#!bin/python
#coding=utf-8
"""
Create by he
"""

import sys
import re
import string
import operator
from analysisFile import *
from result import *

ruleId = 0
objectGroupNameDic = {}

def handle():
    global ruleId
    for policy in policyList:
        ruleId = 0
        policyHandle(policy)

def policyHandle(policy):
    global ruleId
    for key,value in policy.canMerge.items():
        condition = key.split('^')[-1]
        if condition == Conditions.ONE:
            result = handleCondOne(value)
            policy.results.append(result)
        if condition == Conditions.TWO:
            result = handleCondTwo(value)
            policy.results.append(result)
        if condition == Conditions.FOUR:
            result = handleCondFour(value)
            policy.results.append(result)
        if condition == Conditions.FIVE:
            result = handleCondFive(value)
            policy.results.append(result)
        if condition == Conditions.SEVEN:
            resultList = handleCondSeven(value)
            policy.results.extend(resultList)
            return
        ruleId +=1

def handleCondSeven(rules):
    print '==================handleCondSeven=========================='
    for rule in rules:
        getNewDipAddObjGroup(rule)
        print 'hahahahahahahahahahahahahah'
        for obj in rule.newDesIpObjGroup.addressObjects:
            print obj.ip+" "+obj.mask
        #print rule.newDesIpObjGroup.addressObjects
        print 'hahahahahahahahahahahahahah'
        #newDipGroups.append[group]
    canMergeList = []
    for i in range(0,len(rules)):
        if rules[i].compared:
            continue
        mergeRuleLists = [rules[i]]
        rules[i].compared = True
        for j in (i+1,len(rules)):
            if j == len(rules):
                break
            if rules[j].compared:
                continue
            if isSameGroup(rules[i],rules[j]):
                mergeRuleLists.append(rules[j])
                rules[j].compared = True
                continue
        canMergeList.append(mergeRuleLists)
    print 'ffffffffffffffffffffffffffffffffff'
    print canMergeList
    print 'ffffffffffffffffffffffffffffffffff'
    
    #canMerge and canMergeList are both list type
    resultList = []
    for canMerge in canMergeList:
        if len(canMerge) == 1:
            #remove canMerge[0] to canNotMerge
            continue
        result = Result()# Class :result
        result.mergedRules.extend(canMerge)
        sIpAddObjGroups = []
        for rule in canMerge:
            sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
            sIpAddObjGroups.append(sIpAddObj)
        #Merge s-ip
        newSipAddGroup = mergeAddObjGroups(sIpAddObjGroups,canMerge[0])
        newDipAddGroup = canMerge[0].newDesIpObjGroup
        result.addObjMergeDic[newSipAddGroup] = sIpAddObjGroups
        result.newRule = mergeRules(canMerge[0],dIp = newDipAddGroup,sIp = newSipAddGroup)
        resultList.append(result)
    return resultList

def isSameGroup(rule1,rule2):
    print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
    print rule1
    print rule2
    print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
    addObjs1 = rule1.newDesIpObjGroup.addressObjects
    addObjs2 = rule2.newDesIpObjGroup.addressObjects
    # bug-- if contains relationship
    for addObj1 in addObjs1:
        flag = False
        for addObj2 in addObjs2:
            if addObj1.ip+" "+addObj1.mask == addObj2.ip+" "+addObj2.mask:
                flag = True
                break
            else:
                print 'wowowowowowowowowowowowowowowowowowo'
                print addObj1.ip+" "+addObj1.mask
                print addObj2.ip+" "+addObj2.mask
                print 'wowowowowowowowowowowowowowowowowowo'
        if not flag:
            print 'kkkkkkkkkkkkkkkkkkkkkkkkkjjjjjjjjjjjjjjjjjjjj'
            return False
    print 'jjjjjjjjjjjjjjjjjjjjjjjjjjjkkkkkkkkkkkkkkkkkkk'
    return True


def getNewDipAddObjGroup(rule):
    global userInput
    dIpGroup = rule.getDipAddObjGroup(addObjGroupList)
    print 'lllllllllllllllllllllll'
    print dIpGroup
    print 'lllllllllllllllllllllll'
    addObjs = getAllAddObj(dIpGroup)
    newAddObjs = []
    for addObj in addObjs:
        #If AddressObject is type of RANGE,how to do?
        newMask = ipAnd(userInput,addObj.mask)
        newIp = ipAnd(newMask,addObj.ip)
        #content need change
        newAddObj = AddressObject(addObj.addressId,addObj.content,addObj.Type,ip=newIp,mask=newMask,ipStart=addObj.ipStart,ipEnd=addObj.ipEnd)
        #The newAddObj repeated need to remove
        newAddObjs.append(newAddObj)
    newAddObjGroup = AddressObjectGroup(dIpGroup.name,dIpGroup.content,newAddObjs)
    rule.newDesIpObjGroup = newAddObjGroup


def ipAnd(ip1,ip2):
    dotSplitList1 = ip1.split('.')
    dotSplitList2 = ip2.split('.')
    resIP = ""
    for i in range(0,4):
        resIP += str(int(dotSplitList1[i]) & int(dotSplitList2[i]))+"."
    return resIP[0:-1]

def getAllAddObj(addObjGroup):
    addObjs = []
    for addObj in addObjGroup.addressObjects:
        if addObj.Type == AddressTypes.GROUP:
            #AddresObject convert to AddressObjectGroup
            addObjs.extend(getAllAddObj(addObj))        
        addObjs.append(addObj)
    return addObjs

