def get(self,firewall):
logger.debug('handler.config.get()')
fw = Firewall(firewall=firewall).getConfig()
if not fw:
logger.error('Firewall not found.')
return {'error' : 'Firewall not found.'}, 404
if fw['brand'] == "paloalto":
c = PaloAlto.interfaces(firewall_config=fw)
if not c.primary:
logger.error("Could not get {0} active ip.".format(firewall))
return {'error' : 'Could not get firewall active IP.'}, 504
else:
logger.info("{0} active ip {1}".format(firewall, c.primary))
return c.get(request.args)
elif fw['brand'] == "juniper":
c = Juniper.configuration(firewall_config=fw)
return c.get()
elif fw['brand'] == "cisco":
return Cisco.configuration(firewall)
elif fw['brand'] == "checkpoint":
return Checkpoint.configuration(firewall)
elif fw['brand'] == "fortinet":
return Fortinet.configuration(firewall)
elif fw['brand'] == "pfsense":
return PfSense.configuration(firewall)
else:
logger.error("{0}: Firewall brand not found.".format(request.remote_addr))
return {'error' : 'URL not found.'}, 404
def post(self,firewall,object):
logger.debug('handler.rules_rename.get()')
fw = Firewall(firewall=firewall).getConfig()
if not fw:
logger.error('Firewall not found.')
return {'error' : 'Firewall not found.'}, 404
if fw['brand'] == "paloalto":
c = PaloAlto.objects_rename(firewall_config=fw)
if not c.primary:
logger.error("Could not get {0} active ip.".format(firewall))
return {'error' : 'Could not get firewall active IP.'}, 502
else:
logger.info("{0} active ip {1}".format(firewall, c.primary))
if 'oldname' not in request.json or 'newname' not in request.json:
logger.warning("'oldname' or 'newname' not in request.")
return {'error' : "'oldname' or 'newname' not in request."}, 400
elif option not in ['address', 'service', 'address-group', 'service-group']:
logger.warning("{0} not found".format(option))
return {'error' : "URL not found."}, 404
else:
return c.get(object,request.json['oldname'],request.json['newname'])
elif fw['brand'] == "juniper":
c = Juniper.configuration(firewall)
return c.get()
elif fw['brand'] == "cisco":
return Cisco.configuration(firewall)
elif fw['brand'] == "checkpoint":
return Checkpoint.configuration(firewall)
elif fw['brand'] == "fortinet":
return Fortinet.configuration(firewall)
elif fw['brand'] == "pfsense":
return PfSense.configuration(firewall)
else:
logger.error("{0}: Firewall brand not found.".format(request.remote_addr))
return {'error' : 'URL not found.'}, 404
def put(self,firewall,object):
logger.debug('handler.objects.put()')
fw = Firewall(firewall=firewall).getConfig()
if not fw:
logger.error('Firewall not found.')
return {'error' : 'Firewall not found.'}, 404
if fw['brand'] == "paloalto":
c = PaloAlto.objects(firewall_config=fw)
if not c.primary:
logger.error("Could not get {0} active ip.".format(firewall))
return {'error' : 'Could not get firewall active IP.'}, 502
else:
logger.info("{0} active ip {1}".format(firewall, c.primary))
if not request.json:
return {'error' : 'Content type needs to be application/json.'}, 400
else:
return c.put(request.json,object)
elif fw['brand'] == "juniper":
c = Juniper.configuration(firewall)
return c.get()
elif fw['brand'] == "cisco":
return Cisco.configuration(firewall)
elif fw['brand'] == "checkpoint":
return Checkpoint.configuration(firewall)
elif fw['brand'] == "fortinet":
return Fortinet.configuration(firewall)
elif fw['brand'] == "pfsense":
return PfSense.configuration(firewall)
else:
logger.error("{0}: Firewall brand not found.".format(request.remote_addr))
return {'error' : 'URL not found.'}, 404
def delete(self,firewall,object):
logger.debug('handler.objects.delete()')
fw = Firewall(firewall=firewall).getConfig()
if not fw:
logger.error('Firewall not found.')
return {'error' : 'Firewall not found.'}, 404
if fw['brand'] == "paloalto":
c = PaloAlto.objects(firewall_config=fw)
if not c.primary:
logger.error("Could not get {0} active ip.".format(firewall))
return {'error' : 'Could not get firewall active IP.'}, 502
else:
logger.info("{0} active ip {1}".format(firewall, c.primary))
if 'name' not in request.args:
logger.warning("No rule name given.")
return {'error' : 'No rule name given.'}, 400
else:
return c.delete(request.args['name'],object)
elif fw['brand'] == "juniper":
c = Juniper.configuration(firewall)
return c.get()
elif fw['brand'] == "cisco":
return Cisco.configuration(firewall)
elif fw['brand'] == "checkpoint":
return Checkpoint.configuration(firewall)
elif fw['brand'] == "fortinet":
return Fortinet.configuration(firewall)
elif fw['brand'] == "pfsense":
return PfSense.configuration(firewall)
else:
logger.error("{0}: Firewall brand not found.".format(request.remote_addr))
return {'error' : 'URL not found.'}, 404
def post(self,firewall):
logger.debug('handler.rules_move.post()')
fw = Firewall(firewall=firewall).getConfig()
if not fw:
logger.error('Firewall not found.')
return {'error' : 'Firewall not found.'}, 404
if fw['brand'] == "paloalto":
c = PaloAlto.rules_move(firewall_config=fw)
if not c.primary:
logger.error("Could not get {0} active ip.".format(firewall))
return {'error' : 'Could not get firewall active IP.'}, 502
else:
logger.info("{0} active ip {1}".format(firewall, c.primary))
if 'where' in request.json.keys() and 'rule1' in request.json.keys() and 'rule2' in request.json.keys():
return c.post(request.json['where'],request.json['rule1'],request.json['rule2'])
elif 'where' in request.json.keys() and 'rule1' in request.json.keys():
return c.post(request.json['where'],request.json['rule1'])
else:
logger.warning("No 'where' or 'rule1' in request.")
return {'error' : "No 'where' or 'rule1' in request."}, 400
elif fw['brand'] == "juniper":
c = Juniper.configuration(firewall)
return c.get()
elif fw['brand'] == "cisco":
return Cisco.configuration(firewall)
elif fw['brand'] == "checkpoint":
return Checkpoint.configuration(firewall)
elif fw['brand'] == "fortinet":
return Fortinet.configuration(firewall)
elif fw['brand'] == "pfsense":
return PfSense.configuration(firewall)
else:
logger.error("{0}: Firewall brand not found.".format(request.remote_addr))
return {'error' : 'URL not found.'}, 404
