来源:网络技术联盟站 链接:https://www.wljslmz.cn/20244.html 你好,这里是网络技术联盟站。 之前给大家介绍了: 今天给大家带来的是华为防火墙设备常用的Python脚本,一共会介绍48个常用的, 1、查看防火墙设备的基本信息: 2、查看防火墙设备的CPU利用率: 3、查看防火墙设备的内存使用情况: 4、查看防火墙设备的接口状态: 5、查看防火墙设备的防火墙策略: 6、查看防火墙设备的NAT策略: 7、查看防火墙设备的ACL(访问控制列表): 8、查看防火墙设备的路由表: 9、查看防火墙设备的系统日志: 10、修改防火墙设备的登录密码: 11、配置防火墙设备的接口IP地址: 12、配置防火墙设备的静态路由: 13、配置防火墙设备的SNMP: 14、查看防火墙设备的用户列表: 15、查看防火墙设备的系统信息: 16、查看防火墙设备的硬件信息: 17、查看防火墙设备的连接数: 18、查看防火墙设备的硬盘利用率: 19、查看防火墙设备的系统日志: 20、查看防火墙设备的接口状态: 21、查看防火墙设备的ARP缓存表: 22、查看防火墙设备的NAT表: 23、查看防火墙设备的VPN连接: 24、配置防火墙设备的管理员密码: 25、配置防火墙设备的SNMP配置: 26、配置防火墙设备的端口镜像: 27、配置防火墙设备的IP地址: 28、查看防火墙设备的CPU和内存使用情况: 29、配置防火墙设备的VLAN: 30、查看防火墙设备的接口状态: 31、配置防火墙设备的SNAT规则: 32、查看防火墙设备的路由表: 33、查看防火墙设备的系统日志: 34、配置防火墙设备的DHCP服务: 35、配置防火墙设备的NAT规则: 36、配置防火墙设备的端口镜像: 37、配置防火墙设备的SNMP访问: 38、查询防火墙设备的当前连接数: 39、查询防火墙设备的当前接口流量: 40、查询防火墙设备的日志: 41、配置防火墙设备的时间: 42、配置防火墙设备的SSH访问: 43、查询防火墙设备的接口信息: 44、获取当前配置文件的MD5值 45、执行防火墙的设备诊断命令并保存输出结果 46、查看防火墙当前活动连接数 47、查看防火墙规则信息 48、在防火墙上添加新的安全组规则
1、查看防火墙设备的基本信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display version\\\")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()2、查看防火墙设备的CPU利用率:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display cpu-usage\\\")
cpu_info = stdout.readlines()
for line in cpu_info:
print(line.strip())
client.close()3、查看防火墙设备的内存使用情况:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display memory-usage\\\")
memory_info = stdout.readlines()
for line in memory_info:
print(line.strip())
client.close()4、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display interface\\\")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()5、查看防火墙设备的防火墙策略:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display firewall policy\\\")
policy_info = stdout.readlines()
for line in policy_info:
print(line.strip())
client.close()6、查看防火墙设备的NAT策略:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display nat\\\")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()7、查看防火墙设备的ACL(访问控制列表):
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display acl all\\\")
acl_info = stdout.readlines()
for line in acl_info:
print(line.strip())
client.close()8、查看防火墙设备的路由表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display ip routing-table\\\")
routing_info = stdout.readlines()
for line in routing_info:
print(line.strip())
client.close()9、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display logbuffer\\\")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()10、修改防火墙设备的登录密码:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
new_password = \\\"new_password\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"user-interface vty 0 4\\\\n\\\")
stdin.write(\\\"set authentication password cipher \\\" + new_password + \\\"\\\\n\\\")
stdin.write(\\\"return\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()11、配置防火墙设备的接口IP地址:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface_name = \\\"GigabitEthernet0/0/1\\\"
ip_address = \\\"192.168.2.1\\\"
subnet_mask = \\\"255.255.255.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"interface \\\" + interface_name + \\\"\\\\n\\\")
stdin.write(\\\"ip address \\\" + ip_address + \\\" \\\" + subnet_mask + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()12、配置防火墙设备的静态路由:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
destination_network = \\\"192.168.3.0\\\"
subnet_mask = \\\"255.255.255.0\\\"
next_hop = \\\"192.168.2.2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"ip route-static \\\" + destination_network + \\\" \\\" + subnet_mask + \\\" \\\" + next_hop + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()13、配置防火墙设备的SNMP:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_location = \\\"HQ\\\"
snmp_contact = \\\"admin@example.com\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"snmp-agent community read \\\" + snmp_community + \\\"\\\\n\\\")
stdin.write(\\\"snmp-agent sys-info location \\\" + snmp_location + \\\"\\\\n\\\")
stdin.write(\\\"snmp-agent sys-info contact \\\" + snmp_contact + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()14、查看防火墙设备的用户列表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display user-interface\\\")
user_info = stdout.readlines()
for line in user_info:
print(line.strip())
client.close()15、查看防火墙设备的系统信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display version\\\")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()16、查看防火墙设备的硬件信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display device\\\")
device_info = stdout.readlines()
for line in device_info:
print(line.strip())
client.close()17、查看防火墙设备的连接数:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display firewall session table\\\")
session_info = stdout.readlines()
for line in session_info:
print(line.strip())
client.close()18、查看防火墙设备的硬盘利用率:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display disk-usage\\\")
