def cli(env, target, firewall_type, high_availability):
"""Create new firewall."""
mgr = SoftLayer.FirewallManager(env.client)
if not env.skip_confirmations:
if firewall_type == 'vlan':
pkg = mgr.get_dedicated_package(ha_enabled=high_availability)
elif firewall_type == 'vs':
pkg = mgr.get_standard_package(target, is_virt=True)
elif firewall_type == 'server':
pkg = mgr.get_standard_package(target, is_virt=False)
if not pkg:
return "Unable to add firewall - Is network public enabled?"
env.out("******************")
env.out("Product: %s" % pkg[0]['description'])
env.out("Price: $%s monthly" % pkg[0]['prices'][0]['recurringFee'])
env.out("******************")
if not formatting.confirm("This action will incur charges on your "
"account. Continue?"):
raise exceptions.CLIAbort('Aborted.')
if firewall_type == 'vlan':
mgr.add_vlan_firewall(target, ha_enabled=high_availability)
elif firewall_type == 'vs':
mgr.add_standard_firewall(target, is_virt=True)
elif firewall_type == 'server':
mgr.add_standard_firewall(target, is_virt=False)
return "Firewall is being created!"
def cli(env):
"""List firewalls."""
mgr = SoftLayer.FirewallManager(env.client)
table = formatting.Table(['firewall id',
'type',
'features',
'server/vlan id'])
fwvlans = mgr.get_firewalls()
dedicated_firewalls = [firewall for firewall in fwvlans
if firewall['dedicatedFirewallFlag']]
for vlan in dedicated_firewalls:
features = []
if vlan['highAvailabilityFirewallFlag']:
features.append('HA')
if features:
feature_list = formatting.listing(features, separator=',')
else:
feature_list = formatting.blank()
table.add_row([
'vlan:%s' % vlan['networkVlanFirewall']['id'],
'VLAN - dedicated',
feature_list,
vlan['id']
])
shared_vlan = [firewall for firewall in fwvlans
if not firewall['dedicatedFirewallFlag']]
for vlan in shared_vlan:
vs_firewalls = [guest
for guest in vlan['firewallGuestNetworkComponents']
if has_firewall_component(guest)]
for firewall in vs_firewalls:
table.add_row([
'vs:%s' % firewall['id'],
'Virtual Server - standard',
'-',
firewall['guestNetworkComponent']['guest']['id']
])
server_firewalls = [server
for server in vlan['firewallNetworkComponents']
if has_firewall_component(server)]
for firewall in server_firewalls:
table.add_row([
'server:%s' % firewall['id'],
'Server - standard',
'-',
utils.lookup(firewall,
'networkComponent',
'downlinkComponent',
'hardwareId')
])
env.fout(table)
def cli(env, identifier):
"""Detail firewall."""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
_firewall = mgr.get_instance(firewall_id)
table = formatting.KeyValueTable(['name', 'value'])
table.align['name'] = 'r'
table.align['value'] = 'l'
table.add_row(['id', _firewall.get('id')])
table.add_row(['primaryIpAddress', _firewall.get('primaryIpAddress')])
table.add_row(
['datacenter',
utils.lookup(_firewall, 'datacenter', 'longName')])
table.add_row(
['networkVlan',
utils.lookup(_firewall, 'networkVlan', 'name')])
table.add_row(
['networkVlaniD',
utils.lookup(_firewall, 'networkVlan', 'id')])
if firewall_type == 'vlan':
rules = mgr.get_dedicated_fwl_rules(firewall_id)
else:
rules = mgr.get_standard_fwl_rules(firewall_id)
table.add_row(['rules', get_rules_table(rules)])
env.fout(table)
def execute(self, args):
mgr = SoftLayer.FirewallManager(self.client)
input_id = helpers.resolve_id(
mgr.resolve_ids, args.get('<identifier>'), 'firewall')
ha_support = args.get('--ha', False)
if not args['--really']:
if args['--vlan']:
pkg = mgr.get_dedicated_package(ha_enabled=ha_support)
elif args['--cci']:
pkg = mgr.get_standard_package(input_id)
elif args['--server']:
pkg = mgr.get_standard_package(input_id, is_cci=False)
if not pkg:
return "Unable to add firewall - Is network public enabled?"
