Netwalk is a Python library to discover, parse, analyze and change Cisco switched networks

Related tags

Networkingpythoncisconetwork
Overview

Netwalk

Netwalk is a Python library born out of a large remadiation project aimed at making network device discovery and management as fast and painless as possible.

Installation

Can be installed via pip with pip install git+ssh://[email protected]/icovada/netwalk.git

Extras

A collection of scripts with extra features and examples is stored in the extras folder

Code quality

A lot of the code is covered by tests. More will be added in the future

Fabric

This object type defines an entire switched network and can be manually populated, have switches added one by one or you can give it one or more seed devices and it will go and scan everything for you.

Auto scanning example:

from netwalk import Fabric
sitename = Fabric()
sitename.init_from_seed_device(seed_hosts=["10.10.10.1"],
                               credentials=[("cisco","cisco"),("customer","password")]
                               napalm_optional_args=[{'secret': 'cisco'}, {'transport': 'telnet'}])

This code will start searching from device 10.10.10.1 and will try to log in via SSH with cisco/cisco and then customer/password. Once connected to the switch it will pull and parse the running config, the mac address table and the cdp neighbours, then will start cycling through all neighbours recursively until the entire fabric has been discovered

Note: you may also pass a list of napalm_optional_args, check the NAPALM optional args guide for explanation and examples

Manual addition of switches

You can tell Fabric to discover another switch on its own or you can add a Switch object to .switches. WHichever way, do not forget to call refresh_global_information to recalculate neighborships and global mac address table

Example

sitename.add_switch(seed_hosts=["10.10.10.1"],
                    credentials=[("cisco","cisco"))
sitename.refresh_global_information()

Note: you may also pass a list of napalm_optional_args, check the optional args guide for explanation and examples

Structure

sitename will now contain two main attributes:

  • switches, a dictionary of {'hostname': Switch}
  • mac_table, another dictionary containing a list of all macs in the fabric, the interface closest to them

Switch

This object defines a switch. It can be created in two ways:

Automatic connection

from netwalk import Switch
sw01 = Switch(hostname="10.10.10.1")
sw01.retrieve_data(username="cisco",
                   password="cisco"})

Note: you may also pass a list of napalm_optional_args, check the optional args guide for explanation and examples

This will connect to the switch and pull all the data much like add_switch() does in Fabric

Init from show run

You may also generate the Switch device from a show run you have extracted somewhere else. This will not give you mac address table or neighborship discovery but will generate all Interfaces in the switch

from netwalk import Switch

showrun = """
int gi 0/1
switchport mode access
...
int gi 0/24
switchport mode trunk
"""

sw01 = Switch(hostname="10.10.10.1", config=showrun)

Structure

A Switch object has the following attributes:

  • hostname: the IP or hostname to connect to
  • config: string containing plain text show run
  • interfaces: dictionary of {'interface name', Interface}}
  • mac_table: a dictionary containing the switch's mac address table

Interface

An Interface object defines a switched interface ("switchport" in Cisco language) and can hold data about its configuration such as:

  • name
  • description
  • mode: either "access" or "trunk"
  • allowed_vlan: a set() of vlans to tag
  • native_vlan
  • voice_vlan
  • switch: pointer to parent Switch
  • is_up: if the interface is active
  • is_enabled: shutdown ot not
  • config: its configuration
  • mac_count: number of MACs behind it
  • type_edge: also known as "portfast"
  • bpduguard

Printing an interface yelds its configuration based on its current attributes

Trick

Check a trunk filter is equal on both sides

assert int.allowed_vlan == int.neighbors[0].allowed_vlan

Check a particular host is in vlan 10

from netaddr import EUI
host_mac = EUI('00:01:02:03:04:05')
assert fabric.mac_table[host_mac]['interface'].native_vlan == 10
You might also like...
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

Oli Zimmermann 1 Jan 11, 2022
A python tool auto change proxy or ip after dealy time set by user
A python tool auto change proxy or ip after dealy time set by user

