def main():
# Parse for command line argument for fgt ip
if len(sys.argv) < 2:
# Requires fgt ip and password
print "Please specify fgt ip address"
exit()
# Initilize fgt connection
ip = sys.argv[1]
try:
passwd = sys.argv[2]
except:
passwd = ''
#fgt = FGT(ip)
# Hard coded vdom value for all requests
vdom = "root"
# Login to the FGT ip
fgt = FortiOSAPI()
fgt.login(ip, 'fgtadmin', passwd, verify=False)
data = {
'name': "APItest",
'subnet': "10.20.0.0 255.255.255.0",
'type': "ipmask"
# associated_interface: "port2"
}
fgt.set('firewall', 'address', vdom="root", data=data)
fgt.logout()
def main():
# Parse for command line argument for fgt ip
if len(sys.argv) < 2:
# Requires fgt ip and password
print "Please specify fgt ip address"
exit()
# Initilize fgt connection
ip = sys.argv[1]
try:
passwd = sys.argv[2]
except:
passwd = ''
#fgt = FGT(ip)
# Hard coded vdom value for all requests
vdom = "root"
# Login to the FGT ip
fgt = FortiOSAPI()
fgt.login(ip, 'admin', passwd)
data = {
'name': "apiset",
"scan-mode": "quick",
'http': {"options": "scan avmonitor", },
"emulator": "enable",
}
fgt.set('antivirus', 'profile', vdom="root", data=data)
data = {
'policyid': "66",
'name': "Testfortiosapi",
'action': "accept",
'srcintf': [{"name": "port1"}],
'dstintf': [{"name": "port2"}],
'srcaddr': [{"name": "all"}],
'dstaddr': [{"name": "all"}],
'schedule': "always",
'service': [{"name": "HTTPS"}],
"utm-status": "enable",
"profile-type": "single",
'av-profile': "apiset",
'profile-protocol-options': "default",
'ssl-ssh-profile': "certificate-inspection",
'logtraffic': "all",
}
fgt.set('firewall', 'policy', vdom="root", data=data)
fgt.logout()
def change_forti_hostname(username, password, host, port, new_hostname):
FG = FortiOSAPI()
credentials = {
'host': host + ":" + port,
'username': username,
'password': password
}
hostname_update_payload = {'hostname': new_hostname}
FG.login(**credentials)
out = FG.get('system', 'global')
click.echo("Old hostname : {0}".format(out['results']['hostname']))
FG.set('system', 'global', data=hostname_update_payload)
# Check new hostname:
out = FG.get('system', 'global')
click.echo("New hostname : {0}".format(out['results']['hostname']))
# logout
FG.logout()
# Source _host
FG_HOST = os.environ['FG_HOST']
FG_USER = os.environ['FG_USER']
FG_PASS = os.environ['FG_PASS']
DEVICE = {
'host': FG_HOST,
'username': FG_USER,
'password': FG_PASS,
}
FG.login(**DEVICE)
user_config = {
'name': 'user1',
'type': 'password',
"passwd": 'user1pwd',
}
# Config
FG.set('user', 'local', data=user_config)
# Check
filter = 'filter=name==' + user_config['name']
out = FG.get('user', 'local', parameters=filter)
pprint(out)
FG.logout()
"build": 76
}
'''
from fortiosapi import FortiOSAPI
from pprint import pprint
fgt = FortiOSAPI()
device = {
'host': '10.99.236.231',
'username': '******',
'password': '',
}
fgt.login(**device)
address = {"name": "test_net_2", "subnet": "198.51.100.0 255.255.255.0"}
# Config address
fgt.set('firewall', 'address', data=address)
# Check
out = fgt.get('firewall', 'address')
# Print all address names
for address in out['results']:
print(address['name'])
fgt.logout()
FG_USER = os.environ['FG_USER']
FG_PASS = os.environ['FG_PASS']
DEVICE = {
'host': FG_HOST,
'username': FG_USER,
'password': FG_PASS,
}
FG.login(**DEVICE)
interface_name = 'port3'
interface_config = {
'name': interface_name,
'vdom': 'root',
"ip": "192.0.2.200 255.255.255.0",
"allowaccess": "ping",
}
# Config
FG.set('system', 'interface', data=interface_config)
# Check
filter = 'filter=name==' + interface_name
out = FG.get('system', 'interface', parameters=filter)
pprint(out)
FG.logout()
'host': '10.99.236.231',
'username': '******',
'password': '',
}
fgt.login(**device)
out = fgt.get('firewall', 'addrgrp')
address_group = {
"name": "test_group_1",
"member": [
{
"name": "test_net_1"
},
{
"name": "test_net_2"
},
]
}
# Config address
fgt.set('firewall', 'addrgrp', data=address_group)
# Check
out = fgt.get('firewall', 'addrgrp')
pprint(out)
fgt.logout()
'srcintf': [{
'name': 'port1'
}],
'dstintf': [{
'name': 'port2'
}],
'srcaddr': [{
'name': 'all'
}],
'dstaddr': [{
'name': 'all'
}],
'schedule': 'always',
'service': [{
'name': 'HTTPS'
}],
'logtraffic': 'all',
}
# Config rule
fgt.set('firewall', 'policy', data=rule)
# Check
out = fgt.get('firewall', 'policy')
# Print all rule names
for rule in out['results']:
print(rule['name'])
fgt.logout()
DEVICE = {
'host': FG_HOST,
'username': FG_USER,
'password': FG_PASS,
}
FG.login(**DEVICE)
global_config = {
'hostname': 'FG_new',
'timezone': "18",
'gui-theme': 'melongene'
}
# Config
FG.set('system', 'global', data=global_config)
# Check
out = FG.get('system', 'global')
get_hostname = out['results']['hostname']
get_timezone = out['results']['timezone']
get_gui_theme = out['results']['gui-theme']
print()
print('{:13}{}'.format('Hostname:', get_hostname))
print('{:13}{}'.format('Time Zone:', get_timezone))
print('{:13}{}'.format('GUI Theme:', get_gui_theme))
print()
FG.logout()
'username': FG_USER,
'password': FG_PASS,
}
FG.login(**DEVICE)
vpnssl_settings = {
'servercert': 'self-sign',
'tunnel-ip-pools': [{
'name': 'SSLVPN_TUNNEL_ADDR1'
}],
'source-interface': [{
'name': 'port1'
}],
'source-address': [{
'name': 'all'
}],
'port': '10443',
'default-portal': 'full-access',
}
# Config
FG.set('vpn.ssl', 'settings', data=vpnssl_settings)
# Check
out = FG.get('vpn.ssl', 'settings')
pprint(out)
FG.logout()