Tuesday, 26 March 2019

Ansible playbook to add and delete static route on paloalto firewall



---
 - name: modifyRoutes
   gather_facts: no
   connection: local
   hosts: PaloAlto
 
   vars:
     action: StaticRouteAddition
     vdom: root
     interfacename: ['interface port-channel 35.3102']
     interfacename2: port-channel 35.3102
     ip: 192.168.101.101
     mask: 255.255.255.0
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: PALOALTO
     routeModificationType: addition
     routeMode:
     hostIPAddress: 192.168.101.101
     hostIPMask: 255.255.255.0
     nextHopIP: 192.168.102.102
     adminDistance: 10
     destIPAddress:
     destIPMask:
     destGatewayIPAddress:
     distanceValue:
     comments:
     portNum:

     cli:
      host:
      username:
      password:
      auth_pass:
      authorize: yes
      timeout: 100

   tasks:

    - name: StaticRouteAddition
      when: action == "StaticRouteAddition" and devicetype == "PALOALTO"
      panos_op:
         commands:
            - "set networkk virtual-router {{vrName}} routing-table ip static-route {{routerName}} nexthop ip-address {{nxtHOPAddress}}"
         provider: "{{ cli }}"


    - name: StaticRouteDeletion
      when: action == "StaticRouteAddition" and devicetype == "PALOALTO"
      panos_op:
         commands:
            - "unset networkk virtual-router {{vrName}} routing-table ip static-route {{routerName}} nexthop ip-address {{nxtHOPAddress}}"
         provider: "{{ cli }}"

- No comments:

Ansible playbook to add and delete static route on fortigate firewall



---
 - name: modifyRoutes
   gather_facts: no
   connection: local
   hosts: FORTINET
 
   vars:
     action: StaticRouteAddition
     vdom: root
     interfacename: ['interface port-channel 35.3102']
     interfacename2: port-channel 35.3102
     ip: 192.168.101.101
     mask: 255.255.255.0
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: FORTINET
     routeModificationType: addition
     routeMode:
     hostIPAddress: 192.168.101.101
     hostIPMask: 255.255.255.0
     nextHopIP: 192.168.102.102
     adminDistance: 10
     destIPAddress:
     destIPMask:
     destGatewayIPAddress:
     distanceValue:
     comments:
     portNum:

     cli:
      host:
      username:
      password:
      auth_pass:
      authorize: yes
      timeout: 100

   tasks:

    - name: StaticRouteAddition
      when: action == "StaticRouteAddition" and devicetype == "FORTINET"
      fortios_config:
         vdom: "{{vdomname}}"
         commands:
            - config router static
            - "edit {{portNum}}"
            - "set dst {{$destIPAddress}}"
            - "set gateway {{destGatewayIPAddress}}"
            - "set device {{interfacename2}}"
            - "set comment {{comment}}"
         provider: "{{ cli }}"


    - name: StaticRouteDeletion
      when: action == "StaticRouteDeletion" and devicetype == "FORTINET"
      fortios_config:
         vdom: "{{vdomname}}"
         commands:
            - config router static
            - "edit {{portNum}}"
            - "set dst {{$destIPAddress}}"
            - "set gateway {{destGatewayIPAddress}}"
            - "set device {{interfacename2}}"
            - "set comment {{comment}}"
         provider: "{{ cli }}"

- No comments:

Ansible playbook to add and delete static route on cisco ASA



---
 - name: modifyRoutes
   gather_facts: no
   connection: local
   hosts: ASA
 
   vars:
     action: StaticRouteAddition
     contextname: fw-automation-test
     interfacename: ['interface port-channel 35.3102']
     interfacename2: port-channel 35.3102
     ip: 192.168.101.101
     mask: 255.255.255.0
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: ciscoASA
     routeModificationType: addition
     routeMode:
     hostIPAddress: 192.168.101.101
     hostIPMask: 255.255.255.0
     nextHopIP: 192.168.102.102
     adminDistance: 10
     destIPAddress:
     destIPMask:
     destGatewayIPAddress:
     distanceValue:
     comments:

     cli:
      host:
      username:
      password:
      auth_pass:
      authorize: yes
      timeout: 100

   tasks:

