mirror of
				https://github.com/lopes/netbox-scanner.git
				synced 2025-10-25 17:43:47 +02:00 
			
		
		
		
	Merge branch 'master' into master
This commit is contained in:
		
						commit
						50bfcd6d15
					
				
							
								
								
									
										16
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										16
									
								
								README.md
									
									
									
									
									
								
							| @ -23,15 +23,15 @@ After installation, use the `netbox-scanner.conf` file as an example to create y | ||||
| ## Quick Start | ||||
| 
 | ||||
| 0. Clone the repo and install the dependencies as shown above. | ||||
| 1. Move the `netbox-scanner.conf` file to your Netbox directory (`/opt/netbox`) and fill out the variables according to your setup. Don't forget to change the path to match where you put this repo under `[NMAP].path`. | ||||
| 2. Go to the `samples` subdirectory of this repo and execute `./nmap-scan.sh` to get a first look at the behavior of this project. | ||||
| 1. Use the `netbox-scanner.conf` file that you find in the project directory or create your own under (`/opt/netbox/netbox-scanner.conf` or `~/.netbox-scanner.conf`) and fill out the variables according to your setup. | ||||
| 2. Fill the networks you want to scan (one per line) under `networks.txt` and then run `python netbox-scanner.py nmap` to get a first look at the behavior of this project. | ||||
| 
 | ||||
| ## Basics | ||||
| netbox-scanner reads a user-defined source to discover IP addresses and descriptions, and insert them into NetBox.  To control what was previously inserted, netbox-scanner adds tags to each record, so it will know that that item can be handled.  In order to guarantee the integrity of manual inputs, records without such tags will not be updated or removed. | ||||
| 
 | ||||
| It is important to note that if netbox-scanner cannot define the description for a given host, then it will insert the string defined in the `unknown` parameter.  Users can change those names at their own will. | ||||
| 
 | ||||
| For NetBox access, this script uses [pynetbox](https://github.com/digitalocean/pynetbox) --worth saying that was tested under NetBox v2.6.7. | ||||
| For NetBox access, this script uses [pynetbox](https://github.com/digitalocean/pynetbox) --worth saying that was tested under NetBox v2.9.11. | ||||
| 
 | ||||
| ### Garbage Collection | ||||
| If the user marked the `cleanup` option to `yes`, then netbox-scanner will run a garbage collector after the synchronization finishes.  Basically, it will get all IP addresses recorded in NetBox under the same tag.  Then, both lists will be compared: the one just retrieved from NetBox and the list that was synced.  Hosts in the first list that don't appear in the second list will be deleted. | ||||
| @ -40,9 +40,9 @@ If the user marked the `cleanup` option to `yes`, then netbox-scanner will run a | ||||
| ## Configuration | ||||
| Users can interact with netbox-scanner by command line and configuration file.  The latter is pretty simple and straight forward: the only parameter accepted is the module you want to use. | ||||
| 
 | ||||
| The configuration file (`netbox-scanner.conf`) is where netbox-scanner looks for details such as authentication data and path to files.  This file can be stored on the user's home directory or on `/opt/netbox`, but if you choose the first option, it must be a hidden file --`.netbox-scanner.conf`. | ||||
| The configuration file (`netbox-scanner.conf`) is where netbox-scanner looks for details such as authentication data and path to files.  This file can be stored on the user's home directory, on `/opt/netbox` or under the project root directory, but if you choose the first option, it must be a hidden file --`.netbox-scanner.conf`. | ||||
| 
 | ||||
| > Remember that netbox-scanner will always look for this file at home directory, then at `/opt/netbox`, in this order.  The first occurrence will be considered. | ||||
| > Remember that netbox-scanner will always look for this file at home directory, then at `/opt/netbox`, and finally in the project root dir, in this order.  The first occurrence will be considered. | ||||
| 
 | ||||
| 
 | ||||
| ## Modules | ||||
| @ -54,10 +54,8 @@ Since version 2.0, netbox-scanner is based on modules.  This way, this program i | ||||
| 
 | ||||
| 
 | ||||
| ## Nmap Module | ||||
| Performing the scans is beyond netbox-scanner features, so you must run [Nmap](https://nmap.org/) and save the output as an XML file using the `-oX` parameter.  Since this file can grow really fast, you can scan each network and save it as a single XML file.  You just have to assure that all files are under the same directory before running the script --see `samples/nmap.sh` for an example. | ||||
| 
 | ||||
| To properly setup this module, you must inform the path to the directory where the XML files reside, define a tag to insert to discovered hosts, and decide if clean up will take place.  Tested on Nmap v7.80. | ||||
| 
 | ||||
| Performing the scans is incorporated now under netbox-scanner features, so you don't need to run [Nmap](https://nmap.org/) yourself.  | ||||
| In this version the scan doesn't need root privileges since it only checks for hosts up. | ||||
| 
 | ||||
| ## Prime Module | ||||
| This script accesses [Prime](https://www.cisco.com/c/en/us/products/cloud-systems-management/prime-infrastructure/index.html) through RESTful API and all routines are implemented here.  Users only have to point to Prime's API, which looks like `https://prime.domain/webacs/api/v4/`, inform valid credentials allowed to use the API, and fill the other variables, just like in Nmap. | ||||
|  | ||||
							
