diff options
21 files changed, 601 insertions, 253 deletions
diff --git a/extras/fap/database/README.md b/extras/fap/# DEPRECATED/database/README.md index 3d014d3..3d014d3 100755 --- a/extras/fap/database/README.md +++ b/extras/fap/# DEPRECATED/database/README.md diff --git a/extras/fap/httpd/# DEPRECATED/server_http.py b/extras/fap/# DEPRECATED/httpd/# DEPRECATED/server_http.py index a9ae74c..a9ae74c 100755 --- a/extras/fap/httpd/# DEPRECATED/server_http.py +++ b/extras/fap/# DEPRECATED/httpd/# DEPRECATED/server_http.py diff --git a/extras/fap/httpd/# DEPRECATED/terminal.log b/extras/fap/# DEPRECATED/httpd/# DEPRECATED/terminal.log index bedb829..bedb829 100755 --- a/extras/fap/httpd/# DEPRECATED/terminal.log +++ b/extras/fap/# DEPRECATED/httpd/# DEPRECATED/terminal.log diff --git a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/create_queries.php b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/create_queries.php index 8d4bf26..8d4bf26 100644 --- a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/create_queries.php +++ b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/create_queries.php diff --git a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/ipcalc_functions.php b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/ipcalc_functions.php index e848ef1..e848ef1 100644 --- a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/ipcalc_functions.php +++ b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/ipcalc_functions.php diff --git a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/patchlist.txt b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/patchlist.txt index 7454441..7454441 100644 --- a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/patchlist.txt +++ b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/patchlist.txt diff --git a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/switches.txt b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/switches.txt index c9d60d9..c9d60d9 100644 --- a/extras/fap/httpd/httpd_root/# create_queries - DEPRECATED/switches.txt +++ b/extras/fap/# DEPRECATED/httpd/httpd_root/# create_queries - DEPRECATED/switches.txt diff --git a/extras/fap/README.md b/extras/fap/README.md index c8278f5..be36ce9 100644..100755 --- a/extras/fap/README.md +++ b/extras/fap/README.md @@ -31,7 +31,10 @@ Example: <a href="dhcpd/terminal.log">dhcpd/terminal.log</a> # TODO * DONE: Support for IPv6 management -* Process multiple HTTP request simultaneously +* Process multiple HTTP request simultaneously with python, so we can migrate everything over to python (no more PHP). * Support for only pushing JunOS image to switch - no config (for backup switches) * Try/catch on whole ethernet frame in DHCPD * Timestamps on each line in log both from DHCPD and HTTPD + +# Changes in regard of TG16 +Migrated from a standalone DB to the NMS ("Gondul") DB. Since time was limited, a lot of ugly haxxes were put in place to get it to work. The neccessary job of cleaning it up has not been done yet. diff --git a/extras/fap/dhcpd/README.md b/extras/fap/dhcpd/README.md new file mode 100644 index 0000000..308184b --- /dev/null +++ b/extras/fap/dhcpd/README.md @@ -0,0 +1,9 @@ +# DHCPD + +FAP carefully mimic ISC-DHCPD in regards to the exact bytes that needs to be sent to the Juniper platform in order to get ZTP (zero touch protocol) to play along. + +## Files +* DHCP_protocol_breakdown.txt - Describes each field in the DHCP packet +* module_craft_option.py - Creates the correct byte sequence for DHCP options (suboptions can be solved by chaining the class) +* module_lease.py - Provedes access to set/get info from the DB (NMS) +* server_dhcp.py - The whole shebang that responds to DHCP packets. diff --git a/extras/fap/dhcpd/module_lease.py b/extras/fap/dhcpd/module_lease.py index 0473579..a33ab61 100755 --- a/extras/fap/dhcpd/module_lease.py +++ b/extras/fap/dhcpd/module_lease.py @@ -19,10 +19,10 @@ import psycopg2.extras # settings settings = dict( db = dict( - user = 'fap', - password = '<sensored>', - dbname = 'fap', - host = 'localhost' + user = '<user>', + password = '<password>', + dbname = '<db>', + host = '<host>' ) ) @@ -31,66 +31,12 @@ connect_params = ("dbname='%s' user='%s' host='%s' password='%s'" % (settings['d conn = psycopg2.connect(connect_params) cur = conn.cursor(cursor_factory=psycopg2.extras.DictCursor) -class lease(object): - debug = False - - def __init__(self, identifiers): - if len(identifiers) > 0: # 1 or more identifiers - we're good to go - - # build query string - where_pieces = [] - for x in identifiers.items(): - where_pieces.append(str(x[0]) + " = '" + str(x[1]) + "'") - where = ' AND '.join(where_pieces) - select = "SELECT * FROM switches WHERE " + where + " LIMIT 1" - - if self.debug is True: - print('Executing query: ' + select) - - cur.execute(select) - - rows = cur.fetchall() - if len(rows) is 1: - if self.debug is True: - print('returned from DB:') - for key, value in rows[0].items(): - print('%s: %s' % (key, value)) - - self.row = rows[0] - else: - self.row = False - else: - print('Missing identifier parameter') - exit() - - def get_ip(self): - if self.row is not False: - return self.row['ip'] - else: - print('identifiers (%s) not found' % self.row) - return False - - def get_config(self): - if self.row is not False: - return self.row['config'] - else: - print('identifiers (%s) not found' % self.row) - return False - - def get_dict(self): - if self.row is not False: - return self.row - else: - print('identifiers (%s) not found' % self.row) - return False - - # # TESTING - Bruker ID fra DB-en som identifier, og kjører en query per lease.get_x() # class lease2(object): debug = False - hostname = False + sysname = False identifiers = False # identifiers = dict of field/values @@ -105,7 +51,7 @@ class lease2(object): for identifier in