来源:网络技术联盟站
链接:https://www.wljslmz.cn/20244.html
你好,这里是网络技术联盟站。
之前给大家介绍了:
-
如何写批量巡检网络设备的Python脚本 -
如何写批量备份交换机配置的Python脚本 -
Python网络设备脚本中经常使用的connecthandler和telnetlib是什么意思? -
20个华为路由器常用的Python脚本 -
10个华为华为交换机常用的Python脚本
今天给大家带来的是华为防火墙设备常用的Python脚本,一共会介绍48个常用的,
-
1、查看防火墙设备的基本信息:
-
2、查看防火墙设备的CPU利用率:
-
3、查看防火墙设备的内存使用情况:
-
4、查看防火墙设备的接口状态:
-
5、查看防火墙设备的防火墙策略:
-
6、查看防火墙设备的NAT策略:
-
7、查看防火墙设备的ACL(访问控制列表):
-
8、查看防火墙设备的路由表:
-
9、查看防火墙设备的系统日志:
-
10、修改防火墙设备的登录密码:
-
11、配置防火墙设备的接口IP地址:
-
12、配置防火墙设备的静态路由:
-
13、配置防火墙设备的SNMP:
-
14、查看防火墙设备的用户列表:
-
15、查看防火墙设备的系统信息:
-
16、查看防火墙设备的硬件信息:
-
17、查看防火墙设备的连接数:
-
18、查看防火墙设备的硬盘利用率:
-
19、查看防火墙设备的系统日志:
-
20、查看防火墙设备的接口状态:
-
21、查看防火墙设备的ARP缓存表:
-
22、查看防火墙设备的NAT表:
-
23、查看防火墙设备的VPN连接:
-
24、配置防火墙设备的管理员密码:
-
25、配置防火墙设备的SNMP配置:
-
26、配置防火墙设备的端口镜像:
-
27、配置防火墙设备的IP地址:
-
28、查看防火墙设备的CPU和内存使用情况:
-
29、配置防火墙设备的VLAN:
-
30、查看防火墙设备的接口状态:
-
31、配置防火墙设备的SNAT规则:
-
32、查看防火墙设备的路由表:
-
33、查看防火墙设备的系统日志:
-
34、配置防火墙设备的DHCP服务:
-
35、配置防火墙设备的NAT规则:
-
36、配置防火墙设备的端口镜像:
-
37、配置防火墙设备的SNMP访问:
-
38、查询防火墙设备的当前连接数:
-
39、查询防火墙设备的当前接口流量:
-
40、查询防火墙设备的日志:
-
41、配置防火墙设备的时间:
-
42、配置防火墙设备的SSH访问:
-
43、查询防火墙设备的接口信息:
-
44、获取当前配置文件的MD5值
-
45、执行防火墙的设备诊断命令并保存输出结果
-
46、查看防火墙当前活动连接数
-
47、查看防火墙规则信息
-
48、在防火墙上添加新的安全组规则
1、查看防火墙设备的基本信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display version\\\")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()
2、查看防火墙设备的CPU利用率:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display cpu-usage\\\")
cpu_info = stdout.readlines()
for line in cpu_info:
print(line.strip())
client.close()
3、查看防火墙设备的内存使用情况:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display memory-usage\\\")
memory_info = stdout.readlines()
for line in memory_info:
print(line.strip())
client.close()
4、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display interface\\\")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()
5、查看防火墙设备的防火墙策略:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display firewall policy\\\")
policy_info = stdout.readlines()
for line in policy_info:
print(line.strip())
client.close()
6、查看防火墙设备的NAT策略:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display nat\\\")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()
7、查看防火墙设备的ACL(访问控制列表):
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display acl all\\\")
acl_info = stdout.readlines()
for line in acl_info:
print(line.strip())
client.close()
8、查看防火墙设备的路由表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display ip routing-table\\\")
routing_info = stdout.readlines()
for line in routing_info:
print(line.strip())
client.close()
9、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display logbuffer\\\")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()
10、修改防火墙设备的登录密码:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
new_password = \\\"new_password\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"user-interface vty 0 4\\\\n\\\")
stdin.write(\\\"set authentication password cipher \\\" + new_password + \\\"\\\\n\\\")
stdin.write(\\\"return\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()
11、配置防火墙设备的接口IP地址:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface_name = \\\"GigabitEthernet0/0/1\\\"
ip_address = \\\"192.168.2.1\\\"
subnet_mask = \\\"255.255.255.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"interface \\\" + interface_name + \\\"\\\\n\\\")
stdin.write(\\\"ip address \\\" + ip_address + \\\" \\\" + subnet_mask + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()
12、配置防火墙设备的静态路由:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
destination_network = \\\"192.168.3.0\\\"
subnet_mask = \\\"255.255.255.0\\\"
next_hop = \\\"192.168.2.2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"ip route-static \\\" + destination_network + \\\" \\\" + subnet_mask + \\\" \\\" + next_hop + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()
13、配置防火墙设备的SNMP:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_location = \\\"HQ\\\"
snmp_contact = \\\"admin@example.com\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"system-view\\\")
stdin.write(\\\"snmp-agent community read \\\" + snmp_community + \\\"\\\\n\\\")
stdin.write(\\\"snmp-agent sys-info location \\\" + snmp_location + \\\"\\\\n\\\")
stdin.write(\\\"snmp-agent sys-info contact \\\" + snmp_contact + \\\"\\\\n\\\")
stdin.write(\\\"quit\\\\n\\\")
result = stdout.read().decode()
print(result)
client.close()
14、查看防火墙设备的用户列表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display user-interface\\\")
user_info = stdout.readlines()
for line in user_info:
print(line.strip())
client.close()
15、查看防火墙设备的系统信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display version\\\")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()
16、查看防火墙设备的硬件信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display device\\\")
device_info = stdout.readlines()
for line in device_info:
print(line.strip())
client.close()
17、查看防火墙设备的连接数:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display firewall session table\\\")
session_info = stdout.readlines()
for line in session_info:
print(line.strip())
client.close()