print_package_info(pkg)
if not formatting.confirm("This action will incur charges on your "
"account. Continue?"):
raise exceptions.CLIAbort('Aborted.')
if args['--vlan']:
mgr.add_vlan_firewall(input_id, ha_enabled=ha_support)
elif args['--cci']:
mgr.add_standard_firewall(input_id, is_cci=True)
elif args['--server']:
mgr.add_standard_firewall(input_id, is_cci=False)
return "Firewall is being created!"
def execute(self, args):
mgr = SoftLayer.FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
if key_value[0] == 'vlan':
rules = mgr.get_dedicated_fwl_rules(key_value[1])
else:
rules = mgr.get_standard_fwl_rules(key_value[1])
return get_rules_table(rules)
def cli(env, identifier):
"""Detail firewall."""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
if firewall_type == 'vlan':
rules = mgr.get_dedicated_fwl_rules(firewall_id)
else:
rules = mgr.get_standard_fwl_rules(firewall_id)
env.fout(get_rules_table(rules))
def execute(self, args):
mgr = SoftLayer.FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
firewall_id = int(key_value[1])
if args['--really'] or formatting.confirm("This action will cancel a "
"firewall from your account."
" Continue?"):
if key_value[0] in ['cci', 'server']:
mgr.cancel_firewall(firewall_id, dedicated=False)
elif key_value[0] == 'vlan':
mgr.cancel_firewall(firewall_id, dedicated=True)
return 'Firewall with id %s is being cancelled!' % input_id
else:
raise exceptions.CLIAbort('Aborted.')
def cli(env, identifier):
"""List firewalls."""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
if any([
env.skip_confirmations,
formatting.confirm("This action will cancel a firewall from your"
"account. Continue?")
]):
if firewall_type in ['cci', 'server']:
mgr.cancel_firewall(firewall_id, dedicated=False)
elif firewall_type == 'vlan':
mgr.cancel_firewall(firewall_id, dedicated=True)
return 'Firewall with id %s is being cancelled!' % identifier
else:
raise exceptions.CLIAbort('Aborted.')
def cli(env, identifier):
"""Cancels a firewall."""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
if not (env.skip_confirmations or formatting.confirm(
"This action will cancel a firewall from your "
"account. Continue?")):
raise exceptions.CLIAbort('Aborted.')
if firewall_type in ['vs', 'server']:
mgr.cancel_firewall(firewall_id, dedicated=False)
elif firewall_type == 'vlan':
mgr.cancel_firewall(firewall_id, dedicated=True)
else:
raise exceptions.CLIAbort('Unknown firewall type: %s' % firewall_type)
env.fout('Firewall with id %s is being cancelled!' % identifier)
def execute(self, args):
mgr = SoftLayer.FirewallManager(self.client)
input_id = args.get('<identifier>')
key_value = get_ids(input_id)
firewall_id = int(key_value[1])
if key_value[0] == 'vlan':
orig_rules = mgr.get_dedicated_fwl_rules(firewall_id)
else:
orig_rules = mgr.get_standard_fwl_rules(firewall_id)
# open an editor for the user to enter their rules
edited_rules = open_editor(rules=orig_rules)
print(edited_rules)
if formatting.confirm("Would you like to submit the rules. "
"Continue?"):
while True:
try:
rules = parse_rules(edited_rules)
if key_value[0] == 'vlan':
rules = mgr.edit_dedicated_fwl_rules(firewall_id,
rules)
else:
rules = mgr.edit_standard_fwl_rules(firewall_id,
rules)
break
except (SoftLayer.SoftLayerError, ValueError) as error:
print("Unexpected error({%s})" % (error))
if formatting.confirm("Would you like to continue editing "
"the rules. Continue?"):
edited_rules = open_editor(content=edited_rules)
print(edited_rules)
if formatting.confirm("Would you like to submit the "
"rules. Continue?"):
continue
else:
raise exceptions.CLIAbort('Aborted.')
