1200字范文 > Python脚本自动化备份飞塔华为思科等设备配置文件。

Python脚本自动化备份飞塔华为思科等设备配置文件。

时间：2018-08-22 17:22:01

本脚本支持：fortinet，watchguard，cisco，F5，huawei，H3C，Juniper，SOPHOS，DELL等厂商。

使用python自动化备份fortinet配置脚本

hello每一个点进我博客的小伙伴，本人是一枚小小的网络安全工程师（初级），由于我司代理的产品主要是fortinet，cisco，uniper，huawei，h3c，sophos，watchguard等产品，又加上“甲方爸爸”奇葩的要求，在参考github上的项目，netmiko这个好用的函数，自动化脚本备份配置（需开启SSH），通过SSH去send command and full-configuration 保存以文本的形式，实现脚本备份配置，还可以扩展的使用函数，比如脚本的配置设备。

第一步：安装python环境

由于：本人使用的是macbook，所以此处的参考性可能不大。

在自己的电脑/服务器linux主机上安装python；

MAC系统预装了python2.7版本，对我们是不适用的，所以在官网下载python3.9版本安装,官网地址

由于伟大的长城firewall打开网页是可能需要梯子。

下载对应的版本。更新pip源

（1）阿里云 /pypi/simple/

（2）豆瓣/simple/

（3）清华大学 https://pypi.tuna./simple/

（4）中国科学技术大学 http://pypi.mirrors./simple/

（5）华中科技大学/pip install netmiko

已经提前安装过了，此处仅参考命令。

// pip安装netmikoWiliseXdeMacBook-Pro:~ apple$ pip3.9 install netmikoLooking in indexes: /pypi/simple/Requirement already satisfied: netmiko in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (3.3.3)Requirement already satisfied: scp>=0.13.2 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (0.13.3)Requirement already satisfied: setuptools>=38.4.0 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (49.2.1)Requirement already satisfied: ntc-templates in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (2.0.0)Requirement already satisfied: paramiko>=2.6.0 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (2.7.2)Requirement already satisfied: tenacity in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (7.0.0)Requirement already satisfied: pyserial in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from netmiko) (3.5)Requirement already satisfied: cryptography>=2.5 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from paramiko>=2.6.0->netmiko) (3.4.7)Requirement already satisfied: pynacl>=1.0.1 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from paramiko>=2.6.0->netmiko) (1.4.0)Requirement already satisfied: bcrypt>=3.1.3 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from paramiko>=2.6.0->netmiko) (3.2.0)Requirement already satisfied: cffi>=1.1 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from bcrypt>=3.1.3->paramiko>=2.6.0->netmiko) (1.14.5)Requirement already satisfied: six>=1.4.1 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from bcrypt>=3.1.3->paramiko>=2.6.0->netmiko) (1.15.0)Requirement already satisfied: pycparser in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from cffi>=1.1->bcrypt>=3.1.3->paramiko>=2.6.0->netmiko) (2.20)Requirement already satisfied: textfsm<2.0.0,>=1.1.0 in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from ntc-templates->netmiko) (1.1.0)Requirement already satisfied: future in /Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages (from textfsm<2.0.0,>=1.1.0->ntc-templates->netmiko) (0.18.2)WiliseXdeMacBook-Pro:~ apple$

环境安装完毕，话不多说贴代码

如下每一个对象里面的定义已经注释好了。

from netmiko import ConnectHandlerimport datetimefortigate = {'device_type': 'fortinet',#要设备的厂商，支持cisco,fortinet,watchguard,sophos,Juniper,huawei,f5,Dell,H3C.'host': '10.254.254.254',#设备的登录地址'username': 'backup',#username'password': '********',#password}net_connect = ConnectHandler(**fortigate)#执行登录output = net_connect.send_command('show full-configuration')#键入命令赋值给outputcurrent_time = datetime.datetime.today().strftime('%Y_%b_%d')#记录实时备份时间赋值给current_timewith open('/Users/apple/Desktop/backup/' + str(fortigate['host']) + '_' + str(current_time) + '.cfg', 'w') as f:for line in output:f.write(line) #标准的格式保存在制定的目录下

设备脚本配置示例

如下事例中展示了针对fortinet防火墙的，修改hostname与配置接口的脚本格式。

from netmiko import ConnectHandlerfortigate = {'device_type': 'fortinet','host': '10.254.254.254','username': 'WiliseX','password': '*********',}net_connect = ConnectHandler(**fortigate)config_commands = [ 'config system global','set hostname "ShanghaiTK"','end' ]output = net_connect.send_config_set(config_commands)print(output)config_commands = [ 'config system interface','edit "wan2"','set mode static''set ip 122.122.122.122 255.255.255.0''set allowaccess ping https ssh''end' ]output = net_connect.send_config_set(config_commands)print(output)