Authorisation des ip des dhcp légitimes
This commit is contained in:
parent
d1b4f56913
commit
adf81b8b3a
2 changed files with 7 additions and 1 deletions
3
main.py
3
main.py
|
@ -66,8 +66,9 @@ def preprocess(switch):
|
|||
dhcpv6_snooping_vlans = [vlan["vlan_id"] for vlan in all_vlans if vlan["dhcpv6_snooping"]]
|
||||
ntp_servers = [server["servers"] for server in all_roles if server["role_type"] == "ntp-server"][0]
|
||||
log_servers = [server["servers"] for server in all_roles if server["role_type"] == "log-server"][0]
|
||||
dhcp_servers = [server["servers"] for server in all_roles if server["role_type"] == "dhcp"][0]
|
||||
|
||||
return {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers}
|
||||
return {'ra_guarded' : ra_guarded, 'loop_protected' : loop_protected, 'vlans' : vlans, 'arp_protect_vlans' : arp_protect_vlans, 'dhcp_snooping_vlans' : dhcp_snooping_vlans, 'dhcpv6_snooping_vlans' : dhcpv6_snooping_vlans, 'ntp_servers': ntp_servers, 'log_servers': log_servers, 'dhcp_servers' : dhcp_servers}
|
||||
|
||||
print("gen tpl")
|
||||
conf = template.render(switch=all_switchs[2], additionals=preprocess(all_switchs[2]))
|
||||
|
|
|
@ -88,6 +88,11 @@ aaa port-access mac-based addr-format multi-colon
|
|||
no cdp run
|
||||
{%- if additionals.dhcp_snooping_vlans %}
|
||||
;--- DHCP Snooping ---
|
||||
{%- for server in additionals.dhcp_servers %}
|
||||
{%- for interface in server.interface %}
|
||||
dhcp-snooping authorized-server {{ interface.ipv4 }}
|
||||
{%- endfor %}
|
||||
{%- endfor %}
|
||||
dhcp-snooping vlan {{ additionals.dhcp_snooping_vlans|join(' ') }}
|
||||
dhcp-snooping
|
||||
{%- endif %}
|
||||
|
|
Loading…
Reference in a new issue