Skip to main content
Loading...

More Python Posts

import re

def _map_ikev2_vendor_capabilities(message_type, input_string):
    # List of acceptable message types
    valid_message_types = ['IKE_SA_INIT', 'IKE_AUTH']
    
    # Validate message type
    if message_type not in valid_message_types:
        raise ValueError(f"Invalid message type: {message_type}. Must be one of {valid_message_types}")
    
    # Mapping dictionary for IKE values with RFC references
    value_map = {
        # IKE_SA_INIT capabilities
        'FRAG_SUP': 'IKE Fragmentation',  # RFC 7383, Section 3
        'REDIR_SUP': 'Redirection',  # RFC 5685, Section 3
        'HASH_ALG': 'Hash Algorithms',  # RFC 7296, Section 3.3.2
        'NATD_S_IP': 'NAT-T (Source IP)',  # RFC 7296, Section 2.23
        'NATD_D_IP': 'NAT-T (Destination IP)',  # RFC 7296, Section 2.23
        'SIGN_HASH_ALGS': 'Signature Hash Algorithms',  # RFC 7296, Section 2.15
        'NON_FIRST_FRAGMENTS': 'Non-First IKE Fragments',  # RFC 7383, Section 3
        'CHILDLESS_IKEV2_SUP': 'Childless IKEv2',  # RFC 6023, Section 3
        'INTERMEDIATE': 'Intermediate Exchange',  # RFC 9242, Section 3
        'COOKIE': 'Cookie-Based DoS Protection',  # RFC 7296, Section 2.6
        # IKE_AUTH capabilities
        'ESP_TFC_PAD_N': 'ESPv3 TFC Padding Not Supported',  # RFC 7296, Section 3.3.1
        'MOBIKE_SUP': 'MOBIKE',  # RFC 4555, Section 3
        'MULT_AUTH': 'Multiple Auth',  # RFC 4739, Section 3
        'EAP_ONLY': 'EAP-Only Auth',  # RFC 5998, Section 3
        'MSG_ID_SYN_SUP': 'Message ID Sync',  # RFC 6311, Section 3
        'IPCOMP_SUPPORTED': 'IP Payload Compression Support',  # RFC 7296, Section 3.3.2
        'ADD_4_ADDR': 'Additional IPv4 Addresses',  # RFC 4555, Section 3.2
        'ADD_6_ADDR': 'Additional IPv6 Addresses',  # RFC 4555, Section 3.2
        'INIT_CONTACT': 'Initial Contact',  # RFC 7296, Section 3.16
        'HTTP_CERT_LOOKUP_SUP': 'HTTP Certificate Lookup',  # RFC 7296, Section 3.7
        'REKEY_SA': 'SA Rekeying'  # RFC 7296, Section 3.16
    }
    
    # Notifications valid for each message type
    ike_sa_init_valid = {
        'FRAG_SUP', 'REDIR_SUP', 'HASH_ALG', 'NATD_S_IP', 'NATD_D_IP',
        'SIGN_HASH_ALGS', 'NON_FIRST_FRAGMENTS', 'CHILDLESS_IKEV2_SUP',
        'INTERMEDIATE', 'COOKIE'
    }
    ike_auth_valid = {
        'ESP_TFC_PAD_N', 'MOBIKE_SUP', 'MULT_AUTH', 'EAP_ONLY', 'MSG_ID_SYN_SUP',
        'IPCOMP_SUPPORTED', 'ADD_4_ADDR', 'ADD_6_ADDR', 'INIT_CONTACT',
        'HTTP_CERT_LOOKUP_SUP', 'REKEY_SA'
    }
    
    # Select valid notifications based on message type
    valid_notifications = ike_sa_init_valid if message_type == 'IKE_SA_INIT' else ike_auth_valid
    
    # Regex to capture N(...) patterns
    pattern = r'N\([^)]+\)'
    matches = re.findall(pattern, input_string)
    
    # Parse matches and create result list
    result = []
    for match in matches:
        key = match[2:-1]  # Extract content inside N(...)
        if key in valid_notifications and key in value_map:
            result.append(value_map[key])
        else:
            # Log unrecognized notifications for debugging
            print(f"Warning: Unrecognized or invalid notification for {message_type}: {key}")
    
    return ', '.join(result) if result else 'None'

# Example usage
ike_sa_init_string = '2025-07-18 20:16:22.839 15[ENC] <4> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) N(SIGN_HASH_ALGS) N(NON_FIRST_FRAGMENTS) N(CHILDLESS_IKEV2_SUP) N(INTERMEDIATE) N(COOKIE) ]'
ike_auth_string = '2025-07-18 20:16:22.898 07[ENC] <4> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) N(IPCOMP_SUPPORTED) N(ADD_6_ADDR) N(HTTP_CERT_LOOKUP_SUP) N(REKEY_SA) ]'

# Test with IKE_SA_INIT
print("IKE_SA_INIT Results:")
print(_map_ikev2_vendor_capabilities("IKE_SA_INIT", ike_sa_init_string))

# Test with IKE_AUTH
print("\nIKE_AUTH Results:")
print(_map_ikev2_vendor_capabilities("IKE_AUTH", ike_auth_string))
import re

def _map_ikev2_vendor_capabilities(message_type, input_string):
    # List of acceptable message types
    valid_message_types = ['IKE_SA_INIT', 'IKE_AUTH']
    
    # Validate message type
    if message_type not in valid_message_types:
        raise ValueError(f"Invalid message type: {message_type}. Must be one of {valid_message_types}")
    
