在華爲usg防火牆上配置了snmp v3,通過python的netsnmp模塊獲取接口上的公網上。
- usg上的snmp配置,將yorur_usernam、your_auth_pass、yoru_priva_pass替換你自己的設置
snmp-agent
snmp-agent sys-info version v3
snmp-agent group v3 v3group privacy read-view v3view write-view v3view notify-view v3view
snmp-agent mib-view included v3view iso
snmp-agent usm-user v3 your_username
snmp-agent usm-user v3 your_username group v3group
snmp-agent usm-user v3 your_username authentication-mode sha cipher your_auth_pass
snmp-agent usm-user v3 your_username privacy-mode aes128 cipher yoru_priva_pass
snmp-agent trap source Vlanif11
snmp-agent trap enable
int vlan 11
service-manage snmp permit-
在linux下通過下面的命令可以獲取usg接口上的所有IP
snmpwalk -O n -v 3 -u your_username \ -a SHA -A 'your_auth_pass' \ -x AES -X 'yoru_priva_pass' \ -l authPriv your_vlan11_ip IP-MIB::ipAdEntAddr - 通過python腳本獲取接口上的公網IP
#!/usr/.bin/pythyon
import netsnmp
from IPy import IP
ips = netsnmp.snmpwalk(".1.3.6.1.2.1.4.20.1.1",
Version=3,
SecName="your_username",
DestHost="yoru_vlan11_ip",
AuthProto="SHA",
AuthPass="your_auth_pass",
PrivProto="AES",
PrivPass="yoru_priva_pass",
SecLevel="authPriv"
)
for ip in ips:
if IP(ip).iptype() is 'PUBLIC':
print ip