disk_info = stdout.readlines()
for line in disk_info:
print(line.strip())
client.close()19、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display logbuffer\\\")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()20、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display interface\\\")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()21、查看防火墙设备的ARP缓存表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display arp\\\")
arp_info = stdout.readlines()
for line in arp_info:
print(line.strip())
client.close()22、查看防火墙设备的NAT表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display nat session table\\\")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()23、查看防火墙设备的VPN连接:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display ipsec policy all\\\")
vpn_info = stdout.readlines()
for line in vpn_info:
print(line.strip())
client.close()24、配置防火墙设备的管理员密码:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
old_password = \\\"admin\\\"
new_password = \\\"new_admin_password\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=old_password)
stdin, stdout, stderr = client.exec_command(f\\\"user-interface vty 0 4\\\\nset authentication password cipher {new_password}\\\")
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()25、配置防火墙设备的SNMP配置:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_location = \\\"Office\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"snmp-agent\\\\n\\\",
f\\\"snmp-agent community read {snmp_community}\\\\n\\\",
f\\\"snmp-agent sys-info location {snmp_location}\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()26、配置防火墙设备的端口镜像:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_port = \\\"GigabitEthernet0/0/1\\\"
mirror_port = \\\"GigabitEthernet0/0/2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"observe-port interface {source_port} mirror to interface {mirror_port}\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()27、配置防火墙设备的IP地址:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
ip_address = \\\"192.168.1.2\\\"
netmask = \\\"255.255.255.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"interface {interface}\\\\nip address {ip_address} {netmask}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()28、查看防火墙设备的CPU和内存使用情况:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
\\\"display cpu-usage\\\\n\\\",
\\\"display memory-usage\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()29、配置防火墙设备的VLAN:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
vlan_id = \\\"10\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"vlan {vlan_id}\\\\n\\\",
\\\"description Test VLAN\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()30、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display interface brief\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()31、配置防火墙设备的SNAT规则:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_zone = \\\"zone1\\\"
destination_zone = \\\"zone2\\\"
source_address = \\\"192.168.1.0\\\"
destination_address = \\\"192.168.2.0\\\"
translated_address = \\\"192.168.3.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"nat outbound source {source_zone} destination {destination_zone} source-nat ip-address {translated_address} address-group {source_address} {destination_address}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()32、查看防火墙设备的路由表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display ip routing-table\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()33、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display logbuffer\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()34、配置防火墙设备的DHCP服务:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
dhcp_pool_name = \\\"test_pool\\\"
network_address = \\\"192.168.1.0\\\"
subnet_mask = \\\"255.255.255.0\\\"
gateway_address = \\\"192.168.1.1\\\"
dns_server = \\\"8.8.8.8\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {interface}\\\\n\\\",
\\\"ip address 192.168.1.1 24\\\\n\\\",
\\\"dhcp enable\\\\n\\\",
f\\\"dhcp server {dhcp_pool_name}\\\\n\\\",
f\\\"network {network_address} mask {subnet_mask}\\\\n\\\",
f\\\"gateway-list {gateway_address}\\\\n\\\",
f\\\"dns-list {dns_server}\\\\n\\\",
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()35、配置防火墙设备的NAT规则:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
source_zone = \\\"zone1\\\"
destination_zone = \\\"zone2\\\"
source_address = \\\"192.168.1.0\\\"
destination_address = \\\"192.168.2.0\\\"
translated_address = \\\"192.168.3.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {interface}\\\\n\\\",
\\\"nat enable\\\\n\\\",
\\\"nat policy 1\\\\n\\\",
f\\\"source-zone {source_zone}\\\\n\\\",
f\\\"destination-zone {destination_zone}\\\\n\\\",
f\\\"source-address {source_address}\\\\n\\\",
f\\\"destination-address {destination_address}\\\\n\\\",
