From b1c5cd9eb2a4d47726d559d8f3e1506ec7f78219 Mon Sep 17 00:00:00 2001 From: Maxim Mamontov Date: Wed, 12 Dec 2012 21:31:40 +0200 Subject: [PATCH 1/1] Implemented script generation. --- include/switch.h | 7 ++++--- src/acl.cpp | 10 +++++----- src/switch.cpp | 40 +++++++++++++++++++++++++++------------- 3 files changed, 36 insertions(+), 21 deletions(-) diff --git a/include/switch.h b/include/switch.h index 351d162..bf585c5 100644 --- a/include/switch.h +++ b/include/switch.h @@ -3,6 +3,7 @@ #include #include +#include class Snmp; class CTarget; @@ -53,9 +54,9 @@ class Switch { bool _aclsCreated; bool checkProfiles(const CTarget & target); - bool dropACLs(const CTarget & target); - bool dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table); - bool createACLs(const CTarget & target); + bool dropACLs(const CTarget & target, std::ostream & stream); + bool dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table, std::ostream & stream); + bool createACLs(const CTarget & target, std::ostream & stream); }; } diff --git a/src/acl.cpp b/src/acl.cpp index a882182..a835f0e 100644 --- a/src/acl.cpp +++ b/src/acl.cpp @@ -117,27 +117,27 @@ std::ostream & GTS::operator<<(std::ostream & stream, const ACL & acl) oidValue = swACLEtherRuleDstMacAddress; oidValue += acl.getSuffix(); } - stream << oidValue << ":" << acl._mac << " "; + stream << oidValue << " x " << acl._mac << " "; // Permit rule oidValue = swACLEtherRulePermit; oidValue += acl.getSuffix(); - stream << oidValue << ":" << 2 << " "; + stream << oidValue << " i " << 2 << " "; // Port oidValue = swACLEtherRulePort; oidValue += acl.getSuffix(); - stream << oidValue << ":" << acl._port << " "; + stream << oidValue << " x " << acl._port << " "; // Shape oidValue = swACLEtherRuleRxRate; oidValue += acl.getSuffix(); - stream << oidValue << ":" << acl._shape << " "; + stream << oidValue << " i " << acl._shape << " "; // Create ACL oidValue = swACLEtherRuleRowStatus; oidValue += acl.getSuffix(); - stream << oidValue << ":" << 4; + stream << oidValue << " i " << 4; return stream; } diff --git a/src/switch.cpp b/src/switch.cpp index 1fb0d66..8b7e281 100644 --- a/src/switch.cpp +++ b/src/switch.cpp @@ -1,3 +1,5 @@ +#include +#include #include #include "snmp_pp/snmp_pp.h" @@ -67,7 +69,7 @@ Switch::~Switch() return; } - if (!dropACLs(target)) { + if (!dropACLs(target, std::cerr)) { logger << "Switch::~Switch() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl; return; } @@ -127,14 +129,22 @@ void Switch::sync() return; } - if (!dropACLs(target)) { - logger << "Switch::sync() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl; - return; - } + { + std::string fileName(_ip + ".sh"); + std::string newFileName(fileName + ".new"); + std::ofstream script(newFileName.c_str()); + script << "#!/bin/sh\n"; + if (!dropACLs(target, script)) { + logger << "Switch::sync() - failed to drop ACLs for the switch '" << _ip << "'" << std::endl; + return; + } - if (!createACLs(target)) { - logger << "Switch::sync() - failed to create ACLs for the switch '" << _ip << "'" << std::endl; - return; + if (!createACLs(target, script)) { + logger << "Switch::sync() - failed to create ACLs for the switch '" << _ip << "'" << std::endl; + return; + } + script.close(); + rename(newFileName.c_str(), fileName.c_str()); } if (_settings.isDebug()) { @@ -164,7 +174,7 @@ bool Switch::checkProfiles(const CTarget & target) return false; } -bool Switch::dropACLs(const CTarget & target) +bool Switch::dropACLs(const CTarget & target, std::ostream & stream) { std::string upOidValue(swACLEtherRuleAccessID); upOidValue += "."; @@ -183,13 +193,13 @@ bool Switch::dropACLs(const CTarget & target) return false; } if (!aclsUpTable.empty()) { - if (!dropACLsByTable(target, _settings.upProfileId(), aclsUpTable)) { + if (!dropACLsByTable(target, _settings.upProfileId(), aclsUpTable, stream)) { logger << "Switch::dropACLs() - failed to drop acls from upload table for the switch '" << _ip << "'" << std::endl; return false; } } if (!aclsDownTable.empty()) { - if (!dropACLsByTable(target, _settings.downProfileId(), aclsDownTable)) { + if (!dropACLsByTable(target, _settings.downProfileId(), aclsDownTable, stream)) { logger << "Switch::dropACLs() - failed to drop acls from download table for the switch '" << _ip << "'" << std::endl; return false; } @@ -197,7 +207,7 @@ bool Switch::dropACLs(const CTarget & target) return true; } -bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table) +bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const SNMPTable & table, std::ostream & stream) { std::string dropACLOidPrefix(swACLEtherRuleRowStatus); dropACLOidPrefix += "."; @@ -207,6 +217,7 @@ bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const S size_t chunks = aclsList.size() / _settings.maxACLPerPDU() + 1; for (size_t i = 0; i < chunks && it != aclsList.end(); ++i) { Pdu pdu; + stream << "snmpset -v2c -cgts_community_w " << _ip; for (size_t j = 0; j < _settings.maxACLPerPDU() && it != aclsList.end(); ++j, ++it) { int id; if (int c = it->get_value(id) != SNMP_CLASS_SUCCESS) { @@ -219,7 +230,9 @@ bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const S Vb vb(Oid(dropACLOid.c_str())); vb.set_value(int(6)); pdu += vb; + stream << " " << dropACLOid << " i 6"; } + stream << "\n"; if (int c = _snmp.set(pdu, target) != SNMP_CLASS_SUCCESS) { if (c != SNMP_ERROR_TOO_BIG) { logger << "Switch::dropACLsByTable() - failed to invoke Snmp::set for the switch '" << _ip << "'. Error message: '" << Snmp::error_msg(c) << "'" << std::endl; @@ -230,7 +243,7 @@ bool Switch::dropACLsByTable(const CTarget & target, unsigned profileId, const S return true; } -bool Switch::createACLs(const CTarget & target) +bool Switch::createACLs(const CTarget & target, std::ostream & stream) { std::vector::const_iterator it; size_t pos = 0; @@ -247,6 +260,7 @@ bool Switch::createACLs(const CTarget & target) pdu.clear(); _aclsCreated = true; ++pos; + stream << "snmpset -v2c -cgts_community_w " << _ip << " " << *it << "\n"; } return true; } -- 2.44.2