华为防火墙设备常用的48个Python脚本，网络工程师收

网摘文苑 2023-04-27 发布于新疆

展开全文

来源：网络技术联盟站
链接：https://www./20244.html

你好，这里是网络技术联盟站。

之前给大家介绍了：

如何写批量巡检网络设备的Python脚本
如何写批量备份交换机配置的Python脚本
Python网络设备脚本中经常使用的connecthandler和telnetlib是什么意思？
20个华为路由器常用的Python脚本
10个华为华为交换机常用的Python脚本

今天给大家带来的是华为防火墙设备常用的Python脚本，一共会介绍48个常用的，

1、查看防火墙设备的基本信息：
2、查看防火墙设备的CPU利用率：
3、查看防火墙设备的内存使用情况：
4、查看防火墙设备的接口状态：
5、查看防火墙设备的防火墙策略：
6、查看防火墙设备的NAT策略：
7、查看防火墙设备的ACL（访问控制列表）：
8、查看防火墙设备的路由表：
9、查看防火墙设备的系统日志：
10、修改防火墙设备的登录密码：
11、配置防火墙设备的接口IP地址：
12、配置防火墙设备的静态路由：
13、配置防火墙设备的SNMP：
14、查看防火墙设备的用户列表：
15、查看防火墙设备的系统信息：
16、查看防火墙设备的硬件信息：
17、查看防火墙设备的连接数：
18、查看防火墙设备的硬盘利用率：
19、查看防火墙设备的系统日志：
20、查看防火墙设备的接口状态：
21、查看防火墙设备的ARP缓存表：
22、查看防火墙设备的NAT表：
23、查看防火墙设备的VPN连接：
24、配置防火墙设备的管理员密码：
25、配置防火墙设备的SNMP配置：
26、配置防火墙设备的端口镜像：
27、配置防火墙设备的IP地址：
28、查看防火墙设备的CPU和内存使用情况：
29、配置防火墙设备的VLAN：
30、查看防火墙设备的接口状态：
31、配置防火墙设备的SNAT规则：
32、查看防火墙设备的路由表：
33、查看防火墙设备的系统日志：
34、配置防火墙设备的DHCP服务：
35、配置防火墙设备的NAT规则：
36、配置防火墙设备的端口镜像：
37、配置防火墙设备的SNMP访问：
38、查询防火墙设备的当前连接数：
39、查询防火墙设备的当前接口流量：
40、查询防火墙设备的日志：
41、配置防火墙设备的时间：
42、配置防火墙设备的SSH访问：
43、查询防火墙设备的接口信息：
44、获取当前配置文件的MD5值
45、执行防火墙的设备诊断命令并保存输出结果
46、查看防火墙当前活动连接数
47、查看防火墙规则信息
48、在防火墙上添加新的安全组规则

1、查看防火墙设备的基本信息：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display version')version_info = stdout.readlines()for line in version_info:    print(line.strip())client.close()

2、查看防火墙设备的CPU利用率：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display cpu-usage')cpu_info = stdout.readlines()for line in cpu_info:    print(line.strip())client.close()

3、查看防火墙设备的内存使用情况：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display memory-usage')memory_info = stdout.readlines()for line in memory_info:    print(line.strip())client.close()

4、查看防火墙设备的接口状态：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display interface')interface_info = stdout.readlines()for line in interface_info:    print(line.strip())client.close()

5、查看防火墙设备的防火墙策略：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display firewall policy')policy_info = stdout.readlines()for line in policy_info:    print(line.strip())client.close()

6、查看防火墙设备的NAT策略：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display nat')nat_info = stdout.readlines()for line in nat_info:    print(line.strip())client.close()

7、查看防火墙设备的ACL（访问控制列表）：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display acl all')acl_info = stdout.readlines()for line in acl_info:    print(line.strip())client.close()

8、查看防火墙设备的路由表：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display ip routing-table')routing_info = stdout.readlines()for line in routing_info:    print(line.strip())client.close()

9、查看防火墙设备的系统日志：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display logbuffer')log_info = stdout.readlines()for line in log_info:    print(line.strip())client.close()

10、修改防火墙设备的登录密码：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'new_password = 'new_password'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('user-interface vty 0 4\n')stdin.write('set authentication password cipher ' + new_password + '\n')stdin.write('return\n')result = stdout.read().decode()print(result)client.close()

11、配置防火墙设备的接口IP地址：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface_name = 'GigabitEthernet0/0/1'ip_address = '192.168.2.1'subnet_mask = '255.255.255.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('interface ' + interface_name + '\n')stdin.write('ip address ' + ip_address + ' ' + subnet_mask + '\n')stdin.write('quit\n')result = stdout.read().decode()print(result)client.close()

