jmg
/
vlanmang
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
VLAN Manager tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
2 Branches
286 KiB
 
 
Tree: 436a647de2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '436a647de2'
${ noResults }
vlanmang/vlanmang.py

568 lines
15 KiB
Raw Blame History 

  1. #!/usr/bin/env python

  2. # -*- coding: utf-8 -*-

  3. 

  4. from pysnmp.hlapi import *

  5. from pysnmp.smi.builder import MibBuilder

  6. from pysnmp.smi.view import MibViewController

  7. 

  8. import importlib

  9. import itertools

  10. import mock

  11. import random

  12. import unittest

  13. 

  14. _mbuilder = MibBuilder()

  15. _mvc = MibViewController(_mbuilder)

  16. 

  17. #import data

  18. 

  19. # received packages

  20. # pvid: dot1qPvid

  21. #

  22. # tx packets:

  23. # dot1qVlanStaticEgressPorts

  24. # dot1qVlanStaticUntaggedPorts

  25. #

  26. # vlans:

  27. # dot1qVlanCurrentTable

  28. #	lists ALL vlans, including baked in ones

  29. #

  30. # note that even though an snmpwalk of dot1qVlanStaticEgressPorts

  31. # skips over other vlans (only shows statics), the other vlans (1,2,3)

  32. # are still accessible via that oid

  33. #

  34. # LLDP:

  35. # 1.0.8802.1.1.2.1.4.1.1 aka LLDP-MIB, lldpRemTable

  36. 

  37. class SwitchConfig(object):

  38. 	def __init__(self, host, community, vlanconf, ignports):

  39. 		self._host = host

  40. 		self._community = community

  41. 		self._vlanconf = vlanconf

  42. 		self._ignports = ignports

  43. 

  44. 	@property

  45. 	def host(self):

  46. 		return self._host

  47. 

  48. 	@property

  49. 	def community(self):

  50. 		return self._community

  51. 

  52. 	@property

  53. 	def vlanconf(self):

  54. 		return self._vlanconf

  55. 

  56. 	@property

  57. 	def ignports(self):

  58. 		return self._ignports

  59. 

  60. 	def getportlist(self, lookupfun):

  61. 		'''Return a set of all the ports indexes in data.'''

  62. 

  63. 		res = set()

  64. 

  65. 		for id in self._vlanconf:

  66. 			res.update(self._vlanconf[id].get('u', []))

  67. 			res.update(self._vlanconf[id].get('t', []))

  68. 

  69. 		# add in the ignore ports

  70. 		res.update(self.ignports)

  71. 

  72. 		# filter out the strings

  73. 		strports = set(x for x in res if isinstance(x, str))

  74. 

  75. 		res.update(lookupfun(x) for x in strports)

  76. 		res.difference_update(strports)

  77. 

  78. 		return res

  79. 

  80. def _octstrtobits(os):

  81. 	num = 1

  82. 	for i in str(os):

  83. 		num = (num << 8) | ord(i)

  84. 

  85. 	return bin(num)[3:]

  86. 

  87. def _intstobits(*ints):

  88. 	v = 0

  89. 	for i in ints:

  90. 		v |= 1 << i

  91. 

  92. 	r = list(bin(v)[2:-1])

  93. 	r.reverse()

  94. 

  95. 	return ''.join(r)

  96. 

  97. def _cmpbits(a, b):

  98. 	try:

  99. 		last1a = a.rindex('1')

  100. 	except ValueError:

  101. 		last1a = -1

  102. 		a = ''

  103. 	try:

  104. 		last1b = b.rindex('1')

  105. 	except ValueError:

  106. 		last1b = -1

  107. 		b = ''

  108. 

  109. 	if last1a != -1:

  110. 		a = a[:last1a + 1]

  111. 	if last1b != -1:

  112. 		b = b[:last1b + 1]

  113. 

  114. 	return a == b

  115. 

  116. import vlanmang

  117. 

  118. def checkchanges(module):

  119. 	mod = importlib.import_module(module)

  120. 	mods = [ i for i in mod.__dict__.itervalues() if isinstance(i, vlanmang.SwitchConfig) ]

  121. 

