-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathO365-Routes.py
164 lines (145 loc) · 5.73 KB
/
O365-Routes.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
from junos import Junos_Context
from junos import Junos_Trigger_Event
from junos import Junos_Received_Events
from jnpr.junos import Device
from jnpr.junos.utils.config import Config
from jnpr.junos.exception import *
import jcs
import sys
import argparse
import json
import tempfile
import urllib.request
import uuid
import ssl
import re
arguments = {
'debug': 'enable debug output',
'config_group_name': 'junos configuration group name (default: O365)',
'routing_table': 'junos routing table where to put routes (default: inet.0, eg myroutingtable.inet.0 or <*>.inet.0)',
'route_target': '(Mandatory) junos route destination in xml (default: empty, eg "<next-hop>192.168.0.10</next-hop>")',
'tenantname': 'o365 tenant name (optionnal)',
'serviceareas': 'o365 service area (optionnal: Common | Exchange | SharePoint | Skype)',
'instance': 'o365 instance (default: Worldwide, Worldwide | China | Germany | USGovDoD | USGovGCCHigh)'
}
def main():
usage = """
This script collect o365 ip to create static routes in O365 Group
"""
print (usage)
parser = argparse.ArgumentParser(description='This is a script to collect o365 ip addresses.')
#Define the arguments accepted by parser
# which use the key names defined in the arguments dictionary
for key in arguments:
parser.add_argument(('-' + key), required=False, help=arguments[key])
args = parser.parse_args()
# Extract the value
debug = args.debug or None
config_group_name = args.config_group_name or 'O365'
routing_table = args.routing_table or 'inet.0'
route_target = args.route_target or None
if route_target is None:
print('route_target argument is required - eg "<next-hop>192.168.0.10</next-hop>"');
return
tenantname = args.tenantname or None
serviceareas = args.serviceareas or None
instance = args.instance or 'Worldwide'
routing_table_instance_name = re.search(r'(.+)\.inet\.0', routing_table) or None
if routing_table_instance_name is not None:
routing_table_instance_name = escape(routing_table_instance_name.group(1))
if routing_table != 'inet.0' and routing_table_instance_name is None:
print('routing_table wrong format - should be .*.inet.0');
return
clientRequestId = str(uuid.uuid4())
endpointSets = webApiGet('endpoints', instance, clientRequestId,tenantname,serviceareas)
flatIps = []
for endpointSet in endpointSets:
if endpointSet['category'] in ('Optimize', 'Allow'):
ips = endpointSet['ips'] if 'ips' in endpointSet else []
category = endpointSet['category']
# IPv4 strings have dots while IPv6 strings have colons
ip4s = [ip for ip in ips if '.' in ip]
tcpPorts = endpointSet['tcpPorts'] if 'tcpPorts' in endpointSet else ''
udpPorts = endpointSet['udpPorts'] if 'udpPorts' in endpointSet else ''
flatIps.extend([(category, ip, tcpPorts, udpPorts) for ip in ip4s])
if debug:
print('IPv4 Firewall IP Address Ranges')
print(','.join(sorted(set([ip for (category, ip, tcpPorts, udpPorts) in flatIps]))))
config_xml = """
<configuration>
<groups>
<name>{0}</name>
""".format(config_group_name).strip()
if routing_table_instance_name is not None:
config_xml = config_xml + """
<routing-instances>
<instance>
<name>{0}</name>
""".format(routing_table_instance_name).strip()
config_xml = config_xml + """
<routing-options>
<static>
"""
i=0
for flatIp in flatIps:
i += 1
config_xml = config_xml + """
<route>
<name>{0}</name>
{1}
</route>
""".format(flatIp[1],route_target).strip()
config_xml = config_xml + """
</static>
</routing-options>
"""
if routing_table_instance_name is not None:
config_xml = config_xml + """
</instance>
</routing-instances>
"""
config_xml = config_xml + """
</groups>
</configuration>
"""
if debug:
print(config_xml)
dev = Device()
dev.open()
try:
with Config(dev, mode="exclusive") as cu:
print (" Loading and committing configuration changes")
cu.load(config_xml, format="xml")
if debug:
cu.pdiff()
diff = cu.diff()
if diff is not None:
cu.commit()
except Exception as err:
print (err)
dev.close()
return
dev.close()
# helper to call the webservice and parse the response
def webApiGet(methodName, instanceName, clientRequestId,TenantName=None,ServiceAreas=None):
ws = "https://endpoints.office.com"
requestPath = ws + '/' + methodName + '/' + instanceName + '?clientRequestId=' + clientRequestId
if TenantName is not None:
requestPath = requestPath + '&TenantName=' + TenantName
if ServiceAreas is not None:
requestPath = requestPath + '&ServiceAreas=' + ServiceAreas
ssl_context = ssl._create_unverified_context()
request = urllib.request.Request(requestPath)
with urllib.request.urlopen(request,context=ssl_context) as response:
return json.loads(response.read().decode())
def escape(s, quote=None):
'''Replace special characters "<" and ">" to HTML-safe sequences.
If the optional flag quote is true, the quotation mark character (")
is also translated.'''
s = s.replace("<", "<")
s = s.replace(">", ">")
if quote:
s = s.replace('"', """)
return s
if __name__ == "__main__":
main()