0

我设法重用了脚本代码,但我遇到的问题超出了我的范围,请原谅我不是脚本或 xml 人......非常感谢任何帮助!

我认为这是 POST 命令与 powershell 结构相关的 XML 数据格式,特别是当 XML 标记缩进/具有多级时:

  • 源IP范围
  • 目的地IP范围
  • 端口范围

我还有其他功能可以在 xml 标记数据处于同一级别的情况下工作,即没有缩进,一切都很好......

function create_acl ($networkname,$newaclname,$newaclposition,$aclaction,$protoltype,$SourceIP,$SourceSubnetMask,$DestIP,$DestSubnetMask,$portRange,$port1,$port2,$direction){
Write-host "Creating new ACL rule [" -nonewline 
Write-host $newaclname -nonewline -ForegroundColor Yellow
Write-Host "]... " -nonewline 
$createacl = "<AclRule xmlns='http://cloud.net/schemas/network'>
    <name>" + $newaclname +"</name>
    <position>" + $newaclposition + "</position>
    <action>" + $aclaction + "</action>
    <protocol>" + $protoltype + "</protocol>
    <sourceIpRange>
        <ipAddress>" + $SourceIP + "</ipAddress>
        <netmask>" + $SourceSubnetMask + "</netmask>
   </sourceIpRange>
   <destinationIpRange>
        <ipAddress>" + $DestIP + "</ipAddress>
        <netmask>" + $DestSubnetMask + "</netmask>
   </destinationIpRange>
   <portRange>
        <type>" + $portRange + "</type>
        <port1>" + $port1 + "</port1>
        <port2>" + $port2 + "</port2>
   </portRange>
   <type>" + $direction + "</type>
</ACLRule>"
try{
    $out = post_xml ("/oec/0.9/" + $account.account.orgId + "/network/" + $networkbyname[$networkname] + "/aclrule") $createacl
    if($out.status.result -eq "SUCCESS"){
        Write-host "Done" -ForegroundColor Green
    }else{
        Write-host "Failed" -ForegroundColor Red
        Write-host $out.status.resultDetail "-" $out.status.resultCode -ForegroundColor Red
    }
}
catch [Net.WebException] {
    Write-host "Failed" -ForegroundColor Red
    Write-host "-" $error[0] 
    write-host "- 400 Bad request could mean the acl already exists"
    write-host "- Continuing anyway..."
}
get_networkinfo
}

该命令通过以下方式执行

create_acl "Network-1" "Test" "150" "DENY" "TCP" "10.214.32.0" "255.255.255.0" "10.214.33.0" "255.255.255.0" "Range" "8080" "8081" "INSIDE_ACL"

结果是

PS C:\Users\mike\Cloud\Scripts> create_acl "Network-1" "Test" "150" "DENY" "TCP" "10.214.32.0" "255.255.255.0" "10.214.33.0" "255.255.255.0" "Range" "8080" "8081" "INSIDE_ACL"
Creating new ACL rule [Test]... Failed
Exception calling "UploadData" with "3" argument(s): "The remote server returned an error: (400) Bad Request."

如果我使用 Chrome 的 Postman Rest Client,XML 数据如下所示

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AclRule xmlns="http://cloud.net/schemas/network">
<name>Test</name>
<position>150</position>
<action>DENY</action>
<protocol>TCP</protocol>
<sourceIpRange>
    <ipAddress>10.214.32.0</ipAddress>
    <netmask>255.255.255.0</netmask>
</sourceIpRange>
<destinationIpRange>
    <ipAddress>10.212.33.0</ipAddress>
    <netmask>255.255.255.0</netmask>
</destinationIpRange>
<portRange>
    <type>RANGE</type>
    <port1>8080</port1>
    <port2>8081</port2>
</portRange>
<type>INSIDE_ACL</type>
</AclRule>

如果我删除所有变量,它仍然会返回错误

function create_acl {
Write-host "Creating new ACL rule [" -nonewline 
Write-host $newaclname -nonewline -ForegroundColor Yellow
Write-Host "]... " -nonewline 
$createacl = "<AclRule xmlns='http://cloud.net/schemas/network'>
  <name>Test</name>
  <position>150</position>
  <action>DENY</action>
  <protocol>TCP</protocol>
  <sourceIpRange>
      <ipAddress>10.214.32.0</ipAddress>
      <netmask>255.255.255.0</netmask>
  </sourceIpRange>
  <destinationIpRange>
      <ipAddress>10.212.33.0</ipAddress>
      <netmask>255.255.255.0</netmask>
  </destinationIpRange>
  <portRange>
      <type>RANGE</type>
      <port1>8080</port1>
      <port2>8081</port2>
  </portRange>
  <type>INSIDE_ACL</type>
</AclRule>" 
}
try{
    $out = post_xml ("/oec/0.9/" + $account.account.orgId + "/network/89e8ecc4-6c86-11e2-9153-001b21cfdbe0/aclrule") $createacl
    if($out.status.result -eq "SUCCESS"){
        Write-host "Done" -ForegroundColor Green
    }else{
        Write-host "Failed" -ForegroundColor Red
        Write-host $out.status.resultDetail "-" $out.status.resultCode -ForegroundColor Red
    }
}
catch [Net.WebException] {
    Write-host $_.Exception.ToString()
    }

get_networkinfo

}

PS C:\Users\mike\Cloud\Scripts> create_acl
Creating new ACL rule []... System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.WebClient.UploadDataInternal(Uri address, String method, Byte[] data, WebRequest& request)
at System.Net.WebClient.UploadData(Uri address, String method, Byte[] data)
at CallSite.Target(Closure , CallSite , Object , Object , String , Byte[] )
Getting Network Information... Done

谢谢迈克

4

1 回答 1

0

我认为您没有正确地通过字符串构造 XML。您想使用“此处字符串”,例如:

$createacl = @"
<AclRule xmlns='http://cloud.net/schemas/network'>
   <name>$newaclname</name>
   <position>$newaclposition</position>
   <action>$aclaction</action>
   <protocol>$protoltype</protocol>
   <sourceIpRange>
        <ipAddress>$SourceIP</ipAddress>
        <netmask>$SourceSubnetMask</netmask>
   </sourceIpRange>
   <destinationIpRange>
        <ipAddress>$DestIP</ipAddress>
        <netmask>$DestSubnetMask</netmask>
   </destinationIpRange>
   <portRange>
        <type>$portRange</type>
        <port1>$port1</port1>
        <port2>$port2</port2>
   </portRange>
   <type>$direction</type>
</AclRule>
"@

请注意,此处的字符串起始序列@"后面不能有任何内容(甚至没有空格),并且终止字符序列"@必须出现在第 0 列中,否则您将收到错误消息。您可以通过简单地将字符串转换为 [xml] 来测试该字符串是否是有效的 XML,如下所示:

$xml = [xml]$createacl
于 2013-09-03T04:38:07.770 回答