  122. 	res = []

  123. 

  124. 	for i in mods:

  125. 		vlans = i.vlanconf.keys()

  126. 		switch = SNMPSwitch(i.host, i.community)

  127. 		portmapping = switch.getportmapping()

  128. 		invportmap = { y: x for x, y in portmapping.iteritems() }

  129. 		lufun = invportmap.__getitem__

  130. 

  131. 		# get complete set of ports

  132. 		portlist = i.getportlist(lufun)

  133. 

  134. 		ports = set(portmapping.iterkeys())

  135. 

  136. 		# make sure switch agrees w/ them all

  137. 		if ports != portlist:

  138. 			raise ValueError('missing or extra ports found: %s' %

  139. 			    `ports.symmetric_difference(portlist)`)

  140. 

  141. 		# compare pvid

  142. 		pvidmap = getpvidmapping(i.vlanconf, lufun)

  143. 		switchpvid = switch.getpvid()

  144. 

  145. 		res.extend(('setpvid', idx, vlan, switchpvid[idx]) for idx, vlan in

  146. 		    pvidmap.iteritems() if switchpvid[idx] != vlan)

  147. 

  148. 		# compare egress & untagged

  149. 		switchegress = switch.getegress(*vlans)

  150. 		egress = getegress(i.vlanconf, lufun)

  151. 		switchuntagged = switch.getuntagged(*vlans)

  152. 		untagged = getuntagged(i.vlanconf, lufun)

  153. 		for i in vlans:

  154. 			if not _cmpbits(switchegress[i], egress[i]):

  155. 				res.append(('setegress', i, egress[i], switchegress[i]))

  156. 			if not _cmpbits(switchuntagged[i], untagged[i]):

  157. 				res.append(('setuntagged', i, untagged[i], switchuntagged[i]))

  158. 

  159. 	return res

  160. 

  161. def getidxs(lst, lookupfun):

  162. 	return [ lookupfun(i) if isinstance(i, str) else i for i in lst ]

  163. 

  164. def getpvidmapping(data, lookupfun):

  165. 	'''Return a mapping from vlan based table to a port: vlan

  166. 	dictionary.'''

  167. 

  168. 	res = []

  169. 	for id in data:

  170. 		for i in data[id].get('u', []):

  171. 			if isinstance(i, str):

  172. 				i = lookupfun(i)

  173. 			res.append((i, id))

  174. 

  175. 	return dict(res)

  176. 

  177. def getegress(data, lookupfun):

  178. 	r = {}

  179. 	for id in data:

  180. 		r[id] = _intstobits(*(getidxs(data[id].get('u', []),

  181. 		    lookupfun) + getidxs(data[id].get('t', []), lookupfun)))

  182. 

  183. 	return r

  184. 

  185. def getuntagged(data, lookupfun):

  186. 	r = {}

  187. 	for id in data:

  188. 		r[id] = _intstobits(*getidxs(data[id].get('u', []), lookupfun))

  189. 

  190. 	return r

  191. 

  192. class SNMPSwitch(object):

  193. 	'''A class for manipulating switches via standard SNMP MIBs.'''

  194. 

  195. 	def __init__(self, host, community):

  196. 		self._eng = SnmpEngine()

  197. 		self._cd = CommunityData(community, mpModel=0)

  198. 		self._targ = UdpTransportTarget((host, 161))

  199. 

  200. 	def _getmany(self, *oids):

  201. 		oids = [ ObjectIdentity(*oid) for oid in oids ]

  202. 		[ oid.resolveWithMib(_mvc) for oid in oids ]

  203. 

  204. 		errorInd, errorStatus, errorIndex, varBinds = \

  205. 		    next(getCmd(self._eng, self._cd, self._targ, ContextData(), *(ObjectType(oid) for oid in oids)))

  206. 

  207. 		if errorInd: # pragma: no cover

  208. 			raise ValueError(errorIndication)

  209. 		elif errorStatus: # pragma: no cover

  210. 			raise ValueError('%s at %s' %

  211. 			    (errorStatus.prettyPrint(), errorIndex and

  212. 			    varBinds[int(errorIndex)-1][0] or '?'))

