def test_prepareblacklist(self):
result = prepare_blacklist('1.1.1.1/32', '0.0.0.0/0')
self.assertIsInstance(result, dict)
self.assertEqual(
result.get('end_point1').get('ip_network'), '1.1.1.1/32')
self.assertEqual(
result.get('end_point2').get('ip_network'), '0.0.0.0/0')
def blacklist(self, src, dst, duration=3600):
"""
Add blacklist entry to engine node by name. For blacklist to work,
you must also create a rule with action "Apply Blacklist".
:param str src: source to blacklist, can be /32 or network cidr
:param str dst: dest to deny to, 0.0.0.0/32 indicates all destinations
:param int duration: how long to blacklist in seconds
:raises: :py:class:`smc.api.exceptions.EngineCommandFailed`
:return: None
"""
prepared_request(EngineCommandFailed,
href=self._link('blacklist'),
json=prepare_blacklist(src, dst, duration)).create()
def blacklist(self, src, dst, duration=3600):
"""
Add blacklist to all defined engines.
Use the cidr netmask at the end of src and dst, such as:
1.1.1.1/32, etc.
:param src: source of the entry
:param dst: destination of blacklist entry
:raises: :py:class:`smc.api.exceptions.ActionCommandFailed`
:return: None
"""
prepared_request(ActionCommandFailed,
href=self._link('blacklist'),
json=prepare_blacklist(src, dst, duration)).create()
def blacklist(self, src, dst, duration=3600, **kw):
"""
Add blacklist entry to engine node by name. For blacklist to work,
you must also create a rule with action "Apply Blacklist".
:param src: source address, with cidr, i.e. 10.10.10.10/32 or 'any'
:param dst: destination address with cidr, i.e. 1.1.1.1/32 or 'any'
:param int duration: how long to blacklist in seconds
:raises EngineCommandFailed: blacklist failed during apply
:return: None
.. note:: If more advanced blacklist is required using source/destination
ports and protocols (udp/tcp), use kw to provide these arguments. See
:py:func:`smc.elements.other.prepare_blacklist` for more details.
"""
self.make_request(
EngineCommandFailed,
method='create',
resource='blacklist',
json=prepare_blacklist(src, dst, duration, **kw))
def blacklist(self, src, dst, duration=3600, **kw):
"""
Add blacklist to all defined engines.
Use the cidr netmask at the end of src and dst, such as:
1.1.1.1/32, etc.
:param src: source of the entry
:param dst: destination of blacklist entry
:raises ActionCommandFailed: blacklist apply failed with reason
:return: None
.. seealso:: :class:`smc.core.engine.Engine.blacklist`. Applying
a blacklist at the system level will be a global blacklist entry
versus an engine specific entry.
.. note:: If more advanced blacklist is required using source/destination
ports and protocols (udp/tcp), use kw to provide these arguments. See
:py:func:`smc.elements.other.prepare_blacklist` for more details.
"""
self.make_request(method='create',
resource='blacklist',
json=prepare_blacklist(src, dst, duration, **kw))
def blacklist(self, src, dst, duration=3600, **kw):
"""
Add blacklist to all defined engines.
Use the cidr netmask at the end of src and dst, such as:
1.1.1.1/32, etc.
:param src: source of the entry
:param dst: destination of blacklist entry
:raises ActionCommandFailed: blacklist apply failed with reason
:return: None
.. seealso:: :class:`smc.core.engine.Engine.blacklist`. Applying
a blacklist at the system level will be a global blacklist entry
versus an engine specific entry.
.. note:: If more advanced blacklist is required using source/destination
ports and protocols (udp/tcp), use kw to provide these arguments. See
:py:func:`smc.elements.other.prepare_blacklist` for more details.
"""
self.make_request(
method='create',
resource='blacklist',
json=prepare_blacklist(src, dst, duration, **kw))