == 'cisco' and opersys == 'nxos'and device_type == 'router':
directory = '{}/superloop_code/templates/hardware_vendors/cisco/nxos/router/'.format(get_home_directory())
elif hardware_vendor == 'juniper' and opersys == 'junos' and device_type == 'vfirewall':
directory = '{}/superloop_code/templates/hardware_vendors/juniper/junos/vfirewall/'.format(get_home_directory())
elif hardware_vendor == 'juniper' and opersys == 'junos' and device_type == 'router':
directory = '{}/superloop_code/templates/hardware_vendors/juniper/junos/router/'.format(get_home_directory())
elif hardware_vendor == 'citrix' and opersys == 'netscaler' and device_type == 'loadbalancer':
directory = '{}/superloop_code/templates/hardware_vendors/citrix/netscaler/vpx/'.format(get_home_directory())
elif hardware_vendor == 'f5' and opersys == 'tmsh' and device_type == 'loadbalancer':
directory = '{}/superloop_code/templates/hardware_vendors/f5/tmsh/ltm/'.format(get_home_directory())
return directory
def get_policy_directory(hardware_vendor,opersys,device_type):
directory = ''
if hardware_vendor == 'cisco' and opersys == 'asa' and device_type == 'firewall':
directory = '{}/superloop_code/policy/cisco/ios/firewall/'.format(get_home_directory())
elif hardware_vendor == 'juniper' and opersys == 'junos' and device_type == 'vfirewall':
directory = '{}/superloop_code/policy/juniper/junos/vfirewall/'.format(get_home_directory())
return directory
def get_updated_list(list_copy):
"""
This will get the current template list from the list.
Example: ['base.jinja'],['snmp.jinja','tacacs.jinja']].
It will continue to pop off the 1st element until there
are only one element left.
"""
updated_list = []
if len(list_copy) != 1:
list_copy.pop(0)
updated_list = list_copy[0]
return updated_list
def get_syntax(node_object,index):
"""
This will return the correct syntax used for CiscoConfParse
based on device hardware vendor.
"""
syntax = ''
if node_object[index]['hardware_vendor'] == 'cisco' and node_object[index]['type'] == 'firewall':
syntax = 'asa'
elif node_object[index]['hardware_vendor'] == 'cisco' and node_object[index]['type'] == 'switch':
syntax = 'ios'
elif node_object[index]['hardware_vendor'] == 'juniper' and node_object[index]['type'] == 'switch':
syntax = 'junos'
elif node_object[index]['hardware_vendor'] == 'f5' and node_object[index]['type'] == 'loadbalancer':
syntax = 'ios'
return syntax
def get_sorted_juniper_template_list(template_list):
""" This will sort the Juniper template list from top configuration
in the order they appear in a 'show configuration' juniper output.
For example: groups, systems, chassis, security, snmp etc...
"""
sorted_juniper_template_list = []
sorted_juniper_template_list_index = []
config_order = {
'groups.jinja2': 0 ,
'system.jinja2': 1 ,
'interfaces.jinja2': 2,
'chassis.jinja2': 3 ,
'snmp.jinja2': 4 ,
'routing-options.jinja2': 5 ,
'protocols.jinja2': 6 ,
'policy-options.jinja2': 7 ,
'security.jinja2': 8 ,
'routing-instances.jinja2': 9
}
for template in template_list:
if template in config_order.keys():
sorted_juniper_template_list_index.append(config_order[template])
"""
Sorting the order of how the templates should be in comparison with
with the Juniper 'show configuration' output.
"""
sorted_juniper_template_list_index.sort()
"""
Building the sorted template list and returning
"""
for element in sorted_juniper_template_list_index:
template = list(config_order.keys())[list(config_order.values()).index(element)]
sorted_juniper_template_list.append(template)
return sorted_juniper_template_list
def get_standards_directory(name,hardware_vendor,type):
directory = '{}/superloop_code/templates/standards/'.format(get_home_directory())
return directory
def timestamp():
time_stamp =time.time()
date_time = datetime.datetime.fromtimestamp(time_stamp).strftime('%Y-%m-%d %H:%M:%S')
return date_time
def get_resolve_hostname(fqdn):
try:
mgmt_ip4 = socket.gethostbyname(fqdn)
return mgmt_ip4
except socket.error:
mgmt_ip4 = 'null'
return mgmt_ip4
def get_serial_oid(snmp_platform_name):
platform_name = snmp_platform_name.lower()
device_serial = ''
SERIAL_OID = {
'firefly-perimeter':'1.3.6.1.4.1.2636.3.1.3.0',
'c3750':'1.3.6.1.4.1.9.5.1.2.19.0',
'adaptive security appliance':'1.3.6.1.2.1.47.1.1.1.1.11.1',
'cisco nx-os':'1.3.6.1.2.1.47.1.1.1.1.11.22',
'netscaler':'1.3.6.1.4.1.5951.4.1.1.14.0'
}
for model in SERIAL_OID:
if model in platform_name:
device_serial_oid = SERIAL_OID[model]
break
else:
device_serial_oid = 'null'
return device_serial_oid
def get_secrets():
client = hvac.Client()
data = client.auth.approle.login(
role_id = os.environ.get('VAULT_ROLE_ID'),
secret_id = os.environ.get('VAULT_SECRET_ID')
)
VAULT_TOKEN = data['auth']['client_token']
secret_data = client.read('{}'.format(os.environ.get('VAULT_PATH')))
secrets = secret_data['data']['data']
return secrets
"""
get_no_negate() function stores a list of strings that do not require a negation when it comes to the Cisco. However, the command by default begins with a 'no'.
For example. 'no logging rate-limit', 'no service-pad'. The keywords must be stored in this list so superloop checks against it to know which commands to not
negate.
"""
def get_no_negate():
no_negate = [
'logging',
'service',
]
return no_negate