1.0.5

Forcepoint · Jun 10, 2021 · 48f82b4 · 48f82b4
1 parent 474d6a5
commit 48f82b4
Show file tree

Hide file tree

Showing 16 changed files with 395 additions and 199 deletions.
diff --git a/smc-monitoring/HISTORY.rst b/smc-monitoring/HISTORY.rst
@@ -34,5 +34,9 @@ Release History
 - Remove kwargs from websocket call to super to support older versions of websocket-client
 - Fixed fetch_batch to only return a single payload, previous versions were unlimited
 
+1.4.0
++++++
+
+- Update requirements to fp_NGFW_SMC_python >= 1.0.0
 
 
diff --git a/smc-monitoring/README.rst b/smc-monitoring/README.rst
@@ -38,7 +38,7 @@ This package has been tested with Python 2.7, 3.5 and 3.6.
 Requirements
 ============
 
-smc-python >= v0.6.1
+fp_NGFW_SMC_python >= 1.0.0
 
 websocket-client
 

diff --git a/smc-monitoring/requirements.txt b/smc-monitoring/requirements.txt
@@ -1,3 +1,3 @@
 #file:../#egg=smc-python
-smc-python >= 0.6.0
+fp_NGFW_SMC_python >= 1.0.0
 websocket-client >= 0.48.0
diff --git a/smc-monitoring/setup.py b/smc-monitoring/setup.py
@@ -43,5 +43,5 @@
         "License :: OSI Approved :: Apache Software License",
     ],
     zip_safe=False,
-    install_requires=["smc-python >=0.6.0", "websocket-client >=0.48.0"],
+    install_requires=["fp_NGFW_SMC_python >=1.0.0", "websocket-client >=0.48.0"],
 )
diff --git a/smc-monitoring/version.py b/smc-monitoring/version.py
@@ -1 +1 @@
-VERSION = "1.3.1"
+VERSION = "1.4.0"
diff --git a/smc/__version__.py b/smc/__version__.py
@@ -1,4 +1,4 @@
-__version__ = '1.0.4'
+__version__ = '1.0.5'
 __author__ = 'Forcepoint'
 __description__ = 'Python based API to Forcepoint NGFW Management Center'
 __url__ = 'http://github.com/Forcepoint/fp-NGFW-SMC-python'

diff --git a/smc/core/collection.py b/smc/core/collection.py
@@ -106,11 +106,12 @@
     VirtualPhysicalInterface,
     SwitchPhysicalInterface,
     VPNBrokerInterface,
+    SwitchInterface,
 )
 from smc.core.sub_interfaces import LoopbackClusterInterface, LoopbackInterface
 from smc.base.structs import BaseIterable
 from smc.api.exceptions import UnsupportedInterfaceType, InterfaceNotFound
-from smc.compat import get_best_version
+from smc.compat import get_best_version, is_api_version_less_than_or_equal
 
 
 def get_all_loopbacks(engine):
@@ -332,7 +333,7 @@ class SwitchInterfaceCollection(InterfaceCollection):
     Get specific switch interfaces assigned on the given engine::
 
         for interface in engine.switch_physical_interface:
-            print(interface, interface.port_groups)
+            print(interface, interface.port_groups_interface)
 
     You can also retrieve a switch directly by referencing it using the
     switch interface id. Switch interfaces will always have a name starting
@@ -352,7 +353,10 @@ class SwitchInterfaceCollection(InterfaceCollection):
     """
 
     def __init__(self, engine):
-        super(SwitchInterfaceCollection, self).__init__(engine, "switch_physical_interface")
+        if is_api_version_less_than_or_equal("6.7"):
+            super(SwitchInterfaceCollection, self).__init__(engine, "switch_physical_interface")
+        else:
+            super(SwitchInterfaceCollection, self).__init__(engine, "switch_interface")
 
     def add_switch_interface(
         self, interface_id, appliance_switch_module="110", comment=None, **kwargs
@@ -361,6 +365,7 @@ def add_switch_interface(
         In case of Switch Physical/Port Group interfaces, the interface ID must
         be prefixed by 'SWP\\_'. For example, for switch ID 1 and Port Group ID 1.2
         you must enter 'SWP\\_1' for the switch and SWP_1.2 for the Port Group.
+        Since API 6.8 prefix is 'SWI\\_'
 
         :param str interface_id: Name of the interface, must be prefixed with 'SWP\\_'
         :param str appliance_switch_module: appliance switch module which specifies
@@ -372,13 +377,23 @@ def add_switch_interface(
         :return: None
 
