diff options
-rw-r--r-- | 6/bgp.pl | 2 | ||||
-rwxr-xr-x | 6/bgp.py | 14 | ||||
-rw-r--r-- | 6/host_vars/hash/firewall.yaml | 13 | ||||
-rw-r--r-- | 6/host_vars/knot/firewall.yaml | 13 | ||||
-rw-r--r-- | 6/host_vars/kv24ix/firewall.yaml | 9 | ||||
-rw-r--r-- | 6/host_vars/lhn2ix/firewall.yaml | 9 | ||||
-rw-r--r-- | 6/main.pl | 2 |
7 files changed, 59 insertions, 3 deletions
@@ -2,7 +2,7 @@ :- module(bgp, [ warning/1, - create_firewall/1, + create_firewall/0, neighbor/2, bgp_config/2, bird_config/1, @@ -13,10 +13,22 @@ def to_ansible(kind, hosts): with PrologMQI() as mqi: with mqi.create_thread() as p: - result = p.query("consult(main)") + result = p.query("consult(main), main.") print(result) result = p.query("bgp:bird_config(BirdDict)") r = result[0]["BirdDict"] print(yaml.dump(r)) to_ansible("bgp", r) + + hosts = {} + result = p.query("firewall:fw_rule(Host, Attrs).") +# print(yaml.dump(result)) + for r in result: + host = r["Host"] + if host not in hosts: + hosts[host] = h = {} + h["firewall_rules"] = rules = [] + rules.append(r["Attrs"]) + + to_ansible("firewall", hosts) diff --git a/6/host_vars/hash/firewall.yaml b/6/host_vars/hash/firewall.yaml new file mode 100644 index 0000000..ce96f99 --- /dev/null +++ b/6/host_vars/hash/firewall.yaml @@ -0,0 +1,13 @@ +firewall_rules: +- dst: fdf3:aad9:a885:0b3a::13 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::1 +- dst: fdf3:aad9:a885:0b3a::13 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::16 +- dst: fdf3:aad9:a885:0b3a::13 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::15 diff --git a/6/host_vars/knot/firewall.yaml b/6/host_vars/knot/firewall.yaml new file mode 100644 index 0000000..a4f96d0 --- /dev/null +++ b/6/host_vars/knot/firewall.yaml @@ -0,0 +1,13 @@ +firewall_rules: +- dst: fdf3:aad9:a885:0b3a::1 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::13 +- dst: fdf3:aad9:a885:0b3a::1 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::15 +- dst: fdf3:aad9:a885:0b3a::1 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::16 diff --git a/6/host_vars/kv24ix/firewall.yaml b/6/host_vars/kv24ix/firewall.yaml new file mode 100644 index 0000000..e385a73 --- /dev/null +++ b/6/host_vars/kv24ix/firewall.yaml @@ -0,0 +1,9 @@ +firewall_rules: +- dst: fdf3:aad9:a885:0b3a::16 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::1 +- dst: fdf3:aad9:a885:0b3a::16 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::13 diff --git a/6/host_vars/lhn2ix/firewall.yaml b/6/host_vars/lhn2ix/firewall.yaml new file mode 100644 index 0000000..5a5beda --- /dev/null +++ b/6/host_vars/lhn2ix/firewall.yaml @@ -0,0 +1,9 @@ +firewall_rules: +- dst: fdf3:aad9:a885:0b3a::15 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::13 +- dst: fdf3:aad9:a885:0b3a::15 + family: ip6 + from: bgp + src: fdf3:aad9:a885:0b3a::1 @@ -1,7 +1,7 @@ :- dynamic fw_rule/2. :- use_module(bgp, [ - create_firewall/1]). + create_firewall/0]). print_warnings([]). print_warnings([W|Ws]) :- format("Warning: ~w~n", [W]), print_warnings(Ws). |