Netwalk is a Python library to discover, parse, analyze and change Cisco switched networks

Related tags

Networkingpythoncisconetwork
Overview

Netwalk

Netwalk is a Python library born out of a large remadiation project aimed at making network device discovery and management as fast and painless as possible.

Installation

Can be installed via pip with pip install git+ssh://[email protected]/icovada/netwalk.git

Extras

A collection of scripts with extra features and examples is stored in the extras folder

Code quality

A lot of the code is covered by tests. More will be added in the future

Fabric

This object type defines an entire switched network and can be manually populated, have switches added one by one or you can give it one or more seed devices and it will go and scan everything for you.

Auto scanning example:

from netwalk import Fabric
sitename = Fabric()
sitename.init_from_seed_device(seed_hosts=["10.10.10.1"],
                               credentials=[("cisco","cisco"),("customer","password")]
                               napalm_optional_args=[{'secret': 'cisco'}, {'transport': 'telnet'}])

This code will start searching from device 10.10.10.1 and will try to log in via SSH with cisco/cisco and then customer/password. Once connected to the switch it will pull and parse the running config, the mac address table and the cdp neighbours, then will start cycling through all neighbours recursively until the entire fabric has been discovered

Note: you may also pass a list of napalm_optional_args, check the NAPALM optional args guide for explanation and examples

Manual addition of switches

You can tell Fabric to discover another switch on its own or you can add a Switch object to .switches. WHichever way, do not forget to call refresh_global_information to recalculate neighborships and global mac address table

Example

sitename.add_switch(seed_hosts=["10.10.10.1"],
                    credentials=[("cisco","cisco"))
sitename.refresh_global_information()

Note: you may also pass a list of napalm_optional_args, check the optional args guide for explanation and examples

Structure

sitename will now contain two main attributes:

  • switches, a dictionary of {'hostname': Switch}
  • mac_table, another dictionary containing a list of all macs in the fabric, the interface closest to them

Switch

This object defines a switch. It can be created in two ways:

Automatic connection

from netwalk import Switch
sw01 = Switch(hostname="10.10.10.1")
sw01.retrieve_data(username="cisco",
                   password="cisco"})

Note: you may also pass a list of napalm_optional_args, check the optional args guide for explanation and examples

This will connect to the switch and pull all the data much like add_switch() does in Fabric

Init from show run

You may also generate the Switch device from a show run you have extracted somewhere else. This will not give you mac address table or neighborship discovery but will generate all Interfaces in the switch

from netwalk import Switch

showrun = """
int gi 0/1
switchport mode access
...
int gi 0/24
switchport mode trunk
"""

sw01 = Switch(hostname="10.10.10.1", config=showrun)

Structure

A Switch object has the following attributes:

  • hostname: the IP or hostname to connect to
  • config: string containing plain text show run
  • interfaces: dictionary of {'interface name', Interface}}
  • mac_table: a dictionary containing the switch's mac address table

Interface

An Interface object defines a switched interface ("switchport" in Cisco language) and can hold data about its configuration such as:

  • name
  • description
  • mode: either "access" or "trunk"
  • allowed_vlan: a set() of vlans to tag
  • native_vlan
  • voice_vlan
  • switch: pointer to parent Switch
  • is_up: if the interface is active
  • is_enabled: shutdown ot not
  • config: its configuration
  • mac_count: number of MACs behind it
  • type_edge: also known as "portfast"
  • bpduguard

Printing an interface yelds its configuration based on its current attributes

Trick

Check a trunk filter is equal on both sides

assert int.allowed_vlan == int.neighbors[0].allowed_vlan

Check a particular host is in vlan 10

from netaddr import EUI
host_mac = EUI('00:01:02:03:04:05')
assert fabric.mac_table[host_mac]['interface'].native_vlan == 10
You might also like...
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

Oli Zimmermann 1 Jan 11, 2022
A python tool auto change proxy or ip after dealy time set by user
A python tool auto change proxy or ip after dealy time set by user

