-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathfirewallpolicy.py
More file actions
executable file
·69 lines (58 loc) · 1.74 KB
/
firewallpolicy.py
File metadata and controls
executable file
·69 lines (58 loc) · 1.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/env python
#License upload using FORTIOSAPI from Github
import logging
import sys
from fortiosapi import FortiOSAPI
formatter = logging.Formatter(
'%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
logger = logging.getLogger('fortiosapi')
hdlr = logging.FileHandler('testfortiosapi.log')
hdlr.setFormatter(formatter)
logger.addHandler(hdlr)
logger.setLevel(logging.DEBUG)
def main():
# Parse for command line argument for fgt ip
if len(sys.argv) < 2:
# Requires fgt ip and password
print "Please specify fgt ip address"
exit()
# Initilize fgt connection
ip = sys.argv[1]
try:
passwd = sys.argv[2]
except:
passwd = ''
#fgt = FGT(ip)
# Hard coded vdom value for all requests
vdom = "root"
# Login to the FGT ip
fgt = FortiOSAPI()
fgt.login(ip, 'fgtadmin', passwd, verify=False)
data = {
'name': "apiset",
"scan-mode": "quick",
'http': {"options": "scan avmonitor",},
"emulator": "enable",
}
fgt.set('antivirus', 'profile', vdom="root", data=data)
data = {
'policyid': "66",
'name': "Testfortiosapi",
'action': "accept",
'srcintf': [{"name": "port1"}],
'dstintf': [{"name": "port2"}],
'srcaddr': [{"name": "all"}],
'dstaddr': [{"name": "all"}],
'schedule': "always",
'service': [{"name": "HTTPS"}],
"utm-status": "enable",
"profile-type": "single",
'av-profile': "apiset",
'profile-protocol-options': "default",
'ssl-ssh-profile': "certificate-inspection",
'logtraffic': "all",
}
fgt.set('firewall', 'policy', vdom="root", data=data)
fgt.logout()
if __name__ == '__main__':
main()