怕麻烦
2016-04-11 10:34
519 查看
前几天公司有个监控系统要配策略文件,人工配!!!!!!!
通过端口来生成文件,麻烦啊
自己在大四最后弄完毕设后,看了下python,果断用python做!!!话说最然是做成功了(可以通过python来生成指定策略的对应文件)但是因为老大的分析是错的(对于其他策略不能通用。。),所以生成的也是错误的分析结果,我靠
这件事算是过去了
防火墙策略分析
尼玛,又是手工配,累死,累死,累死
看python大显神通
View Code
说实话,自己还没写过这么长的python,以前都是啥端口扫描什么的窘,这次写得也不算好,像很多方法可以写成函数.....没去管了,关键是脸上又长痘了,又长痘了,不要喝咖啡,不要熬夜,不要晚睡,要爱干净,干净,干净!!!!!!
通过端口来生成文件,麻烦啊
自己在大四最后弄完毕设后,看了下python,果断用python做!!!话说最然是做成功了(可以通过python来生成指定策略的对应文件)但是因为老大的分析是错的(对于其他策略不能通用。。),所以生成的也是错误的分析结果,我靠
这件事算是过去了
防火墙策略分析
尼玛,又是手工配,累死,累死,累死
看python大显神通
#!/usr/bin/env python #coding=utf-8 import re from xlwt import *; print 'Begin:)'; file=open("test.txt",'r'); servport=[{'name':'AOL','tcp':'5190-5194','udp':''},{'name':'APPLE-ICHAT-SNATMAP','tcp':'','udp':'5678'},{'name':'BGP','tcp':'179'},{'name':'CHARGEN','tcp':'19','udp':'19'},{'name':'DHCP-Relay','tcp':'67','udp':'68'},{'name':'DISCARD','udp':'9','tcp':'9'},{'name':'DNS','tcp':'53','udp':'53'},{'name':"ECHO",'tcp':'7','udp':'7'},{'name':'FINGER','tcp':'79','udp':''},{'name':'FTP','tcp':'21','udp':''},{'name':'FTP-Get','tcp':'21','udp':''},{'name':'FTP-Put','tcp':'21','udp':''},{'name':'GNUTELLA','tcp':'6346-6347','udp':'6346-6347'},{'name':'GOPHER','tcp':'70','udp':''},{'name':'GRE','tcp':'ANY','udp':'ANY'},{'name':'GTP','tcp':'3386,2152,2123','udp':'3386,2152,2123'},{'name':'H.323','tcp':'1720,1503,389,522,1731','udp':'1719'},{'name':'HTTP','tcp':'80','udp':''},{'name':'HTTP-EXT','tcp':'8000-8001,8080-8081,8100,8200,8888,9080,3128','udp':''}]; nameip=[]; gnameip=[]; policy=[]; target=[]; pattern1='set service "(.*)" protocol ([a-z]+) src-port ([0-9\-]+) dst-port ([0-9\-]+)'; pattern2='set address "(.*)" "(.*)" ([\d\.\s]+)'; pattern3='set group address "(.*)" "(.*)" add "(.*)"'; pattern4='set policy id ([\d]*) from "([\w\-]*)" to "([\w\-]*)" "([\d\.aAnNyY]*)" "([\d\.aAnNyY]*)" "([\daAnNyY]*)" ([\w]+)'; pattern5='^set policy id (.*)$'; pattern6='^set service "(.*)"$'; pattern7='^set src-address "(.*)"$'; pattern8='^set dst-address "(.*)"$'; pattern9='exit'; temp={}; doneinsert='x'; line=file.readline() while line: m1=re.match(pattern1,line); m2=re.match(pattern2,line); m3=re.match(pattern3,line); m4=re.match(pattern4,line); m5=re.match(pattern5,line); m6=re.match(pattern6,line); m7=re.match(pattern7,line); m8=re.match(pattern8,line); m9=re.match(pattern9,line); if(m1): serv=m1.group(1); protocol=m1.group(2); port=m1.group(4); if protocol == 'tcp': dict={'name':serv,'tcp':port,'udp':''}; else: dict={'name':serv,'tcp':'','udp':port}; servport.append(dict); elif(m2): name=m2.group(2); ip=m2.group(3); ip=ip.strip(); ip=ip.strip('\n'); dict={'name':name,'ip':ip} nameip.append(dict); elif(m3): name=m3.group(2); ipname=m3.group(3); dict={'name':name,'ipname':ipname}; done=0; for i in gnameip: if i['name']==name: done=1; ipnamelist=i['ipname']; ipnamelist=ipnamelist.split(','); ipnamelist.append(ipname); ipnamelist=','.join(ipnamelist); i['ipname']=ipnamelist; else: pass; if done==0: gnameip.append(dict); elif(m4): doneinsert=0; id=m4.group(1); sarea=m4.group(2); darea=m4.group(3); sip=m4.group(4); dip=m4.group(5); serv=m4.group(6); guide=m4.group(7); dict={'id':id,'sarea':sarea,'sip':sip,'dip':dip,'serv':serv,'guide':guide,'darea':darea}; policy.append(dict); elif(m5): doneinsert=0; id=m5.group(1); temp['id']=id; elif(m6): newserv=m6.group(1); if temp.has_key('serv'): serv=temp['serv']; servlist=serv.split(','); servlist.append(newserv); serv=",".join(servlist); temp['serv']=serv; else: temp['serv']=newserv; elif(m7): if temp.has_key('sip'): newsip=m7.group(1); sip=temp['sip']; sip=sip.split(','); sip.append(newsip); sip=','.join(sip); temp['sip']=sip; else: newsip=m7.group(1); temp['sip']=newsip; elif(m8): if