help on filtering policies

vladimirs-git / fortigate-api

Python package for configuring Fortigate (Fortios) devices using REST API

Apache License 2.0

61 stars 18 forks source link

help on filtering policies #1

Closed zephyr2k7 closed 2 years ago

zephyr2k7 commented 2 years ago

Hi, Regarding the policy filters how can I try to get all policies filtered by destination address? For example to extract all policies that allora traffic to a specific il say 192.168.1.2?

Thanks in advance for your help

vladimirs-git commented 2 years ago

Example how to get all policies with destination address == "192.168.1.2/32"

from pprint import pprint
from fortigate_api import FortigateAPI

fgt = FortigateAPI(host="host", username="username", password="password")
fgt.login()

policies = []
addresses = fgt.address.get(filter="subnet==192.168.1.2 255.255.255.255")
for policy in fgt.policy.get():
    dstaddr = [d["name"] for d in policy["dstaddr"]]
    for address in addresses:
        if address["name"] in dstaddr:
            policies.append(policy)
pprint(policies)

zephyr2k7 commented 2 years ago

thankyou very much

vladimirs-git commented 2 years ago

Since version 0.2.1 you can use extended filter to make it easier to find rules by source or destination addresses.

from pprint import pprint
from fortigate_api import FortigateAPI

fgt = FortigateAPI(host="host", username="username", password="password")
fgt.login()
policies = fgt.policy.get(efilter="srcaddr<=192.168.0/24")
pprint(policies)