def sz(self, name):
logging.debug("In sz() for BridgeGroupInterfaces class.")
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
new_zone = {"name": sz.name, "id": sz.id, "type": sz.type}
self.securityZone = new_zone
else:
logging.warning(
f'Security Zone, "{name}", not found. Cannot add to BridgeGroupInterfaces.'
)
def get_zone_id(self, name):
"""
Pull the ID for a security zone.
:param name: (str) Name of interface zone object
:return: (str) UUID of zone object
"""
sec_zone = SecurityZones(fmc=self.fmc)
sec_zone.get(name=name)
if "id" in sec_zone.__dict__:
return sec_zone.id, sec_zone.type
else:
return None, None
def get_zone_id(self, name):
"""
Pull the ID for a security zone
Args:
name (str): Name of interface zone object
Returns:
UUID of zone object (str)
"""
sec_zone = SecurityZones(fmc=self.fmc)
sec_zone.get(name=name)
if "id" in sec_zone.__dict__:
return sec_zone.id, sec_zone.type
else:
return None, None
def sz(self, name):
"""
Assign Security Zone to this interface.
:param name: (str) Name of Security Zone.
:return: None
"""
logging.debug("In sz() for PhysicalInterface class.")
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
new_zone = {"name": sz.name, "id": sz.id, "type": sz.type}
self.securityZone = new_zone
else:
logging.warning(
f'Security Zone, "{name}", not found. Cannot add to PhysicalInterface.'
)
def destination_zone(self, action, name=""):
logging.debug("In destination_zone() for AccessRules class.")
if action == "add":
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
if "destinationZones" in self.__dict__:
new_zone = {"name": sz.name, "id": sz.id, "type": sz.type}
duplicate = False
for obj in self.destinationZones["objects"]:
if obj["name"] == new_zone["name"]:
duplicate = True
break
if not duplicate:
self.destinationZones["objects"].append(new_zone)
logging.info(
f'Adding "{name}" to destinationZones for this AccessRules.'
)
else:
self.destinationZones = {
"objects": [{"name": sz.name, "id": sz.id, "type": sz.type}]
}
logging.info(
f'Adding "{name}" to destinationZones for this AccessRules.'
)
else:
logging.warning(
f'Security Zone, "{name}", not found. Cannot add to AccessRules.'
)
elif action == "remove":
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
if "destinationZones" in self.__dict__:
objects = []
for obj in self.destinationZones["objects"]:
if obj["name"] != name:
objects.append(obj)
self.destinationZones["objects"] = objects
logging.info(
'Removed "{name}" from destinationZones for this AccessRules.'
)
else:
logging.info(
"destinationZones doesn't exist for this AccessRules. Nothing to remove."
)
else:
logging.warning(
f"Security Zone, {name}, not found. Cannot remove from AccessRules."
)
elif action == "clear":
if "destinationZones" in self.__dict__:
del self.destinationZones
logging.info(
"All Destination Zones removed from this AccessRules object."
)
def source_zone(self, action, name=""):
"""
Add/modify name to sourceZones field of AccessRules object.
:param action: (str) 'add', 'remove', or 'clear'
:param name: (str) Name of Security Zone in FMC.
:return: None
"""
logging.debug("In source_zone() for AccessRules class.")
if action == "add":
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
if "sourceZones" in self.__dict__:
new_zone = {"name": sz.name, "id": sz.id, "type": sz.type}
duplicate = False
for obj in self.sourceZones["objects"]:
if obj["name"] == new_zone["name"]:
duplicate = True
break
if not duplicate:
self.sourceZones["objects"].append(new_zone)
logging.info(
f'Adding "{name}" to sourceZones for this AccessRules.'
)
else:
self.sourceZones = {
"objects": [{"name": sz.name, "id": sz.id, "type": sz.type}]
}
logging.info(
f'Adding "{name}" to sourceZones for this AccessRules.'
)
else:
logging.warning(
'Security Zone, "{name}", not found. Cannot add to AccessRules.'
)
elif action == "remove":
sz = SecurityZones(fmc=self.fmc)
sz.get(name=name)
if "id" in sz.__dict__:
if "sourceZones" in self.__dict__:
objects = []
for obj in self.sourceZones["objects"]:
if obj["name"] != name:
objects.append(obj)
self.sourceZones["objects"] = objects
logging.info(
f'Removed "{name}" from sourceZones for this AccessRules.'
)
else:
logging.info(
"sourceZones doesn't exist for this AccessRules. Nothing to remove."
)
else:
logging.warning(
f'Security Zone, "{name}", not found. Cannot remove from AccessRules.'
)
elif action == "clear":
if "sourceZones" in self.__dict__:
del self.sourceZones
logging.info("All Source Zones removed from this AccessRules object.")