temp.has_key('dip'): newdip=m8.group(1); dip=temp['dip']; dip=dip.split(','); dip.append(newdip); dip=','.join(dip); temp['dip']=dip; else: newdip=m8.group(1); temp['dip']=newdip; elif(m9 and doneinsert==0): for i in policy: if i['id']==temp['id']: doneinsert=1; if temp.has_key('serv'): serv=i['serv']; serv=serv.split(','); newserv=temp['serv']; serv.append(newserv); serv=','.join(serv); i['serv']=serv; if temp.has_key('sip'): sip=i['sip']; sip=sip.split(','); newsip=temp['sip']; sip.append(newsip); sip=','.join(sip); i['sip']=sip; if temp.has_key('dip'): dip=i['dip']; newdip=temp['dip']; dip=dip.split(','); dip.append(newdip); dip=','.join(dip); i['dip']=dip; temp={}; break; line=file.readline(); file.close(); source=[]; ip=[]; for i in gnameip: ipname=i['ipname']; ipnamelist=ipname.split(','); for j in ipnamelist: for k in nameip: if j==k['name']: ip.append(k['ip']); ip=','.join(ip); dict={'name':i['name'],'ip':ip}; nameip.append(dict); for i in policy: id=i['id']; sip=i['sip']; dip=i['dip']; guide=i['guide']; sarea=i['sarea']; darea=i['darea']; serv=i['serv']; if sip.lower()=='any': sourcesip='any'; else: ip=[]; iplist=sip.split(','); for j in iplist: for k in nameip: if j==k['name']: ip.append(k['ip']); ip=','.join(ip); sourcesip=ip; if dip.lower()=='any': sourcedip='any'; else: ip=[]; iplist=dip.split(','); for j in iplist: for k in nameip: if j==k['name']: ip.append(k['ip']); ip=','.join(ip); sourcedip=ip; if serv.lower()=='any': tcpport='any'; udpport='any'; else: tcpport=[]; udpport=[] servlist=serv.split(','); for j in servlist: for k in servport: if j==k['name']: tcpport.append(k['tcp']); udpport.append(k['udp']); tcpport=','.join(tcpport); udpport=','.join(udpport); sourceguide=guide; sourcesarea=sarea; sourcedarea=darea; sourceid=id; dict={'id':sourceid,'sip':sourcesip,'dip':sourcedip,'sarea':sourcesarea,'darea':sourcedarea,'tcpport':tcpport,'udpport':udpport,'guide':sourceguide}; source.append(dict); font0=Font(); font0.name='Times New Roman'; font0.bold=True; font0.colour_index=4; style0=easyxf('align: wrap on'); style0.font=font0; w=Workbook(encoding='utf-8'); ws=w.add_sheet('analysis'); ws.write(0,1,'策略ID',style0); ws.write(0,2,'源区域',style0); ws.write(0,3,'目的区域',style0); ws.write(0,4,'源地址',style0); ws.write(0,5,'目的地址',style0); ws.write(0,6,'端口',style0); ws.write(0,7,'方针',style0); i=1; for k in source: ws.write(i,1,k['id'],style0); ws.write(i,2,k['sarea'],style0); ws.write(i,3,k['darea'],style0); content=k['sip']; content=content.split(','); content='\n'.join(content); ws.write(i,4,content,style0); content=k['dip']; content=content.split(','); content='\n'.join(content); ws.write(i,5,content,style0); content1=k['tcpport']; content2=k['udpport']; judge=0; content1=content1.split(','); content2=content2.split(','); for x in content2: if x!='': judge=1 else: pass; if judge==0: content2='无'; else: content2=','.join(content2); judge=0; for x in content1: if x!='': judge=1; else: pass; if judge==0: content1='无'; else: content1=','.join(content1); content='TCP端口:'+content1+'\nUDP端口:'+content2; ws.write(i,6,content,style0); ws.write(i,7,k['guide'],style0); i=i+1; w.save('policy.xls'); print 'end:)';
View Code
说实话,自己还没写过这么长的python,以前都是啥端口扫描什么的窘,这次写得也不算好,像很多方法可以写成函数.....没去管了,关键是脸上又长痘了,又长痘了,不要喝咖啡,不要熬夜,不要晚睡,要爱干净,干净,干净!!!!!!
相关文章推荐
- SharePoint 2013 修改AD密码及一系列问题的解决方法
- opencv 人脸识别 (一)训练样本的处理
- MySQL主从复制
- 运算符重载之转换运算符
- rundeck Web页面配置node节点
- delphi socket客户端连接服务端时的错误
- 卸载Visual Studio Professional 2013
- Ping服务
- Oracle 10g RAC修改IP/VIP地址示例
- shell具体执行过程及自主实现shell解释器
- 安装配置gerrit
- sql小计合计
- 动态规划之0-1背包问题
- linux撰写策略路由
- Matlab与C/C++混合编程接口应用总结
- 3月国内电脑分辨率十强:1366*768亚军 占比破10%
- 使用jsoup完成模拟登陆
- 写给步入网络门槛中入门级别工程师中相关Vlan、trunk、hybrid的理解
- leetcode 237. Delete Node in a Linked List
- 字符串整理 1