API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2017
81
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 6.37 KB | None | 0 0
raw download clone embed print report
  1. # -*- coding: utf-8 -*-
  2. import requests
  3. from requests.packages.urllib3.exceptions import InsecureRequestWarning
  4. requests.packages.urllib3.disable_warnings()
  5. import xml.etree.ElementTree as ET
  6. #GLOBAL VARIABLES
  7. _csm_server = 'https://w2dapw0002501.corp.heb.com/nbi/'
  8. _user = 'csmapi4'
  9. _pass = 'admin'
  10. _reqId = '001'
  11. #fwdata = "null"
  12. _csm_session_number = '' #This will hold the CSM Session GID for write methods
  13. #START OF METHODS (XML)#
  14. login_body = '''<?xml version="1.0" encoding="UTF-8"?>
  15. <csm:loginRequest xmlns:csm="csm"><protVersion>1.0</protVersion>
  16. <reqId>'''+_reqId+'''</reqId><username>'''+_user+'''</username><password>'''+_pass+'''</password>
  17. <heartbeatRequested>true</heartbeatRequested><callbackUrl>'''+_csm_server+'''login</callbackUrl>
  18. </csm:loginRequest>'''
  19. logout_body = '''<?xml version="1.0" encoding="UTF-8"?><csm:logoutRequest xmlns:csm="csm">
  20. <protVersion>1.0</protVersion><reqId>'''+_reqId+'''</reqId></csm:logoutRequest>'''
  21. firewall_device_list_body = '''<?xml version="1.0" encoding="UTF-8"?><csm:deviceListByCapabilityRequest xmlns:csm="csm">
  22. <protVersion>1.0</protVersion><reqId>'''+_reqId+'''</reqId><deviceCapability>firewall</deviceCapability>
  23. </csm:deviceListByCapabilityRequest>'''
  24. firewall_group_list_body = '''<?xml version="1.0" encoding="UTF-8"?><csm:groupListRequest xmlns:csm="csm">
  25. <protVersion>1.0</protVersion><reqId>'''+_reqId+'''</reqId><includeEmptyGroups>false</includeEmptyGroups>
  26. </csm:groupListRequest>'''
  27. firewall_config_devicename_body = '''<?xml version="1.0" encoding="UTF-8"?><csm:deviceConfigByNameRequest xmlns:csm="csm">
  28. <protVersion>1.0</protVersion><reqId>'''+_reqId+'''</reqId><name>W2-DEV-0001-FW1.heb.com</name>
  29. </csm:deviceConfigByNameRequest>'''
  30. create_csm_session_body = '''<?xml version="1.0" encoding="UTF-8"?><csm:newCSMSessionRequest xmlns:csm="csm">
  31. <csmSessionDescription></csmSessionDescription></csm:newCSMSessionRequest>'''
  32. add_network_object_body = '''<enforceDuplicateDetection>false</enforceDuplicateDetection>
  33.         <networkPolicyObject>
  34.         <name>Store_Vlan110</name>
  35.         <parentGID>00000000-0000-0000-0000-060129549592</parentGID>
  36.         <type>NetworkPolicyObject</type>
  37.         <comment></comment>
  38.         <nodeGID>00000000-0000-0000-0000-060129542292</nodeGID>
  39.         <isProperty>false</isProperty>
  40.         <subType>NN</subType>
  41.         <isGroup>false</isGroup>
  42.         <ipData>110.106.197.0/24</ipData>
  43.         </networkPolicyObject>
  44.         </csm:addPolicyObjectRequest>'''
  45. get_policy_object_body = '''<?xml version="1.0" encoding="UTF-8"?>
  46.         <p:getPolicyObjectRequest xmlns:p="csm">
  47.         <networkPolicyObject>
  48.         <name>Store_Vlan110</name>
  49.         </networkPolicyObject>
  50.         </p:getPolicyObjectRequest>'''
  51. get_policy_object_gid_body = '''<?xml version="1.0" encoding="UTF-8"?>
  52.         <p:getPolicyObjectByGID xmlns:p="csm">
  53.         <gid>00000000-0000-0000-0000-060129549592</gid>
  54.         </p:getPolicyObjectByGID>'''
  55. #END OF METHODS (XML)#
  56. #LOGIN - START SESSION
  57. with requests.Session() as s:
  58.     s.headers.update({'Content-Type':'application/xml'})
  59.     s.verify = False
  60.     login_response = s.post(_csm_server+'login', data=login_body)
  61.     #update headers to contain session cookie 'asCookie'
  62.     s.headers.update(login_response.headers)
  63.     print(login_response.text)
  64. #QUERY - Pull firewall device list by TYPE 'firewall', parse XML for each firewall (gather info.)
