#coding=utf-8 require "aio/core" class Aio::Module::OutputStyle::Citic < Aio::Module::OutputStyle include Aio::Ui::Verbose include Aio::Device def initialize super({ :author => "Elin", :description => "此模块用于中信银行接口查询", :file_suffix => "txt", }) @report = {} end def generate file = File.new(output_file, "w+") device_manager.devices.each_key do |device_name| device_klass = device_manager[device_name] # 当不是需要的设备类型时 unless device_klass.kind_of?(Cisco) or device_klass.kind_of?(H3C) print_error "#{device_name} 不在检查设备类型内" next end # 当没有信息的时候,跳过 unless device_klass.configuration? print_error "#{device_name} 没有配置信息" next end device_klass.configuration_interfaces.each_pair do |iface, cont| config = cont.split("\n") # 当接口是关闭的,那么跳过 if config.include?('shutdown') next # 当接口是三层接口,那么跳过 elsif config.to_s.match(/ip address/) next # 当接口是access elsif config.to_s.match(/port access/) check_access(device_klass, iface, config) # 当接口是trunk elsif config.to_s.match(/port mode|link-type trunk/) check_trunk(device_klass, iface, config) # 如有既不是access 也不是 trunk 则报错 else report_error(device_name, iface, '未做配置') end end end file.write(puts_report) end def report_error(device_name, iface, msg) @report[device_name] ||= [] @report[device_name] << [iface, msg] end # 检查access接口配置是否齐全 def check_access(device_klass, iface, config) ck = false # 当是思科 =begin switchport access vlan switchport mode access switchport port-security switchport port-security mac-address 或者 switchport access vlan switchport mode access authentication port-control auto authentication violation protect dot1x pae authenticator 或者 switchport access vlan switchport mode access dot1x mac-auth-bypass dot1x pae authenticator dot1x port-control auto =end if device_klass.kind_of? Cisco point = 0b000000000 # switchport port-security mac-address 只能出现一次 mac_first = true config.each do |c| case c when /^switchport access vlan/ # 1 point += 0b000000001 when /^switchport mode access$/ # 2 point += 0b000000010 when /^switchport port-security$/ # 3 point += 0b000000100 when /^switchport port-security mac-address/ # 4 point += 0b000001000 if mac_first mac_first = false when /^authentication port-control auto$/ # 5 point += 0b000010000 when /^authentication violation protect$/ # 6 point += 0b000100000 when /^dot1x pae authenticator$/ # 7 point += 0b001000000 when /^dot1x mac-auth-bypass$/ # 8 point += 0b010000000 when /^dot1x port-control auto$/ # 9 point += 0b100000000 end end if point == 0b000001111 or point == 0b001110011 or point == 0b111000011 or point == 0b001010011 ck = true end # 当是H3C的时候 =begin port link-mode bridge port access vlan stp edged-port mac-address max-mac-count 0 undo mac-address max-mac-count enable-forwarding mac-address static =end elsif device_klass.kind_of? H3C point = 0b000000 config.each do |c| case c when /^port link-mode bridge$/ point += 0b000001 when /^port access vlan$/ point += 0b000010 when /^stp edged-port$/ point += 0b000100 when /^mac-address max-mac-count 0$/ point += 0b001000 when /^undo mac-address max-mac-count enable-forwarding$/ point += 0b010000 when /^mac-address static$/ point += 0b100000 end end if point == 0b0011111 or point == 0b1100011 ck = true end end report_error(device_klass.name, iface, 'access 接口配置不完全') unless ck return ck end # 检查trunk接口配置是否齐全 def check_trunk(device_klass, iface, config) ck = false if device_klass.kind_of? Cisco ck = true if config.include?('switchport mode trunk') elsif device_klass.kind_of? H3C ck = true if config.include?('port link-type trunk') else return false end report_error(device_klass.name, iface, 'trunk 接口配置不完全') unless ck return ck end def puts_report arr = [] @report.each_pair do |device_name, e| tb = init_table(device_name) e.each { |row| tb << row } arr << tb end arr.join("\n") end def init_table(header) col = ['接口', '错误配置信息'] table = Aio::Base::Toolkit::Table.new( 'Header' => header, 'Columns' => col, 'Indent' => 4, 'HeaderIndent' => 2 ) table.sort_index = -1 table end end