else:
raise exceptions.CLIAbort('Aborted.')
return 'Firewall updated!'
else:
raise exceptions.CLIAbort('Aborted.')
def cli(env, identifier):
"""Edit firewall rules."""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
if firewall_type == 'vlan':
orig_rules = mgr.get_dedicated_fwl_rules(firewall_id)
else:
orig_rules = mgr.get_standard_fwl_rules(firewall_id)
# open an editor for the user to enter their rules
edited_rules = open_editor(rules=orig_rules)
env.out(edited_rules)
if formatting.confirm("Would you like to submit the rules. " "Continue?"):
while True:
try:
rules = parse_rules(edited_rules)
if firewall_type == 'vlan':
rules = mgr.edit_dedicated_fwl_rules(firewall_id, rules)
else:
rules = mgr.edit_standard_fwl_rules(firewall_id, rules)
break
except (SoftLayer.SoftLayerError, ValueError) as error:
env.out("Unexpected error({%s})" % (error))
if formatting.confirm("Would you like to continue editing "
"the rules. Continue?"):
edited_rules = open_editor(content=edited_rules)
env.out(edited_rules)
if formatting.confirm("Would you like to submit the "
"rules. Continue?"):
continue
else:
raise exceptions.CLIAbort('Aborted.')
else:
raise exceptions.CLIAbort('Aborted.')
env.fout('Firewall updated!')
else:
raise exceptions.CLIAbort('Aborted.')
def __init__(self, path, fw):
self.client = SoftLayer.Client()
self.fw = SoftLayer.FirewallManager(self.client)
self.path = path
self.fw_type, self.fw_id = firewall.parse_id(fw)
def set_up(self):
self.firewall = SoftLayer.FirewallManager(self.client)
def cli(env):
"""List firewalls."""
mgr = SoftLayer.FirewallManager(env.client)
table = formatting.Table(
['firewall id', 'type', 'features', 'server/vlan id'],
title='Single Server Firewalls')
fwvlans = mgr.get_firewalls()
dedicated_firewalls = [
firewall for firewall in fwvlans if firewall['dedicatedFirewallFlag']
]
for vlan in dedicated_firewalls:
features = []
if vlan['highAvailabilityFirewallFlag']:
features.append('HA')
if features:
feature_list = formatting.listing(features, separator=',')
else:
feature_list = formatting.blank()
table.add_row([
'vlan:%s' % vlan['networkVlanFirewall']['id'], 'VLAN - dedicated',
feature_list, vlan['id']
])
shared_vlan = [
firewall for firewall in fwvlans
if not firewall['dedicatedFirewallFlag']
]
for vlan in shared_vlan:
vs_firewalls = [
guest for guest in vlan['firewallGuestNetworkComponents']
if has_firewall_component(guest)
]
for firewall in vs_firewalls:
table.add_row([
'vs:%s' % firewall['id'], 'Virtual Server - standard', '-',
firewall['guestNetworkComponent']['guest']['id']
])
server_firewalls = [
server for server in vlan['firewallNetworkComponents']
if has_firewall_component(server)
]
for firewall in server_firewalls:
table.add_row([
'server:%s' % firewall['id'], 'Server - standard', '-',
utils.lookup(firewall, 'networkComponent', 'downlinkComponent',
'hardwareId')
])
table_gatewalls = formatting.Table([
'Id', 'firewall', 'type', 'Hostname', 'Location', 'Public Ip',
'Private Ip', 'Associated vlan', 'status'
],
title='Multi Vlan Firewall')
fw_gatewwalls = mgr.get_firewalls_gatewalls()
for gatewalls in fw_gatewwalls:
table_gatewalls.add_row([
gatewalls['networkFirewall']['id'],
gatewalls.get('name'),
gatewalls['networkFirewall']['firewallType'],
gatewalls['members'][0]['hardware']['hostname'],
gatewalls['networkFirewall']['datacenter']['name'],
gatewalls['publicIpAddress']['ipAddress'],
gatewalls['privateIpAddress']['ipAddress'],
len(gatewalls['insideVlans']), gatewalls['status']['keyName']
])
env.fout(table)
env.fout(table_gatewalls)
def set_up(self):
self.client = testing.FixtureClient()
self.firewall = SoftLayer.FirewallManager(self.client)
def cli(env, identifier, credentials):
"""Detail firewall.