Auto proxy Ghost This tool auto change proxy or ip after dealy time set by user how to run 1. Install required file ./requirements.sh 2.Enter command

Harsh Tagra 0 Feb 23, 2022
This python script can change the mac address after some attack

MAC-changer Hello people, this python script was written for people who want to change the mac address after some attack, I know there are many ways t

null 5 Oct 10, 2022
These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status
These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status

Spam Call and Toll Fraud Mitigation Cisco Expressway release X14 is able to mitigate spam calls and toll fraud attempts by jailing the spam IP address

Luca Pellegrini 6 Aug 5, 2022
With the use of this tool, you can change your MAC address

Akshat0404/MAC_CHANGER This tool has to be used on linux kernel. Now o

null 1 Jan 25, 2022
It's a little project for change MAC address, for ethical hacking purposes

MACChangerPy It's a small project for MAC address change, for ethical hacking purposes, don't use it for bad purposes, any infringement will be your r

Erick Adriano Nunes da Silva 1 Mar 11, 2022
NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX 12k Jan 2, 2023
BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks.
BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks.

BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks. The key intuition of BaseSpec is that a message decoder in baseband software embeds the protocol specification in a machine-friendly structure to parse incoming messages;

SysSec Lab 35 Dec 6, 2022
Evaluation of TCP BBRv1 in wireless networks

The Network Simulator, Version 3 Table of Contents: An overview Building ns-3 Running ns-3 Getting access to the ns-3 documentation Working with the d

null 3 Nov 1, 2021
Comments
  • _parse_config() in `netwalk/device.py` is not parsing the running config correctly

    _parse_config() in `netwalk/device.py` is not parsing the running config correctly

    netwalk/device.py has a pretty bad bug as of git hash efd5b8d5affd877df4739a639b2d2762c4d94057... explicitly:

        def _parse_config(self):
        """Parse show run
        """
        if isinstance(self.config, str):
            running = StringIO()
            running.write(self.config)

            # Be kind rewind
            running.seek(0)

            # Get show run and interface access/trunk status
            parsed_conf = CiscoConfParse(running)

    You are asking CiscoConfParse() to parse a configuration from a string. This is broken... you should be parsing a list, tuple or MutableSequence()... as such, this is one possible way to fix your call to CiscoConfParse():

    • this assumes running is a string... you can fix the problem by parsing running.splitlines()...
                assert isinstance(running, str)
            parsed_conf = CiscoConfParse(running.splitlines())
    opened by mpenning 3
  • Pass arbitrary neighbour filters

    Pass arbitrary neighbour filters

    Allow to specify filters when discovering switches

    https://github.com/icovada/netwalk/blob/1d4b26c1978fe818aee2eceadf396d063f5d8904/netwalk/fabric.py#L163

    opened by icovada 1
  • Interface grouping

    Interface grouping

    Implement interface grouping.

    • [x] - Add parent_interface = None attribute to Interface object

    • [x] - Define a LAG(Interface) object with the following attributes:

      • List[Interface]: child_interfaces: a list of aggregated interfaces

      It will also have a method add_child(Interface) which will append an Interface object to child_interfaces and set the parameter's .parent_interface to self

    • [x] - Add Vpc(LAG) and PortChannel(LAG) objects and their respective config parsers and generators

    opened by icovada 0
Releases(v1.1.4)
Owner
GitHub Repository
Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily connect

wifi-password Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily connect. Works on macOS and Li

Siddharth Dushantha 2.6k Jan 05, 2023
API for concurrency connections

Multi-connection-server-API API for concurrency connections difference between this server and the echo server is the call to lsock.setblocking(False)

Muziwandile Nkomo 1 Jan 04, 2022
simple subdomain finder

Subdomain-finder Simple SubDomain finder using python which is easy to use just download and run it Wordlist you can use your own wordlist but here i

AsjadOwO 5 Sep 24, 2021
Automatically block traffic on Cloudflare's side based on Nginx Log parsing.

