Jump to content
Калькуляторы

SCE 8000 лимит на кол-во префиксов в одной зоне

Никто случайно не в курсе? есть мысль туда https из реестра впихнуть, но надо знать на какое колв-во записей можно расчитывать

Share this post


Link to post
Share on other sites

Никто случайно не в курсе? есть мысль туда https из реестра впихнуть, но надо знать на какое колв-во записей можно расчитывать

 

Пока пихаются без проблем.

 

# wc -l /var/tmp/zapret-info_https
1852 /var/tmp/zapret-info_https

Share this post


Link to post
Share on other sites

Что-то я подзабыл, а есть же какое-то средство автоматизации добавления ip (как с flavor для url) в зону без заливки прошивки?

Share this post


Link to post
Share on other sites

Что-то я подзабыл, а есть же какое-то средство автоматизации добавления ip (как с flavor для url) в зону без заливки прошивки?

 

ну я пока нашел только два варианта

1. через sca bb import csv

2. через api http://www.cisco.com/c/en/us/td/docs/cable/serv_exch/serv_control/broadband_app/rel315/scabbpg315/scabb_pg/Programming_with_the_SCA_BB_API.html#wpxref55226

 

через cli как сабскрайберов или url пока не нашел

ShyLion - вы как IP в зону добавляете?

Share this post


Link to post
Share on other sites

Что-то я подзабыл, а есть же какое-то средство автоматизации добавления ip (как с flavor для url) в зону без заливки прошивки?

 

ну я пока нашел только два варианта

1. через sca bb import csv

2. через api http://www.cisco.com/c/en/us/td/docs/cable/serv_exch/serv_control/broadband_app/rel315/scabbpg315/scabb_pg/Programming_with_the_SCA_BB_API.html#wpxref55226

 

через cli как сабскрайберов или url пока не нашел

ShyLion - вы как IP в зону добавляете?

 

//package examples;
import java.util.*;
import java.lang.*;
// import java.util.logging.*;
import java.io.*;
import java.nio.file.Files;
import org.apache.log4j.*;
import com.cisco.scabb.servconf.mgmt.ConnectionApi;
import com.cisco.scabb.servconf.mgmt.ImportExportApi;
import com.cisco.scabb.servconf.mgmt.SCABB;
import com.cisco.scabb.servconf.mgmt.ServiceConfig;
import com.cisco.scabb.servconf.mgmt.ServiceConfigApi;
//import com.cisco.scasbb.backend.classification.ZoneItem;
import com.cisco.scasbb.backend.classification.*;
import com.pcube.apps.engage.util.*;
import com.pcube.apps.engage.Connection;
import com.pcube.apps.engage.ConnectionFailedException;
import com.pcube.apps.engage.common.ImportExportException;
import com.pcube.apps.framework.commons.*;
import org.eclipse.emf.ecore.*;
import com.pcube.management.framework.client.SessionObject;
import com.pcube.management.framework.rpc.RpcSessionObjectImpl;

/**
 * updates an SCE with zone IP addresses. the zone IP address are
 * specified in a CSV file. the SCE address and CSV filename are taken
 * from the cmd-line argument.
 * <p>
 * usage: java examples.UpdateZoneFromCsv <sce-address> <password>
 * <zone-csv-file> <zone-name>
 *
 */
@SuppressWarnings("unchecked")
public class UpdateBlacklists {
   public static String sceAddress;
   public static String username;
   public static String password;
   public static String httpFlavorName="FZ139";
   public static String httpsZoneName="FZ139_HTTPS";
   public static String ipZoneName="FZ139";

   public static String url_file="/var/tmp/zapret-info_http";
   public static String https_file="/var/tmp/zapret-info_https";
   public static String ip_file="/var/tmp/zapret-info_ip";

   public static String archive_path="/var/zapret-info-archive";

   public static int opt_d=0;

   public static void main(String[] args) {
      String sceConfig =  null;