identifiers.items(): where_pieces.append(str(identifier[0]) + " = '" + str(identifier[1]) + "'") where = ' AND '.join(where_pieces) - select = "SELECT hostname FROM switches WHERE " + where + " LIMIT 1" + select = "SELECT sysname FROM switches WHERE " + where + " LIMIT 1" if self.debug is True: print('Executing query: ' + select) @@ -117,19 +63,19 @@ class lease2(object): if self.debug is True: print('returned from DB:') print(rows[0][0]) - self.hostname = rows[0][0] + self.sysname = rows[0][0] else: - self.hostname = False + self.sysname = False else: print('Missing identifier parameter') exit() # Used to fetch fields from DB def get(self, field): - if self.hostname is not False: + if self.sysname is not False: cur = conn.cursor(cursor_factory=psycopg2.extras.DictCursor) - query = "SELECT %s FROM switches WHERE hostname = '%s' LIMIT 1" % (field, self.hostname) + query = "SELECT %s FROM switches WHERE sysname = '%s' LIMIT 1" % (field, self.sysname) if self.debug is True: print('Query: %s' % query) @@ -156,9 +102,9 @@ class lease2(object): # Used to set fields in DB def set(self, field, value): - if self.hostname is not False: + if self.sysname is not False: cur = conn.cursor(cursor_factory=psycopg2.extras.DictCursor) - query = "UPDATE switches SET %s = '%s' WHERE hostname = '%s'" % (field, value, self.hostname) + query = "UPDATE switches SET %s = '%s' WHERE sysname = '%s'" % (field, value, self.sysname) if self.debug is True: print('Query: %s' % query) try: diff --git a/extras/fap/dhcpd/server_dhcp.py b/extras/fap/dhcpd/server_dhcp.py index 592e1eb..438c505 100755 --- a/extras/fap/dhcpd/server_dhcp.py +++ b/extras/fap/dhcpd/server_dhcp.py @@ -236,13 +236,19 @@ def reqparse(message): print('[%s] --> Query details: distro_name:%s, distro_phy_port:%s' % (client, distro, phy.split('.')[0])) lease_identifiers = {'distro_name': distro, 'distro_phy_port': phy.split('.')[0]} - if lease(lease_identifiers).get('hostname') is not False: + print('### lease identifiers ###') + print(lease_identifiers) + if lease(lease_identifiers).get('sysname') is not False: + l={ - 'hostname': lease(lease_identifiers).get('hostname'), + 'sysname': lease(lease_identifiers).get('sysname'), 'mgmt_v4_addr': lease(lease_identifiers).get('mgmt_v4_addr'), 'mgmt_v4_gw': lease(lease_identifiers).get('mgmt_v4_gw'), 'mgmt_v4_cidr': lease(lease_identifiers).get('mgmt_v4_cidr') } + + print('### variabel l ###') + print(l) # lease_details = lease({'distro_name': distro, 'distro_phy_port': phy[:-2]}).get_dict() print('[%s] --> Data found, switch exists in DB - ready to craft response' % client) @@ -267,7 +273,9 @@ def reqparse(message): print('[%s] --> Client IP: %s' % (client, l['mgmt_v4_addr'])) print('[%s] --> DHCP forwarder IP: %s' % (client, l['mgmt_v4_gw'])) print('[%s] --> Client MAC: %s' % (client, client)) - + + fix_mgmt_v4_addr = l['mgmt_v4_addr'].split('/')[0] + data = b'\x02' # Message type - boot reply data += b'\x01' # Hardware type - ethernet data += b'\x06' # Hardware address length - 6 octets for MAC @@ -276,7 +284,7 @@ def reqparse(message): data += b'\x00\x00' # seconds elapsed - 1 second data += b'\x80\x00' # BOOTP flags - broadcast (unicast: 0x0000) data += b'\x00'*4 # Client IP address - data += socket.inet_aton(l['mgmt_v4_addr']) # New IP to client + data += socket.inet_aton(fix_mgmt_v4_addr) # New IP to client data += socket.inet_aton(dhcp_server_address) # Next server IP address data += socket.inet_aton(l['mgmt_v4_gw']) # Relay agent IP - DHCP forwarder data += binascii.unhexlify(messagesplit[11]) # Client MAC @@ -302,8 +310,9 @@ def reqparse(message): data += craft_option(51).raw_hex(b'\x00\x00\xa8\xc0') # Option 51 - Lease time left padded with "0" print('[%s] --> Option 51 (Lease time): %s' % (client, '43200 (12 hours)')) - data += craft_option(1).ip(cidr_to_subnet(l['mgmt_v4_cidr'])) # Option 1 - Subnet mask - print('[%s] --> Option 1 (subnet mask): %s' % (client, cidr_to_subnet(l['mgmt_v4_cidr']))) + # data += craft_option(1).ip(cidr_to_subnet(l['mgmt_v4_cidr'])) # Option 1 - Subnet mask + data += craft_option(1).ip(cidr_to_subnet(26)) # Option 1 - Subnet mask + print('[%s] --> Option 1 (subnet mask): %s' % (client, cidr_to_subnet(26))) data += craft_option(3).ip(l['mgmt_v4_gw']) # Option 3 - Default gateway (set to DHCP forwarders IP) print('[%s] --> Option 3 (default gateway): %s' % (client, l['mgmt_v4_gw'])) @@ -312,10 +321,10 @@ def reqparse(message): print('[%s] --> Option 150 (Cisco proprietary TFTP server(s)): %s' % (client, dhcp_server_address)) # http://www.juniper.net/documentation/en_US/junos13.2/topics/concept/software-image-and-configuration-automatic-provisioning-understanding.html - data += craft_option(43).bytes(craft_option(0).string(target_junos_file) + craft_option(1).string('/tg-edge/' + l['hostname']) + craft_option(3).string('http')) # Option 43 - ZTP + data += craft_option(43).bytes(craft_option(0).string(target_junos_file) + craft_option(1).string('/tg-edge/' + l['sysname']) + craft_option(3).string('http')) # Option 43 - ZTP print('[%s] --> Option 43 (Vendor-specific option):' % client) print('[%s] --> Suboption 0: %s' % (client, target_junos_file)) - print('[%s] --> Suboption 1: %s' % (client, '/tg-edge/' + l['hostname'])) + print('[%s] --> Suboption 1: %s' % (client, '/tg-edge/' + l['sysname'])) print('[%s] --> Suboption 3: %s' % (client, 'http')) data += b'\xff' @@ -326,7 +335,7 @@ def reqparse(message): if __name__ == "__main__": interface = b'eth0' - dhcp_server_address = '185.12.59.11' + dhcp_server_address = '185.110.148.22' target_junos_file = '/files/jinstall-ex-2200-14.1X53-D15.2-domestic-signed.tgz' # Setting up the server, and how it will communicate diff --git a/extras/fap/httpd/README.md b/extras/fap/httpd/README.md index 73c5634..c332965 100755 --- a/extras/fap/httpd/README.md +++ b/extras/fap/httpd/README.md @@ -14,8 +14,7 @@ j@lappie:~/git/tgmanage$ cat /etc/apache2/sites-enabled/000-default.conf <Directory /home/j/git/tgmanage/fap/httpd/httpd_root> Options Indexes FollowSymLinks MultiViews AllowOverride All - Order allow,deny - allow from all + Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log diff --git a/extras/fap/httpd/httpd_root/.htaccess b/extras/fap/httpd/httpd_root/.htaccess index 17add11..fc37acb 100755 --- a/extras/fap/httpd/httpd_root/.htaccess +++ b/extras/fap/httpd/httpd_root/.htaccess @@ -1,3 +1,3 @@ RewriteEngine on -RewriteRule ^files/(.