By:
On:
In: automation, Scripting
With: 0 Comments

The following version adds a „-c“ option: „Connected IP-Address“-Check. the script exits, when the Router-VM is up and running and has an usable IP-Address The Script still checks all CDP-Packets received at the specified Interface: If the Sender has the correct „Hostname“ it reads the CDP-Management-IP-Address announced. This IP-Address has to be within the IP-Range of any connected IP-Network at the specified Interface. So it’ll be possible to establish a SSH-Session to the router-VM.Read More →

By:
On:
In: Scripting, Windows
With: 0 Comments

You got the task to generate a list of IP-Networks connected to LAN „VirtualBox Host-Only Network“. There might be more than one IP-Network. Use Scapy to crawl through all Interfaces and get the human-readable interface name [only required for windows users]. Use NetIfaces to get a list of IP-Addresses connected to this interface. Use IPAddress to calculate the IP-Network(s) directly connected. In my case, only one subnet is directly connected: 192.168.56.0/24Read More →

By:
On:
In: Scripting, Windows
With: 0 Comments

I expected a nobrainer: The suggested URL to download the missing software is wrong (HTTP 404). Go to the Microsoft-Repository Tools for Visual Studio 2017 or use the direct link to vs_buildtools.exe …it’s about 1.2MB run „vs_buildtools.exe“ …it downloads ~ 70 MB Select „Workloads => Windows => [x] Visual C++ Build Tools“ => [Install] …it downloads 1.12 GB …and installs and … unlucky… reboot required Now netifaces can get installed:Read More →

By:
On:
In: automation, Scripting, Windows
With: 0 Comments

After provisioning a new Cisco CSR1000V-Router this script waits until the router is fully deployed got it’s Management-IP-Address assigned via DHCP. and returns this Management IP-Address. Prepare First, install „netaddr“-package. needed to check, if the management-IP of the CDP-Neighbor is in the correct IP-Subnet the „wait-for-CDP“-Script Obviously far to much hard-coded stuff, just as an example 😉 waiting for a CDP-Neighbor to appear with the following properties: hostname „CSR-A“ an IP-Address within the network „192.168.56.0 /24“ at the interface VirtualBox Host-Only-Network Provision a new CSR1000V Router named „CSR-A“ Run the „wait-for-CDP-Neighbor“-Script In a second CMD-Box, and… Be patient, of course. Or store the returned IP-AddressRead More →

By:
On:
In: Scripting
With: 0 Comments

Watch and decode Cisco Discovery Protocol Packetes. CDP Monitor-Script Inspired by the Scapy ARP-Monitor i created an CDP-Monitor displaying hostname and an optional Management-IP-Address. Real-Life Example Run this script: Open another CMD-Window to spin up a new CSR1000V-Router: Go back to the „python“-Screen and wait: It works, the IOS-XE CSR1000V-Router is installed and it got it’s baseline-config applied: Hostname Interface set to „ip address dhcp“ CDP enabled takes some time, but these first CDP-Packets captured were not sent in 60s interval, so don’t be scared 😉Read More →

By:
On:
In: Scripting
With: 0 Comments

It’s hard to believe, how easy it is to capture (and to craft) LAN-Data using Python Scapy. I need to capture CDP-Packets and to extract information like the hostname of the sender and it’s IP-Address. As an modification of the „ARP-Monitor“-example taken from the manual Using scapy in your tools. Scapy Installation nothing special: pip install Python: Install Scapy Example: List all Interfaces of my Laptop Capture 10 Packets on a specific interface Capture CDP-Packets Decode CDP (with inactive dissector) Activate the CDP-Parser Capture again and display CDP-Information as cleartext Decode CDP-Hostname Decode CDP-Management-IP-AddressRead More →

By:
On:
In: automation, AWS, Cloud
With: 0 Comments

Today i wanted to stop using hard-coded S3-Credentials in my scripts running on EC2-Instances. Create an IAM-Role Services IAM Roles [Create Role] Select type of trusted entity AWS-Service EC2 [Next: Permissions] Attach permissions policies AmazonS3ReadOnlyAccess Review Role name: READ_S3 Attach Role to EC2-Instance Services EC2 Instances Instance Settings attach IAM-Role READ_S3 Prepare Linux Setup Within the EC2-Instance to which the IAM-Role has been attached. Check Access to „meta-data“ => „IAM“ => „Security-Credentials“ The Script has to know the name of the role to use. Fetch the IAM-Role-Credentials using python.requests() Attention: recreated the Role in the meantime, so the credentials have been modified. Use the credentialsRead More →

By:
On:
In: automation, linux
With: 0 Comments

The CSR1000V-Router has already been prepared (Create a CSR1000V-Instance with nested Virtualiation support) and in (Part 4: Package the Service-VM into an OVA) we copied the OVA-Image of our „ubuntu-server“-VM to this Router. Add the internal Network-Interface between Router and Service-VM Install the Service-VM Activate the installed Service-VM Access the VM using the (virtual) Serial-Console Logout: 3x [CTRL]+ Access the VM using SSH via the internal Network Check the local python/NAPALM-Setup to get facts about the containing routerRead More →

By:
On:
In: automation
With: 0 Comments

Yesterday I attended a short presentation held by David Barroso introducing the NAPALM-„Validation“-Module. Configuring the Network fully automated is just half the way to go. Checking the Network-State the other half. Python-Script Had to try it out the easy-way using just python (without ansible) first: Static YAML-File Validating against the following static „validate.yaml“-File: leads to the following result Whats wrong with the Router? „nested = True“ means – the issue is downward in the datastructure. In the example, the first Object with „nested = False“ is „prefix_length“ The Prefix-Length („Subnet-Mask“) is wrong: wanted: /25-Bit configured: /24-Bit. Validate the output of commands which use additional parametersRead More →