    

def handleCondFive(rules):
    print '==================handleCondFive=========================='
    result = Result()# Class :result
    result.mergedRules.extend(rules)    
    dIpAddObjGroups = []
    for rule in rules:
        #合并前的每一个地址对象组
        dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
        dIpAddObjGroups.append(dIpAddObj)
    newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
    result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
    result.newRule = mergeRules(rules[0],dIp = newAddGroup)
    return result


def handleCondFour(rules):
    print '==================handleCondFour=========================='
    result = Result()# Class :result
    result.mergedRules.extend(rules)    
    sIpAddObjGroups = []
    for rule in rules:
        #合并前的每一个地址对象组
        sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
        sIpAddObjGroups.append(sIpAddObj)
    newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
    result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
    result.newRule = mergeRules(rules[0],sIp = newAddGroup)
    return result

def handleCondTwo(rules):
    print '==================handleCondTwo=========================='
    result = Result()# Class :result
    result.mergedRules.extend(rules)    
    dIpAddObjGroups = []
    for rule in rules:
        #合并前的每一个地址对象组
        dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
        dIpAddObjGroups.append(dIpAddObj)
    newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
    result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
    result.newRule = mergeRules(rules[0],dIp = newAddGroup)
    return result

def handleCondOne(rules):
    print '==================handleCondOne=========================='
    result = Result()# Class :result
    result.mergedRules.extend(rules)    
    sIpAddObjGroups = []
    for rule in rules:
        #合并前的每一个地址对象组
        sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
        sIpAddObjGroups.append(sIpAddObj)
    newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
    result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
    result.newRule = mergeRules(rules[0],sIp = newAddGroup)
    return result

#return a new AddressObjectGroup
def mergeAddObjGroups(addObjGroups,rule,isSourceMerge = True):
    addressObjects = []
    for addObjGroup in addObjGroups:
        addressObjects.extend(addObjGroup.addressObjects)
    objName = createAddObjGroupName(rule,isSourceMerge)
    content = "object-group ip address " + objName
    newAddGroup = AddressObjectGroup(objName,content,addressObjects)
    return newAddGroup

def createAddObjGroupName(rule,isSourceMerge):
    global objectGroupNameDic
    name = ""
    ser = rule.service
    if ser == "":
        ser = "any"
    mode = "source"
    if not isSourceMerge:
        mode = "destination"
    join = ser + "_" + mode + "_"
    if objectGroupNameDic.has_key(join):
        objectGroupNameDic[join] = objectGroupNameDic[join] + 1
        name = join + str(objectGroupNameDic[join])
        return name
    objectGroupNameDic[join] = 1
    name = join +str(1)
    return name

#return a new rule
def mergeRules(ruleObj,sIp=None,dIp=None):
    #replace ruleId
    rule = re.sub(r"rule \d+ ","rule "+str(ruleId) + " ",ruleObj.content)
    #replace source-ip
    if sIp != None:
        rule = re.sub(r"source-ip \S+","source-ip " + sIp.name,rule)
    else:
        sIp = ruleObj.sourceIpObjGroup
    #replace destination-ip
    if dIp != None:
        rule = re.sub(r"destination-ip \S+","destination-ip " + dIp.name,rule)
    else:
        dIp = ruleObj.desIpObjGroup
    #replace service
    #if ser != "":
        #rule = re.sub(r"service \S+","service " + ser,rule)
    #remove logging
    if "logging" in rule:
        rule = re.sub(r"logging\s?" , "",rule)
    #remove counting
    if "counting" in rule:
        rule = re.sub(r"counting\s?" , "",rule)
    newRule = Rule(ruleId,ruleObj.action,ruleObj.vrf,ruleObj.timeRange,sIp,dIp,ruleObj.service,rule)
    return newRule



handle()

print '==================Common=========================='
for p in policyList:
    print '--------------policy-----------------'
    for r in p.results:
        print '-----------rule-----------'
        print r.mergedRules
        print r.newRule
        print r.addObjMergeDic
        #print r.addObjMergeDic.values()[0][0].addressObjects[0].addressId

 

posted on 2016-12-09 20:25  Mr.He多多指教  阅读(589)  评论(0编辑  收藏  举报