备注:简单的配置生成并不难,该配置生产案例中有特殊的一个需求就是某行配置可能会根据你的输入参数增多相应要多增加相应行配置,从而真正做到自动化生成;
1、存放相关文件
2、demo:
import re
import time
def read():
with open('/home/zhangli/template/base_info2.txt', 'r') as f:
info = f.read().split('\n')
for i in info:
m=re.split(r"[, \r]",i)
if m[0] == 'name' or m[0]=='':
pass
else:
yield m
def bank_to_idc(data,viriable):
f=open('/home/zhangli/template/bank_to_idc.txt','r').read()
file_read=f.split('\n')
config=''
add=''
data[4]=data[4].replace('/32',' ')
for i in file_read:
cc=0
j=i.split('@')
for k in viriable:
for kk in range(len(j)):
if j[kk] == k and k!='end_ip':
m=viriable.index(k)
j[kk]=data[m]
elif j[kk] == k and k=='end_ip':
m=viriable.index(k)
bank_ip=data[m].split('&&')
for h in bank_ip:
j[kk]=h.replace('/',' ')
config=config+''.join(j)+'\n'
cc=1
if cc == 1:
continue
else:
config=config+''.join(j)+'\n'
print(config)
def idc_to_bank(data,viriable):
f=open('/home/zhangli/template/idc_to_bank.txt','r').read()
file_read=f.split('\n')
config=''
add=''
data[8]=data[8].replace('/32',' ')
for i in file_read:
cc=0
j=i.split('@')
for k in viriable:
for kk in range(len(j)):
if j[kk] == k and k!='rs_ip':
m=viriable.index(k)
j[kk]=data[m]
elif k == 'rs_ip' and j[kk] == k:
m=viriable.index(k)
idc_ip=data[m].split('&&')
for h in idc_ip:
j[kk]=h.replace('/',' ')
config=config+''.join(j)+'\n'
cc=1
if cc == 1:
continue
else:
config=config+''.join(j)+'\n'
print(config)
def main():
cred_info = []
try:
for i in read():
cred_info.append(i)
print(cred_info)
except IndexError:
print('Check the format of base_info.txt in the current directory for Spaces or formatting errors.')
viriable=['name','id','applicant','direction','rs_ip','port','internal_nat_ip','external_nat_ip','end_ip']
for j in cred_info:
direction=j[3]
if direction == 'in':
bank_to_idc(j,viriable)
elif direction == 'out':
idc_to_bank(j,viriable)
main()
3、实现效果:(按照自定义的模板生成批量配置)
自定义的模板:
bank_to_idc:
system-view
#
nat server @name@_@direction@_@id@ zone untrust global @external_nat_ip@ inside @rs_ip@ no-reverse unr-route
#
nat address-group @internal_nat_ip@
mode pat
section 0 @internal_nat_ip@ @internal_nat_ip@
quit
#
nat-policy
#
rule name @name@_@direction@_@id@
description @applicant@
source-zone untrust
destination-zone trust
source-address @end_ip@
destination-address @rs_ip@ mask 255.255.255.255
service protocol tcp destination-port @port@
service icmp
action source-nat address-group @internal_nat_ip@
quit
quit
#
idc-to-bank:
system-view
#
nat server @name@_@direction@_@id@ zone trust global @internal_nat_ip@ inside @end_ip@ no-reverse unr-route
#
nat address-group @external_nat_ip@
mode pat
section 0 @external_nat_ip@ @external_nat_ip@
quit
#
nat-policy
#
rule name @name@_@direction@_@id@
description @applicant@
source-zone trust
destination-zone untrust
source-address @rs_ip@
destination-address @end_ip@ mask 255.255.255.255
service protocol tcp destination-port @port@
service icmp
action source-nat address-group @external_nat_ip@
quit
quit
实现效果: