Browse Source

fixed /32 subnet issue - close #1

master
Julian Noble 2 years ago
parent
commit
b28c6552e6
  1. 67
      pyscaniptonetbox.py

67
pyscaniptonetbox.py

@ -84,39 +84,44 @@ prefix_list = [get_prefix_attribute(i) for i in prefixes_c]
#print(prefix_list) #print(prefix_list)
scan_net = ipaddress.IPv4Network(config['subnet']) scan_net = ipaddress.IPv4Network(config['subnet'])
supernet = None
if config['subnet'] in prefix_list: if config['subnet'] in prefix_list:
print("Ok - entered prefix belongs to " + tenant_name) print("Ok - entered prefix directly allocated to " + tenant_name)
else:
print(" - prefix '" + config['subnet'] + " is not directly allocated to this tenant.. ")
print(" checking if entered subnet is active and a member/subnet of allocated prefixes...")
is_subnet = False
for p in prefixes:
pfx = str(p.prefix)
status = str(p.status)
#print(str(p.status) + " " + str(p.display))
if status == "Active":
print("active - " + pfx)
try:
pfxnetwork = ipaddress.IPv4Network(pfx)
except Exception:
#presumably ipv6
continue
#print("comparing to:" + pfxnetwork.exploded)
if scan_net.subnet_of(pfxnetwork):
is_subnet = True
supernet = pfxnetwork
#for now we are assuming last found *active* supernet is the smallest.. todo - check review!
if is_subnet:
print("OK - found (active) prefix " + supernet.exploded + " that contains this range")
prefix_is_writable = True prefix_is_writable = True
else: else:
print(" - prefix '" + config['subnet'] + " is not directly allocated to this tenant.. checking if it is a subnet of allocated prefixes...") print("No suitable (active) prefix found for " + tenant_name + " which contains subnet " + scan_net.exploded)
supernet = None prefix_is_writable = False ;#we'll do the scan - but won't write to netbox
is_subnet = False #note that netbox will not stop us writing to a non-Active prefix unless the token is locked down with complex rules
for p in prefixes:
pfx = str(p.prefix)
status = str(p.status)
#print(str(p.status) + " " + str(p.display))
if status == "Active":
print("active - " + pfx)
try:
pfxnetwork = ipaddress.IPv4Network(pfx)
except Exception:
#presumably ipv6
continue
#print("comparing to:" + pfxnetwork.exploded)
if scan_net.subnet_of(pfxnetwork):
is_subnet = True
supernet = pfxnetwork
#for now we are assuming last found *active* supernet is the smallest.. todo - check review!
if is_subnet:
print("OK - found (active) prefix " + supernet.exploded + " that contains this range")
prefix_is_writable = True
else:
print("No suitable (active) prefix found for " + tenant_name + " which contains subnet " + scan_net.exploded)
prefix_is_writable = False ;#we'll do the scan - but won't write to netbox
#note that netbox will not stop us writing to a non-Active prefix unless the token is locked down with complex rules
#sys.exit(2) #sys.exit(2)
if prefix_is_writable: if prefix_is_writable:
answer = input("network " + scan_net.exploded + " Type 'n' to cancel, 'y' to scan only, 'update' to scan and enter IPs into netbox (n/y/update)") answer = input("network " + scan_net.exploded + " Type 'n' to cancel, 'y' to scan only, 'update' to scan and enter IPs into netbox (n/y/update)")
else: else:
@ -139,15 +144,17 @@ if do_scan:
scanner.run() scanner.run()
for i in scanner.list_of_hosts_found: for i in scanner.list_of_hosts_found:
print(i) print(i)
#print(str(supernet.prefixlen))
strprefixlen = str(supernet.prefixlen)
if prefix_is_writable & do_update: if prefix_is_writable & do_update:
try: try:
result = nb.ipam.ip_addresses.create( result = nb.ipam.ip_addresses.create(
address = str(i), address = str(i) + "/" + strprefixlen,
vrf = 1, vrf = 1,
tenant = t.id, tenant = t.id,
description = "loaded by pyscaniptonetbox" description = "loaded by pyscaniptonetbox"
) )
print(" added: " + str(i)) print(" added: " + str(i) + "/" + strprefixlen)
#todo - add mac-address to custom field if #todo - add mac-address to custom field if
# a) there is no interface to assign it to # a) there is no interface to assign it to
# b) we are on the same subnet and can even get a mac-address # b) we are on the same subnet and can even get a mac-address

Loading…
Cancel
Save