+)$ x.php?mode=image&file=$1 [L] -RewriteRule ^tg-edge/(.+)$ x.php?mode=config&hostname=$1 [L] +RewriteRule ^files/(.+)$ index.php?mode=image&file=$1 [L] +RewriteRule ^tg-edge/(.+)$ index.php?mode=config&hostname=$1 [L] diff --git a/extras/fap/httpd/httpd_root/ex2200.template b/extras/fap/httpd/httpd_root/ex2200.template index 7f3bbaf..c8c973a 100755 --- a/extras/fap/httpd/httpd_root/ex2200.template +++ b/extras/fap/httpd/httpd_root/ex2200.template @@ -1,36 +1,58 @@ system { - host-name <?php echo $c['hostname']; ?>; + host-name <?php echo $c['sysname']; ?>; + domain-name infra.gathering.org; auto-snapshot; time-zone Europe/Oslo; - authentication-order [ tacplus password ]; + authentication-order [ tacplus ]; root-authentication { - encrypted-password "<sensored>"; + encrypted-password "<censored>"; ## SECRET-DATA } name-server { - 2a02:ed02:1ee7::66; - 2a02:ed02:1337::2; + 185.110.149.2; + 185.110.148.2; + 2a06:5841:149a::2; + 2a06:5841:1337::2; } + tacplus-server { + <censored> { + secret "<censored>"; ## SECRET-DATA + source-address <?php echo $c['mgmt_v4_addr']; ?>; + } + } login { - user technet { + user <censored> { uid 2000; class super-user; authentication { - encrypted-password "<sensored>"; + encrypted-password "<censored>"; ## SECRET-DATA } } } services { - ssh { + ssh { root-login deny; + no-tcp-forwarding; + client-alive-count-max 2; + client-alive-interval 300; + connection-limit 5; + rate-limit 5; } netconf { - ssh; + ssh { + connection-limit 3; + rate-limit 3; + } } } syslog { user * { any emergency; } + host <censored> { + any info; + authorization info; + port 515; + } file messages { any notice; authorization info; @@ -39,6 +61,17 @@ system { interactive-commands any; } } + + /* Save changes to central site */ + archival { + configuration { + transfer-on-commit; + archive-sites { + "scp://<censored>@<censored>/home/<censored>/configs/" password "<censored>"; ## SECRET-DATA + } + } + } + commit synchronize; ntp { server 2001:700:100:2::6; } @@ -100,70 +133,51 @@ interfaces { filter { input v4-mgmt; } - address <?php echo $c['mgmt_v4_addr'] . '/' . $c['mgmt_v4_cidr']; ?>; + address <?php echo $c['mgmt_v4_addr']; ?>/26; } - family inet6 { + inactive: family inet6 { filter { input v6-mgmt; } - address <?php echo $c['mgmt_v6_addr'] . '/' . $c['mgmt_v6_cidr']; ?>; + address <?php echo $c['mgmt_v6_addr']; ?>/64; } } } } snmp { - community <sensored> { + community <censored> { + authorization read-only; client-list-name mgmt; } + community <censored> { + authorization read-only; + client-list-name mgmt-nms; + } } policy-options { - prefix-list v4-mgmt { - /* nLogic jumpstation */ - <sensored> - /* Harald jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 151.216.254.0/24; - /* Servers */ - 185.12.59.0/26; + prefix-list mgmt-v4 { + <censored> } - prefix-list v6-mgmt { - /* Harald jumpstation */ - <sensored> - /* nLogic jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 2a02:ed02:254::/64; - /* Servers */ - 2a02:ed02:1337::/64; + prefix-list mgmt-v6 { + <censored> } + /* Merged separate v4- og v6-lister */ prefix-list mgmt { - /* nLogic jumpstation */ - <sensored> - /* Harald jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 151.216.254.0/24; - /* Servers */ - 185.12.59.0/26; - /* Harald jumpstation */ - <sensored> - /* nLogic jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 2a02:ed02:254::/64; - /* Servers */ - 2a02:ed02:1337::/64; + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-v4-nms { + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-v6-nms { + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-nms { + <censored> } } firewall { @@ -172,7 +186,7 @@ firewall { term accept-ssh { from { source-prefix-list { - v4-mgmt; + mgmt-v4; } destination-port 22; } @@ -200,7 +214,7 @@ firewall { term accept-ssh { from { source-prefix-list { - v6-mgmt; + mgmt-v6; } destination-port 22; } @@ -232,9 +246,11 @@ protocols { ingress 10000; egress 10000; } - collector <sensored>; interfaces edge-ports; interfaces core-ports; + source-ip <?php echo $c['mgmt_v4_addr']; ?>; + collector <censored>; + collector <censored>; } igmp-snooping { vlan all { @@ -242,12 +258,6 @@ protocols { immediate-leave; } } - mld-snooping { - vlan all { - version 2; - immediate-leave; - } - } rstp { bridge-priority 8k; interface edge-ports { @@ -256,7 +266,8 @@ protocols { } } lldp { - interface ae0.0 + interface ae0.0; + management-address <?php echo $c['mgmt_v4_addr']; ?>; } } @@ -278,11 +289,6 @@ routing-options { } } } - rib inet6.0 { - static { - route ::/0 { - next-hop <?php echo $c['mgmt_v6_gw']; ?>; - } - } - } } + + diff --git a/extras/fap/httpd/httpd_root/ex2200_secure.template b/extras/fap/httpd/httpd_root/ex2200_secure.template index de9bd3b..054e15d 100755 --- a/extras/fap/httpd/httpd_root/ex2200_secure.template +++ b/extras/fap/httpd/httpd_root/ex2200_secure.template @@ -1,36 +1,58 @@ system { - host-name <?php echo $c['hostname']; ?>; + host-name <?php echo $c['sysname']; ?>; + domain-name infra.gathering.org; auto-snapshot; time-zone Europe/Oslo; - authentication-order [ tacplus password ]; + authentication-order [ tacplus ]; root-authentication { - encrypted-password "<sensored>"; + encrypted-password "<censored>"; ## SECRET-DATA } name-server { - 2a02:ed02:1ee7::66; - 2a02:ed02:1337::2; + 185.110.149.2; + 185.110.148.2; + 2a06:5841:149a::2; + 2a06:5841:1337::2; } + tacplus-server { + <censored> { + secret "<censored>"; ## SECRET-DATA + source-address <?php echo $c['mgmt_v4_addr']; ?