  213. 		else:

  214. 			if len(varBinds) != len(oids): # pragma: no cover

  215. 				raise ValueError('too many return values')

  216. 

  217. 			return varBinds

  218. 

  219. 	def _get(self, oid):

  220. 		varBinds = self._getmany(oid)

  221. 

  222. 		varBind = varBinds[0]

  223. 		return varBind[1]

  224. 

  225. 	def _set(self, oid, value):

  226. 		oid = ObjectIdentity(*oid)

  227. 		oid.resolveWithMib(_mvc)

  228. 

  229. 		if isinstance(value, (int, long)):

  230. 			value = Integer(value)

  231. 		elif isinstance(value, str):

  232. 			value = OctetString(value)

  233. 

  234. 		errorInd, errorStatus, errorIndex, varBinds = \

  235. 		    next(setCmd(self._eng, self._cd, self._targ, ContextData(), ObjectType(oid, value)))

  236. 

  237. 		if errorInd: # pragma: no cover

  238. 			raise ValueError(errorIndication)

  239. 		elif errorStatus: # pragma: no cover

  240. 			raise ValueError('%s at %s' %

  241. 			    (errorStatus.prettyPrint(), errorIndex and

  242. 			    varBinds[int(errorIndex)-1][0] or '?'))

  243. 		else:

  244. 			for varBind in varBinds:

  245. 				if varBind[1] != value: # pragma: no cover

  246. 					raise RuntimeError('failed to set: %s' % ' = '.join([x.prettyPrint() for x in varBind]))

  247. 

  248. 	def _walk(self, *oid):

  249. 		oid = ObjectIdentity(*oid)

  250. 		# XXX - keep these, this might stop working, no clue what managed to magically make things work

  251. 		# ref: http://snmplabs.com/pysnmp/examples/smi/manager/browsing-mib-tree.html#mib-objects-to-pdu-var-binds

  252. 		# mibdump.py --mib-source '/Users/jmg/Nextcloud/Documents/user manuals/netgear/gs7xxt-v6.3.1.19-mibs' --mib-source /usr/share/snmp/mibs  --rebuild rfc1212 pbridge vlan

  253. 		#oid.addAsn1MibSource('/usr/share/snmp/mibs', '/Users/jmg/Nextcloud/Documents/user manuals/netgear/gs7xxt-v6.3.1.19-mibs')

  254. 

  255. 		oid.resolveWithMib(_mvc)

  256. 

  257. 		for (errorInd, errorStatus, errorIndex, varBinds) in nextCmd(

  258. 		    self._eng, self._cd, self._targ, ContextData(),

  259. 		    ObjectType(oid),

  260. 		    lexicographicMode=False):

  261. 			if errorInd: # pragma: no cover

  262. 				raise ValueError(errorInd)

  263. 			elif errorStatus: # pragma: no cover

  264. 				raise ValueError('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex)-1][0] or '?'))

  265. 			else:

  266. 				for varBind in varBinds:

  267. 					yield varBind

  268. 

  269. 	def getportmapping(self):

  270. 		'''Return a port name mapping.  Keys are the port index

  271. 		and the value is the name from the ifName entry.'''

  272. 

  273. 		return { x[0][-1]: str(x[1]) for x in self._walk('IF-MIB', 'ifName') }

  274. 

  275. 	def findport(self, name):

  276. 		'''Look up a port name and return it's port index.  This

  277. 		looks up via the ifName table in IF-MIB.'''

  278. 

  279. 		return [ x[0][-1] for x in self._walk('IF-MIB', 'ifName') if str(x[1]) == name ][0]

  280. 

  281. 	def getvlanname(self, vlan):

  282. 		'''Return the name for the vlan.'''

  283. 

  284. 		v = self._get(('Q-BRIDGE-MIB', 'dot1qVlanStaticName', vlan))

  285. 

  286. 		return str(v).decode('utf-8')

  287. 

  288. 	def createvlan(self, vlan, name):

  289. 		# createAndGo(4)

  290. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticRowStatus',

  291. 		    int(vlan)), 4)

  292. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticName', int(vlan)),

  293. 		    name)

  294. 