EXAMPLES:
slcli firewall detail vs:12345
slcli firewall detail --credentials true multiVlan:456789
"""
mgr = SoftLayer.FirewallManager(env.client)
firewall_type, firewall_id = firewall.parse_id(identifier)
if firewall_type in ('vs', 'server', 'vlan', 'multiVlan'):
if firewall_type == 'vlan':
_firewall = mgr.get_instance(firewall_id)
table = formatting.KeyValueTable(['name', 'value'])
table.align['name'] = 'r'
table.align['value'] = 'l'
table.add_row(['id', _firewall.get('id')])
table.add_row(
['primaryIpAddress',
_firewall.get('primaryIpAddress')])
table.add_row([
'datacenter',
utils.lookup(_firewall, 'datacenter', 'longName')
])
table.add_row([
'networkVlan',
utils.lookup(_firewall, 'networkVlan', 'name')
])
table.add_row([
'networkVlaniD',
utils.lookup(_firewall, 'networkVlan', 'id')
])
rules = mgr.get_dedicated_fwl_rules(firewall_id)
table.add_row(['rules', get_rules_table(rules)])
if firewall_type == 'multiVlan':
_firewall = mgr.get_instance(firewall_id)
table = formatting.KeyValueTable(['name', 'value'])
table.align['name'] = 'r'
table.align['value'] = 'l'
table.add_row(
['name',
utils.lookup(_firewall, 'networkGateway', 'name')])
table.add_row([
'datacenter',
utils.lookup(_firewall, 'datacenter', 'longName')
])
table.add_row([
'public ip',
utils.lookup(_firewall, 'networkGateway', 'publicIpAddress',
'ipAddress')
])
table.add_row([
'private ip',
utils.lookup(_firewall, 'networkGateway', 'privateIpAddress',
'ipAddress')
])
table.add_row([
'public ipv6',
utils.lookup(_firewall, 'networkGateway', 'publicIpv6Address',
'ipAddress')
])
table.add_row([
'public vlan',
utils.lookup(_firewall, 'networkGateway', 'publicVlan',
'vlanNumber')
])
table.add_row([
'private vlan',
utils.lookup(_firewall, 'networkGateway', 'privateVlan',
'vlanNumber')
])
table.add_row(['type', _firewall.get('firewallType')])
if credentials:
table.add_row([
'fortiGate username',
utils.lookup(_firewall, 'managementCredentials',
'username')
])
table.add_row([
'fortiGate password',
utils.lookup(_firewall, 'managementCredentials',
'password')
])
rules = mgr.get_dedicated_fwl_rules(firewall_id)
if len(rules) != 0:
table.add_row(['rules', get_rules_table(rules)])
else:
table.add_row(['rules', '-'])
if firewall_type == 'vs' or firewall_type == 'server':
rules = mgr.get_standard_fwl_rules(firewall_id)
table = get_rules_table(rules)
env.fout(table)
else:
click.secho(
'Invalid firewall type %s: firewall type should be either vlan, multiVlan, vs or server.'
% firewall_type,
fg='red')
return