Auto proxy Ghost This tool auto change proxy or ip after dealy time set by user how to run 1. Install required file ./requirements.sh 2.Enter command

Harsh Tagra 0 Feb 23, 2022
This python script can change the mac address after some attack

MAC-changer Hello people, this python script was written for people who want to change the mac address after some attack, I know there are many ways t

null 5 Oct 10, 2022
These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status
These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status

Spam Call and Toll Fraud Mitigation Cisco Expressway release X14 is able to mitigate spam calls and toll fraud attempts by jailing the spam IP address

Luca Pellegrini 6 Aug 5, 2022
With the use of this tool, you can change your MAC address

Akshat0404/MAC_CHANGER This tool has to be used on linux kernel. Now o

null 1 Jan 25, 2022
It's a little project for change MAC address, for ethical hacking purposes

MACChangerPy It's a small project for MAC address change, for ethical hacking purposes, don't use it for bad purposes, any infringement will be your r

Erick Adriano Nunes da Silva 1 Mar 11, 2022
NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX 12k Jan 2, 2023
BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks.
BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks.

BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks. The key intuition of BaseSpec is that a message decoder in baseband software embeds the protocol specification in a machine-friendly structure to parse incoming messages;

SysSec Lab 35 Dec 6, 2022
Evaluation of TCP BBRv1 in wireless networks

The Network Simulator, Version 3 Table of Contents: An overview Building ns-3 Running ns-3 Getting access to the ns-3 documentation Working with the d

null 3 Nov 1, 2021
Comments
  • _parse_config() in `netwalk/device.py` is not parsing the running config correctly

    _parse_config() in `netwalk/device.py` is not parsing the running config correctly

    netwalk/device.py has a pretty bad bug as of git hash efd5b8d5affd877df4739a639b2d2762c4d94057... explicitly:

        def _parse_config(self):
        """Parse show run
        """
        if isinstance(self.config, str):
            running = StringIO()
            running.write(self.config)

            # Be kind rewind
            running.seek(0)

            # Get show run and interface access/trunk status
            parsed_conf = CiscoConfParse(running)

    You are asking CiscoConfParse() to parse a configuration from a string. This is broken... you should be parsing a list, tuple or MutableSequence()... as such, this is one possible way to fix your call to CiscoConfParse():

    • this assumes running is a string... you can fix the problem by parsing running.splitlines()...
                assert isinstance(running, str)
            parsed_conf = CiscoConfParse(running.splitlines())
    opened by mpenning 3
  • Pass arbitrary neighbour filters

    Pass arbitrary neighbour filters

    Allow to specify filters when discovering switches

    https://github.com/icovada/netwalk/blob/1d4b26c1978fe818aee2eceadf396d063f5d8904/netwalk/fabric.py#L163

    opened by icovada 1
  • Interface grouping

    Interface grouping

    Implement interface grouping.

    • [x] - Add parent_interface = None attribute to Interface object

    • [x] - Define a LAG(Interface) object with the following attributes:

      • List[Interface]: child_interfaces: a list of aggregated interfaces

      It will also have a method add_child(Interface) which will append an Interface object to child_interfaces and set the parameter's .parent_interface to self

    • [x] - Add Vpc(LAG) and PortChannel(LAG) objects and their respective config parsers and generators

    opened by icovada 0
Releases(v1.1.4)
Owner
GitHub Repository
An ansible playbook to set up wireguard server.

Poor man's VPN (pay for only what you need) An ansible playbook to quickly set up Wireguard server for occasional personal use. It takes around five m

Amrit Bera 613 Dec 25, 2022
Minimal, self-hosted, 0-config alternative to ngrok. Caddy+OpenSSH+50 lines of Python.

If you have a webserver running on one computer (say your development laptop), and you want to expose it securely (ie HTTPS) via a public URL, SirTunnel allows you to easily do that.

Anders Pitman 423 Jan 02, 2023
InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state.

