Fetch command output - obfuscations (#99)

* add IP and MAC obfuscation * Add obfuscate strings
napalm-automation-community · Apr 24, 2024 · 092f595 · 092f595
1 parent 6062084
commit 092f595
Show file tree

Hide file tree

Showing 3 changed files with 88 additions and 48 deletions.
diff --git a/test/unit/commands.in b/test/unit/commands.in
diff --git a/test/unit/fetch_command_output.cfg b/test/unit/fetch_command_output.cfg
@@ -18,6 +18,7 @@ COMMANDS=()
 # system info
 COMMANDS+=("show version")
 COMMANDS+=("show system")
+COMMANDS+=("show version")
 COMMANDS+=("show inventory")
 
 # config commands
@@ -45,3 +46,7 @@ COMMANDS+=("show lldp neighbors $LLDPINTERFACE")
 # ntp commands
 COMMANDS+=("show sntp status")
 
+OBFUSCATE=()
+OBFUSCATE+=("sw-cb-&&&switch-")
+OBFUSCATE+=("PSZ21221ECM&&&ABC12234XYZ")
+OBFUSCATE+=("CZ;Ceske Budejovice;Rudolfovska 83;vr&&&Something;Somewhere;Somestreet;others")
diff --git a/test/unit/fetch_command_output.sh b/test/unit/fetch_command_output.sh
@@ -152,6 +152,88 @@ do
 
     echo "## Fetching '$CMD' to '$CMDSTR.txt'"
     # --debug
-    echo -e "$(napalm --user "$DEVUSERNAME" --password "$DEVPASSWORD" --vendor "$VENDOR" "$DEVICE" call --method-kwargs "command='$CMD'" "$METHOD" | sed 's/^"//;s/"$//;s/\\"/"/g')" > "$CMDFILE"
+    set -x 
+    echo -e "$(napalm --debug --user "$DEVUSERNAME" --password "$DEVPASSWORD" --vendor "$VENDOR" "$DEVICE" call --method-kwargs "command='$CMD'" "$METHOD" | sed 's/^"//;s/"$//;s/\\"/"/g')" > "$CMDFILE"
+    set +x
 done
 
+echo "#### Preparing obfuscate script"
+echo "## IP addresses"
+IPs=$(cat "$CODIR/$TYPE/"*.txt \
+    | sed -rn 's/.*[^0-9\.](([0-9]{1,3}\.){3}[0-9]{1,3})[^0-9\.].*/\1/gp' \
+    | sort \
+    | uniq
+)
+echo $IPs
+
+for a in $IPs
+do
+    oa=${a}
+    oa=${oa//1/3}
+    oa=${oa//2/3}
+    oa=${oa//4/3}
+    oa=${oa//5/3}
+    oa=${oa//6/7}
+    oa=${oa//8/7}
+    oa=${oa//9/7}
+
+    oa=" -e s/$a/$oa/g "
+
+    oIPs="$oIPs$oa "
+done
+
+echo "## MAC addresses"
+MACs=$(cat "$CODIR/$TYPE/"*.txt \
+    | sed -rn -e 's/.*[^0-9\.:a-f-](([[:xdigit:]]{2}[:.-]?){5}[[:xdigit:]]{2})[^0-9\.:a-f-].*/\1/gp' \
+    | sort \
+    | uniq 
+)
+echo $MACs
+
+for m in $MACs
+do
+    om=${m}
+    om=${om//1/2}
+    om=${om//3/2}
+    om=${om//6/2}
+    om=${om//8/2}
+    om=${om//b/2}
+    om=${om//e/2}
+    om=${om//4/a}
+    om=${om//5/a}
+    om=${om//7/a}
+    om=${om//9/a}
+    om=${om//c/a}
+    om=${om//d/a}
+
+    om=" -e s/$m/$om/g "
+
+    oMACs="$oMACs$om "
+done
+
+echo "## Obfuscate IPs and MACs"
+echo oIPS=$oIPs
+echo oMACs=$oMACs
+set -x 
+sed -r -iOBF $oMACs $oIPs "$CODIR/$TYPE/"*.txt
+set +x
+
+echo "## Obfuscate strings from OBFUSCATE config variable"
+
+for s in "${OBFUSCATE[@]}"
+do
+    f="${s%%&&&*}"
+    t="${s##*&&&}"
+    oSTR="${oSTR}s/$f/$t/g;"
+done
+
+echo $oSTR
+sed -r -iSTR -e "$oSTR" "$CODIR/$TYPE/"*.txt
+
+
+
+echo "###################################################"
+echo "## Do not forget obfuscate other output:         ##"
+echo "##   passwords, secrets, keys, certificates      ##"
+echo "##   descriptions, names and other ...           ##"
+echo "###################################################"