>; + } + } login { - user technet { + user <censored> { uid 2000; class super-user; authentication { - encrypted-password "<sensored>"; + encrypted-password "<censored>"; ## SECRET-DATA } } } services { - ssh { + ssh { root-login deny; + no-tcp-forwarding; + client-alive-count-max 2; + client-alive-interval 300; + connection-limit 5; + rate-limit 5; } netconf { - ssh; + ssh { + connection-limit 3; + rate-limit 3; + } } } syslog { user * { any emergency; } + host <censored> { + any info; + authorization info; + port 515; + } file messages { any notice; authorization info; @@ -39,6 +61,17 @@ system { interactive-commands any; } } + + /* Save changes to central site */ + archival { + configuration { + transfer-on-commit; + archive-sites { + "scp://<censored>@<censored>/home/<censored>/configs/" password "<censored>"; ## SECRET-DATA + } + } + } + commit synchronize; ntp { server 2001:700:100:2::6; } @@ -100,79 +133,88 @@ interfaces { filter { input v4-mgmt; } - address <?php echo $c['mgmt_v4_addr'] . '/' . $c['mgmt_v4_cidr']; ?>; + address <?php echo $c['mgmt_v4_addr']; ?>/26; } - family inet6 { + inactive: family inet6 { filter { input v6-mgmt; } - address <?php echo $c['mgmt_v6_addr'] . '/' . $c['mgmt_v6_cidr']; ?>; + address <?php echo $c['mgmt_v6_addr']; ?>/64; } } } } snmp { - community <sensored> { + community <censored> { + authorization read-only; client-list-name mgmt; } + community <censored> { + authorization read-only; + client-list-name mgmt-nms; + } } policy-options { - prefix-list v4-mgmt { - /* nLogic jumpstation */ - <sensored> - /* Harald jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 151.216.254.0/24; - /* Servers */ - 185.12.59.0/26; - } - prefix-list v6-mgmt { - /* Harald jumpstation */ - <sensored> - /* nLogic jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 2a02:ed02:254::/64; - /* Servers */ - 2a02:ed02:1337::/64; + prefix-list mgmt-v4 { + <censored> } + prefix-list mgmt-v6 { + <censored> + } + /* Merged separate v4- og v6-lister */ prefix-list mgmt { - /* nLogic jumpstation */ - <sensored> - /* Harald jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 151.216.254.0/24; - /* Servers */ - 185.12.59.0/26; - /* Harald jumpstation */ - <sensored> - /* nLogic jumpstation */ - <sensored> - /* Tech colo-boks */ - <sensored> - /* NOC clients */ - 2a02:ed02:254::/64; - /* Servers */ - 2a02:ed02:1337::/64; + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-v4-nms { + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-v6-nms { + <censored> + } + /* NMS boxes - separate list to give full speed to SNMP read */ + prefix-list mgmt-nms { + <censored> + } +} + +ethernet-switching-options { + secure-access-port { + interface edge-ports { + no-dhcp-trusted; + } + vlan clients { + arp-inspection; + examine-dhcp; + examine-dhcpv6; + neighbor-discovery-inspection; + ip-source-guard; + ipv6-source-guard; + dhcp-option82; + dhcpv6-option18 { + use-option-82; + } + } + ipv6-source-guard-sessions { + max-number 128; + } + } + storm-control { + interface all; } } + + firewall { family inet { filter v4-mgmt { term accept-ssh { from { source-prefix-list { - v4-mgmt; + mgmt-v4; } destination-port 22; } @@ -200,7 +242,7 @@ firewall { term accept-ssh { from { source-prefix-list { - v6-mgmt; + mgmt-v6; } destination-port 22; } @@ -232,9 +274,11 @@ protocols { ingress 10000; egress 10000; } - collector 91.209.30.12; interfaces edge-ports; interfaces core-ports; + source-ip <?php echo $c['mgmt_v4_addr']; ?>; + collector <censored>; + collector <censored>; } igmp-snooping { vlan all { @@ -242,12 +286,6 @@ protocols { immediate-leave; } } - mld-snooping { - vlan all { - version 2; - immediate-leave; - } - } rstp { bridge-priority 8k; interface edge-ports { @@ -256,34 +294,11 @@ protocols { } } lldp { - interface ae0.0 - } -} -ethernet-switching-options { - secure-access-port { - interface edge-ports { - no-dhcp-trusted; - } - vlan clients { - arp-inspection; - examine-dhcp; - examine-dhcpv6; - neighbor-discovery-inspection; - ip-source-guard; - ipv6-source-guard; - dhcp-option82; - dhcpv6-option18 { - use-option-82; - } - } - ipv6-source-guard-sessions { - max-number 128; - } - } - storm-control { - interface all; + interface ae0.0; + management-address <?php echo $c['mgmt_v4_addr']; ?>; } } + vlans { clients { vlan-id <?php echo $c['traffic_vlan']; ?>; @@ -302,11 +317,6 @@ routing-options { } } } - rib inet6.0 { - static { - route ::/0 { - next-hop <?php echo $c['mgmt_v6_gw']; ?>; - } - } - } } + + diff --git a/extras/fap/httpd/httpd_root/x.php b/extras/fap/httpd/httpd_root/index.php index dda20f2..60173f9 100755 --- a/extras/fap/httpd/httpd_root/x.php +++ b/extras/fap/httpd/httpd_root/index.php @@ -1,4 +1,25 @@ <?php + /* + sysname = hostname + switchtype + last_updated + subnet4 + subnet6 + distro_name + distro_phy_port + mgmt_v4_addr + mgmt_v4_netsize + mgmt_v4_gw + mgmt_v6_addr + mgmt_v6_netsize + mgmt_v6_gw + mgmt_vlan + traffic_vlan + last_config_fetch + current_mac + */ + + if(isset($_GET['mode'])){ function log_to_file($text){ $out = date('c') . ' - ' . $_SERVER['REMOTE_ADDR'] . ' - ' . $text . "\n"; @@ -28,12 +49,12 @@ } } - // Performing SQL query - $query = 'SELECT * FROM switches WHERE hostname = \'' . $_GET['hostname'] . '\''; + $query = 'SELECT sysname, switchtype, distro_name, distro_phy_port, host(mgmt_v4_addr) as mgmt_v4_addr, mgmt_v4_gw, host(mgmt_v6_addr) as mgmt_v6_addr, mgmt_v6_gw, mgmt_vlan, traffic_vlan FROM switches WHERE sysname = \'' . $_GET['hostname'] . '\''; $result = pg_query($query) or die('Query failed: ' . pg_last_error()); if(pg_num_rows($result) == 1){ $c = pg_fetch_assoc($result); + # var_dump($c); include $template; log_to_file('Served ' . $template . ' to client'); }else{ @@ -43,6 +64,7 @@ } }elseif($_GET['mode'] === 'image'){ + # var_dump($_GET['file']) && die(); if(isset($_GET['file']) && is_readable('../files/' . $_GET['file'])){ # SEND IMAGE header('Content-Description: File Transfer'); diff --git a/extras/fap/httpd/httpd_root/pg_connect.php b/extras/fap/httpd/httpd_root/pg_connect.php index 6808cb0..976884d 100644 --- a/extras/fap/httpd/httpd_root/pg_connect.php +++ b/extras/fap/httpd/httpd_root/pg_connect.php @@ -1,5 +1,5 @@ <?php - if(!