コード例 #1
0
 def fw_ipv6_nat_rules(self):
     """
     IPv6NAT Rule entry point
     
     :return: :py:class:`smc.policy.rule.IPv6NATRule`
     """
     return IPv6NATRule(meta=Meta(href=self._link('fw_ipv6_nat_rules')))
コード例 #2
0
 def create(cls, name, template):
     """ 
     Create Firewall Policy. Template policy is required for the
     policy. The template parameter should be the name of the
     firewall template.
     
     This policy will then inherit the Inspection and File Filtering
     policy from the specified template.
     
     :mathod: POST
     :param str name: name of policy
     :param str template: name of the FW template to base policy on
     :return: :py:class:`smc.elements.policy.FirewallPolicy`
     :raises: :py:class:`smc.api.exceptions.LoadPolicyFailed`,
              :py:class:`smc.api.exceptions.CreatePolicyFailed`
     
     To use after successful creation, reference the policy to obtain
     context::
     
         FirewallPolicy('newpolicy')
     """
     try:
         fw_template = FirewallTemplatePolicy(template).href
     except ElementNotFound:
         raise LoadPolicyFailed(
             'Cannot find specified firewall template: {}'.format(template))
     cls.json = {'name': name, 'template': fw_template}
     try:
         result = ElementCreator(cls)
         return FirewallPolicy(name, Meta(href=result))
     except CreateElementFailed as err:
         raise CreatePolicyFailed(
             'Failed to create firewall policy: {}'.format(err))
コード例 #3
0
 def fw_ipv4_access_rules(self):
     """
     IPv4 rule entry point
     
     :return: :py:class:`smc.policy.rule.IPv4Rule`
     """
     return IPv4Rule(meta=Meta(href=self._link('fw_ipv4_access_rules')))
コード例 #4
0
ファイル: policy.py プロジェクト: m4h3/smc-python
 def search_rule(self, search):
     """
     Search a rule for a rule tag or name value
     Result will be the meta data for rule (name, href, type)
     
     Searching for a rule in specific policy::
     
         f = FirewallPolicy(policy)
         search = f.search_rule(searchable)
     
     :param str search: search string
     :return: list rule elements matching criteria
     """
     result = prepared_request(
                     href=self._link('search_rule'),
                     params={'filter': search}).read()
     if result.json:
         results = []
         for data in result.json:
             if data.get('type') == 'ips_ethernet_rule':
                 klazz = Registry['ethernet_rule']
             elif data.get('type') == 'ips_ipv4_access_rule':
                 klazz = Registry['layer2_ipv4_access_rule']
             else:
                 klazz = Registry[data.get('type')]
             results.append(klazz(meta=Meta(**data)))
             return results
     return []
コード例 #5
0
ファイル: interfaces.py プロジェクト: m4h3/smc-python
    def get(self, interface_id):
        """
        Get the interface by id, if known. The interface is 
        retrieved from the top level Physical or Tunnel Interface.
        If interface type is unknown, use engine.interface
        for retrieving::
        
            engine = Engine('testfw')
            p = engine.physical_interface.get(0)
            print(p.name, p.typeof, p.address, p.network_value)
            .....
        
        :param str|int interface_id: interface ID to retrieve
        :raises: :py:class:`smc.api.exceptions.EngineCommandFailed` if interface not found
        :return: interface object by type (Physical, Tunnel, PhysicalVlanInterface)
        """
        interface_id = str(interface_id)
        for interface in self._get_resource(self.meta.href):
            intf_type = interface.get('type')  #Keep type

            intf = InterfaceFactory(intf_type)(meta=Meta(**interface),
                                               engine=self._engine)

            if intf.data.get('interface_id') == interface_id:
                return intf
        raise EngineCommandFailed(
            'Interface id {} not found'.format(interface_id))
コード例 #6
0
ファイル: ips.py プロジェクト: m4h3/smc-python
 def ips_ethernet_rules(self):
     """
     IPS Ethernet access rule
     
     :param :py:class:`smc.policy.rule.EthernetRule`
     """
     return EthernetRule(meta=Meta(href=self._link('ips_ethernet_rules')))
コード例 #7
0
ファイル: policy.py プロジェクト: m4h3/smc-python
 def satellite_gateway_node(self):
     """
     Node level settings for configured satellite gateways
     
     :return: list :class:`SatelliteGatewayNode`
     """
     return SatelliteGatewayNode(
                         meta=Meta(href=self._link('satellite_gateway_node')))
コード例 #8
0
ファイル: policy.py プロジェクト: m4h3/smc-python
 def central_gateway_node(self):
     """
     Central Gateway Node acts as the hub of a hub-spoke VPN. 
     
