本脚本由群友似水年华大佬分享,
**大佬为了简化脚本的环境搭建把脚本封装成了exe方便大家哪来即用。
dev_config.exe是批量配置的脚本,调用ip.txt里放的ip输入用户名密码登陆设备,运行cmd.txt的命令。
dev_bak.exe是备份脚本,调用ip.txt的ip输入用户名密码登陆设备,实现配置备份。
视频演示如下:
https://mp.weixin.qq.com/s/JBZPiKvAB48z76ihzYe0JQ (公众号原文链接里面有视频演示)
,时长04:28
以下是脚本部分为三个文件:
说明:第一个文件,devlogin.py是做的一个设备登陆的类,其他使用的时候引入这个就好了,dev_bak是配置备份的文件,其中设备登陆部分是从第一个文件引入的,第二个同理。如果需要多设备支持,就需要对devlogin.py里面去优化。
现在devlogin里面做了思科,华为,juniper-netscreen,所以其他的需要优化这部分。
devlogin.py登陆文件
import netmikoimport socketimport refrom netmiko import ConnectHandler, SSHDetectfrom netmiko.ssh_exception import NetMikoTimeoutExceptionfrom netmiko.ssh_exception import NetMikoAuthenticationException##This script use to login device by ssh or telnet,it will detect the TCP port (22,23) automaticly and#find out which is open to use,you can use port_scan to comfirm which metod will be used to connect device#and following two Classes are the different because the first one is only use to login cisco device,and#second one is use to login all devices now it supports 'cisco','huawei','juniper',and it can be detect#automatic!##class CiscoLogin():##Only use to Login cisco device!!!#def __init__(self,username,password,enable_pwd,ip):self.username = usernameself.password = passwordself.enable_pwd = enable_pwdself.ip = ipdef port_scan(self):connect_protocol = 'unknown'sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)try:sock.connect((self.ip,22))sock.shutdown(2)sock.close()connect_protocol = 'ssh'except Exception as e:try:sock.connect((self.ip,23))sock.shutdown(2)sock.close()connect_protocol = 'telnet'except Exception as e:print('[+]%s端口不可达'%self.ip)return connect_protocoldef ssh_login(self):auth_flag = Falsenet_conn = ''hostname = ''devtype = ''device = {'device_type': 'cisco_ios','ip': self.ip,'username': self.username,'password': self.password,'secret': self.enable_pwd,# 'timeout': 5,}# 尝试探测设备型号以及登陆设备try:devtype = 'cisco_ios'print ('-' * 30)print ("[+] Trying to connect to: " + self.ip)net_conn = ConnectHandler(**device)# print (net_conn)print ("[+] connected to: " + self.ip)login_out = net_conn.find_prompt()print(login_out)hostname = login_out.replace('#', ' ').replace('>',' ').rstrip()if '#' in login_out:auth_flag = Trueprint('login success')elif '>' in login_out:try:net_conn.enable()auth_flag = Trueexcept Exception as e:print('ENABLE authtication fail')except (EOFError, NetMikoAuthenticationException):print ('username/password wrong!')except (ValueError,NetMikoAuthenticationException):print ('enable password wrong!')return net_conn, auth_flag, hostname, devtypedef telnet_login(self):auth_flag = Falsenet_conn = ''hostname = ''devtype = ''device = {'device_type': 'cisco_ios_telnet','ip': self.ip,'username': self.username,'password': self.password,'secret': self.enable_pwd,}# 尝试探测设备型号以及登陆设备print ('[+] 尝试TELNET登陆%s设备...' % self.ip)try:devtype = 'cisco_ios_telnet'net_conn = ConnectHandler(**device)login_out = net_conn.find_prompt()if '#' in login_out:auth_flag = Truehostname = login_out.replace('#', '')elif '>' in login_out:try:net_conn.enable()if net_conn.check_enable_mode():auth_flag = Truehostname = login_out.replace('#', '')print('[+] 登陆ASA:%s设备成功...' % self.ip)except Exception as e:print('ENABLE认证失败')except (EOFError, NetMikoAuthenticationException):print ('username/password wrong!')except (ValueError,NetMikoAuthenticationException):print ('enable password wrong!')return net_conn, auth_flag, hostname, devtypeclass AllDevLogin():##Use to login all devices,and it can autodetect device brand,support 'cisco','huawei','juniper'##def __init__ (self,username,password,enable_pwd,ip):self.username = usernameself.password = passwordself.enable_pwd = enable_pwdself.ip = ipdef port_scan(self):connect_protocol = 'unknown'sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)try:sock.connect((self.ip,22))sock.shutdown(2)sock.close()connect_protocol = 'ssh'except Exception as e:try:sock.connect((self.ip,23))sock.shutdown(2)sock.close()connect_protocol = 'telnet'except Exception as e:print('[+]%s端口不可达'%self.ip)return connect_protocoldef