GaiaOSDriver

class gaiaos.GaiaOSDriver(hostname, username='', password='', timeout=10, optional_args=None)
optional_args: dict
  • secret: <expert-password>: str
cli(commands: list) → dict
Will execute a list of commands and return the output in a dictionary format.
Works only for cli.sh commands.

Example:

{
    'show version product':  'Product version Check Point Gaia R80.20',
    'show route': '''
            Codes: C - Connected, S - Static, R - RIP, B - BGP (D - Default),
            O - OSPF IntraArea (IA - InterArea, E - External, N - NSSA)
            A - Aggregate, K - Kernel Remnant, H - Hidden, P - Suppressed,
            U - Unreachable, i - Inactive

            S         0.0.0.0/0           via 172.16.10.1, eth0, cost 0, age 57785
            C         127.0.0.0/8         is directly connected, lo
            C         172.16.10.0/26     is directly connected, eth0'''
}
close()

Closes the connection to the device.

commit_config(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
compare_config()
not implemented yet
Parameters:kwargs
Returns:
compliance_report(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_arp_table(vrf='') → list
Get arp table information. (requires expert-password)
vrf is not supported.
Returns a list of dictionaries having the following set of keys:
  • interface: str
  • mac: str
  • ip: str
  • age: float
  • state: str
Returns:list

example:

[
    {
        'interface' : 'eth0',
        'mac'       : '5c:5e:ab:da:3c:f0',
        'ip'        : '172.17.17.1',
        'age'       : 875.0,
        'state'     : 'REACHABLE'
    },
    {
        'interface': 'eth0',
        'mac'       : '66:0e:94:96:e0:ff',
        'ip'        : '172.17.17.2',
        'age'       : 0.0,
        'state'     : 'STALE'
    }
]
get_bgp_config(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_bgp_neighbors()
not implemented yet
Parameters:kwargs
Returns:
get_bgp_neighbors_detail(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_config(retrieve='all') → dict
Get host configuration. Returns a string delimited with a ‘
‘ for further parsing.
Configuration can be retrieved at once or as logical part.
return:

dict

For example:

device.get_config(retrieve='user')

{
    'running': '
        set user admin shell /etc/cli.sh
        set user admin password-hash $1$aWTXGUmr$1r1Ls428oJg2gFwMcKJdO0
        set user monitor shell /etc/cli.sh
        set user monitor password-hash *

    ',
    'candidate': '',
    'startup' : ''
}

Retrieve options:

all                  - display full configuration

aaa                  - display aaa configuration commands
aggregate            - Display Route Aggregation configuration commands
allowed-client       - Displays Allowed Clients configuration
arp                  - Display ARP configuration commands
as                   - Show Autonomous System Number configuration commands
backup-scheduled     - Display scheduled backup configuration commands
bgp                  - Display BGP configuration commands
bonding              - display bonding configuration commands
bootp                - Show BOOTP/DHCP Relay configuration commands
bridging             - display bridging configuration commands
clienv               - display CLI environment configuration commands
command              - extended commands configuration commands
core-dump            - Display core-dump configuration commands
cron                 - display cron configuration commands
dhcp-client          - display dhcp client configuration commands
dhcp-server          - display dhcp configuration commands
dns                  - display dns configuration commands
domainname           - display domainname configuration commands
edition              - display edition configuration commands
expert-password      - Displays expert password configuration
format               - display format configuration commands
group                - display group configuration commands
host                 - Display host configuration commands
hostname             - Display hostname configuration commands
igmp                 - Display IGMP configuration commands
inbound-route-filter - Display Inbound Route Filter configuration commands
installer            - installer configuration commands
interface            - interface configuration commands
interface-name       - Interface naming configuration commands
iphelper             - Display IP Broadcast Helper configuration commands
ipv6                 - Display IPv6 routing configuration commands
ipv6-state           - Display IPv6 configuration commands
kernel-routes        - Show configuration commands for kernel routes
lcd                  - display lcd configuration commands
mail-notification    - display format configuration commands
management           - management configuration commands
max-path-splits      - Show max-path-splits configuration commands
message              - Display message configuration commands
net-access           - Displays network access configuration
netflow              - netflow configuration commands
ntp                  - display ntp configuration commands
ospf                 - Display OSPFv2 configuration commands
password-controls    - display password-controls configuration commands
pim                  - Display PIM configuration commands
ping                 - Display ping (for static routes) configuration commands
protocol-rank        - Show protocol ranks configuration commands
proxy                - display proxy configuration commands
rba                  - Display rba configuration commands
rdisc                - Display ICMP Router Discovery configuration commands
rip                  - Display RIP configuration commands
route-redistribution - Display route redistribution configuration commands
routedsyslog         - Show Routing Daemon syslog configuration commands
routemap             - Display configuration commands for a specific Route Map
routemaps            - Display Route Map configuration commands
router-id            - Show Router ID configuration commands
router-options       - Show Router Options configuration commands
snmp                 - SNMP configuration commands
static-mroute        - Display static multicast route configuration commands
static-route         - Display IPv4 static route configuration commands
syslog               - Display syslog configuration commands
timezone             - Timezone configuration commands
trace                - Show Trace configuration commands
tracefile            - Show Tracefile configuration commands
user                 - Display user configuration commands
vpnt                 - Display VPN tunnel configuration
web                  - Displays Web configuration
get_environment()
not implemented yet
Parameters:kwargs
Returns:
get_facts(**kwargs)
Returns a dictionary containing the following information:
  • uptime - Uptime of the device in seconds.
  • vendor - Manufacturer of the device.
  • model - Device model.
  • hostname - Hostname of the device
  • fqdn - Fqdn of the device
  • os_version - String with the OS version running on the device.
  • serial_number - Serial number of the device
  • interface_list - List of the interfaces of the device
Example::
{ ‘uptime’: 151005.57332897186, ‘vendor’: u’Arista’, ‘os_version’: u‘4.14.3-2329074.gaatlantarel’, ‘serial_number’: u’SN0123A34AS’, ‘model’: u’vEOS’, ‘hostname’: u’eos-router’, ‘fqdn’: u’eos-router’, ‘interface_list’: [u’Ethernet2’, u’Management1’, u’Ethernet1’, u’Ethernet3’] }
Parameters:kwargs
Returns:
get_firewall_policy(interfaces=False) → dict
Gets firewall policy information. Returns a dict with the following keys.
* name (str)
* install_time (str)
* current_conns (int)
* peak_conns (int)
* conns_limit (int)