      int arg;

      for(arg=0; arg < args.length; arg++) {
        if(args[arg].equals("-d")) {
          opt_d=1;
        } else {
          sceConfig = args[arg];
        };
      };

      if (sceConfig == null) {
         System.err.println("usage: java UpdateBlacklist [-d] sce-info-file");
         System.err.println("       -d\tdo not upload config back to SCE");
         System.err.println("       sce-info-file:");
         System.err.println("       line#1 SCE_IP");
         System.err.println("       line#2 SCE_username");
         System.err.println("       line#3 SCE_password");
         System.exit(1);
      };

      try(BufferedReader br = new BufferedReader(new FileReader(sceConfig))) {
        sceAddress=br.readLine();
        username=br.readLine();
        password=br.readLine();
      } catch (Exception e) {
        System.err.println("Cannot read sce-info-file "+sceConfig);
        System.exit(1);
      };
      if(sceAddress == null || username == null || password == null) {
        System.err.println("Missing parameters in sce-info-file "+sceConfig);
        System.exit(1);
      };

      ServiceConfig serviceConfig = retrievePqb(sceAddress);
      if (serviceConfig == null) {
         System.err.println("Null serviceConfig returned "+lineNumber());
         System.exit(1);
      };

      long time=System.currentTimeMillis() / 1000L;
      File infile=null;

      try {
        Files.copy(
          new File(url_file).toPath(),
          new File(archive_path + "/zapret-info_http" + "." + time).toPath()
        );
      } catch (Exception e) {
        System.err.println("erro backing up "+url_file);
        System.err.println(e.toString());
      };

      try {
        Files.copy(
          new File(https_file).toPath(),
          new File(archive_path + "/zapret-info_https" + "." + time).toPath()
        );
      } catch (Exception e) {
        System.err.println("erro backing up "+https_file);
        System.err.println(e.toString());
      };

      try {
        Files.copy(
          new File(ip_file).toPath(),
          new File(archive_path + "/zapret-info_ip" + "." + time).toPath()
        );
      } catch (Exception e) {
        System.err.println("erro backing up "+ip_file);
        System.err.println(e.toString());
      };

      try {
        infile=new File(archive_path + "/in." + time);
        ImportExportApi.exportServiceConfiguration(serviceConfig, infile);
      } catch (Exception e) {
        System.err.println("in config save exception");
        System.exit(1);
      };

      Zone zoneHttps = (Zone) serviceConfig.getClassificationCfg().getZoneList().findByName(httpsZoneName);
      if(zoneHttps == null) {
        System.err.println("Cannot find zone "+httpsZoneName);
        System.exit(1);
      };

      Zone zoneIp = (Zone) serviceConfig.getClassificationCfg().getZoneList().findByName(ipZoneName);
      if(zoneIp == null) {
        System.err.println("Cannot find zone "+ipZoneName);
        System.exit(1);
      };

      Flavor flavorHttp=(Flavor)serviceConfig.getClassificationCfg().getFlavorList().findByName(httpFlavorName);
      if(flavorHttp == null) {
        System.err.println("Cannot find flavor "+httpFlavorName);
        System.exit(1);
      };

      if(flavorHttp.getFlavorType() != FlavorType.HTTP_URL_LITERAL) {
        System.err.println("Bad flavor type");
        System.exit(1);
      };

//       printFlavor(flavorHttp, httpFlavorName);
//       printZone(zoneHttps, httpsZoneName);
//       printZone(zoneIp, ipZoneName);

      zoneHttps.getZoneItems().clear();
      zoneIp.getZoneItems().clear();
      flavorHttp.getHttpUrls().clear();

      if(loadZone(zoneHttps, https_file) != 1) {
        System.err.println("Error loading zone "+httpsZoneName);
        System.exit(1);
      };

      if(loadZone(zoneIp, ip_file) != 1) {
        System.err.println("Error loading zone "+ipZoneName);
        System.exit(1);
      };

      if(loadFlavor(flavorHttp, url_file) != 1) {
        System.err.println("Error loading urls");
        System.exit(1);
      };

