Open mairm1340 opened 1 year ago
kindly assist
❯ pytest -v ======================================================================================================== test session starts ======================================================================================================== platform linux -- Python 3.10.8, pytest-6.2.4, py-1.10.0, pluggy-0.13.1 -- /usr/bin/python cachedir: .pytest_cache rootdir: /home/amrim/CiscoAutomation/firewall_policy_report/test collected 3 items
test_acl_report.py::test_data_model PASSED [ 33%] test_acl_report.py::test_asa_format_data PASSED [ 66%] test_acl_report.py::test_ckp_format_data FAILED
It was an issue iwth my zsh file which is now sorted but how do I run the script against the outputs ? do i need to paste the output of show access-list in some file in test folder ? kindly share little details
Sorry I dont understand what you mean or are trying to do, from the outputs you are running unit tests against Checkpoint formatting? Those unit tests work fine for me.
Sorry I dont understand what you mean or are trying to do, from the outputs you are running unit tests against Checkpoint formatting? Those unit tests work fine for me.
I need some details as to how I can run the script if I don't have access to the firewall. I should take what outputs from the Device and how can I run the script for Cisco ASA kindly assist.
There is no option to run against files, I use it for running against multiple ASAs and Checkpoints so is not really practical to use files. I have no plans at present to introduce static files as dont have a need for it.
For you to use static files you are going to have to edit the script yourself. If you look at the get_acls
method in the asa.py
file you can see where the command outputs are gathered, this is the place to start if you are wanting to feed static output into it.
def get_acls(fw, sid):
asa_all_acls, acl_brief, acl_brief_temp = ([] for i in range(3))
# 2a. Gets the name of all ACLs to be used in the show acl name brief cmd
asa_acl = sid.send_command('show run access-group')
ra_vpn_acl = sid.send_command('show run | in split-tunnel-network-list')
sts_vpn_acl = sid.send_command('show run | in match address')
for ace in asa_acl.splitlines():
asa_all_acls.append(ace.split(' ')[1])
for ace in ra_vpn_acl.splitlines():
asa_all_acls.append(ace.split('value ')[1])
for ace in sts_vpn_acl.splitlines():
asa_all_acls.append(ace.split('address ')[1])
# 2b. Gathers show ACL (as a string) and show ACL brief (as a list) output for all the ACLs
for ace in set(asa_all_acls):
acl_brief_temp.append(sid.send_command('show access-list {} brief'.format(ace)))
acl_expanded = sid.send_command('show access-list | ex elements|cached|alert-interval|remark')
# 2c. Creates new ACL brief list of all lines that have a timestamp (matching 8 characters, space, 8 characters)
for item in acl_brief_temp:
for line in item.splitlines():
if re.match(r"^\S{8}\s\S{8}\s", line):
acl_brief.append(line)
return acl_brief, acl_expanded
I am running the script against an ASA, and keep getting 'Unable to enter enable mode!'
============================== Firewall Policy Report v0.1 ============================== Checking the input file and options entered are valid... Enter global fw password for user 'freeman': Testing asa username/password and device connectivity ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00 ⚠️ WARNING - 'Unable to enter enable mode!'
The script ist ran using the following parameters:
(acl_report) gns3@gns3lab:~/firewall_policy_report-main$ python3 main.py -u freeman -n ACLreport20230919 -l ~/firewall_policy_report-main/
I have tried using the glob_user/glob_pass and user/pword with the same result.
What am I doing wrong? Should the username and password be in double quotes?
amrim@z370: firewall_policy_report on main [!?] via v3.10.8 ┌────────────────────────────────────────────── └─> pytest -v zsh: command not found: pytest
amrim@z370: firewall_policy_report on main [!?] via v3.10.8 ┌────────────────────────────────────────────── └─> pytest test/test_acl_report.py::test_asa_format_data -v zsh: command not found: pytest
can you please advise how we can run this on a file with the outputs captured.