  295. 	def deletevlan(self, vlan):

  296. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticRowStatus',

  297. 		    int(vlan)), 6) # destroy(6)

  298. 

  299. 	def getvlans(self):

  300. 		'''Return an iterator with all the vlan ids.'''

  301. 

  302. 		return (x[0][-1] for x in self._walk('Q-BRIDGE-MIB', 'dot1qVlanStatus'))

  303. 

  304. 	def staticvlans(self):

  305. 		'''Return an iterator of the staticly defined/configured

  306. 		vlans.  This sometimes excludes special built in vlans,

  307. 		like vlan 1.'''

  308. 

  309. 		return (x[0][-1] for x in self._walk('Q-BRIDGE-MIB', 'dot1qVlanStaticName'))

  310. 

  311. 	def getpvid(self):

  312. 		'''Returns a dictionary w/ the interface index as the key,

  313. 		and the pvid of the interface.'''

  314. 

  315. 		return { x[0][-1]: int(x[1]) for x in self._walk('Q-BRIDGE-MIB', 'dot1qPvid') }

  316. 

  317. 	def getegress(self, *vlans):

  318. 		r = { x[-1]: _octstrtobits(y) for x, y in

  319. 		    self._getmany(*(('Q-BRIDGE-MIB',

  320. 		    'dot1qVlanStaticEgressPorts', x) for x in vlans)) }

  321. 

  322. 		return r

  323. 

  324. 	def getuntagged(self, *vlans):

  325. 		r = { x[-1]: _octstrtobits(y) for x, y in

  326. 		    self._getmany(*(('Q-BRIDGE-MIB',

  327. 		    'dot1qVlanStaticUntaggedPorts', x) for x in vlans)) }

  328. 

  329. 		return r

  330. 

  331. if __name__ == '__main__': # pragma: no cover

  332. 	print `checkchanges('data')`

  333. 

  334. class _TestMisc(unittest.TestCase):

  335. 	def setUp(self):

  336. 		import test_data

  337. 

  338. 		self._test_data = test_data

  339. 

  340. 	def test_intstobits(self):

  341. 		self.assertEqual(_intstobits(1, 5, 10), '1000100001')

  342. 		self.assertEqual(_intstobits(3, 4, 9), '001100001')

  343. 

  344. 	def test_octstrtobits(self):

  345. 		self.assertEqual(_octstrtobits('\x00'), '0' * 8)

  346. 		self.assertEqual(_octstrtobits('\xff'), '1' * 8)

  347. 		self.assertEqual(_octstrtobits('\xf0'), '1' * 4 + '0' * 4)

  348. 		self.assertEqual(_octstrtobits('\x0f'), '0' * 4 + '1' * 4)

  349. 

  350. 	def test_cmpbits(self):

  351. 		self.assertTrue(_cmpbits('111000', '111'))

  352. 		self.assertTrue(_cmpbits('000111000', '000111'))

  353. 		self.assertTrue(_cmpbits('11', '11'))

  354. 		self.assertTrue(_cmpbits('0', '000'))

  355. 		self.assertFalse(_cmpbits('0011', '11'))

  356. 		self.assertFalse(_cmpbits('11', '0011'))

  357. 		self.assertFalse(_cmpbits('10', '000'))

  358. 		self.assertFalse(_cmpbits('0', '1000'))

  359. 		self.assertFalse(_cmpbits('00010', '000'))

  360. 		self.assertFalse(_cmpbits('0', '001000'))

  361. 

  362. 	def test_pvidegressuntagged(self):

  363. 		data = {

  364. 			1: {

  365. 				'u':	[ 1, 5, 10 ] + range(13, 20),

  366. 				't':    [ 'lag2', 6, 7 ],

  367. 			},

  368. 			10: {

  369. 				'u':	[ 2, 3, 6, 7, 8, 'lag2' ],

  370. 			},

  371. 			13: {

  372. 				'u':	[ 4, 9 ],

  373. 				't':    [ 'lag2', 6, 7 ],

  374. 			},

  375. 			14: {

  376. 				't':	[ 'lag2' ],

  377. 			},

  378. 		}

  379. 		swconf = SwitchConfig('', '', data, [ 'lag3' ])

  380. 

