Настройка микротика

Материал из Mindsellers
Перейти к: навигация, поиск
#-*- coding: utf-8 -*-
import paramiko
import socket
import hashlib
global commandlist
commandlist=[]
def makepassword(pharmacy=10):
	global commandlist
	m = hashlib.md5()
	m.update(str(pharmacy))
	password=m.hexdigest()
	commandlist.append('/user set admin password='+password)
	return password

def valid_ip(ip='845'):
	
	try:
		socket.inet_aton(ip)
		valid=True
	except:
		
		valid=False
		
	return valid

def baseparams():
	ip='192.168.88.1'
	#while not valid_ip(ip=ip):
	#	ip=raw_input('Router IP [192.168.88.1]: ') or '192.168.88.1'

	pharmacy = 'XXXX'
	while pharmacy == 'XXXX':
		pharmacy=raw_input('Pharmacy number: ') or 'XXXX'
		try:
			int(pharmacy)
		except:
			pharmacy='XXXX'

	int_type=0

	print "Choose type of internet connection"
	print "1. Dynamic IP"
	print "2. Static IP"
	print "3. PPTP"
	print "4. PPPoE"
	print "5. L2TP"
	while int_type==0:
		int_type=raw_input('Connect type: ')
		if int_type not in ['1','2','3','4','5']:
			int_type=0
	return ip, pharmacy, int_type

def ppp_ip():
	global commandlist
	ip="895.as"
        netmask="895.as"
        gateway="895.as"
        dns="895.as"
        while not valid_ip(ip=ip):
              ip=raw_input('IP addr [1.1.1.1]: ') or '1.1.1.1'
        while not valid_ip(ip=netmask):
              netmask=raw_input('Netmask [255.255.255.252]: ') or '255.255.255.252'
        while not valid_ip(ip=gateway):
              gateway=raw_input('Gateway [1.1.1.2]: ') or '1.1.1.2'
        while not valid_ip(ip=dns):
              dns=raw_input('DNS-server ['+gateway+']: ') or gateway
	commandlist.append('/ip dhcp-client remove [find]')
        commandlist.append('/ip address add address='+ip+'/'+netmask+' interface=ether1')
        commandlist.append('/ip dns static add address='+dns+' name=router.lan')
	commandlist.append('/ip dns set allow-remote-requests=yes servers='+dns)
	commandlist.append('/ip firewall address-list add address='+dns+' list=permitted')

        commandlist.append('/ip route add dst-address=0.0.0.0/0 gateway='+gateway+' distance=2')


def int_setup(int_type):
	global commandlist
	if int_type=="1":
		commandlist.append('/ip dhcp-client add dhcp-options=hostname,clientid disabled=no interface=ether1')
	if int_type=="2":
		ip="895.as"
		netmask="895.as"
		gateway="895.as"
		dns="895.as"
		while not valid_ip(ip=ip):
	                ip=raw_input('IP addr [1.1.1.1]: ') or '1.1.1.1'
		while not valid_ip(ip=netmask):
                        netmask=raw_input('Netmask [255.255.255.252]: ') or '255.255.255.252'
		while not valid_ip(ip=gateway):
                        gateway=raw_input('Gateway [1.1.1.2]: ') or '1.1.1.2'
		while not valid_ip(ip=dns):
                        dns=raw_input('DNS-server ['+gateway+']: ') or gateway
		commandlist.append('/ip dhcp-client remove [find]')
		commandlist.append('/ip address add address='+ip+'/'+netmask+' interface=ether1')
		commandlist.append('/ip dns static add address='+dns+' name=router.lan')
		commandlist.append('/ip dns set allow-remote-requests=yes servers='+dns)
		commandlist.append('/ip firewall address-list add address='+dns+' list=permitted')
		commandlist.append('/ip route add dst-address=0.0.0.0/0 gateway='+gateway)
	if int_type=="3":
		need_ip=raw_input("Do you need static IP on the interface before PPP-connect? Y/n: ") or "Y"
		if need_ip=="Y":
			ppp_ip()
		server=raw_input("Server address: ")
		login=raw_input("Login: ")
                password=raw_input("Password: ")
		commandlist.append('/interface pptp-client add name=PPTP user='+login+' password='+password+' connect-to='+server+' disabled=no profile=default-encryption add-default-route=yes dial-on-demand=no allow=pap,chap,mschap1,mschap2')
		commandlist.append('/interface list member add interface=PPTP list=WAN')
	
