cisco ipsec ttp demo

xdai555 · web-flow · commit 48bc0bddeb0a · 2022-07-30T00:24:42.000+08:00
diff --git a/demo/cisco_config_ipsec_section.txt b/demo/cisco_config_ipsec_section.txt
@@ -0,0 +1,50 @@
+<vars>
+acl = {
+  "permit": [],
+  "deny": [],
+}
+</vars>
+
+<g name="interfaces.{{ vrf }}.{{ ip }}">
+interface BDI{{ id }}
+ vrf forwarding {{ vrf }}
+ ip address {{ ip }} {{ ignore }}
+</g>
+
+<g name="ipsec.{{ map_name }}**">
+crypto map {{ ignore }} local-address {{ ignore }}
+<g name="{{ id }}**">
+crypto map {{ map_name }} {{ id }} ipsec-isakmp 
+ ! Incomplete {{ is_complete | set(0) }}
+ description {{ description | ORPHRASE }}
+ set peer {{ peer_ip }}
+ set security-association lifetime seconds {{ lifetime }}
+ set transform-set {{ tf_set }} 
+ set isakmp-profile {{ isa_profile }}
+ match address {{ acl }}
+</g>
+</g>
+
+<g name="isakmp.keyring.{{ name }}">
+crypto keyring {{ name }}  
+  pre-shared-key address {{ remote_ip }} key {{ key }}
+</g>
+
+<g name="isakmp.profile.{{ name }}">
+crypto isakmp profile {{ name }}
+   vrf {{ vrf }}
+   keyring {{ keyring }}
+   match identity address {{ identity_addr }} {{ ignore }} 
+</g>
+
+<g name="acl.{{ name }}" default="acl">
+ip access-list extended {{ name }}
+ permit {{ permit | ORPHRASE | joinmatches | split('\n') }}
+ deny {{ deny | ORPHRASE | joinmatches | split('\n') }}
+</g>
+
+<g name="route.{{ vrf }}">
+<g name="global">
+ip route vrf {{ vrf }} {{ dest }} {{ mask }} {{ next_hop }} global
+</g>
+</g>
diff --git a/demo/ttp_demo.py b/demo/ttp_demo.py
@@ -0,0 +1,48 @@
+from ttp import ttp
+import json
+
+def parse_running_config(data, template):
+    parser = ttp(data=data, template=template)
+    parser.parse()
+    result = parser.result()[0][0]
+    return result
+
+def parse_vpn_config(vrf, config, map_name="cryto_map_common"):
+    try:
+        iface_id = config["interfaces"][vrf]["66.66.66.66"]["id"]
+    except:
+        iface_id = config["interfaces"][vrf]["66.66.66.65"]["id"]
+    result = config["ipsec"][map_name][iface_id]
+    result["acl"] = config["acl"]["acc_acl_" + vrf]
+    result["isa_profile"] = config["isakmp"]["profile"]["isa_profile_" + vrf]
+    result["isa_profile"]["keyring"] = config["isakmp"]["keyring"]["keyring_" + vrf]
+    result["route"] = config["route"].get(vrf, [])
+    return result
+
+config = parse_running_config("./test.log", "./1.txt")
+with open("result.json", 'w') as f:
+    f.write(json.dumps(config))
+
+# for i in config["ipsec"]["cryto_map_common"].values():
+#     print(i.get("isa_profile"),i.get("is_complete","1"))
+
+
+result = parse_vpn_config("9e3rszehv0qlxijzv03bd5rhz", config)
+from pprint import pprint
+pprint(result)
+
+# import csv
+
+
+# def get_device_list(filename):
+#     """csv to dict"""
+#     with open(filename) as f:
+#         reader = csv.DictReader(f)
+#         return list(reader)
+
+# from netmiko import ConnectHandler as ch
+
+# CISCO_CMD = "show run"
+# H3C_CMD = "dis curr"
+
+