//       printFlavor(flavorHttp, httpFlavorName);
//       printZone(zoneHttps, httpsZoneName);
//       printZone(zoneIp, ipZoneName);

      File outfile=null;
      try {
        outfile=new File(archive_path + "/out." + time);
        ImportExportApi.exportServiceConfiguration(serviceConfig, outfile);
      } catch (Exception e) {
        System.err.println("out config save exception");
        System.exit(1);
      };

      if(opt_d == 1) System.exit(0);

      if(applyPqb(sceAddress, serviceConfig) != 1) {
        System.err.println("Error applying config");
        System.exit(1);
      };

      System.out.println("Done ");
      System.exit(0);
   }
   public static int lineNumber() {
     return Thread.currentThread().getStackTrace()[2].getLineNumber();
   }

   // return 1 on success, 0 on failure
   private static int loadFlavor(Flavor flavor, String filename) {
     ClassificationFactory cFactory = ClassificationFactory.eINSTANCE;
     try(BufferedReader br = new BufferedReader(new FileReader(filename))) {
       for(String line; (line = br.readLine()) != null; ) {
         String[] fields=line.split("\t", -1);
         if(fields.length != 4) {
           System.err.println("file format error");
           return 0;
         };
         /*if(fields[1] == "") fields[1]=null;
         if(fields[2] == "") fields[2]=null;
         if(fields[3] == "") fields[3]=null;*/
         HttpUrlFlavorItem fi = (HttpUrlFlavorItem)cFactory.createFlavorItem(FlavorType.HTTP_URL_LITERAL);
         fi.setHostSuffix(fields[0]);
         fi.setUriPrefix(fields[1]);
         fi.setUriSuffix(fields[2]);
         fi.setParamsPrefix(fields[3]);
         flavor.getFlavorItems().add(fi);
       };
     } catch (Exception e) {
       return 0;
     };
     return 1;
   };
   // return 1 on success, 0 on failure
   private static int loadZone(Zone zone, String filename) {

     ClassificationFactory cFactory = ClassificationFactory.eINSTANCE;
     ImportHandler ih = new ImportHandler();

     try(BufferedReader br = new BufferedReader(new FileReader(filename))) {
       for(String line; (line = br.readLine()) != null; ) {
         ZoneItem zoneItem = cFactory.createZoneItem();

         String type=ih.getIpType(line.trim());

         if (type.equals("Ipv6"))
          {
            IPRange ipRange = new IPRange(line.trim(), 128);
            ipRange.setIPv6(true);
            zoneItem.setIpRange(ipRange);
          }
          else
          {
            if (!type.equals("Ipv4")) {
              continue;
            }
            IPRange ipRange = IPRange.valueOf(line);
            zoneItem.setIpRange(ipRange);
          }
          zone.getZoneItems().add(zoneItem);
       }
     } catch (Exception e) {
       return 0;
     };
     return 1;
   };
   private static void printFlavor(Flavor flavor, String flavorName) {
     if(flavor == null) {
       System.err.println("Cannot find flavor "+flavorName);
     } else {
       if(flavor.getFlavorType() != FlavorType.HTTP_URL_LITERAL) {
         System.err.println("Bad flavor type");
       } else {
         List<HttpUrlFlavorItem> urls=flavor.getHttpUrls();
         System.out.println("Flavor: "+flavor.getName()+" index: "+flavor.getIndex()+" items: "+urls.size());
         for(HttpUrlFlavorItem url : urls) {
           System.out.println("\t"+url.toString());
         };
       };
     };
   };
   private static void printZone(Zone zone, String zoneName) {
     if (zone == null) {
         System.err.println("WARNING: null zone");
      } else {
         List<ZoneItem> items=zone.getZoneItems();
         System.out.println("Zone: " + zoneName+ " " + items.size() + " elements");
         for(ZoneItem item : items) {
           System.out.println("\t"+item.getIpRange().toString());
         };
      };
   }
   private static int applyPqb(String sceAddress,
         ServiceConfig serviceConfig) {
      Logger.getRootLogger().setLevel(Level.ERROR);
      ConnectionApi connection = null;
      int ret = 0;
      try {
         connection = SCABB.login(sceAddress, username, password,
                         Connection.SE_DEVICE);