								
								
									
										278
									
								
								nbs/__init__.py
									
									
									
									
									
								
							
							
						
						
									
										278
									
								
								nbs/__init__.py
									
									
									
									
									
								
							| @ -1,6 +1,12 @@ | ||||
| import configparser | ||||
| import logging | ||||
| import pynetbox.models.dcim | ||||
| import requests | ||||
| import docker | ||||
| import ipaddress | ||||
| from collections import deque | ||||
| 
 | ||||
| import requests | ||||
| from pynetbox import api | ||||
| 
 | ||||
| 
 | ||||
| @ -48,7 +54,12 @@ class NetBoxScanner(object): | ||||
|             return False | ||||
| 
 | ||||
|         if nbhost: | ||||
|             if (self.tag in nbhost.tags): | ||||
|             tag_update = False | ||||
|             for tag in nbhost.tags: | ||||
|                 if (self.tag == tag.name): | ||||
|                     tag_update = True | ||||
|                     break | ||||
|             if tag_update: | ||||
|                 if (host[1] != nbhost.description): | ||||
|                     aux = nbhost.description | ||||
|                     nbhost.description = host[1] | ||||
| @ -60,7 +71,7 @@ class NetBoxScanner(object): | ||||
|                     logging.info(f'unchanged: {host[0]}/32 "{host[1]}"') | ||||
|                     self.stats['unchanged'] += 1 | ||||
|             else: | ||||
|                 logging.info(f'unchanged: {host[0]}/32 "{host[1]}"') | ||||
|                 logging.info(f'no-tag(unchanged): {host[0]}/32 "{host[1]}"') | ||||
|                 self.stats['unchanged'] += 1 | ||||
|         else: | ||||
|             self.netbox.ipam.ip_addresses.create( | ||||
| @ -108,3 +119,266 @@ class NetBoxScanner(object): | ||||
| 
 | ||||
|         return True | ||||
| 
 | ||||
|     def init_docker(self, dockerDef: configparser.SectionProxy): | ||||
|         ctype = dockerDef.get('cluster_type') | ||||
|         clusterType = self.netbox.virtualization.cluster_types.get(name=ctype) | ||||
|         if clusterType is None: | ||||
|             self.netbox.virtualization.cluster_types.create(name=ctype,slug=ctype) | ||||
| 
 | ||||
|     def sync_docker(self, dockerConf: dict[str, str], dockerDef: configparser.SectionProxy): | ||||
| 
 | ||||
|         try: | ||||
|             deviceName = dockerConf['device'] | ||||
|             devices = self.netbox.dcim.devices.filter(name=deviceName) | ||||
|             if len(devices) == 0: | ||||
|                 logging.error(f'No devices matched name {deviceName}') | ||||
|             device = next(devices) | ||||
|             site = device.site | ||||
|             clusterName = f'Docker {device['name']}' | ||||
|             cluster = self.netbox.virtualization.clusters.get(name=clusterName) | ||||
|             if cluster is None: | ||||
|                 logging.info(f'No Cluster exists for device {deviceName}, creating...') | ||||
|                 clusterType = self.netbox.virtualization.cluster_types.get(name=dockerDef.get('cluster_type')) | ||||
|                 clusterParams = { | ||||
|                     'name': clusterName, | ||||
|                     'type': clusterType['id'], | ||||
|                     'status': 'active' | ||||
|                 } | ||||
|                 if site is not None: | ||||
|                     clusterParams['site'] = site.id | ||||
|                 cluster = self.netbox.virtualization.clusters.create(**clusterParams) | ||||
|                 self.netbox.dcim.devices.update([ | ||||
|                     { | ||||
|                         'id': device.id, 'cluster': cluster.id | ||||
|                     } | ||||
|                 ]) | ||||
| 
 | ||||
|             client = docker.DockerClient(base_url=dockerConf['host']) | ||||
|             networks = client.networks.list() | ||||
|             containers = client.containers.list() | ||||
| 
 | ||||
|             networkData = {} | ||||
| 
 | ||||
|             for container in containers: | ||||
| 
 | ||||
|                 logging.info(f'Processing Container: {container.name}') | ||||
| 
 | ||||
|                 vmName = 'Docker Standalone' | ||||
|                 # is standalone or compose? | ||||
|                 composed = 'com.docker.compose.config-hash' in container.labels | ||||
|                 composeProject = None | ||||
|                 if composed: | ||||
|                     composeProject = container.labels['com.docker.compose.project'] | ||||
|                     vmName = f'Docker Compose {composeProject}' | ||||
|                 vm = self.netbox.virtualization.virtual_machines.get(name=vmName,cluster_id=cluster.id) | ||||
| 
 | ||||
|                 if vm is None: | ||||
|                     vm = self.netbox.virtualization.virtual_machines.create( | ||||
|                         name=vmName, | ||||
|                         status="active", | ||||
|                         cluster=cluster.id, | ||||
|                         device=device.id, | ||||
|                         site=site.id | ||||
|                     ) | ||||
|                     logging.info(f'Created missing VM for docker compose project {vmName} with ID {vm.id}') | ||||
|                     # if composeProject is None: | ||||
|                     #     # it's a bridge | ||||
|                     #     if 'bridge' not in networkData: | ||||
|                     #         net = self.docker_upsert_network(device, nw) | ||||
|                     #         networkData['bridge'] = net | ||||
| 
 | ||||
|                 containerNetworks = [] | ||||
|                 containerNetwork = None | ||||
|                 ips = [] | ||||
|                 hasExternalIp = False | ||||
|                 ns = container.attrs.get('NetworkSettings') | ||||
|                 if ns is not None: | ||||
|                     for networkName in ns['Networks']: | ||||
|                         if networkName not in networkData: | ||||
|                             for nw in networks: | ||||
|                                 if nw.name == networkName: | ||||
|                                     net = self.docker_upsert_network(device, nw) | ||||
|                                     networkData[networkName] = net | ||||
|                                     containerNetwork = net | ||||
|                                     break | ||||
|                         else: | ||||
|                             containerNetwork = networkData[networkName] | ||||
|                         containerNetworks.append({ 'netNetwork': containerNetwork, 'netContainer': ns['Networks'][networkName] }) | ||||
|                         if 'external' in containerNetwork: | ||||
|                             hasExternalIp = True | ||||
| 
 | ||||
|                         for nets in containerNetworks: | ||||
| 
 | ||||
|                             interfaceName = f'compose_{composeProject}' if composed and nets['netNetwork']['name'] != 'bridge' else 'bridge' | ||||
|                             intParams = { | ||||
|                                 'virtual_machine_id': vm.id, | ||||
|                                 'name': interfaceName | ||||
|                             } | ||||
|                             if nets['netNetwork']['vrf'] is not None: | ||||
|                                 intParams['vrf_id'] = nets['netNetwork']['vrf'].id | ||||
|                             interface = self.netbox.virtualization.interfaces.get(**intParams) | ||||
|                             if interface is None: | ||||
|                                 del intParams['virtual_machine_id'] | ||||
|                                 intParams['virtual_machine'] = vm.id | ||||
|                                 del intParams['vrf_id'] | ||||
|                                 if nets['netNetwork']['vrf'] is not None: | ||||
|                                     intParams['vrf'] = nets['netNetwork']['vrf'].id | ||||
|                                 interface = self.netbox.virtualization.interfaces.create(**intParams) | ||||
|                                 logging.info(f'Created missing Virtual Interface {interfaceName} for VM {vm.id}') | ||||
| 
 | ||||
|                             containerIp = nets['netContainer']['IPAddress'] | ||||
|                             if containerIp == '' and nets['netNetwork']['name'] == 'host': | ||||
|                                 if nets['netNetwork']['external'] is None: | ||||
|                                     logging.info(f'Cant process because on host network but no external ip determined!') | ||||
|                                     continue | ||||
|                                 containerIp = nets['netNetwork']['external'].split('/')[0] | ||||
|                             ipLookupParams = { | ||||
|                                 'address': f'{containerIp}/32', | ||||
|                                 #'vminterface_id': vm.id | ||||
|                             } | ||||
|                             if nets['netNetwork']['vrf'] is not None: | ||||
|                                 ipLookupParams['vrf_id'] = nets['netNetwork']['vrf'].id | ||||
|                                 ipLookupParams['vminterface_id'] = vm.id | ||||
|                             ip = self.netbox.ipam.ip_addresses.get(**ipLookupParams) | ||||
|                             if ip is None: | ||||
|                                 ipCreateParams = { | ||||
|                                     'address': f'{containerIp}/32', | ||||
|                                 } | ||||
|                                 if nets['netNetwork']['vrf'] is not None: | ||||
|                                     ipCreateParams['assigned_object_type'] = 'virtualization.vminterface' | ||||
|                                     ipCreateParams['assigned_object_id'] = vm.id | ||||
|                                     ipCreateParams['vrf'] = nets['netNetwork']['vrf'].id | ||||
|                                     # address=f'{containerIp}/32',vrf=nets['netNetwork']['vrf'].id,assigned_object_type='virtualization.vminterface',assigned_object_id=interface.id | ||||
|                                 ip = self.netbox.ipam.ip_addresses.create(**ipCreateParams) | ||||
|                                 logging.info(f'Created missing IP {containerIp} on {interfaceName} interface') | ||||
|                             ips.append(ip) | ||||
| 
 | ||||
|                 tcp = False | ||||
|                 ports = [] | ||||
|                 ipIds = [] | ||||
| 
 | ||||
|                 for containerPortDesc in container.ports: | ||||
|                     if 'tcp' in containerPortDesc: | ||||
|                         tcp = True | ||||
|                     portList = container.ports[containerPortDesc] | ||||
|                     if portList is not None: | ||||
|                         ports.append(portList[0]['HostPort']) | ||||
| 
 | ||||
|                 for ip in ips: | ||||
|                     ipIds.append(ip.id) | ||||
| 
 | ||||
|                 serviceName = container.name | ||||
|                 service = self.netbox.ipam.services.get(name=serviceName,virtual_machine_id=vm.id) | ||||
|                 if service is None: | ||||
|                     serviceDescription = None | ||||
|                     if 'org.opencontainers.image.title' in container.labels: | ||||
|                         serviceDescription = container.labels['org.opencontainers.image.title'] | ||||
|                     if 'org.opencontainers.image.description' in container.labels: | ||||
|                         if serviceDescription is not None: | ||||
|                             serviceDescription = f'{serviceDescription} - {container.labels['org.opencontainers.image.description']}' | ||||
|                         else: | ||||
|                             serviceDescription = container.labels['org.opencontainers.image.description'] | ||||
| 
 | ||||
|                     serviceParams = { | ||||
|                         'name': serviceName, | ||||
|                         'virtual_machine': vm.id, | ||||
|                         'ipaddresses': ipIds | ||||
|                     } | ||||
|                     if serviceDescription is not None: | ||||
|                         # https://stackoverflow.com/a/2872519/1469797 | ||||
|                         serviceParams['description'] = (serviceDescription[:50] + '..') if len(serviceDescription) > 50 else serviceDescription | ||||
|                     if len(ports) > 0: | ||||
|                         serviceParams['ports'] = ports | ||||
|                         serviceParams['protocol'] = 'tcp' if tcp else 'udp' | ||||
|                     else: | ||||
|                         serviceParams['ports'] = [1] | ||||
|                         serviceParams['protocol'] = 'tcp' | ||||
| 
 | ||||
|                     # if serviceDescription is not None: | ||||
|                     #     service = self.netbox.ipam.services.create(name=serviceName,virtual_machine=vm.id,description=serviceDescription,ipaddresses=ipIds,ports=ports,protocol='tcp' if tcp else 'udp') | ||||
