Start DOS prompt as Administrator.
for /l %i in (1,1,254) do ping -n 1 10.10.10.%i >> sweep.txt
IP Sweep
Reply
Monthly Archives: June 2020
Parsing Running Configs
https://pypi.org/project/ciscoconfparse/
Example 1:
from ciscoconfparse import CiscoConfParse
parse = CiscoConfParse(‘voss1run.log’, syntax=’ios’)
for intf_obj in parse.find_objects(‘^interface GigabitEthernet’):
print(“Interfaces: ” + intf_obj.text)
print(“Interfaces: ” + intf_obj.text)
Interfaces: interface GigabitEthernet 1/1
Interfaces: interface GigabitEthernet 1/8
Interfaces: interface GigabitEthernet 1/8
Example 2:
from ciscoconfparse import CiscoConfParse
parse = CiscoConfParse(‘exampleswitch.conf’, sytax=’ios’)
global_obj = parse.find_objects(r’^prompt’)[0]
hostname = global_obj.re_match_typed(r’^prompt\s+(\S+)’, default=”)
hostname
‘”VOSS1″‘
parse = CiscoConfParse(‘exampleswitch.conf’, sytax=’ios’)
global_obj = parse.find_objects(r’^prompt’)[0]
hostname = global_obj.re_match_typed(r’^prompt\s+(\S+)’, default=”)
hostname
‘”VOSS1″‘
Ansible and Templates
Building configuration files from a template…
VOSS.J2
prompt {{ item.value.hostname }}
boot config flags tftpd
{% if item.value.sflow_enable %}
sflow agent-ip 192.168.211.10
sflow enable
{% endif %}
sflow agent-ip 192.168.211.10
sflow enable
{% endif %}
###
Playbook…
—
– name: Template Looping
hosts: localhostvars:
voss_devices: {
“vsp1”: {
“hostname”: “vsp1”,
“sflow_enable”: True
},
“vsp2”: {
“hostname”: “vsp2”,
“sflow_enable”: False
}
}
tasks:
– name: create switch config file
template:
src=/cygdrive/c/cygwin64/bin/voss.j2
dest=/cygdrive/c/cygwin64/bin/{{ item.key }}.config
with_dict: “{{ voss_devices }}”
– name: Template Looping
hosts: localhostvars:
voss_devices: {
“vsp1”: {
“hostname”: “vsp1”,
“sflow_enable”: True
},
“vsp2”: {
“hostname”: “vsp2”,
“sflow_enable”: False
}
}
tasks:
– name: create switch config file
template:
src=/cygdrive/c/cygwin64/bin/voss.j2
dest=/cygdrive/c/cygwin64/bin/{{ item.key }}.config
with_dict: “{{ voss_devices }}”
-bash-4.4$ cat vsp1.config
prompt vsp1
prompt vsp1
boot config flags tftpd
sflow agent-ip 192.168.211.10
sflow enable
sflow enable
-bash-4.4$ cat vsp2.config
prompt vsp2
prompt vsp2
boot config flags tftpd
-bash-4.4$
Ansible and VOSS
This took me some time to get to work using Windows / Cygwin and my GNS3 VOSS simulated switch.
I struggled with getting Ansible + SSH to work from within Cygwin using key based authentication. But I wanted to test Ansible and Ansible-Playbook against VOSS so I persevered with simple user and password authentication which I got to work using a combination of files (ansible.cfg, inventory file = hosts and a test.yml file to run a single show command and display the output).