$dbconn = pg_connect("host=localhost dbname=fap user=fap password=<sensored>")){ + if(!$dbconn = pg_connect("host=<host> dbname=<db> user=<user> password=<password>")){ echo 'Could not connect:' . pg_last_error(); exit(); } diff --git a/extras/fap/httpd/httpd_root/tools/patchlist.txt b/extras/fap/httpd/httpd_root/tools/patchlist.txt new file mode 100644 index 0000000..5b460b5 --- /dev/null +++ b/extras/fap/httpd/httpd_root/tools/patchlist.txt @@ -0,0 +1,131 @@ +e1-3 distro0 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e1-4 distro0 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e3-3 distro0 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e3-4 distro0 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e5-2 distro1 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e5-3 distro0 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e5-4 distro0 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e7-1 distro1 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e7-2 distro1 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e7-3 distro0 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e7-4 distro0 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e9-1 distro1 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e9-2 distro1 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e9-3 distro0 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e9-4 distro0 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e11-1 distro1 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e11-2 distro1 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e11-3 distro0 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e11-4 distro0 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e13-1 distro1 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e13-2 distro1 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e13-3 distro2 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e13-4 distro2 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e15-1 distro1 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e15-2 distro1 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e15-3 distro2 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e15-4 distro2 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e17-1 distro1 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e17-2 distro1 ge-0/0/12 ge-1/0/12 ge-2/0/12 +e17-3 distro2 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e17-4 distro2 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e19-1 distro1 ge-0/0/13 ge-1/0/13 ge-2/0/13 +e19-2 distro1 ge-0/0/14 ge-1/0/14 ge-2/0/14 +e19-3 distro2 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e19-4 distro2 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e21-1 distro1 ge-0/0/15 ge-1/0/15 ge-2/0/15 +e21-2 distro1 ge-0/0/16 ge-1/0/16 ge-2/0/16 +e21-3 distro2 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e21-4 distro2 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e23-1 distro1 ge-0/0/17 ge-1/0/17 ge-2/0/17 +e23-2 distro1 ge-0/0/18 ge-1/0/18 ge-2/0/18 +e23-3 distro2 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e23-4 distro2 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e25-1 distro3 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e25-2 distro3 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e27-1 distro3 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e27-2 distro3 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e29-1 distro3 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e29-2 distro3 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e31-1 distro3 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e31-2 distro3 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e33-1 distro3 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e33-2 distro3 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e35-1 distro3 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e35-2 distro3 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e37-1 distro3 ge-0/0/12 ge-1/0/12 ge-2/0/12 +e37-2 distro3 ge-0/0/13 ge-1/0/13 ge-2/0/13 +e39-1 distro3 ge-0/0/14 ge-1/0/14 ge-2/0/14 +e39-2 distro3 ge-0/0/15 ge-1/0/15 ge-2/0/15 +e41-1 distro4 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e41-2 distro4 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e41-3 distro5 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e41-4 distro5 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e43-1 distro4 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e43-2 distro4 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e43-3 distro5 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e43-4 distro5 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e45-1 distro4 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e45-2 distro4 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e45-3 distro5 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e45-4 distro5 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e47-1 distro4 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e47-2 distro4 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e47-3 distro5 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e47-4 distro5 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e49-1 distro4 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e49-2 distro4 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e49-3 distro5 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e49-4 distro5 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e51-1 distro4 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e51-2 distro4 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e51-3 distro5 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e51-4 distro5 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e53-1 distro4 ge-0/0/12 ge-1/0/12 ge-2/0/12 +e53-2 distro4 ge-0/0/13 ge-1/0/13 ge-2/0/13 +e53-3 distro5 ge-0/0/12 ge-1/0/12 ge-2/0/12 +e53-4 distro5 ge-0/0/13 ge-1/0/13 ge-2/0/13 +e55-1 distro4 ge-0/0/14 ge-1/0/14 ge-2/0/14 +e55-2 distro4 ge-0/0/15 ge-1/0/15 ge-2/0/15 +e55-3 distro5 ge-0/0/14 ge-1/0/14 ge-2/0/14 +e55-4 distro5 ge-0/0/15 ge-1/0/15 ge-2/0/15 +e57-1 distro4 ge-0/0/16 ge-1/0/16 ge-2/0/16 +e57-2 distro4 ge-0/0/17 ge-1/0/17 ge-2/0/17 +e57-3 distro5 ge-0/0/16 ge-1/0/16 ge-2/0/16 +e57-4 distro5 ge-0/0/17 ge-1/0/17 ge-2/0/17 +e59-1 distro7 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e59-2 distro7 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e59-3 distro6 ge-0/0/0 ge-1/0/0 ge-2/0/0 +e59-4 distro6 ge-0/0/1 ge-1/0/1 ge-2/0/1 +e61-1 distro7 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e61-2 distro7 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e61-3 distro6 ge-0/0/2 ge-1/0/2 ge-2/0/2 +e61-4 distro6 ge-0/0/3 ge-1/0/3 ge-2/0/3 +e63-1 distro7 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e63-2 distro7 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e63-3 distro6 ge-0/0/4 ge-1/0/4 ge-2/0/4 +e63-4 distro6 ge-0/0/5 ge-1/0/5 ge-2/0/5 +e65-1 distro7 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e65-2 distro7 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e65-3 distro6 ge-0/0/6 ge-1/0/6 ge-2/0/6 +e65-4 distro6 ge-0/0/7 ge-1/0/7 ge-2/0/7 +e67-1 distro7 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e67-2 distro7 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e67-3 distro6 ge-0/0/8 ge-1/0/8 ge-2/0/8 +e67-4 distro6 ge-0/0/9 ge-1/0/9 ge-2/0/9 +e69-1 distro7 ge-0/0/10 ge-1/0/10 ge-2/0/10 +e69-2 distro7 ge-0/0/11 ge-1/0/11 ge-2/0/11 +e71-1 distro7 ge-0/0/12 ge-1/0/12 ge-2/0/12 +e71-2 distro7 ge-0/0/13 ge-1/0/13 ge-2/0/13 +e73-1 distro7 ge-0/0/14 ge-1/0/14 ge-2/0/14 +e73-2 distro7 ge-0/0/15 ge-1/0/15 ge-2/0/15 +e75-1 distro7 ge-0/0/16 ge-1/0/16 ge-2/0/16 +e75-2 distro7 ge-0/0/17 ge-1/0/17 ge-2/0/17 +e77-1 distro7 ge-0/0/18 ge-1/0/18 ge-2/0/18 +e77-2 distro7 ge-0/0/19 ge-1/0/19 ge-2/0/19 +e79-1 distro7 ge-0/0/20 ge-1/0/20 ge-2/0/20 +e79-2 distro7 ge-0/0/21 ge-1/0/21 ge-2/0/21 +e81-1 distro7 ge-0/0/22 ge-1/0/22 ge-2/0/22 +e81-2 distro7 ge-0/0/23 ge-1/0/23 ge-2/0/23 +e83-2 distro7 ge-0/0/24 ge-1/0/24 ge-2/0/24 +e85-2 distro7 ge-0/0/25 ge-1/0/25 ge-2/0/25 diff --git a/extras/fap/httpd/httpd_root/tools/switches.txt b/extras/fap/httpd/httpd_root/tools/switches.txt new file mode 100644 index 0000000..67b49f4 --- /dev/null +++ b/extras/fap/httpd/httpd_root/tools/switches.txt @@ -0,0 +1,131 @@ +e1-3 88.92.0.0/26 2a06:5840:0a::/64 88.92.54.2/26 2a06:5840:54a::2/64 1013 distro0 +e1-4 88.92.0.64/26 2a06:5840:0b::/64 88.92.54.3/26 2a06:5840:54a::3/64 1014 distro0 +e3-3 88.92.0.128/26 2a06:5840:0c::/64 88.92.54.4/26 2a06:5840:54a::4/64 1033 distro0 +e3-4 88.92.0.192/26 2a06:5840:0d::/64 88.92.54.5/26 2a06:5840:54a::5/64 1034 distro0 +e5-2 88.92.1.0/26 2a06:5840:1a::/64 88.92.54.66/26 2a06:5840:54b::66/64 1052 distro1 +e5-3 88.92.1.64/26 2a06:5840:1b::/64 88.92.54.6/26 2a06:5840:54a::6/64 1053 distro0 +e5-4 88.92.1.128/26 2a06:5840:1c::/64 88.92.54.7/26 2a06:5840:54a::7/64 1054 distro0 +e7-1 88.92.1.192/26 2a06:5840:1d::/64 88.92.54.67/26 2a06:5840:54b::67/64 1071 distro1 +e7-2 88.92.2.0/26 2a06:5840:2a::/64 88.92.54.68/26 2a06:5840:54b::68/64 1072 distro1 +e7-3 88.92.2.64/26 2a06:5840:2b::/64 88.92.54.8/26 2a06:5840:54a::8/64 1073 distro0 +e7-4 88.92.2.128/26 2a06:5840:2c::/64 88.92.54.9/26 2a06:5840:54a::9/64 1074 distro0 +e9-1 88.92.2.192/26 2a06:5840:2d::/64 88.92.54.69/26 2a06:5840:54b::69/64 1091 distro1 +e9-2 88.92.3.0/26 2a06:5840:3a::/64 88.92.54.70/26 2a06:5840:54b::70/64 1092 distro1 +e9-3 88.92.3.64/26 2a06:5840:3b::/64 88.92.54.10/26 2a06:5840:54a::10/64 1093 distro0 +e9-4 88.92.3.128/26 2a06:5840:3c::/64 88.92.54.11/26 2a06:5840:54a::11/64 1094 distro0 +e11-1 88.92.3.192/26 2a06:5840:3d::/64 88.92.54.71/26 2a06:5840:54b::71/64 1111 distro1 +e11-2 88.92.4.0/26 2a06:5840:4a::/64 88.92.54.72/26 2a06:5840:54b::72/64 1112 distro1 +e11-3 88.92.4.64/26 2a06:5840:4b::/64 88.92.54.12/26 2a06:5840:54a::12/64 1113 distro0 +e11-4 88.92.4.128/26 2a06:5840:4c::/64 88.92.54.13/26 2a06:5840:54a::13/64 1114 distro0 +e13-1 88.92.4.192/26 2a06:5840:4d::/64 88.92.54.73/26 2a06:5840:54b::73/64 1131 distro1 +e13-2 88.92.5.0/26 2a06:5840:5a::/64 88.92.54.74/26 2a06:5840:54b::74/64 1132 distro1 +e13-3 88.92.5.64/26 2a06:5840:5b::/64 88.92.54.130/26 2a06:5840:54c::130/64 1133 distro2 +e13-4 88.92.5.128/26 2a06:5840:5c::/64 88.92.54.131/26 2a06:5840:54c::131/64 1134 distro2 +e15-1 88.92.5.192/26 2a06:5840:5d::/64 88.92.54.75/26 2a06:5840:54b::75/64 1151 distro1 +e15-2 88.92.6.0/26 2a06:5840:6a::/64 88.92.54.76/26 2a06:5840:54b::76/64 1152 distro1 +e15-3 88.92.6.64/26 2a06:5840:6b::/64 88.92.54.132/26 2a06:5840:54c::132/64 1153 distro2 +e15-4 88.92.6.128/26 2a06:5840:6c::/64 88.92.54.133/26 2a06:5840:54c::133/64 1154 distro2 +e17-1 88.92.6.192/26 2a06:5840:6d::/64 88.92.54.77/26 2a06:5840:54b::77/64 1171 distro1 +e17-2 88.92.7.0/26 2a06:5840:7a::/64 88.92.54.78/26 2a06:5840:54b::78/64 1172 distro1 +e17-3 88.92.7.64/26 2a06:5840:7b::/64 88.92.54.134/26 2a06:5840:54c::134/64 1173 distro2 +e17-4 88.92.7.128/26 2a06:5840:7c::/64 88.92.54.135/26 2a06:5840:54c::135/64 1174 distro2 +e19-1 88.92.7.192/26 2a06:5840:7d::/64 88.92.54.79/26 2a06:5840:54b::79/64 1191 distro1 +e19-2 88.92.8.0/26 2a06:5840:8a::/64 88.92.54.80/26 