class FortiUkaz60_2

Attributes

add_func_connector[RW]
add_functions_full[RW]
ansible_host[RW]
ansible_ssh_password[RW]
ansible_ssh_user[RW]
ansible_tmp_folder[RW]
local_tmp_directory[RW]
url_backup_dir[RW]

Public Class Methods

new(ansible_tmp_folder, local_tmp_directory, ansible_ssh_user, ansible_ssh_password, ansible_host, url_backup_dir) click to toggle source
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 19
def initialize(ansible_tmp_folder,
               local_tmp_directory,
               ansible_ssh_user,
               ansible_ssh_password,
               ansible_host,
               url_backup_dir)
  @ansible_tmp_folder = ansible_tmp_folder
  @local_tmp_directory = local_tmp_directory
  @ansible_ssh_user = ansible_ssh_user
  @ansible_ssh_password = ansible_ssh_password
  @ansible_host = ansible_host
  @add_func_connector = AddFuncUkaz60_2.new
  @add_functions_full = LogAddFunctions_2.new
  @url_backup_dir = url_backup_dir
end

Public Instance Methods

clean_tmp_folders() click to toggle source

3 Clean all temp files

Full ready
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 127
def clean_tmp_folders
  out_data = {}
  folder = "#{ansible_tmp_folder}/"
  path_to_local_file = "#{local_tmp_directory}/urls.json"
  if folder != "/" && folder != "" && folder != nil && folder != "//" && folder.split("/").length > 2
    begin
      Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
        comm_delete = "rm -rf #{folder}*"
        result = ssh.exec!(comm_delete)
      end
      File.delete(path_to_local_file) if File.exist?(path_to_local_file)
      out_data = {:code => 200, :result => "clean_tmp_folders: Cleared successfully"}
    rescue
      out_data = {:code => 500, :result => "clean_tmp_folders: ssh_failed"}
    end
  else
    out_data = {:code => 404, :result => "clean_tmp_folders: invalid and danger temp path"}
  end
  add_functions_full.printer_texter(out_data, "debug")
  out_data
end
prepare_url_config_fortigate(data_belgim) click to toggle source

4 process belgim data parse function

and do list for Fortigate upload
Full ready
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 152
def prepare_url_config_fortigate(data_belgim)

  to_fortigate = []
  output_data = {}

  begin

    for ipv4 in data_belgim[:ipv4_parsed]
      to_fortigate.push({
                            "url" => ipv4,
                            "action" => "block"
                        })
    end

    for ipv6 in data_belgim[:ipv6_parsed]
      to_fortigate.push({
                            "url" => "[#{ipv6}]",
                            "action" => "block"
                        })
    end

    for dns in data_belgim[:domains_for_block]
      to_fortigate.push({
                            "url" => dns,
                            "action" => "block"
                        })
    end

    #for url in data_belgim[:url_for_block]
    for url in data_belgim[:url_for_block]
      format_url1 = add_func_connector.http_to_forti_prep(url)
      to_fortigate.push({
                            "url" => format_url1,
                            "action" => "block"
                        })
    end

    for https in data_belgim[:https_parsed]
      format_url2 = add_func_connector.https_to_forti_prep(https)
      to_fortigate.push({
                            "url" => format_url2,
                            "action" => "block"
                        })
    end

    num_list = to_fortigate.length

    output_data = {:code => 200, :result => "Request completed", :body => {:num_list => num_list,
                                                                           :to_fortigate => to_fortigate}}
  rescue
    output_data = {:code => 507, :result => "Unknown error"}
    p "ERROR !!! prepare_url_config_fortigate"
  end
  output_data
end
update_weburl_fortigate() click to toggle source

2 function for process data to fortigate directly by ansible

Full ready
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 82
def update_weburl_fortigate
  output_data = {}
  begin
    command = "/bin/bash /scripts/temp_fortigate_url_upload.sh"
    ansible_answer = ""
    Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
      ansible_answer = ssh.exec!(command)
    end
    p "ansible_answer: #{ansible_answer}"

