How to use the vici.Session function in vici

To help you get started, we’ve selected a few vici examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github opnsense / core / src / opnsense / scripts / ipsec / list_status.py View on Github external
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGE.

    --------------------------------------------------------------------------------------
    list ipsec status, using vici interface
"""

import sys
import socket
import ujson
import vici
try:
    s = vici.Session()
except socket.error:
    # cannot connect to session, strongswan not running?
    print ('ipsec not active')
    sys.exit(0)


def parse_sa(in_conn):
    result = {'local-addrs': '', 'remote-addrs': '', 'children': '', 'local-id': '', 'remote-id': ''}
    result['version'] = in_conn['version']
    if 'local_addrs' in in_conn:
        result['local-addrs'] = b','.join(in_conn['local_addrs'])
    elif 'local-host' in in_conn:
        result['local-addrs'] = in_conn['local-host']
    if 'remote_addrs'  in in_conn:
        result['remote-addrs'] =  b','.join(in_conn['remote_addrs'])
    elif 'remote-host' in in_conn:
github strongswan / strongMan / strongMan / helper_apps / vici / wrapper / wrapper.py View on Github external
def _connect_socket(self):
        try:
            self.socket = socket.socket(socket.AF_UNIX)
            self.socket.connect(self.socket_path)
            self.session = vici.Session(self.socket)
        except Exception as e:
            raise ViciSocketException("Vici is not reachable! " + str(e))
github opnsense / core / src / opnsense / scripts / ipsec / connect.py View on Github external
"""
import sys
import os
import subprocess
import ujson
import vici

# parse input parameter
conn_id = None
if len(sys.argv) > 1:
    p_conn_id = sys.argv[1].strip()

# validate if SA is active before trying to disconnect, validates input data
# and collect child sa's to bring up.
conns_found = []
s = vici.Session()
for conns in s.list_conns():
    for conn in conns:
        if conn == p_conn_id:
            conns_found.append(conn)
            for child in conns[conn]['children']:
                if child not in conns_found:
                    conns_found.append(child)

# setup connection if found
for conn_id in conns_found:
    subprocess.run(['/usr/local/sbin/ipsec', 'up', conn_id], capture_output=True)
github opnsense / core / src / opnsense / scripts / ipsec / disconnect.py View on Github external
disconnect ipsec connection
"""
import sys
import os
import subprocess
import ujson
import vici

# parse input parameter
conn_id = None
if len(sys.argv) > 1:
    conn_id = sys.argv[1].strip()

# validate if SA is active before trying to disconnect, validates input data
conn_found = False
s = vici.Session()
for sas in s.list_sas():
    for sa in sas:
        if sa == conn_id:
            conn_found = True

# terminate connection if found
if conn_found:
    subprocess.run(['/usr/local/sbin/ipsec', 'down', conn_id], capture_output=True)

vici

Native Python interface for strongSwan's VICI protocol

MIT
Latest version published 1 year ago

Package Health Score

48 / 100
Full package analysis

Popular vici functions