         """
-        interface = SwitchPhysicalInterface(
-            engine=self._engine,
-            interface_id=interface_id,
-            appliance_switch_module=appliance_switch_module,
-            comment=comment,
-            **kwargs
-        )
+        if is_api_version_less_than_or_equal("6.7"):
+            interface = SwitchPhysicalInterface(
+                engine=self._engine,
+                interface_id=interface_id,
+                appliance_switch_module=appliance_switch_module,
+                comment=comment,
+                **kwargs
+            )
+        else:
+            interface = SwitchInterface(
+                engine=self._engine,
+                interface_id=interface_id,
+                appliance_switch_module=appliance_switch_module,
+                comment=comment,
+                **kwargs
+            )
+
         self._engine.add_interface(interface, **kwargs)
 
     def add_port_group_interface(
@@ -402,7 +417,7 @@ def add_port_group_interface(
             group with the specified settings
 
         :param str interface_id: The top level switch, naming convention should be
-            SWP_0, SWP_1, etc.
+            SWP_0, SWP_1, etc. ( Since API 6.8: SWI_0, SWI_1..)
         :param int port_group_id: Port group number encapsulating switch port/s
         :param list interface_ports: list of interface ports to add to this port
             group. If the port group.
@@ -414,13 +429,23 @@ def add_port_group_interface(
         :return: None
         """
         switch = self._engine.interface.get(interface_id)
-        switch_port = {
-            "interface_id": "{}.{}".format(switch.interface_id, port_group_id),
-            "switch_physical_interface_port": [
-                {"switch_physical_interface_port_number": port} for port in interface_ports
-            ],
-            "zone_ref": zone_ref,
-        }
+        if is_api_version_less_than_or_equal("6.7"):
+            switch_port = {
+                "interface_id": "{}.{}".format(switch.interface_id, port_group_id),
+                "switch_physical_interface_port": [
+                    {"switch_physical_interface_port_number": port} for port in interface_ports
+                ],
+                "zone_ref": zone_ref,
+            }
+        else:
+            switch_port = {
+                "interface_id": "{}.{}".format(switch.interface_id, port_group_id),
+                "switch_interface_port": [
+                    {"physical_switch_port_number": port} for port in interface_ports
+                ],
+                "zone_ref": zone_ref,
+            }
+
         switch_port.update(interfaces=interfaces if interfaces else [])
         interface = {"interface_id": switch.interface_id, "port_group_interface": [switch_port]}
         switch.update_interface(SwitchPhysicalInterface(**interface))

diff --git a/smc/core/interfaces.py b/smc/core/interfaces.py
@@ -42,7 +42,7 @@
     get_sub_interface,
     SubInterfaceCollection,
 )
-from smc.compat import string_types
+from smc.compat import string_types, is_api_version_less_than_or_equal
 from smc.elements.helpers import zone_helper, logical_intf_helper
 from smc.elements.network import Zone
 from smc.base.structs import BaseIterable
@@ -1167,13 +1167,22 @@ def _add_interface(self, interface_id, **kw):
         # Everything else is top level
         base_interface = ElementCache()
 
-        base_interface.update(
-            switch_physical_interface_switch_module_ref=element_default(
-                ApplianceSwitchModule, kw.pop("appliance_switch_module", None)
-            ),
-            interface_id=interface_id,
-            **kw
-        )
+        if is_api_version_less_than_or_equal("6.7"):
+            base_interface.update(
+                switch_physical_interface_switch_module_ref=element_default(
+                    ApplianceSwitchModule, kw.pop("appliance_switch_module", None)
+                ),
+                interface_id=interface_id,
+                **kw
+            )
+        else:
+            base_interface.update(
+                switch_interface_switch_module_ref=element_default(
+                    ApplianceSwitchModule, kw.pop("appliance_switch_module", None)
+                ),
+                interface_id=interface_id,
+                **kw
+            )
 
         self.data = base_interface
 
@@ -1226,9 +1235,14 @@ def update_interface(self, other_interface, ignore_mgmt=True):
                 if len(this.switch_physical_interface_port) != len(
                     other.switch_physical_interface_port
                 ):
-                    this.data.update(
-                        switch_physical_interface_port=other.switch_physical_interface_port
-                    )
+                    if is_api_version_less_than_or_equal("6.7"):
+                        this.data.update(
+                            switch_physical_interface_port=other.switch_physical_interface_port
+                        )
+                    else:
+                        this.data.update(
+                            switch_interface_port=other.switch_physical_interface_port
+                        )
                     updated = True
 
                 if this.zone_ref != other.zone_ref:  # Zone compare
@@ -1237,20 +1251,30 @@ def update_interface(self, other_interface, ignore_mgmt=True):
 