telnet_autodetect(self):dev_detect_flag = Falsedev_telnet = {'device_type': 'cisco_ios_telnet','ip': self.ip,'username': self.username,'password': self.password,'secret': self.enable_pwd,# 'timeout':5,# 'global_delay_factor':1.3,}net_conn = ConnectHandler(**dev_telnet)if True:dev_out = net_conn.send_command('show version')if 'Adaptive' in dev_out:devtype = 'cisco_asa_telnet'elif 'Cisco' in dev_out:devtype = 'cisco_ios_telnet'elif 'Unrecognized command' in dev_out:dev_out = net_conn.send_command('display version')devtype = 'huawei_telnet'elif 'unknown keyword' in dev_out:dev_out = net_conn.send_command('get sys')devtype = 'juniper_junos_telnet'else:devtype = 'None'return devtypedef ssh_login(self):auth_flag = Falsenet_conn = ''hostname = ''devtype = 'cisco_ios'device = {'device_type': 'autodetect','ip': self.ip,'username': self.username,'password': self.password,'secret': self.enable_pwd,'timeout':5,# 'global_delay_factor':1.3,}# 尝试探测设备型号以及登陆设备try:###device autodetectprint('[+] 正在尝试分析'+self.ip+'的设备品牌...')devtype_detect = SSHDetect(**device)devtype = devtype_detect.autodetect()device['device_type'] = devtypeprint ("[+] 正在尝试SSH登陆: " + self.ip)net_conn = ConnectHandler(**device)login_out = net_conn.find_prompt()print (login_out)###SSH to deviceif 'cisco' in devtype:if '#' in login_out:auth_flag = Truehostname = login_out.replace('#', '')#print (hostname)elif '>' in login_out :net_conn.enable()print('enable')if net_conn.check_enable_mode():auth_flag = Truehostname = login_out.replace('#', '')print('[+] 登陆:%s设备成功...' % self.ip)else:print('[+] Enable:%s设备失败...' % self.ip)elif devtype == 'huawei':hostname = login_out.replace('<','').replace('>','')if login_out:auth_flag = Trueprint('[+] 登陆%s设备成功...'%self.ip)if '>' in login_out:try:net_conn.config_mode()auth_flag = Trueexcept Exception as e:print('[+] Config_mode authtication fail')elif devtype == 'netscreen' or 'juniper':hostname = login_out.replace('->','')if '>' in login_out:auth_flag = Trueexcept (EOFError, NetMikoAuthenticationException):print ('username/password wrong!')except (ValueError,NetMikoAuthenticationException):print ('enable password wrong!')return net_conn, auth_flag, hostname, devtypedef telnet_login(self):device = {'device_type': 'cisco_ios','ip': self.ip,'username': self.username,'password': self.password,'secret': self.enable_pwd,}try:devtype= telnet_autodetect()device['device_type'] = devtypenet_conn = ConnectHandler(**device)login_out = net_conn.find_prompt()if 'cisco' in devtype:print ('-' * 30)print ("[+] 正在尝试TELNET登陆: " + self.ip)hostname = login_out.replace('#', '').replace('>','')# print (hostname)if '#' in login_out:auth_flag = Trueprint('[+] 登陆%s设备成功...'%self.ip)elif '>' in login_out:try:net_conn.enable()if net_conn.check_enable_mode():auth_flag = Trueexcept Exception as e:print('ENABLE authtication fail')elif devtype == 'huawei_telnet':print ('-' * 30)print ("[+] Trying to connect to: " + self.ip)net_conn = ConnectHandler(**device)print ("[+] Connected to: " + ip)login_out = net_conn.find_prompt()print(login_out)hostname = login_out.replace('<', '').replace('>','')# print (hostname)if ']' in login_out:auth_flag = Trueprint('[+] 登陆%s设备成功...'%self.ip)elif '>' in login_out:auth_flag = Truetry:net_conn.config_mode()auth_flag = Trueexcept Exception as e:print('[+] Config_mode authtication fail')elif devtype == 'juniper_junos_telnet':hostname = login_out.replace('->', '')print (hostname)if '>' in login_out:auth_flag = Trueexcept (EOFError, NetMikoAuthenticationException):print ('username/password wrong!')except (ValueError,NetMikoAuthenticationException):print ('enable password wrong!')return net_conn, auth_flag, hostname, devtype
dev_config.py调试命令文件
