In [None]:
import os
import sys

sys.path.insert(0, os.path.dirname(os.getcwd()))

from firewall_api import Firewall, LIKE, EQ, NOT
import json

# Firewall Credentials
# JSON File
# {
#     "firewall_ip": "<FIREWALL_IP_ADDRESS>",
#     "username": "<USER_NAME>",
#     "port" : "<FIREWALL_PORT>"
#     "password": "<PASSWORD",
#     "password_encrypted": <true|false>
# }

firewall_info = json.load(open("../Credentials/firewall_access.json"))
username = firewall_info["username"]
password = firewall_info["password"]
firewall_ip = firewall_info["firewall_ip"]
port = firewall_info["port"]
password_encrypted = firewall_info["password_encrypted"]

firewall = Firewall(
    username,
    password,
    firewall_ip,
    port,
    password_encrypted,
)

In [None]:
firewall = Firewall(username, password, firewall_ip, port, certificate_verify=False, password_encrypted=True)

entity = "IPHost"

response = firewall.read(entity, "Internet", LIKE)

print("Code:", response["status"], "Text:", response["message"])

for index, item in enumerate(response["data"], start=1):
    print(f"{index:002}: {item}")

In [None]:
for item in open("Firewall Entities.csv", "r"):
    print("\n\n", item, end="")
    response = firewall.read(item.strip())
    print("Code:", response["status"], "Text:", response["message"])

    for index, item in enumerate(response["data"], start=1):
        print(f"{index:02}: {item}")

In [None]:
firewall = Firewall(username, password, firewall_ip, port, password_encrypted)

entity = "IPHostGroup"

response = firewall.read(entity)

print("Code:", response["code"], "Text:", response["text"])

for index, item in enumerate(response["data"], start=1):
    print(f"{index:002}: {item}")

In [None]:
test = {
    "ActiveDirectory": {
        "ServerName": "AD",
        "ServerAddress": "192.168.30.50",
        "Port": "636",
        "NetBIOSDomain": "LAB",
        "ADSUsername": "mitko",
        "Password": {
            "@hashform": "mode1",
            "#text": "$sfos$7$0$ItJ_pd5UQBUHFxjiC7mX1Vr8zZvda9Qael7H6J7ATaSwyGtwGZc4fgzqtpdzZgp8D3bPkK-OVVOSU-Smk2Ja0A~~8xtT69rcIzCgZr2eI8ZgR6VUO7tSBy1qTZL7Uk0_Uqk~",
        },
        "ConnectionSecurity": "SSL",
        "ValidCertReq": "Disable",
        "DisplayNameAttribute": None,
        "EmailAddressAttribute": "mail",
        "DomainName": "lab.local",
        "SearchQueries": {"Query": "dc=lab,dc=local"},
    },
    "LDAPServer": {"@transactionid": "", "Status": "No. of records Zero."},
    "RADIUSServer": {"@transactionid": "", "Status": "No. of records Zero."},
    "TACACSServer": {"@transactionid": "", "Status": "No. of records Zero."},
    "EDirectory": {"@transactionid": "", "Status": "No. of records Zero."},
}


entity = "AuthenticationServer"

response = firewall.read(entity)

print("Code:", response["status"], "Text:", response["message"])

for index, item in enumerate(response["data"], start=1):
    print(f"{index:002}: {item}")

In [None]:
entity = "PatternDownload"

response = firewall.read(entity)

print("Code:", response["status"], "Text:", response["message"])

print(json.dumps(response["data"], indent=4))

In [None]:
# CREATE ENTITY with entity_type "IPHost" and entity_data for "HostType" Network

entity_type = "IPHost"
entity_data = {
    "Name": "192.168.96.0/24",
    "IPFamily": "IPv4",
    "HostType": "Network",
    "IPAddress": "192.168.96.0",
    "Subnet": "255.255.255.0",
}

firewall.create(entity_type, entity_data)

In [None]:
# READ settings for ENTITY with entity_type

entity_type = "LocalServiceACL"

response = firewall.read(entity_type)
print("Code:", response["status"], "Text:", response["message"])

# List/Dump diction of responses
for index, item in enumerate(response["data"], start=1):
    print(f"{index:002}: {item}")

In [None]:
# CREAT ENTITY with entity_type from entity_data

entity_type = "LocalServiceACL"
entity_data = {
    "RuleName": "Admin Access from WAN",
    "Description": "This was applied through the API by the administrator.",
    "Position": "Top",
    "IPFamily": "IPv4",
    "SourceZone": "WAN",
    "Hosts": {"Host": ["192.168.30.0/24", "192.168.10.0/24", "37.200.116.65", "192.168.103.0/24", "192.168.96.0/24", "192.168.122.0/24"]},
    "Services": {
        "Service": ["HTTPS", "SSH", "DNS", "Ping", "SSLVPN", "SNMP", "IPsec", "SMTPRelay", "RED", "UserPortal", "DynamicRouting", "40", "VPNPortal"]
    },
    "Action": "accept",
}

firewall.create(entity_type, entity_data)

In [None]:
# UPDATE ENTITY with entity_type from entity_data and find by "RuleName"

entity_data = {
    "RuleName": "Admin Access from WAN",
    "Description": "This was UPDATED through the API by the administrator.",
    "Hosts": {"Host": ["192.168.122.0/24"]},
    "Action": "accept",
}

firewall.update(entity_type, entity_data, "Admin Access from WAN", "RuleName")

In [None]:
# DELETE ENTITY with entity_type and entity_name and find by "RuleName"

firewall.delete("LocalServiceACL", "Admin Access from WAN", "RuleName")