def dns_usage(self) -> bool:
if self.ip_addr is None:
return False
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
dns = fdm_get_dns_server_groups(token,
host=self.origin_addr,
port=self.port)
for dns_server_group in dns['items']:
for dns_server in dns_server_group['dnsServers']:
if dns_server['ipAddress'] == str(self.ip_addr):
device_dns = fdm_get_device_dns_settings(
token, host=self.origin_addr, port=self.port)
data_dns = fdm_get_data_dns_settings(token,
host=self.origin_addr,
port=self.port)
if device_dns['items'][0]['dnsServerGroup']['id'] == dns_server_group['id'] \
or data_dns['items'][0]['dnsServerGroup']['id'] == dns_server_group['id']:
return True
return False
def hostname(self) -> str:
hostname = ""
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
hostnames = fdm_get_hostnames(token,
host=self.origin_addr,
port=self.port)
if hostnames['paging']['count'] > 0:
hostname = hostnames['items'][0]['hostname']
return hostname
def ntp_usage(self) -> bool:
if self.ip_addr is None:
return False
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
ntp = fdm_get_ntp(token, host=self.origin_addr, port=self.port)
for i in ntp['items']:
for ntp_server in i['ntpServers']:
if ntp_server == str(self.ip_addr):
if i['enabled']:
return True
return False
def acl_usage(self) -> List[AclEntry]:
if self.id is None:
return []
lst = []
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
accesspolicies = fdm_get_access_policies(token,
host=self.origin_addr,
port=self.port)
for accesspolicy in accesspolicies['items']:
accessrules = fdm_get_access_rules(token,
host=self.origin_addr,
port=self.port,
access_policy_id=accesspolicy['id'])
for accessrule in accessrules['items']:
for src in accessrule['sourceNetworks']:
if src['id'] == self.id:
obj = AclEntry()
obj.acl_name = f"{accesspolicy['name']}: {accessrule['name']}"
hitcount = fdm_get_hitcount(token,
host=self.origin_addr,
port=self.port,
access_policy_id=accesspolicy['id'],
access_rule_id=accessrule['id'])
obj.hit_count = hitcount['items'][0]['hitCount']
lst.append(obj)
for dest in accessrule['destinationNetworks']:
if dest['id'] == self.id:
obj = AclEntry()
obj.acl_name = f"{accesspolicy['name']}: {accessrule['name']}"
hitcount = fdm_get_hitcount(token,
host=self.origin_addr,
port=self.port,
access_policy_id=accesspolicy['id'],
access_rule_id=accessrule['id'])
obj.hit_count = hitcount['items'][0]['hitCount']
lst.append(obj)
return lst
def __addr_fetch(self) -> ReturnCode:
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
networks = fdm_get_networks(
token,
host=self.origin_addr,
port=self.port,
)
for obj in networks['items']:
if obj['subType'] == "HOST":
if obj['value'] == str(self.ip_addr):
self.name = obj['name']
self.id = obj['id']
return ReturnCode.SUCCESS
return ReturnCode.OBJECT_NOT_FOUND
def __range_fetch(self) -> ReturnCode:
token = fdm_login(host=self.origin_addr,
port=self.port,
username=self.username,
password=self.password)
networks = fdm_get_networks(token,
host=self.origin_addr,
port=self.port,)
for obj in networks['items']:
if obj['subType'] == "RANGE":
first_addr = re.search(self.range_regex, obj['value']).group("first_addr")
last_addr = re.search(self.range_regex, obj['value']).group("last_addr")
if ip_address(first_addr) == self.first_addr \
and ip_address(last_addr) == self.last_addr:
self.name = obj['name']
self.id = obj['id']
return ReturnCode.SUCCESS
return ReturnCode.OBJECT_NOT_FOUND
DNS = "173.38.200.100"
NTP_FQDN = "1.ntp.esl.cisco.com"
# NTP_FQDN_2 = "0.sourcefire.pool.ntp.org"
#ASA section
asa.named_object_test(OBJECT_NAME)
asa.addressed_object_test(HOST, NETWORK, FQDN, LIST)
asa.unknown_addressed_object_test()
asa.dns_object_test(OBJECT_NAME)
asa.ntp_object_test(OBJECT_NAME)
asa.acl_object_test(OBJECT_NAME)
# FTD section
token = ftd_util.fdm_login(host=FDM.get("host"),
port=FDM.get("port"),
username=FDM.get("username"),
password=FDM.get("password"))
ftd_util.fdm_create_network(token,
host=FDM.get("host"),
port=FDM.get("port"),
name=OBJECT_NAME + "-HOST",
description="Test Host from Python",
subType="HOST",
value=HOST)
ftd_util.fdm_create_network(token,
host=FDM.get("host"),
port=FDM.get("port"),
name=OBJECT_NAME + "-NETWORK",
description="Test Network from Python",
subType="NETWORK",
value=NETWORK)