     :return: list :class:`CentralGatewayNode`
     """
     return CentralGatewayNode(
                         meta=Meta(href=self._link('central_gateway_node')))
コード例 #9
0
ファイル: policy.py プロジェクト: m4h3/smc-python
 def all(self):
     """
     Return all Gateways by type for this VPN Policy
     
     :return: list CentralGatewayNode: gateway nodes on this vpn
     """
     return [type(self)(meta=Meta(**node))
             for node in self._get_resource(self.href)]
コード例 #10
0
 def all(self):
     """
     Return all file filtering rules::
     
         for rule in FileFiltering('mypolicy).
     """ 
     return [type(self)(meta=Meta(**rule))
             for rule in self._get_resource(self.href)]
コード例 #11
0
 def layer2_ipv4_access_rules(self):
     """ 
     Layer2 Firewall access rule
     
     :return: :py:class:`smc.policy.rule.IPv4Layer2Rule`
     """
     return IPv4Layer2Rule(meta=Meta(
         href=self._link('layer2_ipv4_access_rules')))
コード例 #12
0
ファイル: ips.py プロジェクト: m4h3/smc-python
 def ips_ipv4_access_rules(self):
     """ 
     IPS ipv4 access rules
     
     :return: :py:class:`smc.policy.rule.IPv4Layer2Rule`
     """
     return IPv4Layer2Rule(meta=Meta(
         href=self._link('ips_ipv4_access_rules')))
コード例 #13
0
 def all(self):
     """
     Enumerate all rules for this rule type. Return instance
     that has only meta data set (lazy loaded).
     
     :return: class type based on rule type 
     """
     return [type(self)(meta=Meta(**rule))
             for rule in search.element_by_href_as_json(self.href)]
コード例 #14
0
ファイル: policy.py プロジェクト: m4h3/smc-python
 def mobile_gateway_node(self):
     """
     Mobile Gateway's are represented by client endpoints connecting
     to the policy based VPN.
     
     :return: list :class:`MobileGatewayNode`
     """
     return MobileGatewayNode(
                         meta=Meta(href=self._link('mobile_gateway_node')))
コード例 #15
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def all(self):
     """
     Return all internal endpoints
     
     :return: list :py:class:`smc.core.engine.InternalEndpoint`
     """
     return [
         InternalEndpoint(meta=Meta(**ep))
         for ep in self._get_resource(self.href)
     ]
コード例 #16
0
ファイル: system.py プロジェクト: m4h3/smc-python
 def update_package(self):
     """
     Show all update packages on SMC 
     
     :return: list :py:class:`smc.administration.updates.UpdatePackage`
     """
     return [
         UpdatePackage(meta=Meta(**update))
         for update in self._get_resource_by_link('update_package')
     ]
コード例 #17
0
ファイル: elements.py プロジェクト: m4h3/smc-python
 def vpn_site(self):
     """
     A VPN site defines a collection of IP's or networks that
     identify address space that is defined on the other end of
     the VPN tunnel.
     
     :method: GET
     :return: list :py:class:`smc.vpn.elements.VPNSite`
     """
     return VPNSite(meta=Meta(href=self._link('vpn_site')))
コード例 #18
0
ファイル: elements.py プロジェクト: m4h3/smc-python
 def all(self):
     """
     Return all sites for this engine
     
     :return: list VPNSite
     """
     return [
         VPNSite(meta=Meta(**site))
         for site in search.element_by_href_as_json(self.href)
     ]
コード例 #19
0
ファイル: elements.py プロジェクト: m4h3/smc-python
 def all(self):
     """
     Show all defined test_external endpoints
     
     :return: list :py:class:`smc.vpn.elements.ExternalEndpoint`
     """
     return [
         ExternalEndpoint(meta=Meta(**gw))
         for gw in search.element_by_href_as_json(self.href)
     ]
コード例 #20
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def nodes(self):
     """
     Return a list of child nodes of this engine. This can be
     used to iterate to obtain access to node level operations
     
     :return: list :py:class:`smc.core.node.Node`
     """
     return [
         Node(meta=Meta(**node))
         for node in self._get_resource_by_link('nodes')
     ]
コード例 #21
0
    def create(cls,
               name,
               master_type,
               mgmt_ip,
               mgmt_network,
               mgmt_interface=0,
               log_server_ref=None,
               domain_server_address=None,
               enable_gti=False,
               enable_antivirus=False):
        """
        Create a Master Engine with management interface
        
        :param str name: name of master engine engine
        :param str master_type: firewall|
        :param str mgmt_ip: ip address for management interface
        :param str mgmt_network: full netmask for management
        :param str mgmt_interface: interface to use for mgmt (default: 0)
        :param str log_server_ref: (optional) href to log_server instance 
        :param list domain_server_address: (optional) DNS server addresses
        :param boolean enable_antivirus: (optional) Enable antivirus (required DNS)
        :param boolean enable_gti: (optional) Enable GTI
        :return: :py:class:`smc.core.engine.Engine`
        :raises: :py:class:`smc.api.exceptions.CreateEngineFailed`: Failure to create with reason
        """
        physical = PhysicalInterface()
        physical.add_node_interface(mgmt_interface,
                                    mgmt_ip,
                                    mgmt_network,
                                    primary_mgt=True,
                                    primary_heartbeat=True,
                                    outgoing=True)

        engine = Engine.create(name=name,
                               node_type=cls.node_type,
                               physical_interfaces=[physical()],
                               domain_server_address=domain_server_address,
                               log_server_ref=log_server_ref,
                               nodes=1,
                               enable_gti=enable_gti,
                               enable_antivirus=enable_antivirus)

        engine.update(master_type=master_type, cluster_mode='standby')

        href = search.element_entry_point('master_engine')
        result = prepared_request(href=href, json=engine).create()
        if result.href:
            return Engine(name=name,
                          meta=Meta(name=name,
                                    href=result.href,
                                    type='master_engine'))
        else:
            raise CreateEngineFailed('Could not create the engine, '
                                     'reason: {}'.format(result.msg))
コード例 #22
0
ファイル: engine.py プロジェクト: m4h3/smc-python
    def snapshots(self):
        """ 
        References to policy based snapshots for this engine, including
        the date the snapshot was made

        :return: list :py:class:`smc.core.engine.Snapshot`
        :raises: :py:class:`smc.api.exceptions.EngineCommandFailed`
        """
        return [
            Snapshot(meta=Meta(**snapshot))
            for snapshot in self._get_resource_by_link('snapshots')
        ]
コード例 #23
0
ファイル: engine.py プロジェクト: m4h3/smc-python
    def routing(self):
        """
        Find all routing nodes within engine::
    
            for routing_node in engine.routing.all():
                for routes in routing_node:
                    print(routes)

        :return: :py:class:`smc.core.route.Routing`
        """
        href = self._link('routing')
        return Routing(meta=Meta(href=href), data=self._get_resource(href))
コード例 #24
0
ファイル: engine.py プロジェクト: m4h3/smc-python
    def vpn_site(self):
        """
        Retrieve VPN Site information for this internal gateway
        
        Find all configured sites for engine::
        
            for site in engine.internal_gateway.vpn_site.all():
                print site

        :return: :py:class:`smc.vpn.elements.VPNSite`
        """
        return VPNSite(meta=Meta(href=self._link('vpn_site')))
コード例 #25
0
ファイル: ips.py プロジェクト: m4h3/smc-python
 def create(cls, name, template):
     try:
         fw_template = IPSTemplatePolicy(template).href
     except ElementNotFound:
         raise LoadPolicyFailed(
             'Cannot find specified firewall template: {}'.format(template))
     cls.json = {'name': name, 'template': fw_template}
     try:
         result = ElementCreator(cls)
         return IPSPolicy(name, Meta(href=result))
     except CreateElementFailed as err:
         raise CreatePolicyFailed(
             'Failed to create firewall policy: {}'.format(err))
コード例 #26
0
ファイル: engine.py プロジェクト: m4h3/smc-python
    def internal_endpoint(self):
        """
        Internal Endpoint setting VPN settings to the interface
        
        Find all internal endpoints for an engine::
        
            for x in engine.internal_gateway.internal_endpoint.all():
                print x

        :return: list :py:class:`smc.vpn.elements.InternalEndpoint`
        """
        return InternalEndpoint(meta=Meta(
            href=self._link('internal_endpoint')))
コード例 #27
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def antispoofing(self):
     """ 
     Antispoofing interface information. By default is based on routing
     but can be modified.
     ::
         
         for entry in engine.antispoofing.all():
             print(entry)
     
     :return: :py:class:`smc.core.route.Antispoofing`
     """
     href = self._link('antispoofing')
     return Antispoofing(meta=Meta(href=href),
                         data=self._get_resource(href))
コード例 #28
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def all(self):
     """
     Return metadata for all virtual resources
     
         for resource in engine.virtual_resource.all():
             if resource.name == 've-6':
                 print resource.describe()
     
     :return: list VirtualResource
     """
     return [
         VirtualResource(meta=Meta(**resource))
         for resource in self._get_resource(self.href)
     ]
コード例 #29
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def interface(self):
     """ 
     Get all interfaces, including non-physical interfaces such
     as tunnel or capture interfaces. These are returned as Interface 
     objects and can be used to load specific interfaces to modify, etc.
     ::
     
         for interfaces in engine.interface.all():
             ......
     
     :return: :py:class:`smc.core.interfaces.Interface`
     
     See :py:class:`smc.core.interfaces.Interface` for more info
     """
     return Interface(meta=Meta(href=self._link('interfaces')), engine=self)
コード例 #30
0
ファイル: engine.py プロジェクト: m4h3/smc-python
 def tunnel_interface(self):
     """ 
     Get only tunnel interfaces for this engine node.
     
     :raises: :py:class:`smc.api.exceptions.UnsupportedInterfaceType`
     :return: :py:class:`smc.core.interfaces.TunnelInterface`
     """
     try:
         return TunnelInterface(
             meta=Meta(href=self._link('tunnel_interface')), engine=self)
     except ResourceNotFound:
         raise UnsupportedInterfaceType(
             'Tunnel interfaces are only supported on '
             'layer 3 single engines or clusters; '
             'Engine type is: {}'.format(self.type))