Hosts file
-bash-4.4$ cat ./inventory/hosts
[voss]
192.168.211.10
[voss]
192.168.211.10
[voss:vars]
ansible_ssh_common_args=’-o StrictHostKeyChecking=no’
ansible_network_os=voss
ansible_connection=network_cli
ansible_ssh_pass=rwa
ansible_ssh_common_args=’-o StrictHostKeyChecking=no’
ansible_network_os=voss
ansible_connection=network_cli
ansible_ssh_pass=rwa
Ansible.cfg
-bash-4.4$ cat ansible.cfg
[defaults]
inventory = inventory
host_key_checking = False
[defaults]
inventory = inventory
host_key_checking = False
[ssh_connection]
ansible_connection=network_cli
ssh_args = -o ControlMaster=no
ansible_connection=network_cli
ssh_args = -o ControlMaster=no
First stage, was to get a ‘Pong’ response to my ‘Ping’:
-bash-4.4$ ansible -i ./inventory/hosts voss -u rwa -m ping -c network_cli -e ansible_network_os=voss
192.168.211.10 | SUCCESS => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: false,
“ping”: “pong”
Next, I wanted to run Ansible which would login to the switch and run a simple command:
-bash-4.4$ ansible -i ./inventory/hosts voss -u rwa -m voss_command -a “commands=’show clock'”
192.168.211.10 | SUCCESS => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“changed”: false,
“stdout”: [
“Sat Jun 13 13:02:15 2020 UTC”
],
“stdout_lines”: [
[
“Sat Jun 13 13:02:15 2020 UTC”
]
]
}
Now that Ansible could login and carry out a task I progressed to put a task into a Playbook:
-bash-4.4$ cat test.yml
—
– hosts: voss
—
– hosts: voss
tasks:
– name: run show clock on remote devices
voss_command:
commands: show clock
– name: run show clock on remote devices
voss_command:
commands: show clock
register: output
– name: show output
debug:
var: output
debug:
var: output
-bash-4.4$ ansible-playbook test.yml
PLAY [voss] *********************************************************************
TASK [Gathering Facts] **********************************************************
ok: [192.168.211.10]
ok: [192.168.211.10]
TASK [run show clock on remote devices] *****************************************
ok: [192.168.211.10]
ok: [192.168.211.10]
TASK [show output] **************************************************************
ok: [192.168.211.10] => {
“output”: {
“changed”: false,
“failed”: false,
“stdout”: [
“Sat Jun 13 15:00:37 2020 UTC”
],
“stdout_lines”: [
[
“Sat Jun 13 15:00:37 2020 UTC”
]
]
}
}
ok: [192.168.211.10] => {
“output”: {
“changed”: false,
“failed”: false,
“stdout”: [
“Sat Jun 13 15:00:37 2020 UTC”
],
“stdout_lines”: [
[
“Sat Jun 13 15:00:37 2020 UTC”
]
]
}
}
PLAY RECAP **********************************************************************
192.168.211.10 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.211.10 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Checking stdout for a string…
—
– hosts: voss
gather_facts: false
– hosts: voss
gather_facts: false
tasks:
– name: show run pipe prompt
voss_command:
commands:
– enable
– show run | i promptregister: output- name: show output
– name: show run pipe prompt
voss_command:
commands:
– enable
– show run | i promptregister: output- name: show output
when: output.stdout is search(‘VOSS1’)
debug:
msg: ‘{{ output.stdout.1 }}’
###
Output snippet includes…
TASK [show output] *************************************************************
ok: [192.168.211.10] => {
“msg”: “prompt \”VOSS1\””
}
ok: [192.168.211.10] => {
“msg”: “prompt \”VOSS1\””
}
###
Add VLANs…
—
– hosts: voss
gather_facts: false
– hosts: voss
gather_facts: false
vars:
vlan_numbers: [100, 200]
vlan_numbers: [100, 200]
tasks:
– name: add vlans
voss_config:
commands:
– vlan create {{ item }} type port-mstprstp 0
with_items: “{{ vlan_numbers }}”
become: yes
– name: add vlans
voss_config:
commands:
– vlan create {{ item }} type port-mstprstp 0
with_items: “{{ vlan_numbers }}”
become: yes
register: output
###
-bash-4.4$ ansible-playbook test3.yml
PLAY [voss] ********************************************************************
TASK [add vlans] ***************************************************************