    #hh = "\nPLAY [ha_master] ***************************************************************\n\nTASK [set url table] ***********************************************************\nchanged: [gom32sg1]\nchanged: [bre32sg1]\nchanged: [min32sg1]\nchanged: [vit32sg1]\nchanged: [min32sg3]\nchanged: [gro32sg1]\nchanged: [mog32sg1]\n\nTASK [check current url table] *************************************************\nok: [min32sg1]\nok: [bre32sg1]\nok: [min32sg3]\nok: [vit32sg1]\nok: [gom32sg1]\nok: [gro32sg1]\nok: [mog32sg1]\n\nTASK [debug] *******************************************************************\nok: [min32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [min32sg3] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [bre32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [vit32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gom32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gro32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [mog32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\n\nPLAY RECAP *********************************************************************\nbre32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngom32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngro32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg3                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmog32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nvit32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \n\n"
    answ_pr = add_func_connector.ansible_answer_parse(ansible_answer)
    output_data = {:code => 200, :result => "update_weburl_fortigate: Request completed", :body => answ_pr}
  rescue
    output_data = {:code => 507, :result => "update_weburl_fortigate: Unknown SDK error"}
  end
  add_functions_full.printer_texter(output_data, "debug")
  output_data
end
update_weburl_fortimanager() click to toggle source

2.1 function for process data to fortigate by fortimanager by ansible

Full ready
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 105
def update_weburl_fortimanager
  output_data = {}
  begin
    command = "/bin/bash /scripts/temp_fortimanager_url_upload.sh"
    ansible_answer = ""
    Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
      ansible_answer = ssh.exec!(command)
    end
    p "ansible_answer: #{ansible_answer}"

    #hh = "\nPLAY [ha_master] ***************************************************************\n\nTASK [set url table] ***********************************************************\nchanged: [gom32sg1]\nchanged: [bre32sg1]\nchanged: [min32sg1]\nchanged: [vit32sg1]\nchanged: [min32sg3]\nchanged: [gro32sg1]\nchanged: [mog32sg1]\n\nTASK [check current url table] *************************************************\nok: [min32sg1]\nok: [bre32sg1]\nok: [min32sg3]\nok: [vit32sg1]\nok: [gom32sg1]\nok: [gro32sg1]\nok: [mog32sg1]\n\nTASK [debug] *******************************************************************\nok: [min32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [min32sg3] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [bre32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [vit32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gom32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gro32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [mog32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\n\nPLAY RECAP *********************************************************************\nbre32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngom32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngro32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg3                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmog32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nvit32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \n\n"
    answ_pr = add_func_connector.ansible_answer_parse_fmg(ansible_answer)
    output_data = {:code => 200, :result => "update_weburl_fortigate: Request completed", :body => answ_pr}
  rescue
    output_data = {:code => 507, :result => "update_weburl_fortigate: Unknown SDK error"}
  end
  add_functions_full.printer_texter(output_data, "debug")
  output_data
end
upload_url(url_list) click to toggle source

1 Function for upload data to ansible server

Full ready
# File lib/imperituroard/projects/ukaz60/fortigate.rb, line 37
def upload_url(url_list)

  input_data = {:url_list => url_list}
  output_data = {}

  begin

    write_data = JSON.pretty_generate(url_list)

    date_time = DateTime.now.to_s
    add_date_name = date_time.gsub("+03:00", "").gsub("-", "_").gsub(":", "_")

    local_url_file = "#{local_tmp_directory}/urls.json"
    remote_url_file = "#{ansible_tmp_folder}/urls.json"
    backup_url_file = "#{url_backup_dir}/urls_#{add_date_name}.json"

    #create local file
    gg = File.open(local_url_file, "w:UTF-8") {|f| f.write(write_data)}

    #create backup
    begin
      gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
                             local_url_file, backup_url_file,
                             :ssh => {:password => ansible_ssh_password})
    rescue
      nil
    end

    #upload local file
    gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
                           local_url_file, remote_url_file,
                           :ssh => {:password => ansible_ssh_password})

    output_data = {:code => 200, :result => "upload_url: Data uploaded"}

  rescue
    output_data = {:code => 507, :result => "upload_url: Unknown SDK error"}
  end
  add_functions_full.printer_texter(output_data, "debug")
  output_data
end