    - name: StaticRouteAddition
      when: action == "StaticRouteAddition" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - "route {{interfacename2}} {{hostIPAddress}} {{hostIPMask}} {{nextHopIP}} {{adminDistance}}"
         provider: "{{ cli }}"


    - name: StaticRouteDeletion
      when: action == "StaticRouteDeletion" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - "no route {{interfacename2}} {{hostIPAddress}} {{hostIPMask}} {{nextHopIP}} {{adminDistance}}"
         provider: "{{ cli }}"

- No comments:

anisible playbook to manage paloalto interface



---
 - name: PALOALTOInterfaceManagement
   gather_facts: no
   connection: local
   hosts: PALOALTO
 
   vars:
     action: setIPAddress
     vdomname: root
     interfacename: ['interface port-channel 35.3102']
     ip: 192.168.101.101
     mask: 255.255.255.0
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: fortigate
     vlanNumber: 10
     vrName: test
   cli:
      host:
      username: admin
      password: admin@123
      timeout: 30

    - name: setIPAddress 
      when: action == "setIPAddress" and devicetype == "paloalto"
      panos_interface:
         commands:
            - "set network interface {{interfacename}} layer3 ip {{ip}}"


    - name: unsetIPAddress
      when: action == "unsetIPAddress" and devicetype == "paloalto"
      panos_interface:
         commands:
            - "unset network interface {{interfacename}} layer3 ip {{ip}}"

   - name: createSubinterface
      when: action == "createSubinterface" and devicetype == "paloalto"
      pnos_interface:
         commands:
            - "set network interface {{interfacename}} layer3 units 1 tag {{vlanNumber}}"
            - "set network interface {{interfacename}} layer3 units 1 tag {{ip}}"

   - name: addingInterfaceToARouter
      when: action == "addingInterfaceToARouter" and devicetype == "paloalto"
      pnos_interface:
         commands:
            - "set network virtual-router {{vrName}} interface{{interfacename}} layer3 units 1 tag {{ip}}"

- No comments:

ansible playbook to manage fortigate interface


---
 - name: FORTGATEInterfaceManagement
   gather_facts: no
   connection: local
   hosts: FORTTINET
 
   vars:
     action: enableinterface
     vdomname: root
     interfacename: ['interface port-channel 35.3102']
     ip:
     mask: 255.255.255.0
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: fortigate
     cli:
      host:
      username: admin
      password: admin@123
      timeout: 30

    - name: setIPAddress 
      when: action == "setIPAddress" and devicetype == "fortinet"
      fortios_config:
         vdom: "{{vdom}}"
         commands:
            - config system interface
            - edit "interfacename"
            - set ip "ip" "mask"
         provider: "{{ cli }}"

    - name: unsetIPAddress
      when: action == "unsetIPAddress" and devicetype == "fortinet"
      fortios_config:
         vdom: "{{vdom}}"
         commands:
            - config system interface
            - "edit {{interfacename}}"
            - "unset ip {{ip}} {{mask}}"
         provider: "{{ cli }}"

    - name: setSpeed
      when: action == "setSpeed" and devicetype == "fortinet"
      fortios_config:
         vdom: "{{vdomname}}"
         commands:
             - config sys global
             - set interface-switch-speed "{{speedmode}}"
         provider: "{{ cli }}"

- No comments:

ansible playbook to mange cisco ASA Interface



---
 - name: ASAInterfaceManagement
   gather_facts: no
   connection: local
   hosts: ASA
 
   vars:
     action: showVersion1
     contextname: fw-automation-test
     interfacename: ['interface port-channel 35.3102']
     ip:
     mask:
     speedmode: auto
     duplexmode: auto
     securityinterfacename: inside
     securitylevelnumber: 0
     devicetype: fortigate
     cli:
      host:
      username:
      password:
      auth_pass:
      timeout: 30

   tasks:
    - name: show version
      when: action == "showVersion" and devicetype == "ciscoASA"
      asa_command:
         commands:
            - show version
         provider: "{{ cli }}"
     
