Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import re
- import sys
- reload(sys)
- sys.setdefaultencoding('utf-8')
- rx_iface=re.compile(r"^(interface GigabitEthernet0\S+\n(?:[ ]+\S+[^\n]*\n)*#\n)", re.DOTALL|re.MULTILINE|re.IGNORECASE)
- rx_ifname=re.compile(r"^interface (\S+)",re.MULTILINE)
- rx_ftpserver=re.compile(r"^\sFTP server \S+\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # FTP server enable
- rx_stp=re.compile(r"^\sstp \S+\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # stp enable
- rx_bpdu=re.compile(r"^\sbpdu \S+\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # bpdu enable
- rx_acl=re.compile(r"^acl number 1\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # acl number 1
- rx_aaa=re.compile(r"^aaa\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # aaa
- rx_ntp=re.compile(r"^\sntp-service \S+ \S+\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # ntp-service unicast-server 192.168.1.1
- rx_vty=re.compile(r"^user-interface \S+ \S+\n(?:[ ]*\S+[^\n]*\n)*#\n",re.MULTILINE) # user-interface con 0
- rx_snmp=re.compile(r"^\ssnmp-agent \S+ \S+\n(?:[ ]+\S+[^\n]*\n)*#\n",re.MULTILINE) # snmp agent
- @pyrule
- def rule(managed_object, config):
- from noc.main.models import SystemNotification
- """
- S23 Validation PyRule
- """
- s='Пример написания строк по-русски :) '.decode('utf-8')
- s='While parsing config %s swicth we have found some errors:' % managed_object.name
- r=[s]
- for i in rx_iface.findall(config):
- if (not "shutdown" in i) and not ("description" in i):
- name=rx_ifname.search(i).group(1)
- s="Description on interface %s is empty" % name
- r+=[s]
- # FTP section
- try:
- ftpserver_al=rx_ftpserver.search(config).group(0)
- if not 'FTP server enable' in ftpserver_al:
- r+=["ftp server command should looks like 'FTP server enable'"]
- if not 'FTP acl 1' in ftpserver_al:
- r+=["ftp acl command should looks like 'FTP acl 1'"]
- except:
- r+=["please add FTP server section"]
- #STP section
- try:
- stp_al=rx_stp.search(config).group(0)
- if not 'stp enable' in stp_al:
- r+=["stp command should looks like 'stp enable'"]
- except:
- r+=["You should specify 'stp enable' command"]
- #bpdu section
- try:
- bpdu_al=rx_bpdu.search(config).group(0)
- if not 'bpdu enable' in bpdu_al:
- r+=["bpdu command should looks like 'bpdu enable'"]
- except:
- r+=["You should specify 'bpdu enable' command"]
- #aaa
- try:
- aaa_al=rx_aaa.search(config).group(0)
- if not 'undo local-user admin' in aaa_al:
- r+=["You should disable default user admin"]
- except:
- r+=["looks like there're regexp error in aaa section"]
- #acl number 2000
- try:
- acl_al=rx_acl.search(config).group(0)
- if not 'rule 10 permit source 192.168.1.0 0.0.7.255' in acl_al:
- r+=["rule 10 command should looks like 'rule 10 permit source 192.168.1.0 0.0.7.255'"]
- if not 'rule 999 deny' in acl_al:
- r+=["rule 999 command should looks like 'rule 999 deny'"]
- except:
- r+=["You should specify 'acl number 1' command"]
- #ntp-service
- try:
- ntp_al=rx_ntp.search(config).group(0)
- if not 'ntp-service unicast-server 192.168.1.1' in ntp_al:
- r+=["ntp-service command should looks like 'ntp-service unicast-server 192.168.1.1'"]
- except:
- r+=["You should specify 'ntp-service' command"]
- #vty-service
- try:
- vty_al=rx_vty.search(config).group(0)
- if not 'acl 2000 inbound' in vty_al:
- r+=["you should specify 'acl 1 inbound' command"]
- except:
- r+=["looks like there're regexp error in vty-service section"]
- #snmp-agent
- try:
- snmp_al=rx_snmp.search(config).group(0)
- if not 'snmp-agent community read tlk-read acl 1' in snmp_al:
- r+=["you should specify 'snmp-agent community read tlk-read acl 1' command"]
- if not 'snmp-agent target-host trap address udp-domain 192.168.1.1 params securityname tlk-read v2c' in snmp_al:
- r+=["you should specify 'snmp-agent target-host trap address udp-domain 192.168.1.1 params securityname tlk-read v2c' command"]
- except:
- r+=["you should specify snmp-agent section"]
- if len(r) > 1:
- SystemNotification.notify(name="S23.Config.Validation",
- subject="%s - S23.Config.Validation " % managed_object.name, body="\n".join(r))
- return r
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement