Skip to main content

Fortigate-api plugin for Nornir

Project description

Fortigate Plugin for Nornir

Plugins

Connections - Pyfgt

Description

"This plugin integrates the fortigate-api library with the Nornir framework to simplify and automate configuration tasks on Fortigate devices. Using this plugin, you can easily create, delete, get, and update objects in the Fortigate using REST API and SSH. With commonly used objects already implemented."

Fortigate-API library - https://github.com/vladimirs-git/fortigate-api

Installation

pip install nornir-pyfgt

Read the Documentation

https://nornir-pyfgt.readthedocs.io/en/latest/

Usages

pyfgt get firewall addresses

from nornir import InitNornir
from nornir_pyfgt.plugins.tasks import pyfgt_address
from nornir_utils.plugins.functions import print_result

nr = InitNornir(
    config_file="your/config/path"
)


results = nr.run(task=pyfgt_address)

print_result(results)

results

vvvv pyfgt_address ** changed : False vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv INFO
[ { 'allow-routing': 'disable',
    'associated-interface': '',
    'cache-ttl': 0,
    'clearpass-spt': 'unknown',
    'color': 0,
    'comment': '',
    'country': '',
    'dirty': 'dirty',
    'fabric-object': 'disable',
    'filter': '',
    'fsso-group': [],
    'interface': '',
    'list': [],
    'macaddr': [],
    'name': 'DEMO',
    'node-ip-only': 'disable',
    'obj-id': '',
    'obj-type': 'ip',
    'q_origin_key': 'ADDRESS',
    'sdn': '',
    'sdn-addr-type': 'private',
    'sub-type': 'sdn',
    'subnet': '10.10.10.10 255.255.255.0',
    'tag-detection-level': '',
    'tag-type': '',
    'tagging': [],
    'type': 'ipmask',
    'uuid': '0cdb9216-a648-51ed-b43f-238c3b127bc2'},
    ...
^^^^ END pyfgt_address ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

pyfgt get custom URL - Check Fortigate API Documentation for API endpoints

from nornir import InitNornir
from nornir_utils.plugins.functions import print_result
from nornir_pyfgt.plugins.tasks import pyfgt_get_url


nr = InitNornir(
    config_file="your/config/path"
)


results = nr.run(task=pyfgt_get_url, url="/api/v2/cmdb/user/local")

print_result(results)

results

vvvv pyfgt_get_url ** changed : False vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv INFO
[ { 'auth-concurrent-override': 'disable',
    'auth-concurrent-value': 0,
    'authtimeout': 0,
    'email-to': '',
    'fortitoken': '',
    'id': 16777217,
    'ldap-server': '',
    'name': 'guest',
    'passwd': 'ENC XXXX',
    'passwd-policy': '',
    'passwd-time': '0000-00-00 00:00:00',
    'ppk-identity': '',
    'ppk-secret': '',
    'q_origin_key': 'guest',
    'radius-server': '',
    'sms-custom-server': '',
    'sms-phone': '',
    'sms-server': 'fortiguard',
    'status': 'enable',
    'tacacs+-server': '',
    'two-factor': 'disable',
    'two-factor-authentication': '',
    'two-factor-notification': '',
    'type': 'password',
    'username-sensitivity': 'enable',
    'workstation': ''}]
^^^^ END pyfgt_get_url^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

pyfgt send SSH command

from nornir import InitNornir
from nornir_utils.plugins.functions import print_result
from nornir_pyfgt.plugins.tasks import pyfgt_send_command


nr = InitNornir(
    config_file="your/config/path"
)


results = nr.run(task=pyfgt_send_command, command="get system interface")

print_result(results)

results

vvvv pyfgt_send_command ** changed : False vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv INFO
== [ port1 ]
name: port1   mode: dhcp    ip: 192.168.0.158 255.255.255.0   status: up    netbios-forward: disable    type: physical   ring-rx: 0   ring-tx: 0   netflow-sampler: disable    sflow-sampler: disable    src-check: enable    explicit-web-proxy: disable    explicit-ftp-proxy: disable    proxy-captive-portal: disable    mtu-override: disable    wccp: disable    drop-overlapped-fragment: disable    drop-fragment: disable
== [ port2 ]
name: port2   mode: static    ip: 0.0.0.0 0.0.0.0   status: up    netbios-forward: disable    type: physical   ring-rx: 0   ring-tx: 0   netflow-sampler: disable    sflow-sampler: disable    src-check: enable    explicit-web-proxy: disable    explicit-ftp-proxy: disable    proxy-captive-portal: disable    mtu-override: disable    wccp: disable    drop-overlapped-fragment: disable    drop-fragment: disable
...
^^^^ END pyfgt_send_command ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nornir_pyfgt-1.0.3.tar.gz (8.5 kB view hashes)

Uploaded Source

Built Distribution

nornir_pyfgt-1.0.3-py3-none-any.whl (17.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page