JackyCZJ/list_status.py

## list_status.py
#!/usr/local/bin/python3

#copy from https://github.com/opnsense/core/blob/30a9195437c00085fed7b5c3989b4c3bfef9e34c/src/opnsense/scripts/ipsec/list_status.py

import sys
import socket
import json
import vici
try:
    s = vici.Session()
except socket.error:
    # cannot connect to session, strongswan not running?
    print ('ipsec not active')
    sys.exit(0)


def parse_sa(in_conn):
    result = {'local-addrs': '', 'remote-addrs': '', 'children': '', 'local-id': '', 'remote-id': ''}
    result['version'] = in_conn['version']
    if 'local_addrs' in in_conn:
        result['local-addrs'] = b','.join(in_conn['local_addrs'])
    elif 'local-host' in in_conn:
        result['local-addrs'] = in_conn['local-host']
    if 'remote_addrs'  in in_conn:
        result['remote-addrs'] =  b','.join(in_conn['remote_addrs'])
    elif 'remote-host' in in_conn:
        result['remote-addrs'] = in_conn['remote-host']
    if 'children' in in_conn:
        result['children'] = in_conn['children']

    result['sas'] = []
    return result

result = dict()
# parse connections
for conns in s.list_conns():
    for connection_id in conns:
        result[connection_id] = parse_sa(conns[connection_id])
        result[connection_id]['routed'] = True
        result[connection_id]['local-class'] = []
        result[connection_id]['remote-class'] = []
        # parse local-% and remote-% keys
        for connKey in conns[connection_id].keys():
            if connKey.find('local-') == 0:
                if 'id' in conns[connection_id][connKey]:
                    result[connection_id]['local-id'] = conns[connection_id][connKey]['id']
                result[connection_id]['local-class'].append(conns[connection_id][connKey]['class'])
            elif connKey.find('remote-') == 0:
                if 'id' in conns[connection_id][connKey]:
                    result[connection_id]['remote-id'] = conns[connection_id][connKey]['id']
                result[connection_id]['remote-class'].append(conns[connection_id][connKey]['class'])
        result[connection_id]['local-class'] = b'+'.join(result[connection_id]['local-class'])
        result[connection_id]['remote-class'] = b'+'.join(result[connection_id]['remote-class'])

# attach Security Associations
for sas in s.list_sas():
    for sa in sas:
        if sa not in result:
            result[sa] = parse_sa(sas[sa])
            result[sa]['routed'] = False
        result[sa]['sas'].append(sas[sa])

#deal with bytes
def deal_with_bytes(data):
    if isinstance(data, bytes):
        return data.decode('utf-8')
    if isinstance(data, list):
        return [deal_with_bytes(i) for i in data]
    if isinstance(data, dict):
        return {deal_with_bytes(k): deal_with_bytes(v) for k, v in data.items()}
    return data

data = deal_with_bytes(result)
#pretty print
print(json.dumps(data, sort_keys=True, indent=4, separators=(',', ': ')))
	#!/usr/local/bin/python3

	#copy from https://github.com/opnsense/core/blob/30a9195437c00085fed7b5c3989b4c3bfef9e34c/src/opnsense/scripts/ipsec/list_status.py

	import sys
	import socket
	import json
	import vici
	try:
	s = vici.Session()
	except socket.error:
	# cannot connect to session, strongswan not running?
	print ('ipsec not active')
	sys.exit(0)


	def parse_sa(in_conn):
	result = {'local-addrs': '', 'remote-addrs': '', 'children': '', 'local-id': '', 'remote-id': ''}
	result['version'] = in_conn['version']
	if 'local_addrs' in in_conn:
	result['local-addrs'] = b','.join(in_conn['local_addrs'])
	elif 'local-host' in in_conn:
	result['local-addrs'] = in_conn['local-host']
	if 'remote_addrs' in in_conn:
	result['remote-addrs'] = b','.join(in_conn['remote_addrs'])
	elif 'remote-host' in in_conn:
	result['remote-addrs'] = in_conn['remote-host']
	if 'children' in in_conn:
	result['children'] = in_conn['children']

	result['sas'] = []
	return result

	result = dict()
	# parse connections
	for conns in s.list_conns():
	for connection_id in conns:
	result[connection_id] = parse_sa(conns[connection_id])
	result[connection_id]['routed'] = True
	result[connection_id]['local-class'] = []
	result[connection_id]['remote-class'] = []
	# parse local-% and remote-% keys
	for connKey in conns[connection_id].keys():
	if connKey.find('local-') == 0:
	if 'id' in conns[connection_id][connKey]:
	result[connection_id]['local-id'] = conns[connection_id][connKey]['id']
	result[connection_id]['local-class'].append(conns[connection_id][connKey]['class'])
	elif connKey.find('remote-') == 0:
	if 'id' in conns[connection_id][connKey]:
	result[connection_id]['remote-id'] = conns[connection_id][connKey]['id']
	result[connection_id]['remote-class'].append(conns[connection_id][connKey]['class'])
	result[connection_id]['local-class'] = b'+'.join(result[connection_id]['local-class'])
	result[connection_id]['remote-class'] = b'+'.join(result[connection_id]['remote-class'])

	# attach Security Associations
	for sas in s.list_sas():
	for sa in sas:
	if sa not in result:
	result[sa] = parse_sa(sas[sa])
	result[sa]['routed'] = False
	result[sa]['sas'].append(sas[sa])

	#deal with bytes
	def deal_with_bytes(data):
	if isinstance(data, bytes):
	return data.decode('utf-8')
	if isinstance(data, list):
	return [deal_with_bytes(i) for i in data]
	if isinstance(data, dict):
	return {deal_with_bytes(k): deal_with_bytes(v) for k, v in data.items()}
	return data

	data = deal_with_bytes(result)
	#pretty print
	print(json.dumps(data, sort_keys=True, indent=4, separators=(',', ': ')))