AutoRL This is a PoC of automatically block traffic on Cloudflare's side based on Nginx Log parsing. It will evaluate Nginx access.log and find potent

Nova Kwok 62 Dec 28, 2022
Dos attack a Bluetooth connection!

Bluetooth Denial of service Script made for attacking Bluetooth Devices By Samrat Katwal. Warning This project was created only for fun purposes and p

Samrat 1 Oct 29, 2021
The World Most Fastest Proxy Checker In Python, Maybe?!

The World's Most Fastest Proxy Checker In Python, Maybe?! Features Based on Python 3.7+ Save Valid Porixes into the custom file Multi-Thread Fully Asy

Cyber 4 Feb 10, 2022
ANalyse is a vehicle network analysis and attack tool.

CANalyse is a tool built to analyze the log files to find out unique datasets automatically and able to connect to simple user interfaces suc

0xh3nry 87 Dec 18, 2022
Simple reverse backdoor utility, that uses sockets to communicate.

reverse_backdoor Simple reverse backdoor utility, that uses sockets to communicate. How to use Run rev_bd_listener.py using command below: $ python3 r

1 Dec 10, 2021
Base on browser-time to get har from network, and use python to analyze the data .

base on browser-time to get har from network, and use python to analyze the data

1 Dec 20, 2021
Qobuz-rpc - A simple discord rich presence client for qobuz written in Python

qobuz-rpc A simple discord rich presence client for qobuz written in Python It's

Raphael O. 13 Dec 15, 2022
Truetool - A TrueCharts automatic and bulk update utility

truetool A easy tool for frequently used TrueNAS SCALE CLI utilities. Previously

TrueCharts 125 Jan 04, 2023
snappi-trex is a snappi plugin that allows executing scripts written using snappi with Cisco's TRex Traffic Generator

snappi-trex snappi-trex is a snappi plugin that allows executing scripts written using snappi with Cisco's TRex Traffic Generator Design snappi-trex c

Open Traffic Generator 14 Sep 07, 2022
A repo with study material, exercises, examples, etc for Devnet SPAUTO

MPLS in the SDN Era -- DevNet SPAUTO All of the study notes have now been moved to use auto-generated documentation to build a static site with Githu

Hugo Tinoco 67 Nov 16, 2022
This script will make it easier to connect to any wireguard vpn config

wireguard-linux-python-script-vpn This script will make it easier to connect to any wireguard vpn config also u will need your wireguard vpn from your

Jimo 1 Sep 21, 2022
BLE parser for passive BLE advertisements

This pypi package is parsing BLE advertisements to readable data for several sensors and can be used for device tracking, as long as the MAC address is static. The parser was originally developed as

Ernst Klamer 19 Dec 26, 2022
Utility for converting IP Fabric webhooks into a Teams format.

IP Fabric Webhook Integration for Microsoft Teams and/or Slack Setup IP Fabric Setup Go to Settings Webhooks Add webhook Provide a name URL will b

Community Fabric 1 Jan 26, 2022
This python script can change the mac address after some attack

MAC-changer Hello people, this python script was written for people who want to change the mac address after some attack, I know there are many ways t

5 Oct 10, 2022
Easily share folders between VMs.

This package aims to solve the problem of inter-VM file sharing (rather than manual copying) by allowing a VM to mount folders from any other VM's file system (or mounted network shares).

Rudd-O 12 Oct 17, 2022
This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file

IP-ARP-Vendor_lookup This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file Why? Answers the questi

Stew Alexander 1 Dec 24, 2022
This script aims to make the dynamic public ip of your local server, public.

EZ DDNS CLOUDFLARE This script aims to make the dynamic ip of your local server, public. It does this by regularly updating cloudflare's dns record. B

3 Feb 13, 2022