Parse, Audit, Query, Build, and Modify Cisco IOS-style and JunOS-style configs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mpenning from gravatar.com mpenning

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License (GPL), GNU General Public License v3 (GPLv3)
  • Author: Mike Pennington
  • Tags ASA, Cisco, Cisco IOS, Juniper, NXOS, Parse, audit, modify, query
  • Requires: Python >=3.9
  • Provides-Extra: dev
Classifiers

Project description

logo

ciscoconfparse2

git commits Version Downloads License Hatch project

SonarCloud SonarCloud Maintainability Rating SonarCloud Lines of Code SonarCloud Bugs SonarCloud Code Smells SonarCloud Tech Debt

Introduction: What is ciscoconfparse2?

Summary

ciscoconfparse2 is similar to an advanced grep and diff that handles multi-vendor network configuration files (such as those from Arista, Cisco, F5, Juniper, Palo Alto, etc); it is the next generation of ciscoconfparse, which was the primary development package from 2007 until 2023.

A ciscoconfparse2 example

Assume you have a bunch of interfaces in a configuration. How do you find which ones are shutdown?

One way is manually reading the whole Cisco IOS-XE configuration. Another option is ciscoconfparse2

>>> from ciscoconfparse2 import CiscoConfParse
>>>
>>> parse = CiscoConfParse('/path/to/config/file')
>>> intf_cmds = parse.find_parent_objects(['interface', 'shutdown'])
>>>
>>> shut_intf_names = [" ".join(cmd.split()[1:]) for cmd in intf_cmds]
>>>
>>> shut_intf_names
['GigabitEthernet1/5', 'TenGigabitEthernet2/2', 'TenGigabitEthernet2/3']
>>>

Another ciscoconfparse2 example

Assume you have this IOS-XR bgp configuration:

router bgp 65534
  bgp router-id 10.0.0.100
  address-family ipv4 unicast
  !
  neighbor 10.0.0.37
    remote-as 64000
    route-policy EBGP_IN in
    route-policy EBGP_OUT out
  !
  neighbor 10.0.0.1
    remote-as 65534
    update-source Loopback0
    route-policy MANGLE_IN in
    route-policy MANGLE_OUT out
      next-hop-self
  !
  neighbor 10.0.0.34
    remote-as 64000
    route-policy EBGP_IN in
    route-policy EBGP_OUT out

You can generate the list of EBGP peers pretty quickly with this script:

from ciscoconfparse2 import CiscoConfParse

parse = CiscoConfParse('/path/to/config/file')   # Or read directly from a list of strings

# Get all neighbor configuration branches
branches = parse.find_object_branches(('router bgp',
                                       'neighbor',
                                       'remote-as'))

# Get the local BGP ASN
bgp_cmd = branches[0][0]
local_asn = bgp_cmd.split()[-1]

# Find EBGP neighbors for any number of peers
for branch in branches:
    neighbor_addr = branch[1].split()[-1]
    remote_asn = branch[2].split()[-1]
    if local_asn != remote_asn:
        print("EBGP NEIGHBOR", neighbor_addr)

When you run that, you'll see:

$ python example.py
EBGP NEIGHBOR 10.0.0.37
EBGP NEIGHBOR 10.0.0.34
$

There is a lot more possible; see the tutorial.

CLI Tool

ciscoconfparse2 distributes a CLI tool that will diff and grep various network configuration or text files.

API Examples

The API examples are documented on the web

Why

ciscoconfparse2 is a Python library that helps you quickly search for questions like these in your router / switch / firewall / load-balancer / wireless text configurations:

  • What interfaces are shutdown?
  • Which interfaces are in trunk mode?
  • What address and subnet mask is assigned to each interface?
  • Which interfaces are missing a critical command?
  • Is this configuration missing a standard config line?

It can help you:

  • Audit existing router / switch / firewall / wlc configurations
  • Modify existing configurations
  • Build new configurations

Speaking generally, the library examines a text network config and breaks it into a set of linked parent / child relationships. You can perform complex queries about these relationships.

Cisco IOS config: Parent / child

What changed in ciscoconfparse2?

In late 2023, I started a rewrite because ciscoconfparse is too large and has some defaults that I wish it didn't have. I froze ciscoconfparse PYPI releases at version 1.9.41; there will be no more ciscoconfparse PYPI releases.

What do you do? Upgrade to ciscoconfparse2!

