Traverse the MAC address inside the switch and compare it to the company's registered Mac's legitimate MAC address

Script Purpose: Find the Mac blacklist

Date: August 20, 2015

Contact e-mail: [Email protected]

Q q Group: 1851 15701

51CTO Blog Home: http://990487026.blog.51cto.com

Open source community, have you more exciting!

Brief introduction:

Traverse the MAC address inside the switch, compare with the company registered Mac legitimate MAC address, match to is legitimate, not match to is blacklist.

Demand analysis: Find a Mac blacklist

The MAC address of the company registered Pc,mac,server device, there is a form Rmac file

The company is registered in this format 94-de-80-61-**-**

Actual in the switch and the company registered MAC1 situation is not the same, then the MAC address of the switch, the Telnet interface to copy out, SMAC file saved up

The actual switch is copied out in this format

IP address MAC address VLAN ID Port name/al ID Aging Type
192.168.**.** fa16-3e2f-a4** gigabitethernet1/0/** One D

Then the problem comes, I will be the company registered MAC address and the MAC address in the switch, one by one, matching to, OK, if the loop is not matched to, then I can understand that, set up a device is not through the company's registration, privately access, or related registration personnel, in the registration, For a moment of negligence, wrote a few of the MAC address, for example, write 8 B, E as F, and so on.

The problem comes again, we need to allow error range, MAC address consists of 12 bits, under normal circumstances, allow the wrong one, or 2 bit bar.

=================================================================

Conditions for executing the script:

-rwxr-xr-x. 1 root root 4.3K July 3 16:35 Rmac

-rwxr-xr-x. 1 root root 34K July 3 16:35 SMAC

Company registered MAC address text Rmac file, format such as: 94-de-80-61-**-**

The MAC address text SMAC file format for the company switch is as follows:

192.168.**.** fa16-3e2f-a4** gigabitethernet1/0/** One D

Executes the script, which prompts for the error range of the input bits,

For example: input 0, is the exact match, while displaying matching results, while saving the matching file mac_range_list

If it is not matched, it will generate a blacklist black_list

-rwxr-xr-x. 1 root root 15K July 3 16:35 black_list

-rwxr-xr-x. 1 root root 6.3K July 3 16:35 mac_range_list

Because I installed the python2.7, so the first line so write.

Description: The script skipped the comparison 192.168.6.1.0 network segment, with the 192.168.200.0 network segment

================ Script starts ==========================

#!/usr/local/python27/bin/python2.7#screen clsprint  "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" print  "\ n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n "print " \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n "print " \n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n "New1=open (' mac_range_list ', ' W ') new2=open (' Black_list ', ' W ') Import rekong=[]keystr=raw_input (" enter error range [0-12]   ") Key=int (KEYSTR) new1.write (" error range  "+keystr + "\ n") r1=r "\w\w\w\w-\w\w\w\w-\w\w\w\w" R2=r "\w\w-\w\w-\w\w-\w\w-\w\w-\w\w" Stat2=1stat4=0stat5=0# open  switch mac for i in open (' Smac '):     # judge i  is empty ?      judge1=i.find ("192")     if   (judge1!=0):         continue    # as  space split a list    b1=i.split ('   ')               # remove empty element     while  "  in b1:                      b1.remove (")      #b [0] is ip     sip=b1[0]    # as  "."  split ip ziduan    sip_list=sip.split (".")      #sip_list [2] is wang duan    sip_3=sip_list[2]     sip_3=int (sip_3)     # skip 1 and 200  wangduan     if  (sip_3==1):          continue    if  (sip_3==200):          continue     #print  sip_3        #b1 [1]  is Mac    c1= b1[1]    d1=c1.upper ()     e1= D1.replace ("-", "")      #print  e1    smac_list=list (E1)          q=smac_list     #print  smac_list        len1=len (smac_list)      #print  len1     Stat3=0        for j in open (' Rmac '):         b2=j.upper ()         r2_list=re.findall ( R2,B2)         # remove kong          if r2_list==kong:             continue        l2=b2.replace ("-", "" ")           C2=l2.replace (' \ "'," ")          #print  c2         regmac_list=list (C2)         while  ' \ n '  in regmac_list:            regmac_ List.remove (' \ n ')             while  ' \ '   In regmac_list:            regmac_list.remove (' \ "')         w=regmac_list           #stat5 +=1         #print  regmac_list,stat5          #count  error range ip & mac         stat1=0         #range  conut     &nbsP;   for k in range (0,LEN1):             if smac_list[k]==regmac_list[k]:                 stat1+=1          # black count  smac recoder        if  ( Smac_list==regmac_list):            stat3=1              #print  e1,c2         if  (Stat1==len1-key):              stat2str=str (STAT2)              Stat2str=str (STAT2)             new1.write (stat2str + ":switch   mac: "+q[0]+q[1]+"-"+q[2]+q[3]+"-"+q[4]+q[5]+"-"+q[6]+q[7]+"-"+q[8]+q[9]+"-"+q[10]+q[11]+"         ip: "+sip+" \ n ")              new1.write (stat2str+ ": Regsiter mac:" +w[0]+w[1]+ "-" +w[2]+w[3]+ "-" +w[4]+w[5]+ "-" +w[6]+w[7]+ "-" +w[8]+w [9]+ "-" +w[10]+w[11]+ "\ n")             new1.write ( "\ n")             print  "%s :switch    mac  :%s%s-%s%s-%s%s-%s%s-%s%s-%s%s     ip:%s "  % ( STAT2,Q[0],Q[1],Q[2],Q[3],Q[4],Q[5],Q[6],Q[7],Q[8],Q[9],Q[10],Q[11],SIP)               print  "%s :register mac  :%s%s-%s%s-%s%s-%s %s-%s%s-%s%s         \n  "% (stat2,w[0],w[1],w[2],w[3],w[4],w[ 5],W[6],W[7],W[8],W[9],W[10],W[11])              stat2+=1         if (stat3==0):         stat4+= 1        str4=str (STAT4)          new2.write (str4+ "  :" +i)      #break     new1.close () print  "error range %s"  %keyprint  "total %s: "  % (stat2-1)

================ Script End =============================================

Thank you for browsing, such as the question of this article, please email [email protected], open source community, you are more exciting!

Traverse the MAC address inside the switch and compare it to the company's registered Mac's legitimate MAC address