Need some help with getting the following script to work:
1 - Script connects to Switches which are a mix of telnet, ssh using tacacs and local accounts for authentication.
2 - Check if any of the following ACL's are on the switch and if so then paste the config for the respective acl found on the switch only. For e.g. switch A has acl 101, 102 and test acl configured, so all 3 acls will need to updated with new network address, then switchB only has acl 102, so only 102 will be updated on switchB.
3 - to do show acl xxx (101, 102, testacl) post updating and copy this to a file with the switch name
Below is the config that needs to be pasted on the switches and it will be the same for all 3 acl's (101,102&testacl):
access-list extended 101
109 permit ip 10.10.0.0 0.0.0.255
exit
access-list resequence 101 10 10
end
show access-list 101
wr mem
========
I have tried the following code but its not working.
import getpass
import sys
import telnetlib
from sys import argv
import csv
import ipaddress
import requests
from netmiko import ConnectHandler
switchdata, device_lists, = argv
reader = csv.DictReader(open(device_lists, 'rb'))
device_lists = []
for line in reader:
device_lists.append(line)
username = raw_input("Username: ")
password = getpass.getpass("Password ")
enablepw = getpass.getpass("Enable Password ")
for device in device_lists:
print "\n\n-------------\nDevice: {0} \n----------\n".format(device['host'])
try:
device['device_type'] = 'cisco_ios_ssh'
device['username'] = username
device['password'] = password
device['secret'] = enablepw
net_connect = ConnectHandler(**device)
except:
try:
device['device_type'] = 'cisco_ios_telnet'
device['username'] = username
device['password'] = password
device['secret'] = enablepw
net_connect = ConnectHandler(**device)
except:
print "Unable to connect!"
continue
net_connect.enable()
print "\n"
output = net_connect.send_command("show access-list 101")
with open('acl_101' + device['host'] + '.txt', 'w' ) as acl101:
for line in output.splitlines():
if "101" in line:
output = net_connect.send_command("enable\n")
output = net_connect.send_command(password + "\n")
output = net_connect.send_command("config t\n")
output = net_connect.send_command("ip access-list extended 101\n")
output = net_connect.send_command("109 permit ip 10.10.0.0 0.0.0.255 any\n")
output = net_connect.send_command("exit\n")
output = net_connect.send_command("access-list resequence 101\n")
output = net_connect.send_command("end\n")
output = net_connect.send_command("show access-list 101\n")
output = net_connect.send_command("show hostname\n")
print " " + line
output = net_connect.send_command("show ip access-list 102")
with open('acl_102' + device['host'] + '.txt', 'w') as acl102:
for line in output.splitlines():
if "102" in line:
output = net_connect.send_command("enable\n")
output = net_connect.send_command(password + "\n")
output = net_connect.send_command("config t\n")
output = net_connect.send_command("ip access-list extended 102\n")
output = net_connect.send_command("109 permit ip 10.10.0.0 0.0.0.255 any\n")
output = net_connect.send_command("exit\n")
output = net_connect.send_command("access-list resequence 102\n")
output = net_connect.send_command("end\n")
output = net_connect.send_command("show access-list 102\n")
output = net_connect.send_command("show hostname\n")
output = net_connect.send_command("show ip access-list test")
with open('testacl' + device['host'] + '.txt', 'w') as testacl:
for line in output.splitlines():
if "testacl" in line:
output = net_connect.send_command("enable\n")
output = net_connect.send_command(password + "\n")
output = net_connect.send_command("config t\n")
output = net_connect.send_command("ip access-list extended test\n")
output = net_connect.send_command("109 permit ip 10.10.0.0 0.0.0.255 any\n")
output = net_connect.send_command("exit\n")
output = net_connect.send_command("access-list resequence test\n")
output = net_connect.send_command("end\n")
output = net_connect.send_command("show access-list testacl\n")
output = net_connect.send_command("show hostname\n")
print " " + line
Hi Guys,
Need some help with getting the following script to work:
1 - Script connects to Switches which are a mix of telnet, ssh using tacacs and local accounts for authentication. 2 - Check if any of the following ACL's are on the switch and if so then paste the config for the respective acl found on the switch only. For e.g. switch A has acl 101, 102 and test acl configured, so all 3 acls will need to updated with new network address, then switchB only has acl 102, so only 102 will be updated on switchB. 3 - to do show acl xxx (101, 102, testacl) post updating and copy this to a file with the switch name
Below is the config that needs to be pasted on the switches and it will be the same for all 3 acl's (101,102&testacl):
======== I have tried the following code but its not working.
Thanks in advance!