简介
在日常工作中总会因为开通网络访问关系而困扰,由于缺乏有效的文档记录,从而出现网络开通策略的不完全,导致部分业务、部分功能不可用。为避免此现象再次发生,现使用python编写采集脚本,将网络访问关系定期采集的CMDB中,形成响应知识,从而为用户提供技术支撑,并有助于推动标准化。
结果展示
[root@test-ys ~]# python3 /root/ys/cmdb_collect/collect_net_link_relation.py
yyljgx:
- app_role: client
dip: 39.156.66.14
dport: 80
name: test-ys
net_type: TIME_WAIT
sip: 192.168.40.190
sport: '-'
- app_role: server
dip: 192.168.40.253
dport: '-'
name: test-ys
net_type: ESTABLISHED
sip: 192.168.40.190
sport: 22
- app_role: server
dip: 192.168.40.253
dport: '-'
name: test-ys
net_type: ESTABLISHED
sip: 192.168.40.190
sport: 22
代码部分
# -*- coding:utf-8 -*-
import socket
import re
import subprocess
import yaml
class net_link_relation(object):
def __init__(self):
self.name = socket.gethostname()
self.net_link_dic = {"yyljgx": []}
self.listen_port_lst = []
self.net_link_lst = []
def format_lst(self,t_str):
lst = []
lst.append(t_str)
lst = lst[0].split('\n')
try:
lst = [int(i) for i in lst if i]
except ValueError:
lst = [i for i in lst if i]
lst = list(set(lst))
return lst
def cmd_run(self,cmd):
r = subprocess.run(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE,shell=True,text=True)
return r.stdout,r.stderr
def get_listen_port_v4(self):
cmd = "netstat -anpl | grep -v grep | grep LISTEN | grep -w tcp | awk '{print $4}' | awk -F ':' '{print $2}'"
r_out,r_err = self.cmd_run(cmd)
lst = self.format_lst(r_out)
return lst
def get_listen_port_v6(self):
cmd = "netstat -anpl | grep -v grep | grep LISTEN | grep -w tcp6 | awk -F ':' '{print $4}'"
r_out,r_err = self.cmd_run(cmd)
lst = self.format_lst(r_out)
return lst
def get_listen_port(self):
v4_lst = self.get_listen_port_v4()
v6_lst = self.get_listen_port_v6()
lst = v4_lst + v6_lst
self.listen_port_lst = list(set(lst))
def get_net_link(self):
cmd = "netstat -anpl | grep tcp | egrep -v 'LISTEN|grep|::1:' | awk '{print $4,$5,$6}'"
r_out,r_err = self.cmd_run(cmd)
self.net_link_lst = self.format_lst(r_out)
def re_pattern(self,t_str):
pattern = r"(\d+.\d+.\d+.\d+):(\d+) (\d+.\d+.\d+.\d+):(\d+) (\w+)"
t = re.search(pattern,t_str)
return t.group(1),int(t.group(2)),t.group(3),int(t.group(4)),t.group(5)
def get_net_link_dic(self):
for i in self.net_link_lst:
sip,sport,dip,dport,net_type = self.re_pattern(i)
if sport in self.listen_port_lst:
app_role = "server"
dport = "-"
else:
app_role = "client"
sport = "-"
t_dic = {"name":self.name,"app_role":app_role,"sip":sip,"sport":sport,"dip":dip,"dport":dport,"net_type":net_type}
self.net_link_dic["yyljgx"].append(t_dic)
print(yaml.dump(self.net_link_dic,default_flow_style=False))
def main():
net_link = net_link_relation()
net_link.get_listen_port()
net_link.get_net_link()
net_link.get_net_link_dic()
if __name__ == "__main__":
main()