|                     # else: | ||||
|                     #     service = self.netbox.ipam.services.create(name=serviceName,virtual_machine=vm.id,ipaddresses=ipIds,ports=ports,protocol='tcp' if tcp else 'udp') | ||||
|                     service = self.netbox.ipam.services.create(**serviceParams) | ||||
|                     logging.info(f'Created missing service {service} on VM {vm.id}') | ||||
|                 else: | ||||
| 
 | ||||
|                     serviceUpdateParams = { | ||||
|                         'ipaddresses': ipIds, | ||||
|                         'id': service.id | ||||
|                     } | ||||
|                     if len(ports) > 0: | ||||
|                         serviceUpdateParams['ports'] = ports | ||||
|                         serviceUpdateParams['protocol'] = 'tcp' if tcp else 'udp' | ||||
| 
 | ||||
|                     # update addresses and ports | ||||
|                     self.netbox.ipam.services.update([ | ||||
|                         serviceUpdateParams | ||||
|                     ]) | ||||
|                     logging.info(f'Update addresses and ports for service {service} on VM {vm.id}') | ||||
| 
 | ||||
|         except ValueError as e: | ||||
|             logging.error(e) | ||||
|             return False | ||||
| 
 | ||||
|     # def docker_upsert_vm(self, cluster, device: pynetbox.models.dcim.Devices): | ||||
| 
 | ||||
|     def docker_upsert_network(self,device: pynetbox.models.dcim.Devices, d_network: docker.client.NetworkCollection.model): | ||||
|         primaryIp = None | ||||
|         if device.primary_ip4 is not None: | ||||
|             primaryIp = device.primary_ip4.address | ||||
| 
 | ||||
|         networkName = d_network.name | ||||
|         driver = d_network.attrs.get('Driver') | ||||
|         if networkName == 'host' or networkName == 'none' or driver == 'host': | ||||
|             return { | ||||
|                 'name': networkName, | ||||
|                 'vrf': None, | ||||
|                 'range': None, | ||||
|                 'internal': primaryIp, | ||||
|                 'external': primaryIp | ||||
|             } | ||||
|         # deal with this later | ||||
|         if driver != 'bridge': | ||||
|             return { | ||||
|                 'name': networkName, | ||||
|                 'vrf': None, | ||||
|                 'range': None, | ||||
|                 'internal': None, | ||||
|                 'external': None | ||||
|             } | ||||
| 
 | ||||
|         vrf = self.netbox.ipam.vrfs.get(name=f'Docker on {device['name']}') | ||||
|         if vrf is None: | ||||
|             vrf = self.netbox.ipam.vrfs.create(name=f'Docker on {device['name']}', rd=f'docker-{device['name']}') | ||||
|             logging.info(f'Created missing VRF for docker on {device['name']} with ID {vrf.id}') | ||||
| 
 | ||||
|         range = self.netbox.ipam.ip_ranges.get(description=networkName,vrf_id=vrf.id) | ||||
|         if range is None: | ||||
|             subnet = d_network.attrs.get('IPAM')['Config'][0]['Subnet'] | ||||
|             subnet_range = self.get_subnet_range(subnet) | ||||
|             range = self.netbox.ipam.ip_ranges.create( | ||||
|                 description=networkName, | ||||
|                 vrf=vrf.id, | ||||
|                 start_address=f'{subnet_range[0].exploded}/32', | ||||
|                 end_address=f'{subnet_range[1].exploded}/32' | ||||
|             ) | ||||
|             logging.info(f'Created missing IP Range for docker network {networkName} {range.start_address} => {range.end_address} in VRF {vrf.id}') | ||||
| 
 | ||||
|         return { | ||||
|             'name': networkName, | ||||
|             'vrf': vrf, | ||||
|             'range': range, | ||||
|             'internal': None, | ||||
|             'external': primaryIp | ||||
|         } | ||||
|         # subnet = d_network.attrs.get('IPAM')['Config'][0]['Subnet'] | ||||
| 
 | ||||
|     def get_subnet_range(self, subnet): | ||||
|         ip_range = ipaddress.ip_network(subnet) | ||||
|         hosts = ip_range.hosts() | ||||
|         firstHost = next(ip_range.hosts()) | ||||
| 
 | ||||
|         # https://stackoverflow.com/a/48232574/1469797 | ||||
|         dd = deque(hosts, maxlen=1) | ||||
|         lastHost = dd.pop() | ||||
|         return [firstHost, lastHost] | ||||
							