  65. def firewall_device_list_xml():
  66.     firewall_device_list_response = s.post(_csm_server+'configservice/getDeviceListByType', data=firewall_device_list_body)
  67.     firewall_device_list_response_text = firewall_device_list_response.text
  68.     tree = ET.fromstring(firewall_device_list_response_text)
  69.     for firewall_elemments in tree.findall('.//'):
  70.         for elements in firewall_elemments:
  71.             #print "\t", elements.tag,":", elements.text
  72.             tag = elements.tag
  73.             text = elements.text
  74.             #f = open("firewallinfo.txt", "a")
  75.             if tag == "deviceName" and "W2-DEV" in text:
  76.                 global fwdata
  77.                 fwdata = text
  78.                 #print text
  79.                 print fwdata
  80.                 #f.write(text + "\t")
  81.             if tag == "gid" and "W2-DEV" in fwdata:
  82.                 fwdata = fwdata + " : " + text
  83.                 print fwdata
  84.                 #print text
  85.                 #f.write(text + "\n")
  86.             #f.close()
  87. #QUERY - Pull firewall config by device NOTE: *FOR NOW* Requires update to xml body method 'firewall_config_devicename_body' above
  88. def firewall_config_devicename():
  89.     firewall_config_devicename_response = s.post(_csm_server+'configservice/getDeviceConfigByName', data=firewall_config_devicename_body)
  90.     firewall_config = firewall_config_devicename_response.text
  91.     print (firewall_config)
  92. #QUERY - Pull firewall device list by GROUP
  93. def firewall_group_list():
  94.     firewall_group_list_response = s.post(_csm_server+'configservice/getGroupList', data=firewall_group_list_body)
  95.     print (firewall_group_list_response.text)
  96. #QUERY - Setup CSM Session (for write methods) and add network object(s) to CSM
  97. def csm_session_add_network_object():
  98.     create_csm_session_response = s.post(_csm_server+'configservice/createCSMSession', data=create_csm_session_body)
  99.     create_csm_session_response_text = create_csm_session_response.text
  100.     tree = ET.fromstring(create_csm_session_response_text)
  101.     for csm_session in tree.findall('.//csmSessionGID'):
  102.         _csm_session_number = csm_session.text
  103.         csm_session_local_function = '''<csm:addPolicyObjectRequest xmlns:csm="csm"><csmSessionGID>'''+_csm_session_number+'''</csmSessionGID>'''
  104.         add_network_object_response = s.post(_csm_server+'configservice/addPolicyObject', data=csm_session_local_function+add_network_object_body)
  105.         print (add_network_object_response.text)
  106. #QUERY - Pull Policy Object Details
  107. def get_policy_object():
  108.     get_policy_object_response = s.post(_csm_server+'configservice/getPolicyObject', data=get_policy_object_body)
  109.     print (get_policy_object_response.text)
  110. #QUERY - Pull Policy Object by GID
  111. def get_policy_object_gid():
  112.     get_policy_object_gid_response = s.post(_csm_server+'configservice/getPolicyObjectByGID', data=get_policy_object_gid_body)
  113.     print (get_policy_object_gid_response.text)
  114. #LOGOUT - END SESSION
  115. def logout():
  116.     logout_response = s.post(_csm_server+'logout', data=logout_body)
  117.     print(logout_response.text)
  118. #UNCOMMENT TO TEST A METHOD
  119. firewall_device_list_xml()
  120. #firewall_config_devicename()
  121. #firewall_group_list()
  122. #get_policy_object()
  123. #get_policy_object_gid()
  124. #csm_session_add_network_object()
  125. logout()
  126.  
  127. #Create function for object override that iterates all firewalls and creates a custom object for each firewall.
  128. #Need to pull the gid and devicename
  129. #IP Address will be based on device name
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!