🧞 InfraGenie InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state. T

Digger 53 Nov 23, 2022
API Server for VoIP analysis (CDR + Audio CODECs)

Swagger generated server Overview This server was generated by the swagger-codegen project. By using the OpenAPI-Spec from a remote server, you can ea

Noor Muhammad Malik 1 Jan 11, 2022
Linux SBC featuring two wifi radios, masquerading as a USB charger.

The WiFiWart is an open source WiFi penetration device masquerading as a regular wall charger. It features a 1.2Ghz Cortex A7 MPU with two WiFi chips onboard.

Walker 151 Dec 26, 2022
netpy - more than implementation of netcat 🐍🔥

netpy - more than implementation of netcat 🐍🔥

Mahmoud S. ElGammal 1 Jan 26, 2022
These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status

Spam Call and Toll Fraud Mitigation Cisco Expressway release X14 is able to mitigate spam calls and toll fraud attempts by jailing the spam IP address

Luca Pellegrini 6 Aug 05, 2022
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

Oli Zimmermann 1 Jan 11, 2022
List of ngrok alternatives and other ngrok-like tunneling software and services. Focus on self-hosting.

List of ngrok alternatives and other ngrok-like tunneling software and services. Focus on self-hosting.

Anders Pitman 7.3k Jan 03, 2023
IoT owl is light face detection and recognition system made for small IoT devices like raspberry pi.

IoT Owl IoT owl is light face detection and recognition system made for small IoT devices like raspberry pi. Versions Heavy with mask detection withou

Ret2Me 6 Jun 06, 2022
StarCraft II Client - protocol definitions used to communicate with StarCraft II.

Overview The StarCraft II API is an interface that provides full external control of StarCraft II. This API exposes functionality for developing softw

Blizzard Entertainment 3.6k Dec 30, 2022
A Cheap Flight Alert program sends you a SMS to notify cheap flights in next 8 months.

Flight Dealer A Cheap Flight Alert program sends you a SMS to notify cheap flights (return trips) in next 6 months. Installing Download the Python 3 i

Aytaç Kaşoğlu 2 Feb 10, 2022
Web service load balancing simulation experiment.

Web service load balancing simulation experiment.

NicestZK 1 Nov 12, 2021
Terminal based chat - networking project with sockets in python

Terminal based chat - networking project with sockets in python

2 Jan 24, 2022
A vpn that sits in your browser, accessible via a website

VPNInYourBrowser A vpn that sits in your browser, accessible via a website Example setup: https://VPNInBrowser.jaffa42.repl.co Setup Put the code onto

1 Jan 20, 2022
stellar-add-guest is a small tool to generate a new guest for Stellar Wireless (Enterprise mode) in OmniVista 2500 hosted on OmniSwitch with AOS Release 8

stellar-add-guest is a small tool to generate a new guest for Stellar Wireless (Enterprise mode) in OmniVista 2500 hosted on OmniSwitch with AOS Release 8.

BennyE 3 Jan 24, 2022
Converts Cisco formatted MAC Addresses to PC formatted MAC Addresses

Cisco-MAC-to-PC-MAC Converts a file with a list of Cisco formatted MAC Addresses to PC formatted MAC Addresses... Ex: abcd.efgh.ijkl to AB:CD:EF:GH:I

Stew Alexander 0 Jan 04, 2022
Azure-function-proxy - Basic proxy as an azure function serverless app

azure function proxy (for phishing) here are config files for using *[.]azureweb

17 Nov 09, 2022
MQTT Explorer - MQTT Subscriber client to explore topic hierarchies

mqtt-explorer MQTT Explorer - MQTT Subscriber client to explore topic hierarchies Overview The MQTT Explorer subscriber client is designed to explore

Gambit Communications, Inc. 4 Jun 19, 2022
BLE parser for passive BLE advertisements

This pypi package is parsing BLE advertisements to readable data for several sensors and can be used for device tracking, as long as the MAC address is static. The parser was originally developed as

Ernst Klamer 19 Dec 26, 2022