         SessionObject session = connection.getSessionObject();
         ((RpcSessionObjectImpl) session).setOperationTimeout(60 * 60 * 1000);

         ServiceConfigApi.applyServiceConfiguration(connection,
                         serviceConfig, false, null, 20, 15374, false);
         ret = 1;
      } catch (ConnectionFailedException e) {
         System.err.println("connection to SCE failed: "
                         + e.getMessage());
      } catch (Exception e) {
         System.err.println("apply operation failed: "
                         + e.getMessage());
      } finally {
         if (connection != null) {
            SCABB.logout(connection);
         }
      }
      return ret;
   }
   private static ServiceConfig retrievePqb(String sceAddress) {
      ServiceConfig retrievedServiceConfig = null;
      ConnectionApi connection = null;
      Logger.getRootLogger().setLevel(Level.ERROR);
      try {
         connection = SCABB.login(sceAddress, username, password,
                         Connection.SE_DEVICE);

         SessionObject session = connection.getSessionObject();
         ((RpcSessionObjectImpl) session).setOperationTimeout(60 * 60 * 1000);

         retrievedServiceConfig = ServiceConfigApi
                         .retrieveServiceConfiguration(connection);
      } catch (ConnectionFailedException e) {
         System.err.println("connection to SCE failed: "
                         + e.getMessage());
      } catch (Exception e) {
         System.err.println("retrieve operation failed: "
                         + e.getMessage());
      } finally {
         if (connection != null) {
            SCABB.logout(connection);
         }
      }
      return retrievedServiceConfig;
   }
}

 

# head /var/tmp/zapret-info_http
video-one.com   /popular/Teen/1.html    *       *
cannabay.org    /*      *       *
eoliaseeds.com  /*      *       *
lajli.gau.hu    /~xx/suicide.htm        *       *
1226608.sites.myregisteredsite.com      /seantheartist/archived/01032012/0204-full/F04D-ScienceOfHanging-1.html *       *
www.elephantos.com      /ru/smartshop/psihodeliki       *       *
www.elephantos.com      /ru/smartshop/psihodeliki/kaktus-pejot-2-3-gorshka-.html        *       *
www.elephantos.com      /ru/smartshop/kuritelnye-smesi  *       *
www.elephantos.com      /ru/smartshop/travjanye-jekstazi        *       *
www.elephantos.com      /ru/smartshop/kuritelnye-smesi/salvia-sage-extract.html *       *

 

# head /var/tmp/zapret-info_https
103.249.70.208/32
104.108.41.143/32
104.16.101.35/32
104.16.102.35/32
104.16.105.35/32
104.16.106.35/32
104.16.109.37/32
104.16.110.37/32
104.16.111.39/32
104.16.111.53/32

 

# head /var/tmp/zapret-info_ip
104.20.24.80/32
104.20.25.80/32
104.20.26.80/32
104.20.31.109/32
104.20.37.109/32
104.20.60.41/32
104.20.61.41/32
104.25.68.12/32
104.25.69.12/32
104.27.138.52/32

 

Файлы с данными получаются perl скриптом, путем разбора .xml файла от известных органов.

Share this post


Link to post
Share on other sites

jar собирается со всеми классами от конкретной версии serviceconfig-java-api-dist.tgz под ваше ПО на SCE.

 

У меня 4.0.0

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.