With optional parameter ‘interfaces’ returns nested dict with the following keys.
* iftab32 (dict)
* iftab64 (dict)
* <interface name> (dict)
* in (dict)
* accept (int)
* drop (int)
* reject (int)
* log (int)
* out (dict)
* accept (int)
* drop (int)
* reject (int)
* log (int)
Parameters:interfaces – bool
Returns:dict
example::
{

‘name’: ‘policy’, ‘install_time’: ‘Wed Mar 1 00:00:00 2020’, ‘current_conns’: ‘0’, ‘peak_conns’: ‘0’, ‘conns_limit’: ‘0’, ‘if_tab_32’: {

‘bond0’: {
‘in’: {
‘accept’: ‘0’, ‘drop’: ‘0’, ‘reject’: ‘0’, ‘log’: ‘0’

}, ‘out’: {

‘accept’: ‘0’, ‘drop’: ‘0’, ‘reject’: ‘0’, ‘log’: ‘0’

}

} ‘if_tab_64’: {

‘bond0’: {
‘in’: {
‘accept’: ‘0’, ‘drop’: ‘0’, ‘reject’: ‘0’, ‘log’: ‘0’

}, ‘out’: {

‘accept’: ‘0’, ‘drop’: ‘0’, ‘reject’: ‘0’, ‘log’: ‘0’

}

}

}

get_interfaces() → dict
Get interface details.
last_flapped is not implemented and will return -1.
Virtual interfaces speed will return 0.
Returns:dict

example:

{u'Vlan1': {'description': u'N/A',
            'is_enabled': True,
            'is_up': True,
            'last_flapped': -1.0,
            'mac_address': u'a493.4cc1.67a7',
            'speed': 100,
            'mtu': 1500},
 u'Vlan100': {'description': u'Data Network',
              'is_enabled': True,
              'is_up': True,
              'last_flapped': -1.0,
              'mac_address': u'a493.4cc1.67a7',
              'speed': 100,
              'mtu': 65536},
 u'Vlan200': {'description': u'Voice Network',
              'is_enabled': True,
              'is_up': True,
              'last_flapped': -1.0,
              'mac_address': u'a493.4cc1.67a7',
              'speed': 100,
              'mtu': 1500   }}
get_interfaces_counters()
not implemented yet
Parameters:kwargs
Returns:
get_interfaces_ip()
Get interface ip details.
Returns a dict of dicts
Returns:dict

example:

{   u'FastEthernet8': {   'ipv4': {   u'10.66.43.169': {   'prefix_length': 22}}},
    u'Loopback555': {   'ipv4': {   u'192.168.1.1': {   'prefix_length': 24}},
                        'ipv6': {   u'1::1': {   'prefix_length': 64}}},
    u'Tunnel0': {   'ipv4': {   u'10.63.100.9': {   'prefix_length': 24}}},
    u'Tunnel1': {   'ipv4': {   u'10.63.101.9': {   'prefix_length': 24}}},
    u'Vlan100': {   'ipv4': {   u'10.65.0.1': {   'prefix_length': 24}}},
    u'Vlan200': {   'ipv4': {   u'10.63.176.57': {   'prefix_length': 29}}}}
get_ipv6_neighbors_table()
not implemented yet
Parameters:kwargs
Returns:
get_lldp_neighbors()
not implemented yet
Parameters:kwargs
Returns:
get_lldp_neighbors_detail(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_mac_address_table()
not implemented yet
Parameters:kwargs
Returns:
get_network_instances(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_ntp_peers()
not implemented yet
Parameters:kwargs
Returns:
get_ntp_servers()
not implemented yet
Parameters:kwargs
Returns:
get_ntp_stats()
not implemented yet
Parameters:kwargs
Returns:
get_optics()
not implemented yet
Parameters:kwargs
Returns:
get_probes_config()
not implemented yet
Parameters:kwargs
Returns:
get_probes_results()
not implemented yet
Parameters:kwargs
Returns:
get_route_to(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
get_snmp_information()
not implemented yet
Parameters:kwargs
Returns:
get_users(**kwargs) → dict
Returns a dictionary with the configured users.
The keys of the main dictionary represents the username.
Checkpoint uses RBAC and does not know about privilege levels
therefore level always returns a level of 15
instead a field ‘privileges’ was added containing additional user-role information

ssh-keys will only fetched with option retrieve=’all’ (requires expert password)
otherwise ssh-keys will return a list containing an empty string
The values represent the details of the user,
represented by the following keys:
  • uid: int
  • gid: int
  • homedir: str
  • shell: str
  • name: str
  • privileges: str
  • sshkeys: list[str,]
  • level : 15,
Returns:dict

example:

{
    'admin': {
        'uid': '0',
        'gid': '0',
        'homedir': '/home/admin',
        'shell': '/etc/cli.sh',
        'name': 'n/a',
        'privileges': 'Access to Expert features'},
        'level' : 15,
        'password' : '$1$aWTXGUmr$1r1Ls428oJg2gFwMcKJdO0'
        'sshkeys' : ['',]}
    'monitor':                        {
        'uid': '102',
        'gid': '100',
        'homedir': '/home/monitor',
        'shell': '/etc/cli.sh',
        'name': 'Monitor',
        'privileges': 'None',
        'level' : 15,
        'password' : '*'
        'sshkeys' : ['',]}
}
get_virtual_systems() → dict
Get virtual systems information.
Returns a dictionary with configured virtual systems.
The keys of the main dictionary represents virtual system ID.
The values represent the detail of the virtual system,
represeted by the following keys.
* type (str)
* name (str)
* policy (str)
* sic (str)
Returns:dict
example::
{
0:
{‘
‘type’: ‘VSX Gateway’, ‘name’: ‘dummy_vsx_gw’, ‘policy’: ‘dummy_policy’ ‘sic’: ‘Trust established’

}

}

is_alive()
not implemented yet
Parameters:kwargs
Returns:
load_merge_candidate(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
load_replace_candidate(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
load_template(**kwargs)
not implemented yet
Parameters:kwargs
Returns:
open()

Opens a connection to the device.

ping(destination: str, **opts) → dict
ping destination from device
vsx/vrf is currently not supported, neither is setting timeout
Parameters:
  • destination – str
  • opts – dict
opts:
  • source: (<interface|ip-address>: str)
  • ttl: (1-255: int)
  • timeout: None
  • vrf: None
  • size: (8-65507: int)
  • count: (1-1000: int)

example:

{
'source': 'eth0',
'ttl': 30,
'timeout': None,
'size': 1500,
'count': 10,
'vrf': None
}
Returns:dict

example:

{
    'success': {
        'probes_sent': 5,
        'packet_loss': 0,
        'rtt_min': 72.158,
        'rtt_max': 72.433,
        'rtt_avg': 72.268,
        'rtt_stddev': 0.094,
        'results': [
            {
                'ip_address': u'1.1.1.1',
                'rtt': 72.248
            },
            {
                'ip_address': u'1.1.1.1',
                'rtt': 72.299
            }
        ]
    }
}

OR:

{
    'error': 'unknown host 8.8.8.8'
}
rollback()
not implemented yet
Parameters:kwargs
Returns:
send_clish_cmd(cmd: str) → str

send clish command

Parameters:cmd – str
Returns:(str)
send_expert_cmd(cmd: str) → str

send expert-mode command(requires expert-password)

Parameters:cmd – str
Returns:str
traceroute(**kwargs)
not implemented yet
Parameters:kwargs
Returns: