1、查看防火墙设备的基本信息:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display version")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()
2、查看防火墙设备的CPU利用率:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display cpu-usage")
cpu_info = stdout.readlines()
for line in cpu_info:
print(line.strip())
client.close()
3、查看防火墙设备的内存使用情况:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display memory-usage")
memory_info = stdout.readlines()
for line in memory_info:
print(line.strip())
client.close()
4、查看防火墙设备的接口状态:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display interface")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()
5、查看防火墙设备的防火墙策略:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display firewall policy")
policy_info = stdout.readlines()
for line in policy_info:
print(line.strip())
client.close()
6、查看防火墙设备的NAT策略:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display nat")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()
7、查看防火墙设备的ACL(访问控制列表):
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display acl all")
acl_info = stdout.readlines()
for line in acl_info:
print(line.strip())
client.close()
8、查看防火墙设备的路由表:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display ip routing-table")
routing_info = stdout.readlines()
for line in routing_info:
print(line.strip())
client.close()
9、查看防火墙设备的系统日志:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display logbuffer")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()
10、修改防火墙设备的登录密码:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
new_password = "new_password"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("system-view")
stdin.write("user-interface vty 0 4\n")
stdin.write("set authentication password cipher " + new_password + "\n")
stdin.write("return\n")
result = stdout.read().decode()
print(result)
client.close()
11、配置防火墙设备的接口IP地址:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface_name = "GigabitEthernet0/0/1"
ip_address = "192.168.2.1"
subnet_mask = "255.255.255.0"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("system-view")
stdin.write("interface " + interface_name + "\n")
stdin.write("ip address " + ip_address + " " + subnet_mask + "\n")
stdin.write("quit\n")
result = stdout.read().decode()
print(result)
client.close()
12、配置防火墙设备的静态路由:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
destination_network = "192.168.3.0"
subnet_mask = "255.255.255.0"
next_hop = "192.168.2.2"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("system-view")
stdin.write("ip route-static " + destination_network + " " + subnet_mask + " " + next_hop + "\n")
stdin.write("quit\n")
result = stdout.read().decode()
print(result)
client.close()
13、配置防火墙设备的SNMP:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
snmp_community = "public"
snmp_location = "HQ"
snmp_contact = "admin@example.com"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("system-view")
stdin.write("snmp-agent community read " + snmp_community + "\n")
stdin.write("snmp-agent sys-info location " + snmp_location + "\n")
stdin.write("snmp-agent sys-info contact " + snmp_contact + "\n")
stdin.write("quit\n")
result = stdout.read().decode()
print(result)
client.close()
14、查看防火墙设备的用户列表:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display user-interface")
user_info = stdout.readlines()
for line in user_info:
print(line.strip())
client.close()
15、查看防火墙设备的系统信息:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display version")
version_info = stdout.readlines()
for line in version_info:
print(line.strip())
client.close()
16、查看防火墙设备的硬件信息:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display device")
device_info = stdout.readlines()
for line in device_info:
print(line.strip())
client.close()
17、查看防火墙设备的连接数:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display firewall session table")
session_info = stdout.readlines()
for line in session_info:
print(line.strip())
client.close()
18、查看防火墙设备的硬盘利用率:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display disk-usage")
disk_info = stdout.readlines()
for line in disk_info:
print(line.strip())
client.close()
19、查看防火墙设备的系统日志:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display logbuffer")
log_info = stdout.readlines()
for line in log_info:
print(line.strip())
client.close()
20、查看防火墙设备的接口状态:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display interface")
interface_info = stdout.readlines()
for line in interface_info:
print(line.strip())
client.close()
21、查看防火墙设备的ARP缓存表:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display arp")
arp_info = stdout.readlines()
for line in arp_info:
print(line.strip())
client.close()
22、查看防火墙设备的NAT表:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display nat session table")
nat_info = stdout.readlines()
for line in nat_info:
print(line.strip())
client.close()
23、查看防火墙设备的VPN连接:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
stdin, stdout, stderr = client.exec_command("display ipsec policy all")
vpn_info = stdout.readlines()
for line in vpn_info:
print(line.strip())
client.close()
24、配置防火墙设备的管理员密码:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
old_password = "admin"
new_password = "new_admin_password"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=old_password)
stdin, stdout, stderr = client.exec_command(f"user-interface vty 0 4\nset authentication password cipher {new_password}")
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
25、配置防火墙设备的SNMP配置:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
snmp_community = "public"
snmp_location = "Office"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"snmp-agent\n",
f"snmp-agent community read {snmp_community}\n",
f"snmp-agent sys-info location {snmp_location}\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
26、配置防火墙设备的端口镜像:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
source_port = "GigabitEthernet0/0/1"
mirror_port = "GigabitEthernet0/0/2"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f"observe-port interface {source_port} mirror to interface {mirror_port}"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
27、配置防火墙设备的IP地址:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface = "GigabitEthernet0/0/1"
ip_address = "192.168.1.2"
netmask = "255.255.255.0"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f"interface {interface}\nip address {ip_address} {netmask}\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
28、查看防火墙设备的CPU和内存使用情况:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
"display cpu-usage\n",
"display memory-usage\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
29、配置防火墙设备的VLAN:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
vlan_id = "10"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"vlan {vlan_id}\n",
"description Test VLAN\n",
"quit\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
30、查看防火墙设备的接口状态:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "display interface brief\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
31、配置防火墙设备的SNAT规则:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
source_zone = "zone1"
destination_zone = "zone2"
source_address = "192.168.1.0"
destination_address = "192.168.2.0"
translated_address = "192.168.3.0"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f"nat outbound source {source_zone} destination {destination_zone} source-nat ip-address {translated_address} address-group {source_address} {destination_address}\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
32、查看防火墙设备的路由表:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "display ip routing-table\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
33、查看防火墙设备的系统日志:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "display logbuffer\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
34、配置防火墙设备的DHCP服务:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface = "GigabitEthernet0/0/1"
dhcp_pool_name = "test_pool"
network_address = "192.168.1.0"
subnet_mask = "255.255.255.0"
gateway_address = "192.168.1.1"
dns_server = "8.8.8.8"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"interface {interface}\n",
"ip address 192.168.1.1 24\n",
"dhcp enable\n",
f"dhcp server {dhcp_pool_name}\n",
f"network {network_address} mask {subnet_mask}\n",
f"gateway-list {gateway_address}\n",
f"dns-list {dns_server}\n",
"quit\n",
"quit\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
35、配置防火墙设备的NAT规则:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface = "GigabitEthernet0/0/1"
source_zone = "zone1"
destination_zone = "zone2"
source_address = "192.168.1.0"
destination_address = "192.168.2.0"
translated_address = "192.168.3.0"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"interface {interface}\n",
"nat enable\n",
"nat policy 1\n",
f"source-zone {source_zone}\n",
f"destination-zone {destination_zone}\n",
f"source-address {source_address}\n",
f"destination-address {destination_address}\n",
"translated-address {}\n".format(translated_address),
"quit\n",
"quit\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
36、配置防火墙设备的端口镜像:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
source_interface = "GigabitEthernet0/0/1"
destination_interface = "GigabitEthernet0/0/2"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"interface {source_interface}\n",
f"port-mirroring to interface {destination_interface} both\n",
"quit\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
37、配置防火墙设备的SNMP访问:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
snmp_community = "public"
snmp_acl_name = "test_acl"
snmp_host = "192.168.1.2"
snmp_version = "v2c"
snmp_trap_level = "informational"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
commands = [
f"snmp-agent community read {snmp_community} acl {snmp_acl_name}\n",
"quit\n",
f"snmp-agent target-host trap address udp-domain {snmp_host} params securityname {snmp_community} version {snmp_version}\n",
f"snmp-agent trap enable level {snmp_trap_level}\n",
"quit\n",
"quit\n"
]
for command in commands:
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile
Copy code
38、查询防火墙设备的当前连接数:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "display firewall session table summary\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if "Total session" in line:
print(line.strip())
client.close()
39、查询防火墙设备的当前接口流量:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface = "GigabitEthernet0/0/1"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f"display interface {interface} brief\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if interface in line:
line_list = line.split()
print(f"Input: {line_list[4]}, Output: {line_list[5]}")
client.close()
40、查询防火墙设备的日志:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "display firewall logbuffer\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
41、配置防火墙设备的时间:
import paramiko
import time
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
ntp_server = "192.168.0.1"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "system-view\n"
client.exec_command(command)
command = f"ntp-service server ip-address {ntp_server}\n"
client.exec_command(command)
command = "clock datetime 2022-04-01 12:00:00\n"
client.exec_command(command)
time.sleep(5)
command = "display clock\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
print(line.strip())
client.close()
makefile
42、配置防火墙设备的SSH访问:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
ssh_user = "testuser"
ssh_password = "testpassword"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = "system-view\n"
client.exec_command(command)
command = f"user-interface vty 0 4\n"
client.exec_command(command)
command = f"authentication-mode aaa\n"
client.exec_command(command)
command = f"user-interface vty 0 4\n"
client.exec_command(command)
command = f"protocol inbound ssh\n"
client.exec_command(command)
command = f"acl number 2000\n"
client.exec_command(command)
command = f"rule 5 permit source any\n"
client.exec_command(command)
command = f"rule 10 deny\n"
client.exec_command(command)
command = f"user-interface vty 0 4\n"
client.exec_command(command)
command = f"user {ssh_user}\n"
client.exec_command(command)
command = f"password simple {ssh_password}\n"
client.exec_command(command)
client.close()
43、查询防火墙设备的接口信息:
import paramiko
host = "192.168.1.1"
port = 22
username = "admin"
password = "admin"
interface = "GigabitEthernet0/0/1"
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname=host, port=port, username=username, password=password)
command = f"display interface {interface}\n"
stdin, stdout, stderr = client.exec_command(command)
result = stdout.readlines()
for line in result:
if "Description" in line:
print(line.strip())
if "Internet address is" in line:
ip_addr = line.split()[3]
print(f"IP address: {ip_addr}")
client.close()
44、获取当前配置文件的MD5值
import paramiko
# SSH连接参数
hostname = '192.168.1.1'
port = 22
username = 'admin'
password = 'admin'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 获取当前配置文件的MD5值
stdin, stdout, stderr = client.exec_command('system-view ;display current-configuration | md5')
md5 = stdout.read().decode('utf-8').split()[0]
print(md5)
client.close()
45、执行防火墙的设备诊断命令并保存输出结果
import paramiko
# SSH连接参数
hostname = '192.168.1.1'
port = 22
username = 'admin'
password = 'admin'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 执行防火墙的设备诊断命令并保存输出结果
cmd = 'display firewall session table verbose'
stdin, stdout, stderr = client.exec_command(cmd)
with open('firewall_session_table_verbose.txt', 'w') as f:
f.write(stdout.read().decode('utf-8'))
client.close()
46、查看防火墙当前活动连接数
import paramiko
# SSH连接参数
hostname = '192.168.1.1'
port = 22
username = 'admin'
password = 'admin'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙当前活动连接数
stdin, stdout, stderr = client.exec_command('display firewall statistics session')
for line in stdout:
if 'Current session number' in line:
print(line.strip())
client.close()
47、查看防火墙规则信息
import paramiko
# SSH连接参数
hostname = '192.168.1.1'
port = 22
username = 'admin'
password = 'admin'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 查看防火墙规则信息
stdin, stdout, stderr = client.exec_command('display firewall rule')
for line in stdout:
if 'rule' in line:
print(line.strip())
client.close()
48、在防火墙上添加新的安全组规则
import paramiko
# SSH连接参数
hostname = '192.168.1.1'
port = 22
username = 'admin'
password = 'admin'
# 连接SSH
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(hostname, port, username, password)
# 在防火墙上添加新的安全组规则
cmd = 'firewall name TEST rule 10 source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 service http permit'
stdin, stdout, stderr = client.exec_command(cmd)
client.close()