18、查看防火墙设备的硬盘利用率:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display disk-usage\\\")
disk_info = stdout.readlines()
for line in disk_info:
print(line.strip())
client.close()
19、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display logbuffer\\\")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()
20、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display interface\\\")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()
21、查看防火墙设备的ARP缓存表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display arp\\\")
arp_info = stdout.readlines()
for line in arp_info:
print(line.strip())
client.close()
22、查看防火墙设备的NAT表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display nat session table\\\")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()
23、查看防火墙设备的VPN连接:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command(\\\"display ipsec policy all\\\")
vpn_info = stdout.readlines()
for line in vpn_info:
print(line.strip())
client.close()
24、配置防火墙设备的管理员密码:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
old_password = \\\"admin\\\"
new_password = \\\"new_admin_password\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=old_password)
stdin, stdout, stderr = client.exec_command(f\\\"user-interface vty 0 4\\\\nset authentication password cipher {new_password}\\\")
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
25、配置防火墙设备的SNMP配置:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_location = \\\"Office\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"snmp-agent\\\\n\\\",
f\\\"snmp-agent community read {snmp_community}\\\\n\\\",
f\\\"snmp-agent sys-info location {snmp_location}\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
26、配置防火墙设备的端口镜像:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_port = \\\"GigabitEthernet0/0/1\\\"
mirror_port = \\\"GigabitEthernet0/0/2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"observe-port interface {source_port} mirror to interface {mirror_port}\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
27、配置防火墙设备的IP地址:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
ip_address = \\\"192.168.1.2\\\"
netmask = \\\"255.255.255.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"interface {interface}\\\\nip address {ip_address} {netmask}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
28、查看防火墙设备的CPU和内存使用情况:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
\\\"display cpu-usage\\\\n\\\",
\\\"display memory-usage\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
29、配置防火墙设备的VLAN:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
vlan_id = \\\"10\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"vlan {vlan_id}\\\\n\\\",
\\\"description Test VLAN\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
30、查看防火墙设备的接口状态:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display interface brief\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
31、配置防火墙设备的SNAT规则:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_zone = \\\"zone1\\\"
destination_zone = \\\"zone2\\\"
source_address = \\\"192.168.1.0\\\"
destination_address = \\\"192.168.2.0\\\"
translated_address = \\\"192.168.3.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"nat outbound source {source_zone} destination {destination_zone} source-nat ip-address {translated_address} address-group {source_address} {destination_address}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
32、查看防火墙设备的路由表:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display ip routing-table\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
33、查看防火墙设备的系统日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display logbuffer\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
34、配置防火墙设备的DHCP服务:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
dhcp_pool_name = \\\"test_pool\\\"
network_address = \\\"192.168.1.0\\\"
subnet_mask = \\\"255.255.255.0\\\"
gateway_address = \\\"192.168.1.1\\\"
dns_server = \\\"8.8.8.8\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {interface}\\\\n\\\",
\\\"ip address 192.168.1.1 24\\\\n\\\",
\\\"dhcp enable\\\\n\\\",
f\\\"dhcp server {dhcp_pool_name}\\\\n\\\",
f\\\"network {network_address} mask {subnet_mask}\\\\n\\\",
f\\\"gateway-list {gateway_address}\\\\n\\\",
f\\\"dns-list {dns_server}\\\\n\\\",
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
35、配置防火墙设备的NAT规则:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
source_zone = \\\"zone1\\\"
destination_zone = \\\"zone2\\\"
source_address = \\\"192.168.1.0\\\"
destination_address = \\\"192.168.2.0\\\"
translated_address = \\\"192.168.3.0\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {interface}\\\\n\\\",
\\\"nat enable\\\\n\\\",
\\\"nat policy 1\\\\n\\\",
f\\\"source-zone {source_zone}\\\\n\\\",
f\\\"destination-zone {destination_zone}\\\\n\\\",
f\\\"source-address {source_address}\\\\n\\\",
f\\\"destination-address {destination_address}\\\\n\\\",
\\\"translated-address {}\\\\n\\\".format(translated_address),
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
36、配置防火墙设备的端口镜像:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
source_interface = \\\"GigabitEthernet0/0/1\\\"
destination_interface = \\\"GigabitEthernet0/0/2\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"interface {source_interface}\\\\n\\\",
f\\\"port-mirroring to interface {destination_interface} both\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
37、配置防火墙设备的SNMP访问:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
snmp_community = \\\"public\\\"
snmp_acl_name = \\\"test_acl\\\"
snmp_host = \\\"192.168.1.2\\\"
snmp_version = \\\"v2c\\\"
snmp_trap_level = \\\"informational\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f\\\"snmp-agent community read {snmp_community} acl {snmp_acl_name}\\\\n\\\",
\\\"quit\\\\n\\\",
f\\\"snmp-agent target-host trap address udp-domain {snmp_host} params securityname {snmp_community} version {snmp_version}\\\\n\\\",
f\\\"snmp-agent trap enable level {snmp_trap_level}\\\\n\\\",
\\\"quit\\\\n\\\",
\\\"quit\\\\n\\\"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile
Copy code
38、查询防火墙设备的当前连接数:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display firewall session table summary\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if \\\"Total session\\\" in line:
print(line.strip())
client.close()
39、查询防火墙设备的当前接口流量:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"display interface {interface} brief\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if interface in line:
line_list = line.split()
print(f\\\"Input: {line_list[4]}, Output: {line_list[5]}\\\")
client.close()
40、查询防火墙设备的日志:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"display firewall logbuffer\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
41、配置防火墙设备的时间:
import paramiko
import time
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
ntp_server = \\\"192.168.0.1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"system-view\\\\n\\\"
client.exec_command(command)
command = f\\\"ntp-service server ip-address {ntp_server}\\\\n\\\"
client.exec_command(command)
command = \\\"clock datetime 2022-04-01 12:00:00\\\\n\\\"
client.exec_command(command)
time.sleep(5)
command = \\\"display clock\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile
42、配置防火墙设备的SSH访问:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
ssh_user = \\\"testuser\\\"
ssh_password = \\\"testpassword\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = \\\"system-view\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"authentication-mode aaa\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"protocol inbound ssh\\\\n\\\"
client.exec_command(command)
command = f\\\"acl number 2000\\\\n\\\"
client.exec_command(command)
command = f\\\"rule 5 permit source any\\\\n\\\"
client.exec_command(command)
command = f\\\"rule 10 deny\\\\n\\\"
client.exec_command(command)
command = f\\\"user-interface vty 0 4\\\\n\\\"
client.exec_command(command)
command = f\\\"user {ssh_user}\\\\n\\\"
client.exec_command(command)
command = f\\\"password simple {ssh_password}\\\\n\\\"
client.exec_command(command)
client.close()
43、查询防火墙设备的接口信息:
import paramiko
host = \\\"192.168.1.1\\\"
port = 22
username = \\\"admin\\\"
password = \\\"admin\\\"
interface = \\\"GigabitEthernet0/0/1\\\"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f\\\"display interface {interface}\\\\n\\\"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if \\\"Description\\\" in line:
print(line.strip())
if \\\"Internet address is\\\" in line:
ip_addr = line.split()[3]
print(f\\\"IP address: {ip_addr}\\\")
client.close()
44、获取当前配置文件的MD5值
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 获取当前配置文件的MD5值
stdin, stdout, stderr = client.exec_command(\\\'system-view ;display current-configuration | md5\\\')
md5 = stdout.read().decode(\\\'utf-8\\\').split()[0]
print(md5)
client.close()
45、执行防火墙的设备诊断命令并保存输出结果
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 执行防火墙的设备诊断命令并保存输出结果
cmd = \\\'display firewall session table verbose\\\'
stdin, stdout, stderr = client.exec_command(cmd)
with open(\\\'firewall_session_table_verbose.txt\\\', \\\'w\\\') as f:
f.write(stdout.read().decode(\\\'utf-8\\\'))
client.close()
46、查看防火墙当前活动连接数
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙当前活动连接数
stdin, stdout, stderr = client.exec_command(\\\'display firewall statistics session\\\')
for line in stdout:
if \\\'Current session number\\\' in line:
print(line.strip())
client.close()
47、查看防火墙规则信息
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙规则信息
stdin, stdout, stderr = client.exec_command(\\\'display firewall rule\\\')
for line in stdout:
if \\\'rule\\\' in line:
print(line.strip())
client.close()
48、在防火墙上添加新的安全组规则
import paramiko
# SSH连接参数
hostname = \\\'192.168.1.1\\\'
port = 22
username = \\\'admin\\\'
password = \\\'admin\\\'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 在防火墙上添加新的安全组规则
cmd = \\\'firewall name TEST rule 10 source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 service http permit\\\'
stdin, stdout, stderr = client.exec_command(cmd)
client.close()
原创文章,作者:网络技术联盟站,如若转载,请注明出处:https://www.sudun.com/ask/35110.html
