-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathvmac.py
More file actions
116 lines (94 loc) · 4.33 KB
/
vmac.py
File metadata and controls
116 lines (94 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!/usr/bin/env python
"""Script to calculate the Virtual MAC that will be used by the MAC Masquerade
feature."""
import argparse
import getpass
import requests
import urllib3
from avi.sdk.avi_api import ApiSession
from tabulate import tabulate
from hashlib import md5
# Disable certificate warnings
if hasattr(requests.packages.urllib3, 'disable_warnings'):
requests.packages.urllib3.disable_warnings()
if hasattr(urllib3, 'disable_warnings'):
urllib3.disable_warnings()
def get_vmac(seg_uuid, floating_ip):
segrp_fip_str = seg_uuid + floating_ip
vmac_id = md5(segrp_fip_str.encode('utf-8')).hexdigest()
vmac = '0e:' + ':'.join([f'{(int(vmac_id[i:i+2], base=16) ^ 255):02x}'
for i in range(0, 10, 2)])
return vmac
if __name__ == '__main__':
parser = argparse.ArgumentParser(
formatter_class=argparse.RawDescriptionHelpFormatter)
parser.add_argument('-c', '--controller',
help='FQDN or IP address of Avi Controller')
parser.add_argument('-u', '--user', help='Avi API Username',
default='admin')
parser.add_argument('-p', '--password', help='Avi API Password')
parser.add_argument('-t', '--tenant', help='Tenant',
default='admin')
parser.add_argument('-x', '--apiversion', help='Avi API version')
parser.add_argument('-n', '--networkservice', help='Network Service')
args = parser.parse_args()
if args:
# If not specified on the command-line, prompt the user for the
# controller IP address and/or password
controller = args.controller
user = args.user
password = args.password
tenant = args.tenant
api_version = args.apiversion
network_service = args.networkservice
while not controller:
controller = input('Controller:')
while not password:
password = getpass.getpass(f'Password for {user}@{controller}:')
if not api_version:
# Discover Controller's version if no API version specified
api = ApiSession.get_session(controller, user, password)
api_version = api.remote_api_version['Version']
api.delete_session()
print(f'Discovered Controller version {api_version}.')
api = ApiSession.get_session(controller, user, password,
api_version=api_version)
if network_service:
obj = api.get_object_by_name('networkservice', network_service,
params={'include_name': True},
tenant=tenant)
network_services = [obj] if obj else []
else:
network_services = list(
api.get_objects_iter('networkservice',
params={'include_name': True},
tenant=tenant))
if network_services:
ns_table = []
for ns in network_services:
ns_name = ns['name']
se_group_ref = ns['se_group_ref'].split(
'/api/serviceenginegroup/')[1].split('#')
se_group_uuid = se_group_ref[0]
se_group_name = se_group_ref[1]
vrf_name = ns['vrf_ref'].split('#')[1]
cloud_name = ns['cloud_ref'].split('#')[1]
rs = ns.get('routing_service', {})
vmac_enabled = rs['enable_vmac']
floating_intf_ips = rs.get('floating_intf_ip', [])
floating_intf_ips.extend(rs.get('floating_intf_ip_se_2', []))
for fip in floating_intf_ips:
fip_addr = fip['addr']
vmac = get_vmac(se_group_uuid, fip_addr)
ns_table.append([ns_name, cloud_name, vrf_name,
se_group_name, fip_addr, vmac,
vmac_enabled])
print(tabulate(ns_table, headers=['Network Service', 'Cloud',
'VRF', 'SE Group',
'Floating IP', 'VMAC',
'VMAC Enabled'],
tablefmt='outline'))
else:
print('No network services found.')
else:
parser.print_help()