scripting:python_scripts:checkpoint.py
This is an old revision of the document!
import sys
import subprocess
import time
import pexpect
import smtplib
#while dblock is 1 script will fail
dblock = 1
CPTMGMT = '10.30.165.21'
cpstat_output = 'set a true value so script fails if ssh does not run'
pushpolicy_output = 'set a value here so i know nothing got set at the end'
CPSTATCMD = 'cpstat'
PPCMD = 'fwm load -p firewall -m MKTX_DC03 DC03CPTFW'
#or this, this is the mail alert in case we have any problems pushing policy
def mail_alert_push(ipaddr,message):
SERVER = "ash1mail.marketaxess.com"
FROM = "CheckPointPushAlerts@crpashnetdev01.com"
TO = 'network@marketaxess.com'
SUBJECT = "CHECKPOINT PUSH FAILED FOR PUSH " + ipaddr , message
TEXT = "ALERT! The push policy script was not able to run!!!!!!" + message
message = 'TO: %s ' % (TO) + '\n' + 'Subject: %s\n\n%s' % (SUBJECT, TEXT)
server = smtplib.SMTP(SERVER)
server.sendmail(FROM, [TO], message)
server.quit()
#if we are lucky this is the only alert we will hit
def mail_alert_final(ipaddr,output):
SERVER = "ash1mail.marketaxess.com"
FROM = "CheckPointPushAlerts@crpashnetdev01.com"
TO = 'network@marketaxess.com'
SUBJECT = "CHECKPOINT POLICY HAS BEEN PUSHED" #real good dun duh dun dun duh dun dun nun na nun nun nah
TEXT = "Checkpoint Policy has been pushed via the push policy script"
message = 'TO: %s ' % (TO) + '\n' + 'Subject: %s\n\n%s \n\n%s' % (SUBJECT, TEXT, output)
server = smtplib.SMTP(SERVER)
server.sendmail(FROM, [TO], message)
server.quit()
try:
conn = pexpect.spawn('ssh admin@10.30.165.21')
conn.expect('CPTMGMT')
except pexpect.TIMEOUT:
print ('icouldnt ssh in')
fail_message = ' SSH FAILED'
mail_alert_push(CPTMGMT, fail_message)
sys.exit('ssh failed')
conn.sendline('cpstat mg')
conn.expect('CPTMGMT')
cpstat_output = conn.before.split(b'\n')
conn.sendline('exit')
cpstat_output = " ".join(str(elm) for elm in cpstat_output)
while dblock is 1:
try:
if "true" in cpstat_output:
dblock = 1
fail_message = 'the database is locked'
print('im in the if statement and the dblock value is :' , dblock)
mail_alert_push(CPTMGMT, fail_message)
sys.exit(1)
else:
dblock = 0
print('im in the else statement and the dblock value is :' , dblock , "so im going to continue on")
except:
dblock = 1
"there was an error"
fail_message = ' the try except failed to check dblock'
mail_alert_push(CPTMGMT, fail_message)
sys.exit('failed in except')
ppcmd_output = "this value is before the command ran, this is my comment and my value"
#if the value is 0 that means dblock is off so im going to move forward with the script
if dblock == 0:
conn = pexpect.spawn('ssh admin@10.30.165.21')
conn.expect('\[Expert')
try:
conn.sendline('fwm load -p firewall -m MKTX_DC03 DC03CPTFW')
conn.expect('\[Expert', timeout=330)
except pexpect.TIMEOUT:
print ('THERE WAS A TIMEOUT PUSHING POLICY')
fail_message = 'PUSH TIMEOUT ERROR!!!!!'
mail_alert_push(CPTMGMT, fail_message)
sys.exit('POLICY PUSH FAILED!!!!!!!!!!!!!')
ppcmd_output = conn.before.split(b'\n')
conn.sendline('exit')
#ppcmd_output = " ".join(str(elm) for elm in ppcmd_output)
print ('i know this is after the push policy command ran so it should have a bunch of data in it')
mail_alert_final(CPTMGMT, ppcmd_output)
#send output in email
else:
print('send out error email')
fail_message = ' SOMETHING UNEXPECTED HAPPENED WITH PUSH POLICY SCRIPT'
mail_alert_push(CPTMGMT, fail_message)
sys.exit('i failed at the end')
scripting/python_scripts/checkpoint.py.1547221453.txt.gz · Last modified: (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