changed: [192.168.211.10] => (item=100)
changed: [192.168.211.10] => (item=200)
changed: [192.168.211.10] => (item=100)
changed: [192.168.211.10] => (item=200)
PLAY RECAP *********************************************************************
192.168.211.10 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.211.10 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
###
VOSS1:1#show vlan basic | i ‘100’
100 VLAN-100 byPort 0 none N/A N/A 0
VOSS1:1#show vlan basic | i ‘200’
200 VLAN-200 byPort 0 none N/A N/A 0
100 VLAN-100 byPort 0 none N/A N/A 0
VOSS1:1#show vlan basic | i ‘200’
200 VLAN-200 byPort 0 none N/A N/A 0
###
Looping over a dictionary…
—
– hosts: voss
gather_facts: falsevars:
vlans: {
“100”: {“description”: “floor1”, “ip”: “1.1.1.1”},
“200”: {“description”: “floor2”, “ip”: “1.1.2.1”}
}
– hosts: voss
gather_facts: falsevars:
vlans: {
“100”: {“description”: “floor1”, “ip”: “1.1.1.1”},
“200”: {“description”: “floor2”, “ip”: “1.1.2.1”}
}
tasks:
– name: add vlans
voss_config:
commands:
– vlan create {{ item.key }} type port-mstprstp 0
with_dict: “{{ vlans }}”
become: yes- name: configure vlans
voss_config:
commands:
– ip address {{ item.value.ip }}/24
parents: interface vlan {{ item.key }}
with_dict: “{{ vlans }}”
become: yes- name: name vlans
voss_config:
commands:
– vlan name {{ item.key }} {{ item.value.description }}
with_dict: “{{ vlans }}”
become: yes
– name: add vlans
voss_config:
commands:
– vlan create {{ item.key }} type port-mstprstp 0
with_dict: “{{ vlans }}”
become: yes- name: configure vlans
voss_config:
commands:
– ip address {{ item.value.ip }}/24
parents: interface vlan {{ item.key }}
with_dict: “{{ vlans }}”
become: yes- name: name vlans
voss_config:
commands:
– vlan name {{ item.key }} {{ item.value.description }}
with_dict: “{{ vlans }}”
become: yes
###
Create a results folder and write results to a file using each host in the filename.
$ cat playbook1.yml
—
– name: “Play 1: Capture sys-info”
hosts: routers
connection: network_cli
tasks:
– name: “Task 1: Show sys-info”
voss_command:
commands: show sys-info
register: result
– name: “Task 2: Print output”
debug:
msg: “{{ result }}”
– name: “Task 3: Create files folder”
file:
path: “outputs”
state: directory
run_once: true
– name: “Task 4: Write stdout to file”
copy:
content: “{{ result.stdout[0] }}\n”
dest: “outputs/{{ inventory_hostname }}.txt”
###
References:
Nornir Script
Get ARP table from VSP switches…
from nornir import InitNornir
from nornir.plugins.tasks.networking import netmiko_send_command
from nornir.plugins.functions.text import print_result
nr = InitNornir()
result = nr.run(
task=netmiko_send_command,
command_string=”show ip arp”
)
print_result(result)
Hosts.yaml
—
voss-1:
hostname: ‘192.168.1.10’
port: 22
username: ‘rwa’
password: ‘rwa’
platform: ‘extreme_vsp’
voss-2:
hostname: ‘192.168.1.11’
port: 22
username: ‘rwa’
password: ‘rwa’
platform: ‘extreme_vsp’
Netmiko Script
Device_Type: Extreme_VSP
Get list of IP interfaces…
from netmiko import ConnectHandler
voss1 = {‘device_type’: ‘extreme_vsp’, ‘host’: ‘192.168.1.10’, ‘username’: ‘rwa’, ‘password’: ‘rwa’}
net_connect = ConnectHandler(**voss1)
net_connect.find_prompt()
output = net_connect.send_command(‘show ip interface’)
print(output)
Making a configuration change, for example, disabling FTPD…
from netmiko import ConnectHandler
voss2 = {‘device_type’: ‘extreme_vsp’, ‘host’: ‘192.168.1.11’, ‘username’: ‘rwa’, ‘password’: ‘rwa’}
net_connect = ConnectHandler(**voss2)
net_connect.find_prompt()
net_connect.enable()
net_connect.send_config_set([‘no boot config flags ftpd’])
Device_Type: Extreme_ERS
from netmiko import ConnectHandler
ers1 = {‘device_type’: ‘extreme_ers’, ‘host’: ‘192.168.1.5’, ‘username’: ‘RW’, ‘password’: ‘securepasswd’}
net_connect = ConnectHandler(**ers1)
net_connect.find_prompt()
output = net_connect.send_command(‘show system’)
print(output)
Paramiko Change Config
Paramiko script which logs in to VOSS and sets the FTPD boot flag.
