crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[switchs] pas de dhcp-snooping sur les séries 2810 (wtf)

Browse source 
darcs-hash:20100120223129-ffbb2-88d595f81d20a079deca4ca1dd1c2e1307a8d0a4.gz
This commit is contained in:
Nicolas Dandrimont 2010-01-20 23:31:29 +01:00
parent 3a5791cc46
commit 0e75b747fc
1 changed files with 16 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

24
gestion/gen_confs/switchs.py
View file

@ -117,13 +117,6 @@ aaa authentication ssh enable public-key none
ip ssh ip ssh
ip authorized-managers 10.231.136.0 255.255.255.0 ip authorized-managers 10.231.136.0 255.255.255.0
ip ssh filetransfer ip ssh filetransfer
;------------------------------------------------------- DHCP Snooping
dhcp-snooping vlan %(vlan_adherent)s
dhcp-snooping trust %(uplinks)s
no dhcp-snooping trust %(non_uplinks)s
dhcp-snooping authorized-server %(dhcp)s
; Activation
dhcp-snooping
;------------------------------------------------------- Protection contre les boucles ;------------------------------------------------------- Protection contre les boucles
loop-protect disable-timer 30 loop-protect disable-timer 30
loop-protect transmit-interval 3 loop-protect transmit-interval 3
@ -139,6 +132,14 @@ no cdp run
no stack no stack
""" """
dhcp_snooping_template = """;------------------------------------------------------- DHCP Snooping
dhcp-snooping vlan %(vlan_adherent)s
dhcp-snooping trust %(uplinks)s
no dhcp-snooping trust %(non_uplinks)s
dhcp-snooping authorized-server %(dhcp)s
; Activation
dhcp-snooping"""
interface_template = """interface %(prise)i interface_template = """interface %(prise)i
enable enable
name "%(nom)s" name "%(nom)s"
@ -278,6 +279,8 @@ exit
## On veut par défaut tout confier au serveur radius principal ## On veut par défaut tout confier au serveur radius principal
#shuffle(self.rad_servs) #shuffle(self.rad_servs)
rad = self.rad_template * len(self.rad_servs) rad = self.rad_template * len(self.rad_servs)
params = { 'switch' : switch, 'bat' : bat.upper() , params = { 'switch' : switch, 'bat' : bat.upper() ,
'radius_key' : radius_key , 'radius_key' : radius_key ,
'radius-serveurs' : rad[:-1] % tuple(self.rad_servs), 'radius-serveurs' : rad[:-1] % tuple(self.rad_servs),
@ -310,6 +313,8 @@ exit
nb_prises = machine.nombrePrises() nb_prises = machine.nombrePrises()
if nb_prises < 0 : if nb_prises < 0 :
raise RuntimeError("Erreur : impossible de déterminer les caractéristiques du switch.") raise RuntimeError("Erreur : impossible de déterminer les caractéristiques du switch.")
has_dhcp_snooping = "2810" not in " ".join(machine.info())
### Configuration prises ### Configuration prises
params['INTERFACES_CONF'] = '' params['INTERFACES_CONF'] = ''
@ -504,7 +509,10 @@ aaa port-access mac-based %(prise)s unauth-vid 1
# Ecriture # Ecriture
fd = self._open_conf(self.CONF_REP + switch + '.conf') fd = self._open_conf(self.CONF_REP + switch + '.conf')
fd.write(self.config % params) my_config = self.config
if has_dhcp_snooping:
my_config += self.dhcp_snooping_template
fd.write(my_config % params)
fd.close() fd.close()
if __name__ == '__main__' : if __name__ == '__main__' :