\\\"translated-address {}\\\\n\\\".format(translated_address),
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()36、配置防火墙设备的端口镜像:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_interface = \\\"GigabitEthernet0/0/1\\\"
destination_interface = \\\"GigabitEthernet0/0/2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {source_interface}\\\\n\\\",
f\\\"port-mirroring to interface {destination_interface} both\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()37、配置防火墙设备的SNMP访问:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_acl_name = \\\"test_acl\\\"
snmp_host = \\\"192.168.1.2\\\"
snmp_version = \\\"v2c\\\"
snmp_trap_level = \\\"informational\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"snmp-agent community read {snmp_community} acl {snmp_acl_name}\\\\n\\\",
\\\"quit\\\\n\\\",
f\\\"snmp-agent target-host trap address udp-domain {snmp_host} params securityname {snmp_community} version {snmp_version}\\\\n\\\",
f\\\"snmp-agent trap enable level {snmp_trap_level}\\\\n\\\",
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile
Copy code38、查询防火墙设备的当前连接数:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display firewall session table summary\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if \\\"Total session\\\" in line:
print(line.strip())
client.close()39、查询防火墙设备的当前接口流量:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"display interface {interface} brief\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if interface in line:
line_list = line.split()
print(f\\\"Input: {line_list[4]}, Output: {line_list[5]}\\\")
client.close()40、查询防火墙设备的日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display firewall logbuffer\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()41、配置防火墙设备的时间:
import paramiko
import time
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
ntp_server = \\\"192.168.0.1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"system-view\\\\n\\\"
client.exec_command(command)
command = f\\\"ntp-service server ip-address {ntp_server}\\\\n\\\"
client.exec_command(command)
command = \\\"clock datetime 2022-04-01 12:00:00\\\\n\\\"
client.exec_command(command)
time.sleep(5)
command = \\\"display clock\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile42、配置防火墙设备的SSH访问:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
ssh_user = \\\"testuser\\\"
ssh_password = \\\"testpassword\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"system-view\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"authentication-mode aaa\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"protocol inbound ssh\\\\n\\\"
client.exec_command(command)
command = f\\\"acl number 2000\\\\n\\\"
client.exec_command(command)
command = f\\\"rule 5 permit source any\\\\n\\\"
client.exec_command(command)
command = f\\\"rule 10 deny\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"user {ssh_user}\\\\n\\\"
client.exec_command(command)
command = f\\\"password simple {ssh_password}\\\\n\\\"
client.exec_command(command)
client.close()43、查询防火墙设备的接口信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"display interface {interface}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if \\\"Description\\\" in line:
print(line.strip())
if \\\"Internet address is\\\" in line:
ip_addr = line.split()[3]
print(f\\\"IP address: {ip_addr}\\\")
client.close()44、获取当前配置文件的MD5值
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 获取当前配置文件的MD5值
stdin, stdout, stderr = client.exec_command(\\\'system-view ;display current-configuration | md5\\\')
md5 = stdout.read().decode(\\\'utf-8\\\').split()[0]
print(md5)
client.close()45、执行防火墙的设备诊断命令并保存输出结果
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 执行防火墙的设备诊断命令并保存输出结果
cmd = \\\'display firewall session table verbose\\\'
stdin, stdout, stderr = client.exec_command(cmd)
with open(\\\'firewall_session_table_verbose.txt\\\', \\\'w\\\') as f:
f.write(stdout.read().decode(\\\'utf-8\\\'))
client.close()46、查看防火墙当前活动连接数
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙当前活动连接数
stdin, stdout, stderr = client.exec_command(\\\'display firewall statistics session\\\')
for line in stdout:
if \\\'Current session number\\\' in line:
print(line.strip())
client.close()47、查看防火墙规则信息
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙规则信息
stdin, stdout, stderr = client.exec_command(\\\'display firewall rule\\\')
for line in stdout:
if \\\'rule\\\' in line:
print(line.strip())
client.close()48、在防火墙上添加新的安全组规则
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 在防火墙上添加新的安全组规则
cmd = \\\'firewall name TEST rule 10 source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 service http permit\\\'
stdin, stdout, stderr = client.exec_command(cmd)
client.close()
原创文章,作者:网络技术联盟站,如若转载,请注明出处:https://www.sudun.com/ask/35110.html