import netmikoimport timeimport csvimport reimport getpassimport socketimport devloginimport fileinputfrom netmiko import ConnectHandler, SSHDetectfrom devlogin import CiscoLogindef fail_write(fail_path, data):with open(fail_path, 'a', encoding='utf-8', newline='') as faillogin:faillogin.write(data + '\r\n')def config_write(fail_path, data):with open(fail_path, 'a', encoding='utf-8', newline='') as config_write:config_write.write(data + '\r\n')config_write.write('-'*30 + '\r\n')def device_config(net_conn,hostname,devtype,ip,config_commands):config_output = net_conn.send_config_from_file ('cmd.txt')print (config_output)return config_outputdef main():total_time = 0file_path = 'config.txt'fail_path = 'fail.txt'config_commands = []dev_count = 0username = input('[+] Please Enter Username:')password = getpass.getpass('[+] Please Enter password:')enable_pwd = getpass.getpass('[+] Please Enter enable secret:')print ('[+] starting...')for cmd in fileinput.input('cmd.txt'):cmd= cmd.rstrip()config_commands.append(cmd)print('您要配置的命令如下:')for value in config_commands:print (value)cmd_comfirm= input('请确认是否使用以上命令进行配置[Y/N]?')if cmd_comfirm == 'y' or cmd_comfirm == 'Y':print ('-'*30)print ('[+] 开始执行...')print ('-'*30)for ip in fileinput.input('ip.txt'):start_time = time.time()ip = ip.rstrip()dev_count +=1print ('-' * 30)print ('[+] 正在尝试用用户名:'+ username +'登陆%s设备...'%ip)login = CiscoLogin(username,password,enable_pwd,ip)connect_protocol = login.port_scan()if connect_protocol == 'ssh':net_conn, auth_flag, hostname, devtype = login.ssh_login()elif connect_protocol == 'telnet':net_conn, auth_flag, hostname, devtype = login.telnet_login()else:print ('[+] 设备的端口不可达..')if auth_flag:config_output = device_config(net_conn,hostname,devtype,ip,config_commands)config_write(file_path,config_output)else:fail_write(fail_path, ip)print ('-'*30)else :print ('请修改cmd.txt中的命令后重新执行!脚本将直接退出!')exit(1)print ('总共配置了{0}设备'.format(dev_count))end_time = time.time()run_time = end_time - start_timerun_time = round(run_time,2)total_time += run_timetotal_time = round(total_time,2)print ('[+] 运行耗时%s秒'%run_time)print ('[+] 运行总耗时%s秒'%total_time)conti=input('[+] 请按任意键退出:')if conti:exit(1)if __name__ == '__main__':login_info = u'''++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++此脚本为CISCO设备批量配置脚本,请将需要配置的命令行保存在程序目录下并以cmd.txt命名,请将需要登陆的设备IP保存在程序目录下并以ip.txt命名,系统将自动读取IP以及命令并自动配置到设备,注意,请在命令行最后加上'do copy running start'/'do write'以确保配置能正确保存到设备!++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++'''print(login_info)main()
dev+bak.py备份文件:
import netmikoimport sysimport osimport timeimport reimport fileinputfrom netmiko import ConnectHandler, SSHDetectfrom devlogin import AllDevLogindef config_bak(net_conn,devtype):cmd = 'show run'if 'cisco' in devtype:config = net_conn.send_command('show running-config')elif devtype == 'huawei':config = net_conn.send_command('display current-configuration')else:print('[+] Not in Config Mode,Please check enable password')return config,cmddef file_write(hostname,config,cmd,ip):filename = (u'{0}_{1}_{2}.txt'.format(hostname,ip,cmd))filepath = r'configbak/'if os.path.exists(filepath):print ('[+] The "%s" file exists.' %filepath)else:print ('[+] Now, I will create the %s'%filepath)os.makedirs(filepath)save = open(filepath + filename,'w')print(u'[+] executing {0} command'.format(cmd))save.write(config)print(u'[+] {0} command executed,result was saved at configbak,named {2}!'.format(cmd,filepath,filename))def main():# fail_path = 'fail.txt'username = input('[+] Please Enter Username:')password = input('[+] Please Enter password:')enable_pwd = input('[+] Please Enter enable secret:')print ('[+] start to backup...')for ip in fileinput.input('ip.txt'):ip = ip.rstrip()login = AllDevLogin(username,password,enable_pwd,ip)connect_protocol = login.port_scan()if connect_protocol == 'ssh':net_conn, auth_flag, hostname, devtype = login.ssh_login()elif connect_protocol == 'telnet':net_conn, auth_flag, hostname, devtype = login.telnet_login()if auth_flag:config, cmd = config_bak(net_conn, devtype)file_write(hostname,config,cmd,ip)if __name__ == '__main__':login_info = u'''++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++此脚本为CISCO设备配置备份脚本,请将需要登陆的设备IP保存在程序目录下并以ip.txt命名,系统将自动读取IP并登陆到设备完成备份,并将备份保存在configbak文件夹下++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++'''print(login_info)main()
脚本和exe获取公众号后台回复:“思科备份脚本”
若有收获,就点个赞吧
0 人点赞