    - name: enable interface
      when: action == "enableInterface" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - no shut
         parents: "{{interfacename}}"
         provider: "{{ cli }}"


    - name: disable interface
      when: action == "disableInterface" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - shut
         parents: "{{interfacename}}"
         provider: "{{ cli }}"

    - name: setIPAddress
      when: action == "setIPAddress" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - "ip address {{ip}} {{mask}}"
            - no shut
         parents: "{{interfacename}}"
         provider: "{{ cli }}"

    - name: unsetIPAddress
      when: action == "unsetIPAddress" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
            - no ip address
         parents: "{{interfacename}}"
         provider: "{{ cli }}"

    - name: setSpeed
      when: action == "setSpeed" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
             - speed "{{speedmode}}"
         parents: "{{interfacename}}"
         provider: "{{ cli }}"

    - name: setDuplex
      when: action == "setDuplex" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
             - speed "{{duplexmode}}"
         parents: "{{interfacename}}"
         provider: "{{ cli }}"

    - name: setSecurityLevel
      when: action == "setSecurityLevel" and devicetype == "ciscoASA"
      asa_config:
         context: "{{contextname}}"
         commands:
             - nameif "{{securityinterfacename}}"
             - security-level "{{securitylevelnumber}}"
         parents: "{{interfacename}}"
         provider: "{{ cli }}"
- No comments:

Friday, 15 March 2019

Perl script to GetSubnetAddressMaskIP ( receives the subnet mask in the format 192.168.1.0/24 and return in the format 192.168.1.0 255.255.255.0)




sub GetSubnetAddressMaskIP
  {
     my $subnet = trim(<input>);
   
if($subnet =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\/([0-9]{1,2})$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 <= 32))
   {   
         my $netbit=$5;
my ($subnetIP,$maskValue) = split('/',$subnet);

if($netbit <0 or $netbit >32)
   {
return -1;
   }
 
my $mask  = (2 ** $netbit - 1) << (32 - $netbit);
my $netmask = join( '.', unpack( "C4", pack( "N", $mask ) ) );

if(ValidateIPAddress($netmask)==1)
   {
  return "$subnetIP $netmask";
   }
else
   {
  return -1;
   }

       }
elsif($subnet =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\s+(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 <= 255 && $6 <= 255 && $7 <= 255 && $8 <= 255))
   {
     return $subnet;
   }
  else
   {
     return -1;
   }
  }
- No comments:

Perl Script to validate the Subnet mask



sub ValidateSubnetMask
  {
     my $ip=trim(<input>);

     if($ip=~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\/([0-9]{1,2})$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 < 32))
   {   
         return 1;
       }
elsif($ip=~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\s+(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 <= 255 && $6 <= 255 && $7 <= 255 && $8 < 255))
   {
     return 1;
   }
  else
   {
     return -1;
   }
  }
- No comments:

Perl Script to used to validate the IP address




sub ValidateIPAddress
  {
     my $ip=trim(<inputIP>);

     if( $ip=~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255))
   {   
         return 1;
       }
elsif($ip=~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\s+(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 == 255 && $6 == 255 && $7 == 255 && $8 == 255))
   {
     return 1;
   }
elsif($ip=~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\/([0-9]{1,2})$/ && ( $1 <= 255 && $2 <= 255 && $3 <= 255 && $4 <= 255 && $5 == 32))
   {   
         return 1;
       }
  else
   {
     return -1;
   }
  }
- No comments:

perl script removes the unnecessary leading and trailing commas from the input provided



sub Fuctionname
  {
    my $temp=trim(<input>);

$temp=~s/^\,|\,$//g;
$temp=~s/,+/\,/g;

return $temp;
  }
- No comments:

Tuesday, 12 March 2019

Top 10 Machine learning python packages

Numpy
Scipy
Pandas
Matplotlib
Scikit-learn
Six
Tensorflow
Requests
Python-dateutil
Pytz

- No comments:
Subscribe to: Comments (Atom)

Git

1 git add ↳ It lets you add changes from the working directory into the staging area 2 git commit ↳ It lets you save a snapshot of currently...