                 # Are port groups and comments alike. Switch port count matches, but value/s
                 # within the existing changed so take new setting
-                val = (
-                    "switch_physical_interface_port_number",
-                    "switch_physical_interface_port_comment",
-                )
+                if is_api_version_less_than_or_equal("6.7"):
+                    val = (
+                        "switch_physical_interface_port_number",
+                        "switch_physical_interface_port_comment",
+                    )
+                else:
+                    val = (
+                        "switch_interface_port_number",
+                        "switch_interface_port_comment",
+                    )
 
                 if set(
                     [(d.get(val[0]), d.get(val[1])) for d in this.switch_physical_interface_port]
                 ) ^ set(
                     [(d.get(val[0]), d.get(val[1])) for d in other.switch_physical_interface_port]
                 ):
-
-                    this.data.update(
-                        switch_physical_interface_port=other.switch_physical_interface_port
-                    )
+                    if is_api_version_less_than_or_equal("6.7"):
+                        this.data.update(
+                            switch_physical_interface_port=other.switch_physical_interface_port
+                        )
+                    else:
+                        this.data.update(
+                            switch_interface_port=other.switch_physical_interface_port
+                        )
                     updated = True
 
                 # If there is more than 1 interfaces (IP's assigned) on any given
@@ -1308,6 +1332,10 @@ def appliance_switch_module(self):
         )
 
 
+class SwitchInterface(SwitchPhysicalInterface):
+    typeof = "switch_interface"
+
+
 class PhysicalInterface(Interface):
     """
     Physical Interfaces on NGFW. This represents the following base configuration for

diff --git a/smc/elements/protocols.py b/smc/elements/protocols.py
@@ -84,6 +84,7 @@
 """
 from smc.base.model import Element, SubElement, ElementCache
 from smc.base.decorators import cached_property
+from smc.compat import is_api_version_less_than_or_equal
 from smc.elements.servers import ProxyServer
 from smc.base.util import element_resolver
 from smc.base.structs import BaseIterable
@@ -304,6 +305,9 @@ def proxy_server(self):
             for proxy in ProxyServer.objects.all():
                 if self._inspected_service_ref.startswith(proxy.href + "/"):
                     return proxy
+        # Since API 6.11
+        else:
+            return Element.from_href(self.protocol_agent_values.get("proxy_server_ref"))
 
     def _update(self, **kwargs):
         """
@@ -330,9 +334,11 @@ def _update(self, **kwargs):
                     )
 
                 if self._inspected_service_ref != enabled_services.get(self.protocol_agent.name):
-                    self.protocol_agent_values["inspected_service_ref"] = enabled_services.get(
-                        self.protocol_agent.name
-                    )
+                    if is_api_version_less_than_or_equal("6.10"):
+                        self.protocol_agent_values["inspected_service_ref"] = enabled_services.get(
+                            self.protocol_agent.name)
+                    else:
+                        self.protocol_agent_values["proxy_server_ref"] = proxy_server.href
                     updated = True
         return updated
 

diff --git a/smc/examples/engine-node-health.py b/smc/examples/engine-node-health.py
@@ -6,23 +6,32 @@
 """
 
 # Python Base Import
-import sys
 from smc import session
 from smc.core.engines import Layer3VirtualEngine, Layer3Firewall
+from smc.core.waiters import NodeStatusWaiter
+from smc_info import *
 
-if __name__ == "__main__":
-    URLSMC = "http://localhost:8082"
-    APIKEYSMC = "HuphG4Uwg4dN6TyvorTR0001"
-    try:
-        session.login(url=URLSMC, api_key=APIKEYSMC, verify=False, timeout=120, api_version="6.9")
-    except BaseException as exception_retournee:
-        sys.exit(-1)
 
+if __name__ == "__main__":
+    session.login(url=SMC_URL, api_key=API_KEY, verify=False, timeout=120, api_version=API_VERSION)
     print("session OK")
 
 try:
+
     virtual_engine = Layer3VirtualEngine("Dubai Virtual 1")
+    print("Check nodes status for {}...".format(virtual_engine))
+
     for node in virtual_engine.nodes:
+
+        # Wait for node to be Online
+        waiter = NodeStatusWaiter(node, "Online", max_wait=3)
+        while not waiter.done():
+            status = waiter.result(5)
+            print("Status after 5 sec wait: {}".format(status))
+        print("Node:{} is {}".format(node, status))
+
+        assert status is not None, "Node {} can't be contacted".format(node)
+
         for stats in node.hardware_status.filesystem:
             print("hardware status.filesystem={}".format(stats))
         for stats in node.hardware_status.logging_subsystem:
@@ -38,7 +47,19 @@
         print("health=>{}".format(node.health))
 
     single_fw = Layer3Firewall("Plano")
+    print("Check nodes status for {}...".format(single_fw))
+
     for node in single_fw.nodes:
+
+        # Wait for node to be Online
+        waiter = NodeStatusWaiter(node, 'Online', max_wait=3)
+        while not waiter.done():
+            status = waiter.result(5)
+            print("Status after 5 sec wait: {}".format(status))
+        print("Node:{} is {}".format(node, status))
+
+        assert status is not None, "Node {} can't be contacted".format(node)
+
         # should be None
         print("health=>Master Node={}".format(node.health.master_node))
         print("health=>Node status={}".format(node.health.engine_node_status))
@@ -48,5 +69,6 @@
 
 except Exception as e:
     print(e)
+    exit(-1)
 finally:
     session.logout()