search

vladimirs-git / fortigate-api

Python package for configuring Fortigate (Fortios) devices using REST API
Apache License 2.0
62 stars 18 forks source link

Can't delete objects with '/' in their name #20

Closed buchu closed 10 months ago

buchu commented 10 months ago

Hi, This is a bug in the native Fortigate API (tested on 6.2.0), but if you have a workaround to delete objects, here is the sample code.

from fortigate_api import FortigateAPI

fgt = FortigateAPI(
    host="XXX",
    username="XXX",
    password="XXX",
)

subnet = "42.42.42.42/32"
subnet_name = f"my_vip_{subnet}"

data = {
    "name": subnet_name,
    "obj-type": "ip",
    "subnet": subnet,
    "type": "ipmask",
}
print(fgt.address.create(data)) # This works

print(fgt.address.get(uid=subnet_name)) # KO
print(fgt.address.get(filter=f"name=@{subnet_name}")) # This works

print(fgt.address.delete(uid=subnet_name)) # KO
print(fgt.address.delete(filter=f"name=@{subnet_name}")) # KO
vladimirs-git commented 10 months ago

fixed in fortigate-api-1.3.1

buchu commented 10 months ago

Thanks but there is still a problem.

# pip list | grep fort
fortigate_api      1.3.1

# python forti.py
<Response [200]>
[]
[{'q_origin_key': 'test_10.42.42.10/32', 'name': 'test_10.42.42.10/32', 'uuid': '09e12132-9483-51ee-15b5-9054b8f33618', 'subnet': '10.42.42.10 255.255.255.255', 'type': 'ipmask', 'start-mac': '00:00:00:00:00:00', 'end-mac': '00:00:00:00:00:00', 'start-ip': '10.42.42.10', 'end-ip': '255.255.255.255', 'fqdn': '', 'country': '', 'wildcard-fqdn': '', 'cache-ttl': 0, 'wildcard': '10.42.42.10 255.255.255.255', 'sdn': '', 'interface': '', 'tenant': '', 'organization': '', 'epg-name': '', 'subnet-name': '', 'sdn-tag': '', 'policy-group': '', 'comment': '', 'visibility': 'enable', 'associated-interface': '', 'color': 0, 'filter': '', 'sdn-addr-type': 'private', 'obj-id': '', 'list': [], 'tagging': [], 'allow-routing': 'disable'}]
<Response [404]>
<Response [404]>
vladimirs-git commented 10 months ago

I cannot reproduce your problem.

pip list

fortigate_api 1.3.1

python forti.py

<Response [200]> [{'name': '42.42.42.42/32', 'q_origin_key': '42.42.42.42/32', 'uuid': 'b56ea458-94be-51ee-09b2-64a1d2125d91', 'subnet': '42.42.42.42 255.255.255.255', 'type': 'ipmask', 'sub-type': 'sdn', 'clearpass-spt': 'unknown', 'start-mac': '00:00:00:00:00:00', 'end-mac': '00:00:00:00:00:00', 'country': '', 'cache-ttl': 0, 'sdn': '', 'fsso-group': [], 'interface': '', 'obj-type': 'ip', 'comment': '', 'associated-interface': '', 'color': 0, 'filter': '', 'sdn-addr-type': 'private', 'obj-id': '', 'list': [], 'tagging': [], 'allow-routing': 'disable', 'fabric-object': 'disable'}] [{'name': '42.42.42.42/32', 'q_origin_key': '42.42.42.42/32', 'uuid': 'b56ea458-94be-51ee-09b2-64a1d2125d91', 'subnet': '42.42.42.42 255.255.255.255', 'type': 'ipmask', 'sub-type': 'sdn', 'clearpass-spt': 'unknown', 'start-mac': '00:00:00:00:00:00', 'end-mac': '00:00:00:00:00:00', 'country': '', 'cache-ttl': 0, 'sdn': '', 'fsso-group': [], 'interface': '', 'obj-type': 'ip', 'comment': '', 'associated-interface': '', 'color': 0, 'filter': '', 'sdn-addr-type': 'private', 'obj-id': '', 'list': [], 'tagging': [], 'allow-routing': 'disable', 'fabric-object': 'disable'}] <Response [200]> <Response [200]>

Please try "pip uninstall fortigate-api", "pip install fortigate-api"

On Thu, 7 Dec 2023 at 00:06, Romain Gaillegue @.***> wrote:

Thanks but there is still a problem.

pip list | grep fort

fortigate_api 1.3.1

python forti.py<Response [200]>

[] [{'q_origin_key': 'test_10.42.42.10/32', 'name': 'test_10.42.42.10/32', 'uuid': '09e12132-9483-51ee-15b5-9054b8f33618', 'subnet': '10.42.42.10 255.255.255.255', 'type': 'ipmask', 'start-mac': '00:00:00:00:00:00', 'end-mac': '00:00:00:00:00:00', 'start-ip': '10.42.42.10', 'end-ip': '255.255.255.255', 'fqdn': '', 'country': '', 'wildcard-fqdn': '', 'cache-ttl': 0, 'wildcard': '10.42.42.10 255.255.255.255', 'sdn': '', 'interface': '', 'tenant': '', 'organization': '', 'epg-name': '', 'subnet-name': '', 'sdn-tag': '', 'policy-group': '', 'comment': '', 'visibility': 'enable', 'associated-interface': '', 'color': 0, 'filter': '', 'sdn-addr-type': 'private', 'obj-id': '', 'list': [], 'tagging': [], 'allow-routing': 'disable'}]<Response [404]><Response [404]>

— Reply to this email directly, view it on GitHub https://github.com/vladimirs-git/fortigate-api/issues/20#issuecomment-1843766101, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANSMNHAPBYOSCRJVKWQWVC3YIDT77AVCNFSM6AAAAABAJW3ZTGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBTG43DMMJQGE . You are receiving this because you modified the open/close state.Message ID: @.***>

-- Best regards, Vladimir Prusakov

buchu commented 10 months ago

Strange, I've tried to remove and purge the cache, but I get the same result on Fortigate 6.2.0 and 7.0.12. Can you provide your Python and Fortigate versions? Thanks

vladimirs-git commented 10 months ago

python -V Python 3.10.11

Firmware v6.4.14 build2093 (GA) FortiGate 100F

On Thu, 7 Dec 2023 at 16:08, Romain Gaillegue @.***> wrote:

Strange, I've tried to remove and purge the cache, but I get the same result on Fortigate 6.2.0 and 7.0.12. Can you provide your Python and Fortigate versions? Thanks

— Reply to this email directly, view it on GitHub https://github.com/vladimirs-git/fortigate-api/issues/20#issuecomment-1845406484, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANSMNHHQKRENOCNOL3S7QJTYIHEV3AVCNFSM6AAAAABAJW3ZTGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBVGQYDMNBYGQ . You are receiving this because you modified the open/close state.Message ID: @.***>

-- Best regards, Vladimir Prusakov