diff --git a/pyscaniptonetbox.py b/pyscaniptonetbox.py index 2ce3764..6ac2510 100644 --- a/pyscaniptonetbox.py +++ b/pyscaniptonetbox.py @@ -84,39 +84,44 @@ prefix_list = [get_prefix_attribute(i) for i in prefixes_c] #print(prefix_list) scan_net = ipaddress.IPv4Network(config['subnet']) +supernet = None if config['subnet'] in prefix_list: - print("Ok - entered prefix belongs to " + tenant_name) + print("Ok - entered prefix directly allocated to " + tenant_name) +else: + print(" - prefix '" + config['subnet'] + " is not directly allocated to this tenant.. ") + + +print(" checking if entered subnet is active and a member/subnet of allocated prefixes...") +is_subnet = False +for p in prefixes: + pfx = str(p.prefix) + status = str(p.status) + #print(str(p.status) + " " + str(p.display)) + if status == "Active": + print("active - " + pfx) + try: + pfxnetwork = ipaddress.IPv4Network(pfx) + except Exception: + #presumably ipv6 + continue + + #print("comparing to:" + pfxnetwork.exploded) + if scan_net.subnet_of(pfxnetwork): + is_subnet = True + supernet = pfxnetwork + #for now we are assuming last found *active* supernet is the smallest.. todo - check review! + +if is_subnet: + print("OK - found (active) prefix " + supernet.exploded + " that contains this range") prefix_is_writable = True else: - print(" - prefix '" + config['subnet'] + " is not directly allocated to this tenant.. checking if it is a subnet of allocated prefixes...") - supernet = None - is_subnet = False - for p in prefixes: - pfx = str(p.prefix) - status = str(p.status) - #print(str(p.status) + " " + str(p.display)) - if status == "Active": - print("active - " + pfx) - try: - pfxnetwork = ipaddress.IPv4Network(pfx) - except Exception: - #presumably ipv6 - continue - - #print("comparing to:" + pfxnetwork.exploded) - if scan_net.subnet_of(pfxnetwork): - is_subnet = True - supernet = pfxnetwork - #for now we are assuming last found *active* supernet is the smallest.. todo - check review! - if is_subnet: - print("OK - found (active) prefix " + supernet.exploded + " that contains this range") - prefix_is_writable = True - else: - print("No suitable (active) prefix found for " + tenant_name + " which contains subnet " + scan_net.exploded) - prefix_is_writable = False ;#we'll do the scan - but won't write to netbox - #note that netbox will not stop us writing to a non-Active prefix unless the token is locked down with complex rules + print("No suitable (active) prefix found for " + tenant_name + " which contains subnet " + scan_net.exploded) + prefix_is_writable = False ;#we'll do the scan - but won't write to netbox + #note that netbox will not stop us writing to a non-Active prefix unless the token is locked down with complex rules #sys.exit(2) + + if prefix_is_writable: answer = input("network " + scan_net.exploded + " Type 'n' to cancel, 'y' to scan only, 'update' to scan and enter IPs into netbox (n/y/update)") else: @@ -139,15 +144,17 @@ if do_scan: scanner.run() for i in scanner.list_of_hosts_found: print(i) + #print(str(supernet.prefixlen)) + strprefixlen = str(supernet.prefixlen) if prefix_is_writable & do_update: try: result = nb.ipam.ip_addresses.create( - address = str(i), + address = str(i) + "/" + strprefixlen, vrf = 1, tenant = t.id, description = "loaded by pyscaniptonetbox" ) - print(" added: " + str(i)) + print(" added: " + str(i) + "/" + strprefixlen) #todo - add mac-address to custom field if # a) there is no interface to assign it to # b) we are on the same subnet and can even get a mac-address