2a06:5840:54b::80/64 1192 distro1 +e19-3 88.92.8.64/26 2a06:5840:8b::/64 88.92.54.136/26 2a06:5840:54c::136/64 1193 distro2 +e19-4 88.92.8.128/26 2a06:5840:8c::/64 88.92.54.137/26 2a06:5840:54c::137/64 1194 distro2 +e21-1 88.92.8.192/26 2a06:5840:8d::/64 88.92.54.81/26 2a06:5840:54b::81/64 1211 distro1 +e21-2 88.92.9.0/26 2a06:5840:9a::/64 88.92.54.82/26 2a06:5840:54b::82/64 1212 distro1 +e21-3 88.92.9.64/26 2a06:5840:9b::/64 88.92.54.138/26 2a06:5840:54c::138/64 1213 distro2 +e21-4 88.92.9.128/26 2a06:5840:9c::/64 88.92.54.139/26 2a06:5840:54c::139/64 1214 distro2 +e23-1 88.92.9.192/26 2a06:5840:9d::/64 88.92.54.83/26 2a06:5840:54b::83/64 1231 distro1 +e23-2 88.92.10.0/26 2a06:5840:10a::/64 88.92.54.84/26 2a06:5840:54b::84/64 1232 distro1 +e23-3 88.92.10.64/26 2a06:5840:10b::/64 88.92.54.140/26 2a06:5840:54c::140/64 1233 distro2 +e23-4 88.92.10.128/26 2a06:5840:10c::/64 88.92.54.141/26 2a06:5840:54c::141/64 1234 distro2 +e25-1 88.92.10.192/26 2a06:5840:10d::/64 88.92.54.194/26 2a06:5840:54d::194/64 1251 distro3 +e25-2 88.92.11.0/26 2a06:5840:11a::/64 88.92.54.195/26 2a06:5840:54d::195/64 1252 distro3 +e27-1 88.92.11.64/26 2a06:5840:11b::/64 88.92.54.196/26 2a06:5840:54d::196/64 1271 distro3 +e27-2 88.92.11.128/26 2a06:5840:11c::/64 88.92.54.197/26 2a06:5840:54d::197/64 1272 distro3 +e29-1 88.92.11.192/26 2a06:5840:11d::/64 88.92.54.198/26 2a06:5840:54d::198/64 1291 distro3 +e29-2 88.92.12.0/26 2a06:5840:12a::/64 88.92.54.199/26 2a06:5840:54d::199/64 1292 distro3 +e31-1 88.92.12.64/26 2a06:5840:12b::/64 88.92.54.200/26 2a06:5840:54d::200/64 1311 distro3 +e31-2 88.92.12.128/26 2a06:5840:12c::/64 88.92.54.201/26 2a06:5840:54d::201/64 1312 distro3 +e33-1 88.92.12.192/26 2a06:5840:12d::/64 88.92.54.202/26 2a06:5840:54d::202/64 1331 distro3 +e33-2 88.92.13.0/26 2a06:5840:13a::/64 88.92.54.203/26 2a06:5840:54d::203/64 1332 distro3 +e35-1 88.92.13.64/26 2a06:5840:13b::/64 88.92.54.204/26 2a06:5840:54d::204/64 1351 distro3 +e35-2 88.92.13.128/26 2a06:5840:13c::/64 88.92.54.205/26 2a06:5840:54d::205/64 1352 distro3 +e37-1 88.92.13.192/26 2a06:5840:13d::/64 88.92.54.206/26 2a06:5840:54d::206/64 1371 distro3 +e37-2 88.92.14.0/26 2a06:5840:14a::/64 88.92.54.207/26 2a06:5840:54d::207/64 1372 distro3 +e39-1 88.92.14.64/26 2a06:5840:14b::/64 88.92.54.208/26 2a06:5840:54d::208/64 1391 distro3 +e39-2 88.92.14.128/26 2a06:5840:14c::/64 88.92.54.209/26 2a06:5840:54d::209/64 1392 distro3 +e41-1 88.92.14.192/26 2a06:5840:14d::/64 88.92.55.2/26 2a06:5840:55a::2/64 1411 distro4 +e41-2 88.92.15.0/26 2a06:5840:15a::/64 88.92.55.3/26 2a06:5840:55a::3/64 1412 distro4 +e41-3 88.92.15.64/26 2a06:5840:15b::/64 88.92.55.66/26 2a06:5840:55b::66/64 1413 distro5 +e41-4 88.92.15.128/26 2a06:5840:15c::/64 88.92.55.67/26 2a06:5840:55b::67/64 1414 distro5 +e43-1 88.92.15.192/26 2a06:5840:15d::/64 88.92.55.4/26 2a06:5840:55a::4/64 1431 distro4 +e43-2 88.92.16.0/26 2a06:5840:16a::/64 88.92.55.5/26 2a06:5840:55a::5/64 1432 distro4 +e43-3 88.92.16.64/26 2a06:5840:16b::/64 88.92.55.68/26 2a06:5840:55b::68/64 1433 distro5 +e43-4 88.92.16.128/26 2a06:5840:16c::/64 88.92.55.69/26 2a06:5840:55b::69/64 1434 distro5 +e45-1 88.92.16.192/26 2a06:5840:16d::/64 88.92.55.6/26 2a06:5840:55a::6/64 1451 distro4 +e45-2 88.92.17.0/26 2a06:5840:17a::/64 88.92.55.7/26 2a06:5840:55a::7/64 1452 distro4 +e45-3 88.92.17.64/26 2a06:5840:17b::/64 88.92.55.70/26 2a06:5840:55b::70/64 1453 distro5 +e45-4 88.92.17.128/26 2a06:5840:17c::/64 88.92.55.71/26 2a06:5840:55b::71/64 1454 distro5 +e47-1 88.92.17.192/26 2a06:5840:17d::/64 88.92.55.8/26 2a06:5840:55a::8/64 1471 distro4 +e47-2 88.92.18.0/26 2a06:5840:18a::/64 88.92.55.9/26 2a06:5840:55a::9/64 1472 distro4 +e47-3 88.92.18.64/26 2a06:5840:18b::/64 88.92.55.72/26 2a06:5840:55b::72/64 1473 distro5 +e47-4 88.92.18.128/26 2a06:5840:18c::/64 88.92.55.73/26 2a06:5840:55b::73/64 1474 distro5 +e49-1 88.92.18.192/26 2a06:5840:18d::/64 88.92.55.10/26 2a06:5840:55a::10/64 1491 distro4 +e49-2 88.92.19.0/26 2a06:5840:19a::/64 88.92.55.11/26 2a06:5840:55a::11/64 1492 distro4 +e49-3 88.92.19.64/26 2a06:5840:19b::/64 88.92.55.74/26 2a06:5840:55b::74/64 1493 distro5 +e49-4 88.92.19.128/26 2a06:5840:19c::/64 88.92.55.75/26 2a06:5840:55b::75/64 1494 distro5 +e51-1 88.92.19.192/26 2a06:5840:19d::/64 88.92.55.12/26 2a06:5840:55a::12/64 1511 distro4 +e51-2 88.92.20.0/26 2a06:5840:20a::/64 88.92.55.13/26 2a06:5840:55a::13/64 1512 distro4 +e51-3 88.92.20.64/26 2a06:5840:20b::/64 88.92.55.76/26 2a06:5840:55b::76/64 1513 distro5 +e51-4 88.92.20.128/26 2a06:5840:20c::/64 88.92.55.77/26 2a06:5840:55b::77/64 1514 distro5 +e53-1 88.92.20.192/26 2a06:5840:20d::/64 88.92.55.14/26 2a06:5840:55a::14/64 1531 distro4 +e53-2 88.92.21.0/26 2a06:5840:21a::/64 88.92.55.15/26 2a06:5840:55a::15/64 1532 distro4 +e53-3 88.92.21.64/26 2a06:5840:21b::/64 88.92.55.78/26 2a06:5840:55b::78/64 1533 distro5 +e53-4 88.92.21.128/26 2a06:5840:21c::/64 88.92.55.79/26 2a06:5840:55b::79/64 1534 distro5 +e55-1 88.92.21.192/26 2a06:5840:21d::/64 88.92.55.16/26 2a06:5840:55a::16/64 1551 distro4 +e55-2 88.92.22.0/26 2a06:5840:22a::/64 88.92.55.17/26 2a06:5840:55a::17/64 1552 distro4 +e55-3 88.92.22.64/26 2a06:5840:22b::/64 88.92.55.80/26 2a06:5840:55b::80/64 1553 distro5 +e55-4 88.92.22.128/26 2a06:5840:22c::/64 88.92.55.81/26 2a06:5840:55b::81/64 1554 distro5 +e57-1 88.92.22.192/26 2a06:5840:22d::/64 88.92.55.18/26 2a06:5840:55a::18/64 1571 distro4 +e57-2 88.92.23.0/26 2a06:5840:23a::/64 88.92.55.19/26 2a06:5840:55a::19/64 1572 distro4 +e57-3 88.92.23.64/26 2a06:5840:23b::/64 88.92.55.82/26 2a06:5840:55b::82/64 1573 distro5 +e57-4 88.92.23.128/26 2a06:5840:23c::/64 88.92.55.83/26 2a06:5840:55b::83/64 1574 distro5 +e59-1 88.92.23.192/26 2a06:5840:23d::/64 88.92.55.194/26 2a06:5840:55d::194/64 1591 distro7 +e59-2 88.92.24.0/26 2a06:5840:24a::/64 88.92.55.195/26 2a06:5840:55d::195/64 1592 distro7 +e59-3 88.92.24.64/26 