	if int_type=="4":
		login=raw_input("Login: ")
		password=raw_input("Password: ")
		commandlist.append('/interface pppoe-client add interface=ether1 use-peer-dns=yes name=PPPoE user='+login+' password='+password +' disabled=no add-default-route=yes profile=default-encryption')
		commandlist.append('/interface list member add interface=PPPoE list=WAN')		

	if int_type=="5":
                need_ip=raw_input("Do you need static IP on the interface before PPP-connect? Y/n: ") or "Y"
                if need_ip=="Y":
                        ppp_ip()
                server=raw_input("Server address: ")
                login=raw_input("Login: ")
                password=raw_input("Password: ")
		commandlist.append('/interface l2tp-client add name=L2TP user='+login+' password='+password+' connect-to='+server+' disabled=no profile=default-encryption add-default-route=yes dial-on-demand=no allow=pap,chap,mschap1,mschap2')
		commandlist.append('/interface list member add interface=L2TP list=WAN')
		
		
def sendcommands(ip):
	global commandlist
	#print commandlist
	try:
		ssh = paramiko.SSHClient()
		ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())	
		ssh.connect(ip,username='admin',password='', look_for_keys=False)
		for command in commandlist:
			stdin,stdout,stderr = ssh.exec_command(command)
			print stderr.read()
		ssh.close()
	except Exception as s:
		print "Connection ERROR! Restart programm and try again"
		print s



def makeroot(server,pharmacy,secret):
	commandlist.append('/interface pptp-client add name=ROOT user='+pharmacy+' password='+secret+' connect-to='+server+' disabled=no max-mtu=1380 max-mru=1380 profile=default-encryption add-default-route=no dial-on-demand=no allow=pap,chap,mschap1,mschap2')
	commandlist.append('/ip firewall filter add chain=input action=accept in-interface=ROOT place-before=1')
	commandlist.append('/system identity set name=Pharmacy'+pharmacy)

def makenet(permitted):
	commandlist.append('/ip dhcp-server network remove [find]')
	commandlist.append('/ip dhcp-server remove [find]')
	
	commandlist.append('/ip address add address=192.168.0.254/24 interface=bridge network=192.168.0.0')
	commandlist.append('/ip firewall nat remove [find]')
	commandlist.append('/ip firewall address-list add address=192.168.0.1 list=internet')
	for site in permitted:
		commandlist.append('/ip firewall address-list add address='+site+' list=permitted')
	commandlist.append('/ip firewall nat add action=masquerade chain=srcnat out-interface-list=WAN src-address-list=internet')
	commandlist.append('/ip firewall nat add action=masquerade chain=srcnat dst-address-list=permitted out-interface-list=WAN')

	
#	commandlist.append('/ip firewall address-list add list=internet address=192.168.0.1/32')
#	commandlist.append('/ip address remove [find network=192.168.88.0]')

if __name__=='__main__':
	ip, pharmacy, int_type= baseparams()
	secret=makepassword(pharmacy=pharmacy)
	int_setup(int_type)
	makeroot(server='mindsellers.ru',pharmacy=pharmacy,secret=secret)
	makenet(permitted=['vita-samara.ru','vitaexpress.ru','google.com','goo.gl','google.ru','api.google.com','med.yar.ru','po-aptekam.ru','rlsnet.ru','teamviewer.com','giftoman.ru','aptekivita.ru','kontur.ru','seredina.ru','seredina.biz','crm2018-1.ru','like-pharma.com','gstatic.com','pro-loyalty.ru','easy4ip.com','easy4ipcloud.com'])
	print "Wait for a while..."
	sendcommands(ip)
	a=raw_input("Check errors if exists and press Enter") or 'done'
	


	


Создание учеток:

#!/usr/bin/python
import hashlib
filename='test.conf'
with open(filename, 'w') as conf:
        for i in range(1,5001):
                hexnum=str("{0:04x}".format(i))
                m = hashlib.md5()
                m.update(str(i))
                password=m.hexdigest()
                confstring=str(i)+'\tpptpd\t'+password +'\t172.17.'+str(int(hexnum[0:2], 16)) + '.'+str(int(hexnum[2:4], 16))+'\n'
                conf.write(confstring)