12、配置防火墙设备的静态路由：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'destination_network = '192.168.3.0'subnet_mask = '255.255.255.0'next_hop = '192.168.2.2'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('ip route-static ' + destination_network + ' ' + subnet_mask + ' ' + next_hop + '\n')stdin.write('quit\n')result = stdout.read().decode()print(result)client.close()

13、配置防火墙设备的SNMP：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_location = 'HQ'snmp_contact = 'admin@example.com'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('snmp-agent community read ' + snmp_community + '\n')stdin.write('snmp-agent sys-info location ' + snmp_location + '\n')stdin.write('snmp-agent sys-info contact ' + snmp_contact + '\n')stdin.write('quit\n')result = stdout.read().decode()print(result)client.close()

14、查看防火墙设备的用户列表：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display user-interface')user_info = stdout.readlines()for line in user_info:    print(line.strip())client.close()

15、查看防火墙设备的系统信息：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display version')version_info = stdout.readlines()for line in version_info:    print(line.strip())client.close()

16、查看防火墙设备的硬件信息：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display device')device_info = stdout.readlines()for line in device_info:    print(line.strip())client.close()

17、查看防火墙设备的连接数：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display firewall session table')session_info = stdout.readlines()for line in session_info:    print(line.strip())client.close()

嵌入式物联网需要学的东西真的非常多，千万不要学错了路线和内容，导致工资要不上去！

无偿分享大家一个资料包，差不多150多G。里面学习内容、面经、项目都比较新也比较全！某鱼上买估计至少要好几十。

点击这里找小助理0元领取：加微信领取资料

18、查看防火墙设备的硬盘利用率：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display disk-usage')disk_info = stdout.readlines()for line in disk_info:    print(line.strip())client.close()

19、查看防火墙设备的系统日志：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display logbuffer')log_info = stdout.readlines()for line in log_info:    print(line.strip())client.close()

20、查看防火墙设备的接口状态：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display interface')interface_info = stdout.readlines()for line in interface_info:    print(line.strip())client.close()

21、查看防火墙设备的ARP缓存表：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display arp')arp_info = stdout.readlines()for line in arp_info:    print(line.strip())client.close()

22、查看防火墙设备的NAT表：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display nat session table')nat_info = stdout.readlines()for line in nat_info:    print(line.strip())client.close()

23、查看防火墙设备的VPN连接：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display ipsec policy all')vpn_info = stdout.readlines()for line in vpn_info:    print(line.strip())client.close()

24、配置防火墙设备的管理员密码：

import paramikohost = '192.168.1.1'port = 22username = 'admin'old_password = 'admin'new_password = 'new_admin_password'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=old_password)stdin, stdout, stderr = client.exec_command(f'user-interface vty 0 4\nset authentication password cipher {new_password}')result = stdout.readlines()for line in result:    print(line.strip())client.close()

25、配置防火墙设备的SNMP配置：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_location = 'Office'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'snmp-agent\n',    f'snmp-agent community read {snmp_community}\n',    f'snmp-agent sys-info location {snmp_location}\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

26、配置防火墙设备的端口镜像：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'source_port = 'GigabitEthernet0/0/1'mirror_port = 'GigabitEthernet0/0/2'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'observe-port interface {source_port} mirror to interface {mirror_port}'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

27、配置防火墙设备的IP地址：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'ip_address = '192.168.1.2'netmask = '255.255.255.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'interface {interface}\nip address {ip_address} {netmask}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

28、查看防火墙设备的CPU和内存使用情况：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    'display cpu-usage\n',    'display memory-usage\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

29、配置防火墙设备的VLAN：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'vlan_id = '10'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'vlan {vlan_id}\n',    'description Test VLAN\n',    'quit\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

30、查看防火墙设备的接口状态：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display interface brief\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

31、配置防火墙设备的SNAT规则：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'source_zone = 'zone1'destination_zone = 'zone2'source_address = '192.168.1.0'destination_address = '192.168.2.0'translated_address = '192.168.3.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'nat outbound source {source_zone} destination {destination_zone} source-nat ip-address {translated_address} address-group {source_address} {destination_address}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

32、查看防火墙设备的路由表：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display ip routing-table\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

33、查看防火墙设备的系统日志：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display logbuffer\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

34、配置防火墙设备的DHCP服务：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'dhcp_pool_name = 'test_pool'network_address = '192.168.1.0'subnet_mask = '255.255.255.0'gateway_address = '192.168.1.1'dns_server = '8.8.8.8'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'interface {interface}\n',    'ip address 192.168.1.1 24\n',    'dhcp enable\n',    f'dhcp server {dhcp_pool_name}\n',    f'network {network_address} mask {subnet_mask}\n',    f'gateway-list {gateway_address}\n',    f'dns-list {dns_server}\n',    'quit\n',    'quit\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

35、配置防火墙设备的NAT规则：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'source_zone = 'zone1'destination_zone = 'zone2'source_address = '192.168.1.0'destination_address = '192.168.2.0'translated_address = '192.168.3.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'interface {interface}\n',    'nat enable\n',    'nat policy 1\n',    f'source-zone {source_zone}\n',    f'destination-zone {destination_zone}\n',    f'source-address {source_address}\n',    f'destination-address {destination_address}\n',    'translated-address {}\n'.format(translated_address),    'quit\n',    'quit\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

36、配置防火墙设备的端口镜像：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'source_interface = 'GigabitEthernet0/0/1'destination_interface = 'GigabitEthernet0/0/2'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'interface {source_interface}\n',    f'port-mirroring to interface {destination_interface} both\n',    'quit\n']for command in commands:    stdin, stdout, stderr = client.exec_command(command)    result = stdout.readlines()    for line in result:        print(line.strip())client.close()

37、配置防火墙设备的SNMP访问：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_acl_name = 'test_acl'snmp_host = '192.168.1.2'snmp_version = 'v2c'snmp_trap_level = 'informational'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [    f'snmp-agent community read {snmp_community} acl {snmp_acl_name}\n',    'quit\n',    f'snmp-agent target-host trap address udp-domain {snmp_host} params securityname {snmp_community} version {snmp_version}\n',    f'snmp-agent trap enable level {snmp_trap_level}\n',    'quit\n',    'quit\n']for command in commands:stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()makefileCopy code

38、查询防火墙设备的当前连接数：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display firewall session table summary\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    if 'Total session' in line:        print(line.strip())client.close()

39、查询防火墙设备的当前接口流量：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'display interface {interface} brief\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    if interface in line:        line_list = line.split()        print(f'Input: {line_list[4]}, Output: {line_list[5]}')client.close()

40、查询防火墙设备的日志：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display firewall logbuffer\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    print(line.strip())client.close()

41、配置防火墙设备的时间：

import paramikoimport timehost = '192.168.1.1'port = 22username = 'admin'password = 'admin'ntp_server = '192.168.0.1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'system-view\n'client.exec_command(command)command = f'ntp-service server ip-address {ntp_server}\n'client.exec_command(command)command = 'clock datetime 2022-04-01 12:00:00\n'client.exec_command(command)time.sleep(5)command = 'display clock\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:print(line.strip())client.close()makefile

42、配置防火墙设备的SSH访问：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'ssh_user = 'testuser'ssh_password = 'testpassword'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'system-view\n'client.exec_command(command)command = f'user-interface vty 0 4\n'client.exec_command(command)command = f'authentication-mode aaa\n'client.exec_command(command)command = f'user-interface vty 0 4\n'client.exec_command(command)command = f'protocol inbound ssh\n'client.exec_command(command)command = f'acl number 2000\n'client.exec_command(command)command = f'rule 5 permit source any\n'client.exec_command(command)command = f'rule 10 deny\n'client.exec_command(command)command = f'user-interface vty 0 4\n'client.exec_command(command)command = f'user {ssh_user}\n'client.exec_command(command)command = f'password simple {ssh_password}\n'client.exec_command(command)client.close()

43、查询防火墙设备的接口信息：

import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'display interface {interface}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:    if 'Description' in line:        print(line.strip())    if 'Internet address is' in line:        ip_addr = line.split()[3]        print(f'IP address: {ip_addr}')client.close()

44、获取当前配置文件的MD5值

import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 获取当前配置文件的MD5值stdin, stdout, stderr = client.exec_command('system-view ;display current-configuration | md5')md5 = stdout.read().decode('utf-8').split()[0]print(md5)client.close()

45、执行防火墙的设备诊断命令并保存输出结果

import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 执行防火墙的设备诊断命令并保存输出结果cmd = 'display firewall session table verbose'stdin, stdout, stderr = client.exec_command(cmd)with open('firewall_session_table_verbose.txt', 'w') as f:    f.write(stdout.read().decode('utf-8'))client.close()

46、查看防火墙当前活动连接数

import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 查看防火墙当前活动连接数stdin, stdout, stderr = client.exec_command('display firewall statistics session')for line in stdout:    if 'Current session number' in line:        print(line.strip())client.close()

47、查看防火墙规则信息

import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 查看防火墙规则信息stdin, stdout, stderr = client.exec_command('display firewall rule')for line in stdout:    if 'rule' in line:        print(line.strip())client.close()

48、在防火墙上添加新的安全组规则

import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 在防火墙上添加新的安全组规则cmd = 'firewall name TEST rule 10 source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 service http permit'stdin, stdout, stderr = client.exec_command(cmd)client.close()