2a06:5840:24b::/64 88.92.55.130/26 2a06:5840:55c::130/64 1593 distro6 +e59-4 88.92.24.128/26 2a06:5840:24c::/64 88.92.55.131/26 2a06:5840:55c::131/64 1594 distro6 +e61-1 88.92.24.192/26 2a06:5840:24d::/64 88.92.55.196/26 2a06:5840:55d::196/64 1611 distro7 +e61-2 88.92.25.0/26 2a06:5840:25a::/64 88.92.55.197/26 2a06:5840:55d::197/64 1612 distro7 +e61-3 88.92.25.64/26 2a06:5840:25b::/64 88.92.55.132/26 2a06:5840:55c::132/64 1613 distro6 +e61-4 88.92.25.128/26 2a06:5840:25c::/64 88.92.55.133/26 2a06:5840:55c::133/64 1614 distro6 +e63-1 88.92.25.192/26 2a06:5840:25d::/64 88.92.55.198/26 2a06:5840:55d::198/64 1631 distro7 +e63-2 88.92.26.0/26 2a06:5840:26a::/64 88.92.55.199/26 2a06:5840:55d::199/64 1632 distro7 +e63-3 88.92.26.64/26 2a06:5840:26b::/64 88.92.55.134/26 2a06:5840:55c::134/64 1633 distro6 +e63-4 88.92.26.128/26 2a06:5840:26c::/64 88.92.55.135/26 2a06:5840:55c::135/64 1634 distro6 +e65-1 88.92.26.192/26 2a06:5840:26d::/64 88.92.55.200/26 2a06:5840:55d::200/64 1651 distro7 +e65-2 88.92.27.0/26 2a06:5840:27a::/64 88.92.55.201/26 2a06:5840:55d::201/64 1652 distro7 +e65-3 88.92.27.64/26 2a06:5840:27b::/64 88.92.55.136/26 2a06:5840:55c::136/64 1653 distro6 +e65-4 88.92.27.128/26 2a06:5840:27c::/64 88.92.55.137/26 2a06:5840:55c::137/64 1654 distro6 +e67-1 88.92.27.192/26 2a06:5840:27d::/64 88.92.55.202/26 2a06:5840:55d::202/64 1671 distro7 +e67-2 88.92.28.0/26 2a06:5840:28a::/64 88.92.55.203/26 2a06:5840:55d::203/64 1672 distro7 +e67-3 88.92.28.64/26 2a06:5840:28b::/64 88.92.55.138/26 2a06:5840:55c::138/64 1673 distro6 +e67-4 88.92.28.128/26 2a06:5840:28c::/64 88.92.55.139/26 2a06:5840:55c::139/64 1674 distro6 +e69-1 88.92.28.192/26 2a06:5840:28d::/64 88.92.55.204/26 2a06:5840:55d::204/64 1691 distro7 +e69-2 88.92.29.0/26 2a06:5840:29a::/64 88.92.55.205/26 2a06:5840:55d::205/64 1692 distro7 +e71-1 88.92.29.64/26 2a06:5840:29b::/64 88.92.55.206/26 2a06:5840:55d::206/64 1711 distro7 +e71-2 88.92.29.128/26 2a06:5840:29c::/64 88.92.55.207/26 2a06:5840:55d::207/64 1712 distro7 +e73-1 88.92.29.192/26 2a06:5840:29d::/64 88.92.55.208/26 2a06:5840:55d::208/64 1731 distro7 +e73-2 88.92.30.0/26 2a06:5840:30a::/64 88.92.55.209/26 2a06:5840:55d::209/64 1732 distro7 +e75-1 88.92.30.64/26 2a06:5840:30b::/64 88.92.55.210/26 2a06:5840:55d::210/64 1751 distro7 +e75-2 88.92.30.128/26 2a06:5840:30c::/64 88.92.55.211/26 2a06:5840:55d::211/64 1752 distro7 +e77-1 88.92.30.192/26 2a06:5840:30d::/64 88.92.55.212/26 2a06:5840:55d::212/64 1771 distro7 +e77-2 88.92.31.0/26 2a06:5840:31a::/64 88.92.55.213/26 2a06:5840:55d::213/64 1772 distro7 +e79-1 88.92.31.64/26 2a06:5840:31b::/64 88.92.55.214/26 2a06:5840:55d::214/64 1791 distro7 +e79-2 88.92.31.128/26 2a06:5840:31c::/64 88.92.55.215/26 2a06:5840:55d::215/64 1792 distro7 +e81-1 88.92.31.192/26 2a06:5840:31d::/64 88.92.55.216/26 2a06:5840:55d::216/64 1811 distro7 +e81-2 88.92.32.0/26 2a06:5840:32a::/64 88.92.55.217/26 2a06:5840:55d::217/64 1812 distro7 +e83-2 88.92.32.64/26 2a06:5840:32b::/64 88.92.55.218/26 2a06:5840:55d::218/64 1832 distro7 +e85-2 88.92.32.128/26 2a06:5840:32c::/64 88.92.55.219/26 2a06:5840:55d::219/64 1852 distro7 diff --git a/extras/fap/httpd/httpd_root/tools/update_psql_from_switches_patchlist.php b/extras/fap/httpd/httpd_root/tools/update_psql_from_switches_patchlist.php new file mode 100644 index 0000000..a787c33 --- /dev/null +++ b/extras/fap/httpd/httpd_root/tools/update_psql_from_switches_patchlist.php @@ -0,0 +1,79 @@ +<?php + + /* + Ugliest implementation of a kind of ipcalc... FULHAX + */ + function find_v4_def_route($subnet){ + $subnet = array_shift(explode('/', $subnet)); + $octets = explode('.', $subnet); + $octets[3]++; + return implode('.', $octets); + } + function find_v6_def_route($subnet){ + $subnet = array_shift(explode('/', $subnet)); + return str_replace('::', '::1', $subnet); + } + + function x($input){ + $parts = explode('.', $input); + if($parts[3] > 192){ + $last = '193'; + }elseif($parts[3] > 128){ + $last = '129'; + }elseif($parts[3] > 64){ + $last = '65'; + }else{ + $last = '1'; + } + + return $parts[0] . '.' . $parts[1] . '.' . $parts[2] . '.' . $last; + } + + + require('../pg_connect.php'); + + $switches_array = file('switches.txt'); + $patchlist_array = file('patchlist.txt'); + + /* + switches.txt: e41-3 88.92.15.64/26 2a06:5840:15b::/64 88.92.55.66/26 2a06:5840:55b::66/64 1413 distro5 + patchlist.txt: e7-2 distro1 ge-0/0/2 ge-1/0/2 ge-2/0/2 + */ + + $d1 = array(); # dataset + foreach($patchlist_array as $line){ + $t = array(); # temp array in this loop + list($switch, $t['distro'], $t['distro_port_0'], $t['distro_port_1'], $t['distro_port_2']) = explode(' ', $line); + $t = array_map('trim', $t); + $d1[$switch] = $t; + } + + $d2 = array(); # dataset + foreach($switches_array as $line){ + $t = array(); # temp array in this loop + list($t['switch'], $t['v4_subnet'], $t['v6_subnet'], $t['mgmt_v4_addr'], $t['mgmt_v6_addr'], $t['vlan']) = explode(' ', $line); + $t = array_map('trim', $t); + $d2[$t['switch']] = $t; + } + $d = array_merge_recursive($d1, $d2); + # var_dump($d); + + foreach($d as $switch => $prop){ + $q = ' + UPDATE switches SET + distro_phy_port = \'' . pg_escape_string($prop['distro_port_0']) . '\', + traffic_vlan = \'' . pg_escape_string($prop['vlan']) . '\', + mgmt_v4_gw = \'' . pg_escape_string(x($prop['mgmt_v4_addr'])) . '\' + WHERE sysname = \'' . pg_escape_string($switch) . '\''; + + # var_dump($q); + + $result = pg_query($dbconn, $q); + if (!$result){ + echo 'NOPE: ' . $q . "\n"; + exit; + } + + } + echo 'done! - no errors'; +?> diff --git a/extras/fap/tools_temp/README.md b/extras/fap/tools_temp/README.md new file mode 100644 index 0000000..0c3897e --- /dev/null +++ b/extras/fap/tools_temp/README.md @@ -0,0 +1,3 @@ +# Tools + +* get_info.php - snmp gets all devices in a given network to show the Junos versions. TG NMS ("Gundul"?) kinda makes this script redundant. |