1
2
3 __docformat__ = 'restructuredtext'
4 __version__ = '$Id$'
5
6 import __builtin__
7 from routerdefense.common import *
8
9 from xml import *
10
12 """GLBP configuration assessment."""
13
14 glbpConfigured = []
15 for index in ifaceCfg:
16 glbpConfigured = search_re_multi_string(index.configuration,'glbp .* ip .*')
17 if len(glbpConfigured) >= 1:
18 for indexInstance in glbpConfigured:
19 glbpInstance = indexInstance.split(' ')[1]
20 authentication = 'glbp ' + glbpInstance + ' authentication md5 key-string .*'
21 if search_re_string(index.configuration,authentication) is None:
22 glbp.auth_md5['must_report'] = True
23
24 if glbp.auth_md5['must_report'] == True:
25 items = search_xml('glbpMD5')
26 cvssMetrics = str(cvss_score(items[5]))
27 glbp.auth_md5 = {
28 "must_report": True,
29 "fixImpact": (items[0]),
30 "definition": (items[1]),
31 "threatInfo": (items[2]),
32 "howtofix": (items[3]),
33 "cvss": (cvssMetrics)}
34
35 toBeReturned = ''
36 if glbp.auth_md5['must_report'] == True:
37 toBeReturned = glbp.auth_md5['definition'] + '\n' + glbp.auth_md5['threatInfo'] + '\n\n' + glbp.auth_md5['howtofix'] + '\n'
38
39 return toBeReturned
40
41
43 hsrpConfigured = []
44 for index in ifaceCfg:
45 hsrpConfigured = search_re_multi_string(index.configuration,'hsrp .* ip .*')
46 if len(hsrpConfigured) >= 1:
47 for indexInstance in hsrpConfigured:
48 hsrpInstance = indexInstance.split(' ')[1]
49 authentication = 'hsrp ' + hsrpInstance + ' authentication md5 key-string .*'
50 if search_re_string(index.configuration,authentication) is None:
51 hsrp.auth_md5['must_report'] = True
52
53 if hsrp.auth_md5['must_report'] == True:
54 items = search_xml('hsrpMD5')
55 cvssMetrics = str(cvss_score(items[5]))
56 hsrp.auth_md5 = {
57 "must_report": True,
58 "fixImpact": (items[0]),
59 "definition": (items[1]),
60 "threatInfo": (items[2]),
61 "howtofix": (items[3]),
62 "cvss": (cvssMetrics)}
63
64 toBeReturned = ''
65 if hsrp.auth_md5['must_report'] == True:
66 toBeReturned = hsrp.auth_md5['definition'] + '\n' + hsrp.auth_md5['threatInfo'] + '\n\n' + hsrp.auth_md5['howtofix'] + '\n'
67
68 return toBeReturned
69
71 """VRRP configuration assessment."""
72
73 vrrpConfigured = []
74 for index in ifaceCfg:
75 vrrpConfigured = search_re_multi_string(index.configuration,'vrrp .* ip .*')
76 if len(vrrpConfigured) >= 1:
77 for indexInstance in vrrpConfigured:
78 vrrpInstance = indexInstance.split(' ')[1]
79 authentication = 'vrrp ' + vrrpInstance + ' authentication md5 key-string .*'
80 if search_re_string(index.configuration,authentication) is None:
81 vrrp.auth_md5['must_report'] = True
82
83 if vrrp.auth_md5['must_report'] == True:
84 items = search_xml('vrrpMD5')
85 cvssMetrics = str(cvss_score(items[5]))
86 vrrp.auth_md5 = {
87 "must_report": True,
88 "fixImpact": (items[0]),
89 "definition": (items[1]),
90 "threatInfo": (items[2]),
91 "howtofix": (items[3]),
92 "cvss": (cvssMetrics)}
93
94 toBeReturned = ''
95 if vrrp.auth_md5['must_report'] == True:
96 toBeReturned = vrrp.auth_md5['definition'] + '\n' + vrrp.auth_md5['threatInfo'] + '\n\n' + vrrp.auth_md5['howtofix'] + '\n'
97
98 return toBeReturned
99