								
								
									
										48
									
								
								nbs/nmap.py
									
									
									
									
									
								
							
							
						
						
									
										48
									
								
								nbs/nmap.py
									
									
									
									
									
								
							| @ -1,30 +1,32 @@ | ||||
| import os | ||||
| import xml.etree.ElementTree as ET | ||||
| 
 | ||||
| import nmap3 | ||||
| 
 | ||||
| class Nmap(object): | ||||
| 
 | ||||
|     def __init__(self, path, unknown): | ||||
|     def __init__(self, unknown, networks): | ||||
|         self.unknown = unknown | ||||
|         self.path = path | ||||
|         self.networks = networks | ||||
|         self.hosts = list() | ||||
|         self.scan_results = {} | ||||
| 
 | ||||
|     def scan(self): | ||||
|         nmap = nmap3.NmapHostDiscovery()  # instantiate nmap object | ||||
|         for item in self.networks: | ||||
|             temp_scan_result = nmap.nmap_no_portscan(item.replace('\n', ''), args="-R --system-dns") | ||||
|             self.scan_results = {**self.scan_results, **temp_scan_result} | ||||
|             self.scan_results.pop("stats") | ||||
|             self.scan_results.pop("runtime") | ||||
|         return self.scan_results | ||||
| 
 | ||||
|     def run(self): | ||||
|         for f in os.listdir(self.path): | ||||
|             if not f.endswith('.xml'): | ||||
|                 continue | ||||
|             abspath = os.path.join(self.path, f) | ||||
|             tree = ET.parse(abspath) | ||||
|             root = tree.getroot() | ||||
| 
 | ||||
|             for host in root.findall('host'): | ||||
|                 try: | ||||
|                     self.hosts.append(( | ||||
|                         host.find('address').attrib['addr'], | ||||
|                         host.find('hostnames').find('hostname').attrib['name'] | ||||
|                     )) | ||||
|                 except AttributeError: | ||||
|                     self.hosts.append(( | ||||
|                         host.find('address').attrib['addr'], | ||||
|                         self.unknown | ||||
|                     )) | ||||
|         self.scan() | ||||
|         for k,v in self.scan().items(): | ||||
|             try: | ||||
|                 self.hosts.append(( | ||||
|                     k, | ||||
|                     v['hostname'][0]['name'] | ||||
|                 )) | ||||
|             except (IndexError, KeyError): | ||||
|                 self.hosts.append(( | ||||
|                     k, | ||||
|                     self.unknown | ||||
|                 )) | ||||
|  | ||||
| @ -9,6 +9,7 @@ tls_verify = no | ||||
| 
 | ||||
| [NMAP] | ||||
| path     = ./ | ||||
| networks = networks.txt | ||||
| unknown  = autodiscovered:netbox-scanner | ||||
| tag      = nmap | ||||
| cleanup  = no | ||||
| @ -28,3 +29,13 @@ password   = | ||||
| unknown    = autodiscovered:netbox-scanner | ||||
| tag        = prime | ||||
| cleanup    = yes | ||||
| 
 | ||||
| [Docker:firstSource] | ||||
| host = unix:///var/run/docker.sock | ||||
| device=MyNetboxDevice | ||||
| 
 | ||||
| [Docker:secondSource] | ||||
| # using something like docker-socket-proxy | ||||
| # With NETWORK=1 CONTAINERS=1 POST=0 | ||||
| host = tcp://192.168.1.1:2375 | ||||
| device=MyOtherNetboxDevice | ||||
| @ -2,6 +2,8 @@ | ||||
| 
 | ||||
| import logging | ||||
| import sys | ||||
| import docker | ||||
| import ipaddress | ||||
| 
 | ||||
| from configparser import ConfigParser | ||||
| from argparse import ArgumentParser | ||||
| @ -24,22 +26,35 @@ if argument == 'prime': | ||||
| 
 | ||||
| local_config = expanduser('~/.netbox-scanner.conf') | ||||
| global_config = '/opt/netbox/netbox-scanner.conf' | ||||
| dir_config = './netbox-scanner.conf' | ||||
| config = ConfigParser() | ||||
| 
 | ||||
| if isfile(local_config): | ||||
|     config.read(local_config) | ||||
| elif isfile(global_config): | ||||
|     config.read(global_config) | ||||
| elif isfile(dir_config): | ||||
|     config.read(dir_config) | ||||
| else: | ||||
|     raise FileNotFoundError('Configuration file was not found.') | ||||
| 
 | ||||
| netbox = config['NETBOX'] | ||||
| tag = 'netbox-scanner' | ||||
| cleanup = False | ||||
| if argument == 'nmap': | ||||
|     nmap = config['NMAP'] | ||||
|     tag = nmap['tag'] | ||||
|     cleanup = nmap.getboolean('cleanup') | ||||
| if argument == 'netxms': | ||||
|     netxms = config['NETXMS'] | ||||
|     tag = netxms['tag'] | ||||
| if argument == 'prime': | ||||
|     prime = config['PRIME'] | ||||
|     tag = prime['tag'] | ||||
| # if argument == 'docker': | ||||
| #     dockerConf = config['Docker'] | ||||
| #     tag = dockerConf['tag'] | ||||
| #     cleanup = dockerConf.getboolean('cleanup') | ||||
| 
 | ||||
| parser = ArgumentParser(description='netbox-scanner') | ||||
| subparsers = parser.add_subparsers(title='Commands', dest='command') | ||||
| @ -50,6 +65,8 @@ if argument == 'netxms': | ||||
|     argsp = subparsers.add_parser('netxms', help='NetXMS module') | ||||
| if argument == 'prime': | ||||
|     argsp = subparsers.add_parser('prime', help='Cisco Prime module') | ||||
| if argument == 'docker': | ||||
|     argsp = subparsers.add_parser('docker', help='Docker module') | ||||
| args = parser.parse_args() | ||||
| 
 | ||||
| logfile = '{}/netbox-scanner-{}.log'.format( | ||||
| @ -66,9 +83,11 @@ logging.getLogger().addHandler(logging.StreamHandler()) | ||||
| # useful if you have tls_verify set to no | ||||
| disable_warnings(InsecureRequestWarning) | ||||
| 
 | ||||
| with open(nmap['networks'], 'r') as file: | ||||
|     networks = file.readlines() | ||||
| 
 | ||||
| def cmd_nmap(s):  # nmap handler | ||||
|     h = Nmap(nmap['path'], nmap['unknown']) | ||||
|     h = Nmap(nmap['unknown'], networks) | ||||
|     h.run() | ||||
|     s.sync(h.hosts) | ||||
| 
 | ||||
| @ -96,14 +115,30 @@ def cmd_prime(s):  # prime handler | ||||
|     h.run()  # set access_point=True to process APs | ||||
|     s.sync(h.hosts) | ||||
| 
 | ||||
| def cmd_docker(s): | ||||
| 
 | ||||
|     if not config.has_section('dockerdef'): | ||||
|         config.add_section('dockerdef') | ||||
|     dockerDef = config['dockerdef']; | ||||
|     dockerDef.setdefault('cluster_type', 'Docker') | ||||
|     dockerDef.setdefault('cluster_prefix', 'Docker') | ||||
|     dockerDef.setdefault('vrf_prefix', 'Docker') | ||||
|     scanner.init_docker(dockerDef) | ||||
| 
 | ||||
|     for s in config.sections(): | ||||
|         if not s.startswith('Docker:'): | ||||
|             continue | ||||
| 
 | ||||
|         dockerSection = dict(config.items(s)) | ||||
|         scanner.sync_docker(dockerSection, dockerDef) | ||||
| 
 | ||||
| if __name__ == '__main__': | ||||
|     scanner = NetBoxScanner( | ||||
|         netbox['address'], | ||||
|         netbox['token'], | ||||
|         netbox['tls_verify'], | ||||
|         nmap['tag'], | ||||
|         nmap.getboolean('cleanup') | ||||
|         tag, | ||||
|         cleanup | ||||
|     ) | ||||
| 
 | ||||
|     if args.command == 'nmap': | ||||
| @ -116,5 +151,7 @@ if __name__ == '__main__': | ||||
|         scanner.tag = prime['tag'] | ||||
|         scanner.cleanup = prime.getboolean('cleanup') | ||||
|         cmd_prime(scanner) | ||||
|     elif args.command == 'docker': | ||||
|         cmd_docker(scanner) | ||||
| 
 | ||||
|     exit(0) | ||||
|  | ||||
							
								
								
									
										5
									
								
								networks.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								networks.txt
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,5 @@ | ||||
| 192.168.2.0/24 | ||||
| 192.168.3.0/24 | ||||
| 192.168.4.0/24 | ||||
| 192.168.5.0/24 | ||||
| 192.168.15.0/24 | ||||
| @ -1,8 +1,10 @@ | ||||
| certifi==2020.4.5.1 | ||||
| certifi==2022.12.7 | ||||
| chardet==3.0.4 | ||||
| idna==2.9 | ||||
| pynetbox==4.3.1 | ||||
| requests | ||||
| six | ||||
| urllib3 | ||||
| setuptools | ||||
| idna==2.10 | ||||
| pynetbox==5.1.0 | ||||
| requests==2.25.0 | ||||
| six==1.15.0 | ||||
| urllib3==1.26.2 | ||||
| python3-nmap==1.4.9 | ||||
| setuptools | ||||
| docker | ||||
|  | ||||
| @ -1,16 +1,17 @@ | ||||
| import unittest | ||||
| from os import environ | ||||
| 
 | ||||
| from nbs.nmap import Nmap | ||||
| 
 | ||||
| 
 | ||||
| class TestRequest(unittest.TestCase): | ||||
|     def test_api(self): | ||||
|         path = environ.get('NMAP_PATH') | ||||
| 
 | ||||
|         nmap = Nmap(path, 'test') | ||||
|         nmap = Nmap("test", ["127.0.0.1/32"]) | ||||
|         self.assertIsInstance(nmap, Nmap) | ||||
|         nmap.run() | ||||
|         self.assertIsInstance(nmap.hosts, list) | ||||
|         self.assertEqual(nmap.hosts[0][0], "127.0.0.1") | ||||
|         self.assertEqual(nmap.hosts[0][1], "localhost") | ||||
| 
 | ||||
| 
 | ||||
| if __name__ == '__main__': | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user