Devices.json
{
“voss-1”: {“ip”: “192.168.1.10”},
“voss-2”: {“ip”: “192.168.1.11”}
}
Commands.txt
enable
config t
boot config flags ftpd
exit
save config
exit
Verify changes made to running-config and configuration file on intflash.
show run | I ftpd
show grep ftpd config.cfg
VSP-8284XSQ-1:1#show run | i ftpd
boot config flags ftpd
VSP-8284XSQ-1:1#grep ftpd config.cfg
boot config flags ftpd
VSP-8284XSQ-1:1#
Script:
import paramiko, getpass, time, json
with open(‘devices.json’, ‘r’) as f:
devices = json.load(f)
with open(‘commands.txt’, ‘r’) as f:
commands = f.readlines()
username = input(‘Username: ‘)
password = getpass.getpass(‘Password: ‘)
max_buffer = 65535
def clear_buffer(connection):
if connection.recv_ready():
return connection.recv(max_buffer)
# Starts the loop for devices
for device in devices.keys():
outputFileName = device + ‘_output.txt’
connection = paramiko.SSHClient()
connection.set_missing_host_key_policy(paramiko.AutoAddPolicy())
connection.connect(devices[device][‘ip’], username=username, password=password, look_for_keys=False, allow_agent=False)
new_connection = connection.invoke_shell()
output = clear_buffer(new_connection)
time.sleep(2)
new_connection.send(“terminal more disable\n”)
output = clear_buffer(new_connection)
with open(outputFileName, ‘wb’) as f:
for command in commands:
new_connection.send(command)
time.sleep(2)
output = new_connection.recv(max_buffer)
print(output)
f.write(output)
new_connection.close()
Paramiko Script
Mastering Python Networking (Paramiko).
import paramiko, getpass, time
devices = {‘voss-1’: {‘ip’: ‘192.168.1.10’},
‘voss-2’: {‘ip’: ‘192.168.1.11’}}
commands = [‘enable\n’, ‘show software\n’, ‘show sys-info card\n’, ‘exit\n’]
username = input(‘Username: ‘)
password = getpass.getpass(‘Password: ‘)
max_buffer = 65535
def clear_buffer(connection):
if connection.recv_ready():
return connection.recv(max_buffer)
# Starts the loop for devices
for device in devices.keys():
outputFileName = device + ‘_output.txt’
connection = paramiko.SSHClient()
connection.set_missing_host_key_policy(paramiko.AutoAddPolicy())
connection.connect(devices[device][‘ip’], username=username, password=password, look_for_keys=False, allow_agent=False)
new_connection = connection.invoke_shell()
output = clear_buffer(new_connection)
time.sleep(5)
new_connection.send(“terminal more disable\n”)
output = clear_buffer(new_connection)
with open(outputFileName, ‘wb’) as f:
for command in commands:
new_connection.send(command)
time.sleep(5)
output = new_connection.recv(max_buffer)
print(output)
f.write(output)
new_connection.close()
Pexpect Script
Mastering Python Networking (Pexpect).
import getpass
from pexpect import pxssh
import time
devices = {‘VSP-8284XSQ-1’: {‘prompt’: ‘VSP-8284XSQ-1:1>’, ‘ip’: ‘192.168.1.10’}, ‘VSP-8284XSQ-2’: {‘prompt’: ‘VSP-8284XSQ-2:1>’, ‘ip’: ‘192.168.1.11’}}
commands = [‘terminal more disable’, ‘show sys-info card’, ‘terminal more enable’]
username = input(‘Username: ‘)
password = getpass.getpass(‘Password: ‘)
for device in devices.keys():
outputFileName = device + ‘_output.txt’
device_prompt = devices[device] [‘prompt’]
device_ip = devices[device] [‘ip’]
child = pxssh.pxssh()
child.login(devices[device] [‘ip’], username.strip(), password.strip(), auto_prompt_reset=False)
print(‘Logged in to ‘ + device)
with open(outputFileName, ‘wb’) as f:
for command in commands:
child.expect(device_prompt)
child.sendline(command)
time.sleep(1)
f.write(child.before)
child.logout()
explorerob's Blog 