SSL API client for Stormshield Network Security appliances

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for stormshield from gravatar.com stormshield

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License 2.0)
  • Author: Remi Pauchet
Classifiers
Report project as malware

Project description

python-SNS-API

A Python client for the Stormshield Network Security appliance SSL API.

Note: this module requires python2.7 or python3.3

API usage

from stormshield.sns.sslclient import SSLClient

client = SSLClient(
    host="10.0.0.254", port=443,
    user='admin', password='password',
    sslverifyhost=False)

response = client.send_command("SYSTEM PROPERTY")

if response:
    model   = response.data['Result']['Model']
    version = response.data['Result']['Version']

    print("Model: {}".format(model))
    print("Firmware version: {}".format(version))
else:
    print("Command failed: {}".format(response.output))

client.disconnect()

Command results

Command results are available in text, xml or python structure formats:

>>> response = client.send_command("CONFIG NTP SERVER LIST")

>>> print(response.output)
101 code=00a01000 msg="Begin" format="section_line"
[Result]
name=ntp1.stormshieldcs.eu keynum=none type=host
name=ntp2.stormshieldcs.eu keynum=none type=host
100 code=00a00100 msg="Ok"

>>> print(response.xml)
<?xml version="1.0"?>
<nws code="100" msg="OK"><serverd ret="101" code="00a01000" msg="Begin"><data format="section_line"><section title="Result"><line><key name="name" value="ntp1.stormshieldcs.eu"/><key name="keynum" value="none"/><key name="type" value="host"/></line><line><key name="name" value="ntp2.stormshieldcs.eu"/><key name="keynum" value="none"/><key name="type" value="host"/></line></section></data></serverd><serverd ret="100" code="00a00100" msg="Ok"></serverd></nws>

>>> print(response.data)
{'Result': [{'name': 'ntp1.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}, {'name': 'ntp2.stormshieldcs.eu', 'keynum': 'none', 'type': 'host'}]}

The keys of the data property are case insensitive, response.data['Result'][0]['name'] and response.data['ReSuLt'][0]['NaMe'] will return the same value.

Results token are also available via response.parser.get() method which accepts a default parameter to return if the token is not present.

>>> print(response.output)
101 code=00a01000 msg="Begin" format="section"
[Server]
1=dns1.google.com
2=dns2.google.com
100 code=00a00100 msg="Ok"

>>> print(response.data['Server']['3'])
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.7/site-packages/requests/structures.py", line 52, in __getitem__
    return self._store[key.lower()][1]
KeyError: '3'

>>> print(response.parser.get(section='Server', token='3', default=None))
None

File upload/download

Files can be downloaded or uploaded by adding a redirection to a file with '>' or '<' at the end of the configuration command.

>>> client.send_command("CONFIG BACKUP list=all > /tmp/mybackup.na")
100 code=00a00100 msg="Ok"

snscli

snscli is a python cli for executing configuration commands and scripts on Stormshield Network Security appliances.

  • Output format can be chosen between section/ini or xml
  • File upload and download available with adding < upload or > download at the end of the command
  • Client can execute script files using --script option.
  • Comments are allowed with #

$ snscli --host <utm>

$ snscli --host <utm> --user admin --password admin --script config.script

Concerning the SSL validation:

  • For the first connection to a new appliance, ssl host name verification can be bypassed with --no-sslverifyhost option.
  • To connect to a known appliance with the default certificate use --host <serial> --ip <ip address> to validate the peer certificate.
  • If a custom CA and certificate is installed, use --host myfirewall.tld --cabundle <ca.pem>.
  • For client certificate authentication, the expected format is a PEM file with the certificate and the unencrypted key concatenated.

Proxy

The library and snscli tool support HTTP and SOCKS proxies, use --proxy scheme://user:password@host:port option.

Build

$ python3 setup.py sdist bdist_wheel

Install

From PyPI:

$ pip3 install stormshield.sns.sslclient

From source:

$ python3 setup.py install

Tests

Warning: some tests require a remote SNS appliance.

$ PASSWORD=password APPLIANCE=10.0.0.254 python3 setup.py test

To run snscli from the source folder without install:

$ PYTHONPATH=. python3 stormshield/sns/cli.py --help

Links

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for stormshield from gravatar.com stormshield

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License 2.0)
  • Author: Remi Pauchet
Classifiers

Release history Release notifications | RSS feed

1.1.1

1.1.0

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

stormshield.sns.sslclient-1.0.1.tar.gz (30.4 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

stormshield.sns.sslclient-1.0.1-py3-none-any.whl (37.8 kB view details)

Uploaded Python 3

stormshield.sns.sslclient-1.0.1-py2-none-any.whl (37.8 kB view details)

Uploaded Python 2

File details

Details for the file stormshield.sns.sslclient-1.0.1.tar.gz.

File metadata

  • Download URL: stormshield.sns.sslclient-1.0.1.tar.gz
  • Upload date:
  • Size: 30.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.6.0 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.7.5

File hashes

Hashes for stormshield.sns.sslclient-1.0.1.tar.gz
Algorithm Hash digest
SHA256 00aa5e07a3c3a41d0955c586be2fc859a604e46e37e2aa4e9f0a0950bc5812f3
MD5 d47a8b019e321e57b81959041fe64d39
BLAKE2b-256 d3f37fbd063ee709ed7b3d2e03e93070af83c55225f9be3bf0e782e3212d7acb

See more details on using hashes here.

File details

Details for the file stormshield.sns.sslclient-1.0.1-py3-none-any.whl.

File metadata

  • Download URL: stormshield.sns.sslclient-1.0.1-py3-none-any.whl
  • Upload date:
  • Size: 37.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.6.0 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.7.5

File hashes

Hashes for stormshield.sns.sslclient-1.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 d3b91531664bc3ac720bf524e977f3dbf276e2947c065b66e27888c26d72a582
MD5 05012ff1467bf1a14cdf66c836519308
BLAKE2b-256 8e8af78216cd844875b0c51c43cd388b358bbbd8ebf88a5ebfe987db77a7c3fc

See more details on using hashes here.

File details

Details for the file stormshield.sns.sslclient-1.0.1-py2-none-any.whl.

File metadata

  • Download URL: stormshield.sns.sslclient-1.0.1-py2-none-any.whl
  • Upload date:
  • Size: 37.8 kB
  • Tags: Python 2
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.6.0 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.7.5

File hashes

Hashes for stormshield.sns.sslclient-1.0.1-py2-none-any.whl
Algorithm Hash digest
SHA256 30591bf98955e794472be7c1b025b8a648acdf99c4716a8254f4191858ca14b3
MD5 430a6e959bddc844d8d2622cebe74e75
BLAKE2b-256 1668b90a5e64492a58fc59acc9acdc05f0cc2ebcc7b957d2cbb948924d4b48fe

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page