forked from vladimirs-git/fortigate-api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfortigate.py
109 lines (91 loc) · 3.32 KB
/
fortigate.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
"""Fortigate examples.
- User-Based Authentication
- Create address in the Fortigate
- Get address data from the Fortigate
- Update address data in the Fortigate
- Check for presence of address in the Fortigate
- Delete address from the Fortigate
- Check for absence of address in the Fortigate
- Get Directory
- Fortigate *with* statement
"""
import logging
from pprint import pprint
from fortigate_api import Fortigate
logging.getLogger().setLevel(logging.DEBUG)
HOST = "host"
USERNAME = "username"
PASSWORD = "password"
fgt = Fortigate(host=HOST, username=USERNAME, password=PASSWORD)
fgt.login()
# Creates address in the Fortigate
print("\nCreates address in the Fortigate")
data = {"name": "ADDRESS",
"obj-type": "ip",
"subnet": "127.0.0.100 255.255.255.252",
"type": "ipmask"}
response = fgt.post(url="api/v2/cmdb/firewall/address/", data=data)
print("post", response) # post <Response [200]>
# Gets address data from the Fortigate
print("\nGets address data from the Fortigate")
addresses = fgt.get(url="api/v2/cmdb/firewall/address/")
addresses = [d for d in addresses if d["name"] == "ADDRESS"]
pprint(addresses)
# [{"comment": "",
# "name": "ADDRESS",
# "subnet": "127.0.0.100 255.255.255.252",
# "uuid": "a386e4b0-d6cb-51ec-1e28-01e0bc0de43c",
# ...
# }]
# Updates address data in the Fortigate
print("\nUpdates address data in the Fortigate")
data = dict(subnet="127.0.0.255 255.255.255.255")
response = fgt.put(url="api/v2/cmdb/firewall/address/ADDRESS", data=data)
print("put", response) # put <Response [200]>
addresses = fgt.get(url="api/v2/cmdb/firewall/address/")
addresses = [d for d in addresses if d["name"] == "ADDRESS"]
print(addresses[0]["subnet"]) # 127.0.0.255 255.255.255.255
# Checks for presence of address in the Fortigate
print("\nChecks for presence of address in the Fortigate")
response = fgt.exist(url="api/v2/cmdb/firewall/address/ADDRESS")
print("exist", response) # <Response [200]>
# Deletes address from the Fortigate
print("\nDeletes address from the Fortigate")
response = fgt.delete(url="api/v2/cmdb/firewall/address/ADDRESS")
print("delete", response) # <Response [200]>
# Checks for absence of address in the Fortigate
print("\nChecks for absence of address in the Fortigate")
response = fgt.exist(url="api/v2/cmdb/firewall/address/ADDRESS")
print("exist", response) # <Response [404]>
# Get logs traffic forward
output = fgt.get(url="/api/v2/log/memory/traffic/forward")
pprint(output)
# [{'_metadata': {'#': 1, 'archive': False, 'logid': 13, 'roll': 63501, ...},
# 'action': 'deny',
# 'appcat': 'unscanned',
# 'craction': 131072,
# 'crlevel': 'high',
# 'crscore': 30,
# ...
# Get list
output = fgt.get_l(url="/api/v2/monitor/firewall/policy?global=1")
pprint(output)
# [{'build': 2093,
# 'http_method': 'GET',
# 'name': 'policy',
# 'path': 'firewall',
# 'results': [{'active_sessions': 0,
# 'asic_bytes': 0,
# 'asic_packets': 0,
# ...
# Get Directory
output = fgt.directory(url="/api/v2/log")
pprint(output)
output = fgt.directory(url="/api/v2/monitor")
pprint(output)
fgt.logout()
# Fortigate *with* statement
print("\nFortigate *with* statement")
with Fortigate(host=HOST, username=USERNAME, password=PASSWORD) as fgt:
response = fgt.exist(url="api/v2/cmdb/firewall/address/ADDRESS")
print("exist", response) # <Response [404]>