你好,这里是网络技术联盟站。 之前给大家介绍了:
今天给大家带来的是华为防火墙设备常用的Python脚本,一共会介绍48个常用的,
1、查看防火墙设备的基本信息:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display version')version_info = stdout.readlines()for line in version_info: print(line.strip())client.close() 2、查看防火墙设备的CPU利用率:
3、查看防火墙设备的内存使用情况:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display memory-usage')memory_info = stdout.readlines()for line in memory_info: print(line.strip())client.close() 4、查看防火墙设备的接口状态:
5、查看防火墙设备的防火墙策略:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display firewall policy')policy_info = stdout.readlines()for line in policy_info: print(line.strip())client.close() 6、查看防火墙设备的NAT策略:
7、查看防火墙设备的ACL(访问控制列表):import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display acl all')acl_info = stdout.readlines()for line in acl_info: print(line.strip())client.close() 8、查看防火墙设备的路由表:
9、查看防火墙设备的系统日志:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display logbuffer')log_info = stdout.readlines()for line in log_info: print(line.strip())client.close() 10、修改防火墙设备的登录密码:
11、配置防火墙设备的接口IP地址:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface_name = 'GigabitEthernet0/0/1'ip_address = '192.168.2.1'subnet_mask = '255.255.255.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('interface ' + interface_name + '\n')stdin.write('ip address ' + ip_address + ' ' + subnet_mask + '\n')stdin.write('quit\n')result = stdout.read().decode()print(result)client.close() 12、配置防火墙设备的静态路由:
13、配置防火墙设备的SNMP:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_location = 'HQ'snmp_contact = 'admin@example.com'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('system-view')stdin.write('snmp-agent community read ' + snmp_community + '\n')stdin.write('snmp-agent sys-info location ' + snmp_location + '\n')stdin.write('snmp-agent sys-info contact ' + snmp_contact + '\n')stdin.write('quit\n')result = stdout.read().decode()print(result)client.close() 14、查看防火墙设备的用户列表:
15、查看防火墙设备的系统信息:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display version')version_info = stdout.readlines()for line in version_info: print(line.strip())client.close() 16、查看防火墙设备的硬件信息:
17、查看防火墙设备的连接数:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display firewall session table')session_info = stdout.readlines()for line in session_info: print(line.strip())client.close() 嵌入式物联网需要学的东西真的非常多,千万不要学错了路线和内容,导致工资要不上去! 无偿分享大家一个资料包,差不多150多G。里面学习内容、面经、项目都比较新也比较全!某鱼上买估计至少要好几十。 点击这里找小助理0元领取:加微信领取资料 18、查看防火墙设备的硬盘利用率:
19、查看防火墙设备的系统日志:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display logbuffer')log_info = stdout.readlines()for line in log_info: print(line.strip())client.close() 20、查看防火墙设备的接口状态:
21、查看防火墙设备的ARP缓存表:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display arp')arp_info = stdout.readlines()for line in arp_info: print(line.strip())client.close() 22、查看防火墙设备的NAT表:
23、查看防火墙设备的VPN连接:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)stdin, stdout, stderr = client.exec_command('display ipsec policy all')vpn_info = stdout.readlines()for line in vpn_info: print(line.strip())client.close() 24、配置防火墙设备的管理员密码:
25、配置防火墙设备的SNMP配置:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_location = 'Office'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [ f'snmp-agent\n', f'snmp-agent community read {snmp_community}\n', f'snmp-agent sys-info location {snmp_location}\n']for command in commands: stdin, stdout, stderr = client.exec_command(command) result = stdout.readlines() for line in result: print(line.strip())client.close() 26、配置防火墙设备的端口镜像:
27、配置防火墙设备的IP地址:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'ip_address = '192.168.1.2'netmask = '255.255.255.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'interface {interface}\nip address {ip_address} {netmask}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: print(line.strip())client.close() 28、查看防火墙设备的CPU和内存使用情况:
29、配置防火墙设备的VLAN:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'vlan_id = '10'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [ f'vlan {vlan_id}\n', 'description Test VLAN\n', 'quit\n']for command in commands: stdin, stdout, stderr = client.exec_command(command) result = stdout.readlines() for line in result: print(line.strip())client.close() 30、查看防火墙设备的接口状态:
31、配置防火墙设备的SNAT规则:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'source_zone = 'zone1'destination_zone = 'zone2'source_address = '192.168.1.0'destination_address = '192.168.2.0'translated_address = '192.168.3.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'nat outbound source {source_zone} destination {destination_zone} source-nat ip-address {translated_address} address-group {source_address} {destination_address}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: print(line.strip())client.close() 32、查看防火墙设备的路由表:
33、查看防火墙设备的系统日志:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'display logbuffer\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: print(line.strip())client.close() 34、配置防火墙设备的DHCP服务:
35、配置防火墙设备的NAT规则:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'source_zone = 'zone1'destination_zone = 'zone2'source_address = '192.168.1.0'destination_address = '192.168.2.0'translated_address = '192.168.3.0'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [ f'interface {interface}\n', 'nat enable\n', 'nat policy 1\n', f'source-zone {source_zone}\n', f'destination-zone {destination_zone}\n', f'source-address {source_address}\n', f'destination-address {destination_address}\n', 'translated-address {}\n'.format(translated_address), 'quit\n', 'quit\n']for command in commands: stdin, stdout, stderr = client.exec_command(command) result = stdout.readlines() for line in result: print(line.strip())client.close() 36、配置防火墙设备的端口镜像:
37、配置防火墙设备的SNMP访问:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'snmp_community = 'public'snmp_acl_name = 'test_acl'snmp_host = '192.168.1.2'snmp_version = 'v2c'snmp_trap_level = 'informational'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)commands = [ f'snmp-agent community read {snmp_community} acl {snmp_acl_name}\n', 'quit\n', f'snmp-agent target-host trap address udp-domain {snmp_host} params securityname {snmp_community} version {snmp_version}\n', f'snmp-agent trap enable level {snmp_trap_level}\n', 'quit\n', 'quit\n']for command in commands:stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: print(line.strip())client.close()makefileCopy code 38、查询防火墙设备的当前连接数:
39、查询防火墙设备的当前接口流量:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'display interface {interface} brief\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: if interface in line: line_list = line.split() print(f'Input: {line_list[4]}, Output: {line_list[5]}')client.close() 40、查询防火墙设备的日志:
41、配置防火墙设备的时间:import paramikoimport timehost = '192.168.1.1'port = 22username = 'admin'password = 'admin'ntp_server = '192.168.0.1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = 'system-view\n'client.exec_command(command)command = f'ntp-service server ip-address {ntp_server}\n'client.exec_command(command)command = 'clock datetime 2022-04-01 12:00:00\n'client.exec_command(command)time.sleep(5)command = 'display clock\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result:print(line.strip())client.close()makefile 42、配置防火墙设备的SSH访问:
43、查询防火墙设备的接口信息:import paramikohost = '192.168.1.1'port = 22username = 'admin'password = 'admin'interface = 'GigabitEthernet0/0/1'client = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname=host, port=port, username=username, password=password)command = f'display interface {interface}\n'stdin, stdout, stderr = client.exec_command(command)result = stdout.readlines()for line in result: if 'Description' in line: print(line.strip()) if 'Internet address is' in line: ip_addr = line.split()[3] print(f'IP address: {ip_addr}')client.close() 44、获取当前配置文件的MD5值
45、执行防火墙的设备诊断命令并保存输出结果import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 执行防火墙的设备诊断命令并保存输出结果cmd = 'display firewall session table verbose'stdin, stdout, stderr = client.exec_command(cmd)with open('firewall_session_table_verbose.txt', 'w') as f: f.write(stdout.read().decode('utf-8'))client.close() 46、查看防火墙当前活动连接数
47、查看防火墙规则信息import paramiko# SSH连接参数hostname = '192.168.1.1'port = 22username = 'admin'password = 'admin'# 连接SSHclient = paramiko.SSHClient()client.set_missing_host_key_policy(paramiko.AutoAddPolicy())client.connect(hostname, port, username, password)# 查看防火墙规则信息stdin, stdout, stderr = client.exec_command('display firewall rule')for line in stdout: if 'rule' in line: print(line.strip())client.close() 48、在防火墙上添加新的安全组规则
|
|