Save-Rules-A10

1.0.0

Save-Rules-A10.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
                                <#PSScriptInfo

.VERSION 1.0.0

.GUID 8e38f4d8-70a4-479e-90d9-8e87fe160c09

.AUTHOR Felipe Fuentes Milosavljevic - ffuentes3003@gmail.com

.COMPANYNAME Felipe Fuentes

.COPYRIGHT (c) 2020 Felipe Fuentes. All rights reserved.

.TAGS Get Rules A10, A10, Axapi/v3, Virtual Server, Service Group, Members

#>

<#

.DESCRIPTION

 Get Rules From A10 Network axapi V3

.EXAMPLE

Enter Ip For A10 To Connect: IP Address A10 Network

Enter Username For A10 IPAddresA10 : UserName For A10 Login

Enter Password For A10 IPAddresA10 - Username ffuentes : Password for Username Login A10 

Enter Name File For Export Data: Only Name for File Csv Export

#> 

Clear-Host

Add-Type @"

    using System;

    using System.Net;

    using System.Net.Security;

    using System.Security.Cryptography.X509Certificates;

    public class ServerCertificateValidationCallback

    {

        public static void Ignore()

        {

            ServicePointManager.ServerCertificateValidationCallback +=

                delegate

                (

                    Object obj,

                    X509Certificate certificate,

                    X509Chain chain,

                    SslPolicyErrors errors

                )

                {

                    return true;

                };

        }

    }

"@

[ServerCertificateValidationCallback]::Ignore();

#force TLS1.2 (necessary for the management interface)

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;    

 #$CredA10 = Get-Credential -Message "Enter Credential For A10"

$device = Read-Host -Prompt "Enter Ip For A10 To Connect"

$username = Read-Host -Prompt "Enter Username For A10 $device"

$password = Read-Host -Prompt "Enter Password For A10 $device - Username $username "

$filename = Read-Host -Prompt "Enter Name File For Export Data"

$exportCSV = "$PSScriptRoot\$filename.csv"

$prefix = "https:" #Prefix Https

$base = "axapi/v3" #Base Uri

$apiauth = "axapi/v3/auth" #Uri Authenticate API

$apisrv = "axapi/v3/slb/virtual-server" #Uri Get VirtualServer

$apisgs = "axapi/v3/slb/service-group" #Uri Get ServiceGroup

#Credential Json

$jsoncreds = @"

{"credentials": {"username": "$username", "password": "$password"}}

"@

#Obtain Token Connection

$request = Invoke-RestMethod -Method Post -Uri "$prefix//$device/$apiauth" -Body $jsoncreds -ContentType application/json -ErrorVariable lostconnection | Select -ExpandProperty authresponse

$signature = $request.Signature

#Header

$head = @{ Authorization= "A10 $signature" }

function Get-A10Rules {

    param($vs1, $IP1, $vipProtocol, $portVS, $SNAT, $sg, $profileSSL, $member, $PortMember, $MemberState)

    $objError = New-Object System.Object

    $objError | Add-Member -type NoteProperty -name VirtualServer -value $($vs1)

    $objError | Add-Member -type NoteProperty -name IPVip -value $($IP1)

    $objError | Add-Member -type NoteProperty -name PortVip -value $($portVS)

    $objError | Add-Member -type NoteProperty -name ProtocolVip -value $($portVS)

    $objError | Add-Member -type NoteProperty -name SNAT -value $($SNAT)

    $objError | Add-Member -type NoteProperty -name ServiceGroup -value $($sg)

    $objError | Add-Member -type NoteProperty -name ProfileSSL -value $($profileSSL)

    $objError | Add-Member -type NoteProperty -name Member -value $($member)

    $objError | Add-Member -type NoteProperty -name PortMember -value $($PortMember)

    $objError | Add-Member -type NoteProperty -name MemberState -value $($MemberState)

    $objError

}

#Write-Host "$prefix//$device/$apisrv/$fullvs"

$teste = Invoke-RestMethod -Method Default -Uri "$prefix//$device/$base/slb/?format=json" -Headers $head -ContentType application/json | Select -ExpandProperty slb 

foreach($allin in $teste)

{

       $data = @()

       $data += $allin

      foreach($fullvs in $data.'virtual-server-list'.name){

        $vsdata = Invoke-RestMethod -Method Default -Uri "$prefix//$device/$apisrv/$fullvs" -Headers $head -ContentType application/json

        $nameVS = $vsdata.'virtual-server'.name

        $IpAddressVIP = $vsdata.'virtual-server'.'ip-address'

        $portVip = $vsdata.'virtual-server'.'port-list'.'port-number'

        $vsprotocol = $vsdata.'virtual-server'.'port-list'.protocol

        $vsSnat = $vsdata.'virtual-server'.'port-list'.pool

        $sg = $vsdata.'virtual-server'.'port-list'.'service-group'

        $profileSSL = $vsdata.'virtual-server'.'port-list'.'template-client-ssl'

        $searchSG = Invoke-RestMethod -Method Default -Uri "$prefix//$device/$apisgs/$sg" -Headers $head -ContentType application/json

        foreach($member in $searchSG){

            $mem = $member.'service-group'.'member-list'.name

            $memPort = $member.'service-group'.'member-list'.port

            $memState = $member.'service-group'.'member-list'.'member-state'

            Get-A10Rules -vs1 $nameVS -IP1 $IpAddressVIP -portVS $($portVip -join ",") -vipProtocol $($vsprotocol -join ",") -SNAT $($vsSnat -join ",") -sg $($sg -join ",") -profileSSL $($profileSSL -join ",") -member $($mem -join ",") -PortMember $($memPort -join ",") -MemberState $($memState -join ",") | Export-Csv -Path $exportCSV -Delimiter "," -NoTypeInformation -Append

        }

      }

}

Write-Host "The File Export Path is $exportCSV"