Here's why, it:

  • Includes a handy CLI command (including greps for mac addresses and IPv4 / IPv6 subnets)
  • Streamlines the API towards a simpler user interface.
  • Removes legacy and flawed methods from the original (this could be a breaking change for old scripts).
  • Adds string methods to BaseCfgLine() objects
  • Defaults ignore_blank_lines=False (this could be a breaking change for old scripts).
  • Is better at handling multiple-child-level configurations (such as IOS XR and JunOS)
  • Can search for parents and children using an arbitrary list of ancestors
  • Adds the concept of change commits; this is a config-modification safety feature that ciscoconfparse lacks
  • Adds an auto_commit keyword, which defaults True
  • Documents much more of the API
  • Intentionally requires a different import statement to minimize confusion between the original and ciscoconfparse2
  • Vasly improves Cisco IOS diffs

Docs, Installation, and Dependencies

Installation and Downloads

  • Use pip for Python3.x... :

    python -m pip install ciscoconfparse2

Dependencies

Pre-requisites

The ciscoconfparse2 python package requires Python versions 3.7+.

Type-hinting (work-in-progress) targets Python3.9+ due to the need for tuple[str, ...] hints.

What is the pythonic way of handling script credentials?

  1. Never hard-code credentials
  2. Use python-dotenv

Other Resources

Are you releasing licensing besides GPLv3?

I will not. however, if it's truly a problem for your company, there are commercial solutions available (to include purchasing the project, or hiring me).

Bug Tracker and Support

License and Copyright

ciscoconfparse2 is licensed GPLv3

  • Copyright (C) 2023-2024 David Michael Pennington

The word "Cisco" is a registered trademark of Cisco Systems.

Author

ciscoconfparse2 was written by David Michael Pennington.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mpenning from gravatar.com mpenning

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License (GPL), GNU General Public License v3 (GPLv3)
  • Author: Mike Pennington
  • Tags ASA, Cisco, Cisco IOS, Juniper, NXOS, Parse, audit, modify, query
  • Requires: Python >=3.9
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.7.83

0.7.82

0.7.81

0.7.80

0.7.79

0.7.78

0.7.77

0.7.74

0.7.73

0.7.72

0.7.71

0.7.70

0.7.69

0.7.68

0.7.67

0.7.66

0.7.65

0.7.64

0.7.63

0.7.62

0.7.61

0.7.60

0.7.59

0.7.58

0.7.57

0.7.56

0.7.55

0.7.54

0.7.53

0.7.52

0.7.51

0.7.50

0.7.49

0.7.48

0.7.47

0.7.46

0.7.45

0.7.44

0.7.43

0.7.42

0.7.39

0.7.38

0.7.37

0.7.36

0.7.33

0.7.32

0.7.31

0.7.10

0.7.9

0.7.8

0.7.7

0.7.6

0.7.5

0.7.4

0.7.3

0.7.2

0.7.1

0.7.0

0.6.8

0.6.7

0.6.6

0.6.5

0.6.4

0.6.2

0.6.1

0.6.0

0.5.1

0.5.0

0.4.2

0.4.1

0.4.0

0.3.4

0.3.3

0.3.2

0.3.1

0.3.0

0.2.5

0.2.3

0.2.2

0.2.1

0.2.0

0.1.13

0.1.12

0.1.11

0.1.10

0.1.9

0.1.8

0.1.7

0.1.6

0.1.3

0.1.2

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ciscoconfparse2-0.7.83.tar.gz (1.3 MB view details)

Uploaded Source

Built Distribution

ciscoconfparse2-0.7.83-py3-none-any.whl (423.4 kB view details)

Uploaded Python 3

File details

Details for the file ciscoconfparse2-0.7.83.tar.gz.

File metadata

  • Download URL: ciscoconfparse2-0.7.83.tar.gz
  • Upload date:
  • Size: 1.3 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.0.1 CPython/3.12.8

File hashes

Hashes for ciscoconfparse2-0.7.83.tar.gz
Algorithm Hash digest
SHA256 d43825e050423bcc864d6ff2dc4cb240f803bc589213dd8821297aa1433420a8
MD5 9e34125ab5dafa70dda35054fad7bce0
BLAKE2b-256 41580f10dcdaa53cbfac74a586594e605b2bae7e3d68c52060b658f7c94e629b

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciscoconfparse2-0.7.83.tar.gz:

Publisher: cicd-publish.yml on mpenning/ciscoconfparse2

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciscoconfparse2-0.7.83-py3-none-any.whl.

File metadata

File hashes

Hashes for ciscoconfparse2-0.7.83-py3-none-any.whl
Algorithm Hash digest
SHA256 ba18d87ca57ef791116f9214b6e12d527c388eeb1e476b972cc95f6215623579
MD5 642ca901db9469bac32f474fa4a5d777
BLAKE2b-256 651f46b4a2883e369646512eadda472829c2a31ac2e5ff64b436e80ef58c2fb5

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciscoconfparse2-0.7.83-py3-none-any.whl:

Publisher: cicd-publish.yml on mpenning/ciscoconfparse2

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page