I m using Python AWS-SDK BOTO. I m trying to retrieve all the security group details of my account.
secgrpList = ec2conn.get_all_security_groups()
ipRange = secgrpList[0].rules[1].ipRanges
print ipRange
print type(ipRange).__name__
But when i print the ipRange it shows nothing just two enter. When i check the type it is unicode. I even tried to conver to string str() but in vain.
What is the issue ? How can i retrieve the details ?
Please advice me.
To loop over all security groups and print its rules including protocol, ports and ip range, try this:
import boto.ec2
conn = boto.ec2.connect_to_region("eu-west-1")
groups = conn.get_all_security_groups()
for group in groups:
print group.name
for rule in group.rules:
print rule.ip_protocol, rule.from_port, rule.to_port, rule.grants
which may result:
default
tcp 22 22 [0.0.0.0/0]
tcp 80 80 [0.0.0.0/0]
You might find the AWS CLI as helpful in this case.
aws ec2 describe-security-groups --query 'SecurityGroups[*].IpPermissions[*].IpRanges' --output text
Or any other query string you need based on the reply structure: http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-groups.html
Related
My task is to clear out our Route 53 from all the old Domain names. We have 700 records but only 200 running instances.
I have tried AWS CLI to get the EC2 instances IP address which worked fine.
I can't seem to make a correct query on Route 53 CLI to get just the Domain Names plus the A records.
Ideally, I'd get both in a CSV format then use python to compare them.
Here is one of the Route 53 queries I tried:
aws route53 list-resource-record-sets --hosted-zone-id XXXX --output text --query 'ResourceRecordSets[*].[Name,ResourceRecords[*]]' | sed -E 's/\s+/,/g' > domains.csv
As suggested by Mark B, use python and boto3.
This is by no means perfect and you should probably add some more filtering by type etc but it's a start. I hope it helps you in the right direction.
import boto3
import json
r53 = boto3.client('route53')
result=r53.list_resource_record_sets(HostedZoneId="REPLACE_WITH_HOSTED_ZONE_ID")
for r in result["ResourceRecordSets"]:
output = r["Name"]
try:
for o in r["ResourceRecords"]:
output += ","+o["Value"]
except KeyError:
pass
print(output)
I ended up using Vlookup with the two CSVs tables. I compared each IP Address in Sheet 1 with the IP address in Sheet 2.
That worked for this use case as it was a one time operation.
I am trying to write a script that will take a FQDN and give me the hostname as well as the (sub)domain.
I am able to get the hostname, but I can't figure out how to also get the entire domain, including any subdomains.
Please note that these domains & subdomains would be internal domains and not public domains.
import re
words = "testing.something.thisdomain.com"
stuff = re.match(r"(.+?)(?=\.)", words)
print(stuff.group(1))
This works even if your fqdn does not have any subdomains
Code:
fqdn = "testing.something.thisdomain.com"
tld, domain, *sub_domains = fqdn.split(".")[::-1]
print(tld,domain,sub_domains)
Output:
com thisdomain ['something', 'testing']
Instead of doing a bunch of fancy regex couldn't we just use split on the string and print which part you need?
words = "testing.something.thisdomain.com"
stuff = words.split(".")
print(stuff[1])
I've the following problem : I'm actually making a script for an ovirt server to automatically delete virtual machine which include unregister them from the DNS. But for some very specific virtual machine there is multiple FQDN for an IP address example:
myfirstfqdn.com IN A 10.10.10.10
mysecondfqdn.com IN A 10.10.10.10
I've tried to do it with socket in Python but it return only one answer, I've also tried python with dnspython but I failed.
the goal is to count the number of type A record on the dns server
Anyone have an idea to do stuff like this?
That's outright impossible. If I am in the right mood, I could add an entry to my DNS server pointing to your IP address. Generally, you cannot find it out (except for some hints in some protocols like http(s)).
Given a zone file in the above format, you could do something like...
from collections import defaultdict
zone_file = """myfirstfqdn.com IN A 10.10.10.10
mysecondfqdn.com IN A 10.10.10.10"""
# Build mapping for lookups
ip_fqdn_mapping = defaultdict(list)
for record in zone_file.split("\n"):
fqdn, record_class, record_type, ip_address = record.split()
ip_fqdn_mapping[ip_address].append(fqdn)
# Lookup
ip_address_to_lookup = "10.10.10.10"
fqdns = ip_fqdn_mapping[ip_address_to_lookup]
print(fqdns)
Note: Using socket can be done like so - Python lookup hostname from IP with 1 second timeout
However this does require that DNS server that you are querying has correctly configured PTR reverse records.
https://www.cloudns.net/wiki/article/40/
I've been trying to figure out how to add an alias and IP address with a port as a response to a DNS query with the alias. I am running a simple DNS server written in Python, specifically https://gist.github.com/andreif/6069838
I've read that the alias and IP are normally pulled from the records or zone files but this server doesn't have any so I am unclear as to where they would be added were I to manually specify the alias and IP with a port. I've tried to manually write my DNS response only to realize that I am not sure where the alias and IP are being retrieved from. Also I'm not sure why but when I query the server with nslookup the server seems to also not pass the alias query because the qn variable seems to only hold the string 'server' and nothing else. The qn variable part is in the example below.
def dns_response(data):
request = DNSRecord.parse(data)
print request
reply = DNSRecord(DNSHeader(id=request.header.id, qr=1, aa=1, ra=1), q=request.q)
qname = request.q.qname
qn = str(qname)
qtype = request.q.qtype
qt = QTYPE[qtype]
TL;DR How do I add an alias and ip address with a port as a reply to an alias DNS query?
Edit: I've fixed the simple DNS program for Python 2.7.12, if you have a problem with it not receiving the QName remove the .strip() on the UDP request. Also make sure your domain name ends with '.' as in test.com. otherwise it will not find a match since it will be comparing "test.com" to "test.com.". Also change all of the reply.add_ns with reply.add_answer since the first function does not exist. If you are not receiving an A as a response for your query add reply.add_answer(RR(rname=qname, rtype=1,rclass=1, ttl=TTL, rdata=rdata)) the key change here is the Response type, rtype=1 indicates that it is an A response as opposed to a SOA or NS response. See www.zytrax.com/books/dns/ch15 for a detailed brake down of the DNS packet.
You can't - a standard DNS A or AAAA record doesn't contain a port number.
How do I specify multi-argument matches with python-iptables?
For example, the following iptables command:
-A INPUT -s 1.1.1.1 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
If I create the following:
import iptc
rule = iptc.Rule()
rule.src = '1.1.1.1'
rule.protocol = 'tcp'
t = rule.create_target('DROP')
m = rule.create_match('tcp')
m.tcp_flags = 'FIN,SYN,RST,ACK SYN'
it will complain:
ValueError: invalid value FIN,SYN,RST,ACK SYN
PS: I know that for my particular example, I can simply use m.syn = '1', but I'm trying to generalize on how to specify multi-argument matches.
Are you using the latest version? See this issue.
Okay... someone tried to post an answer, but he/she deleted it when I was commenting on it.
The answer attempt was:
m.tcp_flags = ['FIN', 'SYN', 'RST', 'ACK SYN']
which gave the wrong result:
print m.parameters
{u'tcp_flags': u'FIN SYN'}
However, that inspired me to try the following:
m.tcp_flags = ['FIN,SYN,RST,ACK', 'SYN']
which gives:
>>> match.parameters
{u'tcp_flags': u'FIN,SYN,RST,ACK SYN'}
Committing that rule into the INPUT chain and running iptables-save shows that it properly returns the rule I want.
So, thank you!