  381. 		lookup = {

  382. 			'lag2': 30,

  383. 			'lag3': 31,

  384. 		}

  385. 		lufun = lookup.__getitem__

  386. 

  387. 		check = dict(itertools.chain(enumerate([ 1, 10, 10, 13, 1, 10,

  388. 		    10, 10, 13, 1 ], 1), enumerate([ 1 ] * 7, 13),

  389. 		    [ (30, 10) ]))

  390. 

  391. 		# That a pvid mapping

  392. 		res = getpvidmapping(data, lufun)

  393. 

  394. 		# is correct

  395. 		self.assertEqual(res, check)

  396. 

  397. 		self.assertEqual(swconf.getportlist(lufun),

  398. 		    set(xrange(1, 11)) | set(xrange(13, 20)) | set(lookup.values()))

  399. 

  400. 		checkegress = {

  401. 			1:	'1000111001001111111' + '0' * (30 - 20) + '1',

  402. 			10:	'01100111' + '0' * (30 - 9) + '1',

  403. 			13:	'000101101' + '0' * (30 - 10) + '1',

  404. 			14:	'0' * (30 - 1) + '1',

  405. 		}

  406. 

  407. 		self.assertEqual(getegress(data, lufun), checkegress)

  408. 

  409. 		checkuntagged = {

  410. 			1:	'1000100001001111111',

  411. 			10:	'01100111' + '0' * (30 - 9) + '1',

  412. 			13:	'000100001',

  413. 			14:	'',

  414. 		}

  415. 		self.assertEqual(getuntagged(data, lufun), checkuntagged)

  416. 

  417. 	#@unittest.skip('foo')

  418. 	@mock.patch('vlanmang.SNMPSwitch.getuntagged')

  419. 	@mock.patch('vlanmang.SNMPSwitch.getegress')

  420. 	@mock.patch('vlanmang.SNMPSwitch.getpvid')

  421. 	@mock.patch('vlanmang.SNMPSwitch.getportmapping')

  422. 	@mock.patch('importlib.import_module')

  423. 	def test_checkchanges(self, imprt, portmapping, gpvid, gegress, guntagged):

  424. 		# that import returns the test data

  425. 		imprt.side_effect = itertools.repeat(self._test_data)

  426. 

  427. 		# that getportmapping returns the following dict

  428. 		ports = { x: 'g%d' % x for x in xrange(1, 24) }

  429. 		ports[30] = 'lag1'

  430. 		ports[31] = 'lag2'

  431. 		ports[32] = 'lag3'

  432. 		portmapping.side_effect = itertools.repeat(ports)

  433. 

  434. 		# that the switch's pvid returns

  435. 		spvid = { x: 283 for x in xrange(1, 24) }

  436. 		spvid[30] = 5

  437. 		gpvid.side_effect = itertools.repeat(spvid)

  438. 

  439. 		# the the extra port is caught

  440. 		self.assertRaises(ValueError, checkchanges, 'data')

  441. 

  442. 		# that the functions were called

  443. 		imprt.assert_called_with('data')

  444. 		portmapping.assert_called()

  445. 

  446. 		# XXX - check that an ignore statement is honored

  447. 

  448. 		# delete the extra port

  449. 		del ports[32]

  450. 

  451. 		# that the egress data provided

  452. 		gegress.side_effect = [ {

  453. 			1: '1' * 10,

  454. 			5: '1' * 10,

  455. 			283: '00000000111111111110011000000100000',

  456. 		} ]

  457. 

  458. 		# that the untagged data provided

  459. 		guntagged.side_effect = [ {

  460. 			1: '1' * 10,

  461. 			5: '1' * 8 + '0' * 10,

  462. 			283: '00000000111111111110011',

  463. 		} ]

  464. 

  465. 		res = checkchanges('data')

  466. 

  467. 		validres = [ ('setpvid', x, 5, 283) for x in xrange(1, 9) ] + \

  468. 		    [ ('setpvid', 20, 1, 283),

  469. 		    ('setpvid', 21, 1, 283),

  470. 		    ('setpvid', 30, 1, 5),

  471. 		    ('setegress', 1, '0' * 19 + '11' + '0' * 8 + '1', '1' * 10),

  472. 		    ('setuntagged', 1, '0' * 19 + '11' + '0' * 8 + '1', '1' * 10),

  473. 		    ('setegress', 5, '1' * 8 + '0' * 11 + '11' + '0' * 8 + '1', '1' * 10),

  474. 		    ]

  475. 

  476. 		self.assertEqual(set(res), set(validres))

  477. 

  478. _skipSwitchTests = True

  479. 

  480. class _TestSwitch(unittest.TestCase):

  481. 	def setUp(self):

  482. 		# If we don't have it, pretend it's true for now and

  483. 		# we'll recheck it later

  484. 		model = 'GS108T smartSwitch'

  485. 		if getattr(self, 'switchmodel', model) != model or \

  486. 		    _skipSwitchTests: # pragma: no cover

  487. 			self.skipTest('Need a GS108T switch to run these tests')

  488. 

  489. 		args = open('test.creds').read().split()

  490. 		self.switch = SNMPSwitch(*args)

  491. 

  492. 		self.switchmodel = self.switch._get(('ENTITY-MIB',

  493. 		    'entPhysicalModelName', 1))

  494. 		if self.switchmodel != model: # pragma: no cover

  495. 			self.skipTest('Need a GS108T switch to run these tests')

  496. 

  497. 	def test_misc(self):

  498. 		switch = self.switch

  499. 

  500. 		self.assertEqual(switch.findport('g1'), 1)

  501. 		self.assertEqual(switch.findport('l1'), 14)

  502. 

  503. 	def test_portnames(self):

  504. 		switch = self.switch

  505. 

  506. 		resp = dict((x, 'g%d' % x) for x in xrange(1, 9))

  507. 		resp.update({ 13: 'cpu' })

  508. 		resp.update((x, 'l%d' % (x - 13)) for x in xrange(14, 18))

  509. 

  510. 		self.assertEqual(switch.getportmapping(), resp)

  511. 

  512. 	def test_egress(self):

  513. 		switch = self.switch

  514. 

  515. 		egress = switch.getegress(1, 2, 3)

  516. 

  517. 		checkegress = {

  518. 			1: '1' * 8 + '0' * 5 + '1' * 4 + '0' * 23,

  519. 			2: '0' * 8 * 5,

  520. 			3: '0' * 8 * 5,

  521. 		}

  522. 

  523. 		self.assertEqual(egress, checkegress)

  524. 

  525. 	def test_untagged(self):

  526. 		switch = self.switch

  527. 

  528. 		untagged = switch.getuntagged(1, 2, 3)

  529. 

  530. 		checkuntagged = {

  531. 			1: '1' * 8 * 5,

  532. 			2: '1' * 8 * 5,

  533. 			3: '1' * 8 * 5,

  534. 		}

  535. 

  536. 		self.assertEqual(untagged, checkuntagged)

  537. 

  538. 	def test_vlan(self):

  539. 		switch = self.switch

  540. 

  541. 		existingvlans = set(switch.getvlans())

  542. 

  543. 		while True:

  544. 			testvlan = random.randint(1,4095)

  545. 			if testvlan not in existingvlans:

  546. 				break

  547. 

  548. 		# Test that getting a non-existant vlans raises an exception

  549. 		self.assertRaises(ValueError, switch.getvlanname, testvlan)

  550. 

  551. 		self.assertTrue(set(switch.staticvlans()).issubset(existingvlans))

  552. 

  553. 		pvidres = { x: 1 for x in xrange(1, 9) }

  554. 		pvidres.update({ x: 1 for x in xrange(14, 18) })

  555. 		self.assertEqual(switch.getpvid(), pvidres)

  556. 

  557. 		testname = 'Sometestname'

  558. 

  559. 		# Create test vlan

  560. 		switch.createvlan(testvlan, testname)

  561. 		try:

  562. 			# make sure the test vlan was created

  563. 			self.assertIn(testvlan, set(switch.staticvlans()))

  564. 

  565. 			self.assertEqual(testname, switch.getvlanname(testvlan))

  566. 		finally:

  567. 			switch.deletevlan(testvlan)