FortiGateAPI.cmdb.firewall.addrgrp

class fortigate_api.cmdb.firewall.AddrgrpFC(fortigate: FortiGate, **kwargs)

Web UI	https://172.16.177.65/ng/firewall/address
API	https://172.16.177.65/api/v2/cmdb/firewall/addrgrp
Data	cmdb/firewall/addrgrp

uid: str = 'name': Unique identifier of fortigate-object.

create(data: Dict[str, Any]) → Response

Create the fortigate-object in the Fortigate.

Parameters:

data (dict) – Data of the fortigate-object. More details can be found at https://fndn.fortinet.net for related POST method.

Returns:

Session response.

<Response [200]> Object successfully created,
<Response [500]> Object already exists.

Return type:

Response

delete(uid: str | int = '', filter: str | Sequence[str] = '', **kwargs) → Response

Delete the fortigate-object from the Fortigate.

Parameters:

uid (str or int) – Identifier of the fortigate-object. Used to delete a single object.
filter (str or List[str]) – Filter fortigate-objects by one or multiple Filtering conditions. Used to delete multiple objects.
kwargs – Fortigate REST API parameters. More details can be found at https://fndn.fortinet.net for related DELETE method.

Returns:

Session response.

<Response [200]> Object successfully deleted,
<Response [404]> Object not found in the Fortigate.

Return type:

Response

get(**kwargs) → List[Dict[str, Any]]

Get fortigate-objects, all or filtered by some parameters.

Parameters:: kwargs – Fortigate REST API parameters. filter - Filter fortigate-objects by one or multiple Filtering conditions. More details can be found at https://fndn.fortinet.net for related GET method.
Returns:: List of the fortigate-objects.
Return type:: List[dict]

is_exist(uid: str | int) → bool

Check if a fortigate-object exists in the Fortigate.

Parameters:: uid (str or int) – Identifier of the fortigate-object.
Returns:: True - object exists, False - object does not exist.
Return type:: bool

update(data: Dict[str, Any]) → Response

Update fortigate-object on the Fortigate.

Parameters:

data (dict) – Data of the fortigate-object to update. More details can be found at https://fndn.fortinet.net for related PUT method.

Returns:

Session response.

<Response [200]> Object successfully updated,
<Response [404]> Object has not been updated.

Return type:

Response

property url: str: URL to the fortigate-object.

Usage

"""api/v2/cmdb/firewall/addrgrp

- Creates address and address-group in the Fortigate
- Get all address-groups from the Fortigate vdom root
- Get filtered address-groups by name (unique identifier)
- Filter address-groups by operator contains `=@`
- Filter address-groups by multiple conditions
- Update address-groups data in the Fortigate
- Delete address-groups from the Fortigate by name
- Delete address-groups by filter
- Delete address object
- Check for absence of address-groups in the Fortigate
"""

import logging

from fortigate_api import FortiGateAPI

logging.getLogger().setLevel(logging.DEBUG)

HOST = "host"
USERNAME = "username"
PASSWORD = "password"

api = FortiGateAPI(host=HOST, username=USERNAME, password=PASSWORD, logging_error=True)
api.login()  # login is optional

# Creates address and address-group in the Fortigate
data = {"name": "ADDRESS",
        "obj-type": "ip",
        "subnet": "127.0.0.100 255.255.255.255",
        "type": "ipmask"}
response = api.cmdb.firewall.address.create(data)
print("address.create", response)  # address.create <Response [200]>
data = {
    "name": "ADDR_GROUP",
    "member": [{"name": "ADDRESS"}],
}
response = api.cmdb.firewall.addrgrp.create(data)
print("addrgrp.creat", response)  # addrgrp.creat <Response [200]>

# Get all address-groups from the Fortigate vdom root
items = api.cmdb.firewall.addrgrp.get()
print(f"addrgrp count={len(items)}")  # addrgrp count=115

# Get filtered address-groups by name (unique identifier)
items = api.cmdb.firewall.addrgrp.get(name="ADDR_GROUP")
print(f"addrgrp count={len(items)}")  # addrgrp count=1

# Filter address-groups by operator contains `=@`
items = api.cmdb.firewall.addrgrp.get(filter="name=@MS")
print("addrgrp count", len(items))  # addrgrp count 6

# Filter address-groups by multiple conditions
items = api.cmdb.firewall.addrgrp.get(filter=["name=@MS", "color==6"])
print(f"addrgrp count={len(items)}")  # addrgrp count=2

# Update address-groups data in the Fortigate
data = dict(name="ADDR_GROUP", color=6)
response = api.cmdb.firewall.addrgrp.update(data)
print("addrgrp.update", response)  # addrgrp.update <Response [200]>

# Delete address-groups from the Fortigate by name
response = api.cmdb.firewall.addrgrp.delete("ADDR_GROUP")
print("addrgrp.delete", response)  # addrgrp.delete <Response [200]>

# Delete address-groups by filter
response = api.cmdb.firewall.addrgrp.delete(filter="name=@ADDR_GROUP")
print("addrgrp.delete", response)  # addrgrp.delete <Response [404]>

# Delete address object
response = api.cmdb.firewall.address.delete("ADDRESS")
print("address.delete", response)  # address.delete <Response [200]>

# Check for absence of address-groups in the Fortigate
response = api.cmdb.firewall.addrgrp.is_exist("ADDR_GROUP")
print("addrgrp.is_exist", response)  # addrgrp.is_exist False

api.logout()