Demo
[root@centos7 tmp]# cat test.py
#!/usr/bin/python3
from netmiko import Netmiko
from csv import DictReader
import time
import os
import csv
os.chdir('/tmp')
csvfile = open('list.csv', 'r')
data = csv.DictReader(csvfile)
fw_01 ={'host':'192.168.100.254',
'username':'admin',
'password':'admin',
'device_type':'fortinet',
}
print(f"connecting to the device")
net_connect = Netmiko(**fw_01)
print("device is connected")
for i in data:
#print(i['ip'])
banip=(i['ip'])
#time.sleep(2)
print(banip)
config = ['config firewall address',
f'edit Ban-{(banip)}',
f'set associated-interface port2',
f'set subnet {banip} 255.255.255.255',
'next',
'end'
]
send_config =net_connect.send_config_set(config)
print(send_config)
config = ['config firewall addrgrp',
f'edit AutoBan',
f'append member Ban-{banip}',
'next',
'end'
]
send_config =net_connect.send_config_set(config)
print(send_config)
[root@centos7 tmp]#
====================================
[root@centos7 tmp]# ./test.py
connecting to the device
device is connected
201.189.210.1
config firewall address
FortiGate-VM64 (address) # edit Ban-201.189.210.1
new entry 'Ban-201.189.210.1' added
FortiGate-VM64 (Ban-201.189.210.1) # set associated-interface port2
FortiGate-VM64 (Ban-201.189.210.1) # set subnet 201.189.210.1 255.255.255.255
FortiGate-VM64 (Ban-201.189.210.1) # next
FortiGate-VM64 (address) # end
FortiGate-VM64 #
config firewall addrgrp
FortiGate-VM64 (addrgrp) # edit AutoBan
FortiGate-VM64 (AutoBan) # append member Ban-201.189.210.1
FortiGate-VM64 (AutoBan) # next
FortiGate-VM64 (addrgrp) # end
FortiGate-VM64 #
沒有留言:
張貼留言