search

gabstopper / smc-python

Forcepoint Security Management Center python library:(Moved to official Forcepoint repo)
https://github.com/Forcepoint/fp-NGFW-SMC-python
Apache License 2.0
29 stars 13 forks source link

Unable to add/edit comment in `add_layer3_vlan_interface` #35

Closed stdedos closed 6 years ago

stdedos commented 6 years ago

On an existing Master Engine, with existing Resource and VFW, I am running:

master_engine.physical_interface.add_layer3_vlan_interface(
                        master_if_id, vlan_id,
                        virtual_mapping=vfw_if_id,
                        virtual_resource_name=vfw_resource,
                        comment='{:s}: {:s}'.format(vfw_name, comment))

However, result is not coming: image

(I think it happened on creation also; currently it is "definitely" an update)

gabstopper commented 6 years ago

Apologize for the delay. If the interface existed with the VLAN, then this is by design. I think that is what is happening here. Meaning you already created the interface and VLAN, and your trying to change the comment.

Interface creation supports adding comments during creation (and works):

engine = MasterEngine.create(name='virtualfw', master_type='firewall', mgmt_ip='1.1.1.1', mgmt_network='1.1.1.0/24')
engine.virtual_resource.create(name='ve-1', vfw_id=1, comment='my resource comment')
engine.physical_interface.add_layer3_vlan_interface(
    virtual_mapping=1,
    virtual_resource_name='ve-1',
    interface_id=2, vlan_id=2, comment='my interface comment')

image

If you already have the interface and VLAN, you will not use the same add_layer3_vlan_interface constructor (that's used when you want to add a VLAN to an existing physical interface), instead you can just modify the interface directly:

engine = Engine('virtualfw')
interface = engine.interface.get('2.2')
interface.comment = 'I changed the comment'
interface.update()

image

gabstopper commented 6 years ago

Closing per clarification and example above