    # Mapping dictionary for IKE values with RFC references
    value_map = {
        # IKE_SA_INIT capabilities
        'FRAG_SUP': 'IKE Fragmentation',  # RFC 7383, Section 3
        'REDIR_SUP': 'IKE Redirection',  # RFC 5685, Section 3
        'HASH_ALG': 'Hash Algorithms',  # RFC 7296, Section 3.3.2
        'NATD_S_IP': 'NAT Detection (Source IP)',  # RFC 7296, Section 2.23
        'NATD_D_IP': 'NAT Detection (Destination IP)',  # RFC 7296, Section 2.23
        'SIGN_HASH_ALGS': 'Signature Hash Algorithms',  # RFC 7296, Section 2.15
        'NON_FIRST_FRAGMENTS': 'Non-First IKE Fragments',  # RFC 7383, Section 3
        'CHILDLESS_IKEV2_SUP': 'Childless IKEv2',  # RFC 6023, Section 3
        'INTERMEDIATE': 'Intermediate Exchange',  # RFC 9242, Section 3
        'COOKIE': 'Cookie-Based DoS Protection',  # RFC 7296, Section 2.6
        # IKE_AUTH capabilities
        'ESP_TFC_PAD_N': 'ESPv3 TFC Padding Disabled',  # RFC 7296, Section 3.3.1
        'MOBIKE_SUP': 'MOBIKE',  # RFC 4555, Section 3
        'MULT_AUTH': 'Multiple Auth',  # RFC 4739, Section 3
        'EAP_ONLY': 'EAP-Only Auth',  # RFC 5998, Section 3
        'MSG_ID_SYN_SUP': 'Message ID Synchronization',  # RFC 6311, Section 3
        'IPCOMP_SUPPORTED': 'IP Payload Compression Support',  # RFC 7296, Section 3.3.2
        'ADD_4_ADDR': 'Additional IPv4 Addresses',  # RFC 4555, Section 3.2
        'ADD_6_ADDR': 'Additional IPv6 Addresses',  # RFC 4555, Section 3.2
        'INIT_CONTACT': 'Initial Contact',  # RFC 7296, Section 3.16
        'HTTP_CERT_LOOKUP_SUP': 'HTTP Certificate Lookup',  # RFC 7296, Section 3.7
    }
        
    # Regex to capture N(...) patterns
    pattern = r'N\([^)]+\)'
    matches = re.findall(pattern, input_string)
    
    # Parse matches and create result list
    result = []
    for match in matches:
        key = match[2:-1]  # Extract content inside N(...)
        # Only include keys valid for the message type
        if key in value_map:
            result.append(value_map[key])
    
    return ', '.join(result)

# Example usage
ike_sa_init_string = '2025-07-18 20:16:22.839 15[ENC] <4> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]'
ike_auth_string = '2025-07-18 20:16:22.898 07[ENC] <4> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR)N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]'

# Test with IKE_SA_INIT
print("IKE_SA_INIT Results:")
print(_map_ikev2_vendor_capabilities("IKE_SA_INIT", ike_sa_init_string))

# Test with IKE_AUTH
print("\nIKE_AUTH Results:")
print(_map_ikev2_vendor_capabilities("IKE_AUTH", ike_auth_string))
import os
import sys
import argparse
import json
import csv
import getpass
import string
import random
import re

from datetime import datetime
import ldap
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
from requests.auth import HTTPBasicAuth
import validators



def create_guac_connection(BASE_URL, auth_token, ldap_group, computer, guac_group_id):
    '''
    creates a guac connection
    '''
    json_header = {'Accept': 'application/json'}
    query_parm_payload = { 'token': auth_token }

    payload_data = {
   "parentIdentifier":guac_group_id,
   "name":computer,
   "protocol":"vnc",
   "parameters":{
      "port":"5900",
      "read-only":"",
      "swap-red-blue":"",
      "cursor":"",
      "color-depth":"",
      "clipboard-encoding":"",
      "disable-copy":"",
      "disable-paste":"",
      "dest-port":"",
      "recording-exclude-output":"",
      "recording-exclude-mouse":"",
      "recording-include-keys":"",
      "create-recording-path":"",
      "enable-sftp":"true",
      "sftp-port":"",
      "sftp-server-alive-interval":"",
      "enable-audio":"",
      "audio-servername":"",
      "sftp-directory":"",
      "sftp-root-directory":"",
      "sftp-passphrase":"",
      "sftp-private-key":"",
      "sftp-username":"",
      "sftp-password":"",
      "sftp-host-key":"",
      "sftp-hostname":"",
      "recording-name":"",
      "recording-path":"",
      "dest-host":"",
      "password":"asdasd",
      "username":"asdasd",
      "hostname":"nt72310.cvad.unt.edu"
   },
   "attributes":{
      "max-connections":"",
      "max-connections-per-user":"1",
      "weight":"",
      "failover-only":"",
      "guacd-port":"",
      "guacd-encryption":"",
      "guacd-hostname":""
   }
}
    CREATE_CONNECTION_URL = BASE_URL + "/api/session/data/mysql/connections"

    create_connection_request = requests.post(CREATE_CONNECTION_URL, headers=json_header, params=query_parm_payload, data=payload_data, verify=False)
    create_connection_result = create_connection_request.status_code


    if create_connection_result == "200":
        print("Successfully created computer: " + computer)
    else: 
        print(create_connection_request.json())

    return create_connection_result