FortiGateAPI.cmdb.firewall.address

class fortigate_api.cmdb.firewall.AddressFC(fortigate: FortiGate, **kwargs)

Web UI	https://172.16.177.65/ng/firewall/address
API	https://172.16.177.65/api/v2/cmdb/firewall/address
Data	cmdb/firewall/address

uid: str = 'name': Unique identifier of fortigate-object.

create(data: Dict[str, Any]) → Response

Create the fortigate-object in the Fortigate.

Parameters:

data (dict) – Data of the fortigate-object. More details can be found at https://fndn.fortinet.net for related POST method.

Returns:

Session response.

<Response [200]> Object successfully created,
<Response [500]> Object already exists.

Return type:

Response

delete(uid: str | int = '', filter: str | Sequence[str] = '', **kwargs) → Response

Delete the fortigate-object from the Fortigate.

Parameters:

uid (str or int) – Identifier of the fortigate-object. Used to delete a single object.
filter (str or List[str]) – Filter fortigate-objects by one or multiple Filtering conditions. Used to delete multiple objects.
kwargs – Fortigate REST API parameters. More details can be found at https://fndn.fortinet.net for related DELETE method.

Returns:

Session response.

<Response [200]> Object successfully deleted,
<Response [404]> Object not found in the Fortigate.

Return type:

Response

get(**kwargs) → List[Dict[str, Any]]

Get fortigate-objects, all or filtered by some parameters.

Parameters:: kwargs – Fortigate REST API parameters. filter - Filter fortigate-objects by one or multiple Filtering conditions. More details can be found at https://fndn.fortinet.net for related GET method.
Returns:: List of the fortigate-objects.
Return type:: List[dict]

is_exist(uid: str | int) → bool

Check if a fortigate-object exists in the Fortigate.

Parameters:: uid (str or int) – Identifier of the fortigate-object.
Returns:: True - object exists, False - object does not exist.
Return type:: bool

update(data: Dict[str, Any]) → Response

Update fortigate-object on the Fortigate.

Parameters:

data (dict) – Data of the fortigate-object to update. More details can be found at https://fndn.fortinet.net for related PUT method.

Returns:

Session response.

<Response [200]> Object successfully updated,
<Response [404]> Object has not been updated.

Return type:

Response

property url: str: URL to the fortigate-object.

Usage

"""api/v2/cmdb/firewall/address

- Create address in the Fortigate, in the default vdom root
- Get all addresses from the Fortigate vdom root
- Format output data to return only required key values
- Get address by name (unique identifier)
- Filter address by operator equals `==`
- Filter address by operator contains `=@`
- Filter address by operator not equals `!=`
- Filter address by multiple conditions
- Update address data in the Fortigate
- Delete address from the Fortigate by name (unique identifier)
- Delete addresses from the Fortigate by filter
- Check for absence of address in the Fortigate

VDOM
- Create address in the Fortigate, in the custom vdom
- Get all addresses from the custom vdom
- Delete addresses from the custom vdom
"""

import logging
from pprint import pprint

from fortigate_api import FortiGateAPI

logging.getLogger().setLevel(logging.DEBUG)

HOST = "host"
USERNAME = "username"
PASSWORD = "password"

api = FortiGateAPI(host=HOST, username=USERNAME, password=PASSWORD, logging_error=True)
api.login()  # login is optional

# Create address in the Fortigate, in the default vdom root
data = {
    "name": "ADDRESS",
    "obj-type": "ip",
    "subnet": "127.0.0.100 255.255.255.252",
    "type": "ipmask",
}
response = api.cmdb.firewall.address.create(data)
print(f"address.create {response}")  # address.create <Response [200]>

# Get all addresses from the Fortigate vdom root
items = api.cmdb.firewall.address.get()
print(f"addresses count={len(items)}")  # addresses count=14

# Get address by name (unique identifier)
items = api.cmdb.firewall.address.get(name="ADDRESS")
print(f"addresses count={len(items)}")  # addresses count=1
pprint(items)
#  [{"comment": "",
#    "name": "ADDRESS",
#    "subnet": "127.0.0.100 255.255.255.252",
#    "uuid": "a386e4b0-d6cb-51ec-1e28-01e0bc0de43c",
#    ...
#    }]

# Format output data to return only required key values
items = api.cmdb.firewall.address.get(format="name|subnet")
pprint(items)
# [{"name": "ADDRESS",
#   "q_origin_key": "ADDRESS",
#   "subnet": "127.0.0.100 255.255.255.252"}]

# Filter by operator equals `==`
items = api.cmdb.firewall.address.get(filter="name==ADDRESS")
print(f"Filtered by `==`, count={len(items)}")  # Filtered by `==`, count=1

# Filter address by operator contains `=@`
items = api.cmdb.firewall.address.get(filter="subnet=@127.0")
print(f"Filtered by `=@`, count={len(items)}")  # Filtered by `=@`, count=2

# Filter address by operator not equals `!=`
items = api.cmdb.firewall.address.get(filter="name!=ADDRESS")
print(f"Filtered by `!=`, count={len(items)}")  # Filtered by `!=`, count=13

# Filter address by multiple conditions
items = api.cmdb.firewall.address.get(filter=["subnet=@127.0", "type==ipmask"])
print(f"Filtered by multiple conditions, count={len(items)}")
# Filtered by multiple conditions, count=2

# Update address data in the Fortigate
data = {"name": "ADDRESS", "subnet": "127.0.0.255 255.255.255.255"}
response = api.cmdb.firewall.address.update(data)
print(f"address.update {response}")  # address.update <Response [200]>

# Delete address from the Fortigate by name (unique identifier)
response = api.cmdb.firewall.address.delete("ADDRESS")
print(f"address.delete {response}")  # address.delete <Response [200]>

# Delete addresses from the Fortigate by filter
# Returns <Response [500]> because FIREWALL_AUTH_PORTAL_ADDRESS cannot be deleted
response = api.cmdb.firewall.address.delete(filter="name=@ADDRESS")
print(f"address.delete {response}")  # address.delete <Response [500]>

# Check for absence of address in the Fortigate
response = api.cmdb.firewall.address.is_exist("ADDRESS")
print(f"address.is_exist {response}")  # address.is_exist False

api.logout()

# VDOM
# Create address in the Fortigate, in the custom vdom
api = FortiGateAPI(host=HOST, username=USERNAME, password=PASSWORD, vdom="VDOM9")
data = {
    "name": "ADDRESS",
    "obj-type": "ip",
    "subnet": "127.0.0.100 255.255.255.252",
    "type": "ipmask",
}
response = api.cmdb.firewall.address.create(data)
print(f"address.create {response}")  # address.create <Response [200]>

# Get all addresses from the custom vdom

items = api.cmdb.firewall.address.get()
print(f"addresses count={len(items)}")  # addresses count=10

# Delete addresses from the custom vdom
response = api.cmdb.firewall.address.delete("ADDRESS")
print(f"address.delete {response}")  # address.delete <Response [200]>

api.logout()