Python

Testing TCP Network Firewall Ports from ESXi

As we all transition to ESXi there are certain activities that we need to figure out a new way of doing. One item that comes up in new deployments is making sure that all of the ESXi –> firewall rules are defined correctly.

I do not believe that there is a way to do this from the SDK so its off to Tech Support Mode. Unfortunately there is no telnet, netcat, or other network tool that I typically use.

Python to the rescue:

#!/bin/env python
import sys
import os
from socket import *
 
def usage():
    print "USAGE: %s <host> <port>" % (sys.argv[0],)
    sys.exit(1)
 
# Check the # of parameters
if not len(sys.argv) == 3:
    usage()
 
# Check that the host and the port are appropriate.
try:
    host = sys.argv[1]
    port = int(sys.argv[2])
except:
    usage()
 
print "Attempting a TCP connection to host '%s' on port '%s'.\n" % (host, port)
try:
    s = socket(AF_INET, SOCK_STREAM)
    s.connect((host, port))
except Exception, e:
    print "Connection Failed: %s." % (e,)
else:
    print "Connection successful."

Python can also send UDP packets fairly easily, but since there is no connection the only way to tell if the traffic worked is to monitor it on in the network or on the destination side. As a result it is just as easy to do the operation that requires the port and if it fails, set up the traffic monitor.