goftd

package module
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 5, 2021 License: Apache-2.0 Imports: 13 Imported by: 1

README

go-ftd

Go Bindings for Cisco FirePower NGFW. These bindings talk to Firepower Device Manager.

Example

Open a Session using env vars:

params := make(map[string]string)
params["grant_type"] = "password"
params["username"] = os.Getenv("FTD_USER")
params["password"] = os.Getenv("FTD_PASSWORD")
params["debug"] = "true"
params["insecure"] = "true"

ftd, err := NewFTD(os.Getenv("FTD_HOST"), params)
if err != nil {
    glog.Errorf("error: %s\n", err)
    return nil, err
}

return ftd, nil

Creating a Network Object:

// Create a Network Object for a single host 1.1.1.1
n := new(NetworkObject)
n.Name = "testObj001"
n.SubType = "HOST"
n.Value = "1.1.1.1"

err = ftd.CreateNetworkObject(n, DuplicateActionReplace)
if err != nil {
    glog.Errorf("error: %s\n", err)
    return
}

Creating an Access Rule:

// Allow any traffic between any and network object n1 and network object group g1
a := new(AccessRule)
a.Name = "testPolicy001"
a.RuleAction = RuleActionPermit
a.EventLogAction = LogActionNone
// n1.Refence() returns a reference object of a Network Object
a.DestinationNetworks = append(a.DestinationNetworks, n1.Reference())
// g1.Refence() returns a reference object of a Network Object Group
a.DestinationNetworks = append(a.DestinationNetworks, g1.Reference())

err = ftd.CreateAccessRule(a, "default")
if err != nil {
    glog.Errorf("error: %s\n", err)
    return
}

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the Apache 2 License - see the LICENSE file for details

Documentation

Index

Constants

View Source 
const (

	// TypeUDPPortObject object type udp port
	TypeUDPPortObject string = "udpportobject"
	// TypeTCPPortObject object type tcp port
	TypeTCPPortObject string = "tcpportobject"

	//DuplicateActionError Error on duplicate
	DuplicateActionError int = 0

	//DuplicateActionDoNothing Don't do anything
	DuplicateActionDoNothing int = 1

	//DuplicateActionReplace Replace
	DuplicateActionReplace int = 2

	//LogActionNone LOG_NONE
	LogActionNone string = "LOG_NONE"

	//LogActionFlowStart LOG_FLOW_START
	LogActionFlowStart string = "LOG_FLOW_START"

	//RuleActionPermit PERMIT
	RuleActionPermit string = "PERMIT"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessPolicy 

type AccessPolicy struct {
	ReferenceObject
	AccessRuleIDs []int `json:"accessRuleIDs,omitempty"`
	DefaultAction struct {
		Action          string
		EventLogAction  string
		IntrusionPolicy *ReferenceObject `json:"intrusionPolicy,omitempty"`
		SyslogServer    *ReferenceObject `json:"syslogServer,omitempty"`
		Type            string
	}
	SSLPolicy             *ReferenceObject   `json:"sslPolicy,omitempty"`
	Rules                 []*ReferenceObject `json:"rules,omitempty"`
	IdentityPolicySetting *ReferenceObject   `json:"identityPolicySetting,omitempty"`
	SecurityIntelligence  *ReferenceObject   `json:"securityIntelligence,omitempty"`
	Links                 *Links             `json:"links,omitempty"`
	Paging                *Paging            `json:"paging,omitempty"`
}

AccessPolicy Access Policy Object

func (*AccessPolicy) Reference 

func (a *AccessPolicy) Reference() *ReferenceObject

Reference Returns a reference object

type AccessRule 

type AccessRule struct {
	ReferenceObject
	RuleID              int                `json:"ruleId,omitempty"`
	SourceZones         []*ReferenceObject `json:"sourceZones,omitempty"`
	DestinationZones    []*ReferenceObject `json:"destinationZones,omitempty"`
	SourceNetworks      []*ReferenceObject `json:"sourceNetworks,omitempty"`
	DestinationNetworks []*ReferenceObject `json:"destinationNetworks,omitempty"`
	SourcePorts         []*ReferenceObject `json:"sourcePorts,omitempty"`
	DestinationPorts    []*ReferenceObject `json:"destinationPorts,omitempty"`
	RuleAction          string             `json:"ruleAction,omitempty"`
	EventLogAction      string             `json:"eventLogAction,omitempty"`
	VLANTags            []*ReferenceObject `json:"vlanTags,omitempty"`
	Users               []*ReferenceObject `json:"users,omitempty"`
	IntrusionPolicy     *ReferenceObject   `json:"intrusionPolicy,omitempty"`
	FilePolicy          *ReferenceObject   `json:"filePolicy,omitempty"`
	LogFiles            bool               `json:"logFiles,omitempty"`
	SyslogServer        *ReferenceObject   `json:"syslogServer,omitempty"`
	Links               *Links             `json:"links,omitempty"`
	Parent              string
}

AccessRule Access Rule Object

func (*AccessRule) Reference 

func (a *AccessRule) Reference() *ReferenceObject

Reference Returns a reference object

type DeployObject 

type DeployObject struct {
	ReferenceObject
	Description     string `json:"description,omitempty"`
	StatusMessage   string `json:"subType"`
	CliErrorMessage string `json:"value"`
	State           string `json:"isSystemDefined,omitempty"`
	Links           *Links `json:"links,omitempty"`
}

func (*DeployObject) Reference 

func (n *DeployObject) Reference() *ReferenceObject

Reference Returns a reference object

type FTD 

type FTD struct {
	// Hostname or IP address
	Hostname string
	// Define authorization type as password or custom
	GrantType string

	Insecure bool
	// contains filtered or unexported fields
}

FTD struct holding the FTD object

func NewFTD 

func NewFTD(hostname string, param map[string]string) (*FTD, error)

NewFTD returns an initilized FTD struct

func (*FTD) AddToNetworkObjectGroup 

func (f *FTD) AddToNetworkObjectGroup(g *NetworkObjectGroup, n *NetworkObject) error

AddToNetworkObjectGroup Add a Network to an Object Group

func (*FTD) AddToPortObjectGroup 

func (f *FTD) AddToPortObjectGroup(g *PortObjectGroup, p *PortObject) error

AddToPortObjectGroup Add a Port to an Object Group

func (*FTD) CreateAccessRule 

func (f *FTD) CreateAccessRule(n *AccessRule, policy string) error

CreateAccessRule Create a new access rule

func (*FTD) CreateNetworkObject 

func (f *FTD) CreateNetworkObject(n *NetworkObject, duplicateAction int) error

CreateNetworkObject Create a new network object

func (*FTD) CreateNetworkObjectGroup 

func (f *FTD) CreateNetworkObjectGroup(n *NetworkObjectGroup, duplicateAction int) error

CreateNetworkObjectGroup Create a new network object

func (*FTD) CreateNetworkObjectGroupFromIPs 

func (f *FTD) CreateNetworkObjectGroupFromIPs(name string, ips []string, duplicateAction int) (*NetworkObjectGroup, error)

CreateNetworkObjectGroupFromIPs Create an object group from an array of ip address. Network objects = ip.

func (*FTD) CreateNetworkObjectsFromIPs 

func (f *FTD) CreateNetworkObjectsFromIPs(ips []string) ([]*NetworkObject, error)

CreateNetworkObjectsFromIPs Create Network objects from an array of IP

func (*FTD) CreatePortObjectGroup 

func (f *FTD) CreatePortObjectGroup(g *PortObjectGroup, duplicateAction int) error

CreatePortObjectGroup Create a new port object group

func (*FTD) CreateTCPPortObject 

func (f *FTD) CreateTCPPortObject(p *PortObject, duplicateAction int) error

CreateTCPPortObject Creates a new TCP port

func (*FTD) CreateUDPPortObject 

func (f *FTD) CreateUDPPortObject(p *PortObject, duplicateAction int) error

CreateUDPPortObject Creates a new UDP port

func (*FTD) Delete 

func (f *FTD) Delete(endpoint string) (err error)

Delete DELETE to ASA API

func (*FTD) DeleteAccessRule 

func (f *FTD) DeleteAccessRule(n *AccessRule) error

DeleteAccessRule Delete an access rule

func (*FTD) DeleteFromNetworkObjectGroup 

func (f *FTD) DeleteFromNetworkObjectGroup(g *NetworkObjectGroup, n *NetworkObject) error

DeleteFromNetworkObjectGroup Deletes a Network to an Object Group

func (*FTD) DeleteFromPortObjectGroup 

func (f *FTD) DeleteFromPortObjectGroup(g *PortObjectGroup, p *PortObject) error

DeleteFromPortObjectGroup Deletes a Port from an Object Group

func (*FTD) DeleteNetworkObject 

func (f *FTD) DeleteNetworkObject(n *NetworkObject) error

DeleteNetworkObject Delete a network object

func (*FTD) DeleteNetworkObjectByID 

func (f *FTD) DeleteNetworkObjectByID(id string) error

DeleteNetworkObjectByID Delete a network object

func (*FTD) DeleteNetworkObjectGroup 

func (f *FTD) DeleteNetworkObjectGroup(n *NetworkObjectGroup) error

DeleteNetworkObjectGroup Delete a network object

func (*FTD) DeletePortObject 

func (f *FTD) DeletePortObject(p *PortObject) error

DeletePortObject Delete a port

func (*FTD) DeletePortObjectGroup 

func (f *FTD) DeletePortObjectGroup(g *PortObjectGroup) error

DeletePortObjectGroup Delete a port object group

func (*FTD) Get 

func (f *FTD) Get(endpoint string, uriQuery map[string]string) (bodyText []byte, err error)

Get GET to ASA API

func (*FTD) GetAccessPolicies 

func (f *FTD) GetAccessPolicies(limit int) ([]*AccessPolicy, error)

GetAccessPolicies Get a list of access policies

func (*FTD) GetAccessPoliciesby 

func (f *FTD) GetAccessPoliciesby(filterstring string, limit int) ([]*AccessPolicy, error)

func (*FTD) GetAccessRules 

func (f *FTD) GetAccessRules(policy string, limit int) ([]*AccessRule, error)

GetAccessRules Get a list of access rules

func (*FTD) GetNetworkAny 

func (f *FTD) GetNetworkAny() (*NetworkObject, error)

GetNetworkAny Returns the 0.0.0.0/0 object

func (*FTD) GetNetworkObjectByID 

func (f *FTD) GetNetworkObjectByID(id string) (*NetworkObject, error)

GetNetworkObjectByID Get a network object by ID

func (*FTD) GetNetworkObjectGroupBy 

func (f *FTD) GetNetworkObjectGroupBy(filterString string) ([]*NetworkObjectGroup, error)

func (*FTD) GetNetworkObjectGroups 

func (f *FTD) GetNetworkObjectGroups(limit int) ([]*NetworkObjectGroup, error)

GetNetworkObjectGroups Get a list of network objects

func (*FTD) GetNetworkObjects 

func (f *FTD) GetNetworkObjects(limit int) ([]*NetworkObject, error)

GetNetworkObjects Get a list of network objects

func (*FTD) GetPortObjectGroupBy 

func (f *FTD) GetPortObjectGroupBy(filterString string) ([]*PortObjectGroup, error)

func (*FTD) GetPortObjectGroups 

func (f *FTD) GetPortObjectGroups(limit int) ([]*PortObjectGroup, error)

GetPortObjectGroups Get all the port object groups within the limit specified

func (*FTD) GetTCPPortObjectByID 

func (f *FTD) GetTCPPortObjectByID(id string) (*PortObject, error)

GetTCPPortObjectByID Get a tcp port by ID

func (*FTD) GetTCPPortObjects 

func (f *FTD) GetTCPPortObjects() ([]*PortObject, error)

GetTCPPortObjects Get a list of tcp ports

func (*FTD) GetUDPPortObjectByID 

func (f *FTD) GetUDPPortObjectByID(id string) (*PortObject, error)

GetUDPPortObjectByID Get a udp port by ID

func (*FTD) GetUDPPortObjects 

func (f *FTD) GetUDPPortObjects() ([]*PortObject, error)

GetUDPPortObjects Get a list of udp ports

func (*FTD) ModifyAccessPolicy 

func (f *FTD) ModifyAccessPolicy(n *AccessPolicy, policy string) error

ModifyAccessPolicy Modify access policy

func (*FTD) Post 

func (f *FTD) Post(endpoint string, ftdReq interface{}) (bodyText []byte, err error)

Post POST to ASA API

func (*FTD) PostDeploy 

func (f *FTD) PostDeploy(n *DeployObject) error

func (*FTD) Put 

func (f *FTD) Put(endpoint string, ftdReq interface{}) (bodyText []byte, err error)

Put PUT to ASA API

func (*FTD) UpdateNetworkObject 

func (f *FTD) UpdateNetworkObject(n *NetworkObject) error

UpdateNetworkObject Updates a network object

func (*FTD) UpdateNetworkObjectGroup 

func (f *FTD) UpdateNetworkObjectGroup(n *NetworkObjectGroup) error

UpdateNetworkObjectGroup Updates a network object group

func (*FTD) UpdatePortObject 

func (f *FTD) UpdatePortObject(p *PortObject) error

UpdatePortObject Updates a port

func (*FTD) UpdatePortObjectGroup 

func (f *FTD) UpdatePortObjectGroup(g *PortObjectGroup) error

UpdatePortObjectGroup Updates a port object group

type FTDError 

type FTDError struct {
	Severity string       `json:"severity"`
	Key      string       `json:"key"`
	Message  []FTDMessage `json:"messages"`
}

FTDError Error returned by API

func (FTDError) Error 

func (fe FTDError) Error() string

type FTDMessage 

type FTDMessage struct {
	Description string
	Code        string
	Location    string
}

FTDMessage Error message returned by API 

type Links struct {
	Self string `json:"self,omitempty"`
}

Links Embedded links

type NetworkObject 

type NetworkObject struct {
	ReferenceObject
	Description     string `json:"description,omitempty"`
	SubType         string `json:"subType"`
	Value           string `json:"value"`
	IsSystemDefined bool   `json:"isSystemDefined,omitempty"`
	Links           *Links `json:"links,omitempty"`
}

NetworkObject An object represents the network (Note: The field level constraints listed here might not cover all the constraints on the field. Additional constraints might exist.)

func (*NetworkObject) Reference 

func (n *NetworkObject) Reference() *ReferenceObject

Reference Returns a reference object

type NetworkObjectGroup 

type NetworkObjectGroup struct {
	ReferenceObject
	Description     string             `json:"description,omitempty"`
	IsSystemDefined bool               `json:"isSystemDefined,omitempty"`
	Objects         []*ReferenceObject `json:"objects,omitempty"`
	Links           *Links             `json:"links,omitempty"`
}

NetworkObjectGroup Network Object Group

func (*NetworkObjectGroup) Reference 

func (g *NetworkObjectGroup) Reference() *ReferenceObject

Reference Returns a reference object

type Paging 

type Paging struct {
	Prev   []string `json:"prev,omitempty"`
	Next   []string `json:"next,omitempty"`
	Limit  int      `json:"limit,omitempty"`
	Offset int      `json:"offset,omitempty"`
	Count  int      `json:"count,omitempty"`
	Pages  int      `json:"pages,omitempty"`
}

Paging Paging Information

type PortObject 

type PortObject struct {
	ReferenceObject
	Description     string `json:"description,omitempty"`
	Port            string `json:"port,omitempty"`
	IsSystemDefined bool   `json:"isSystemDefined,omitempty"`
	Links           *Links `json:"links,omitempty"`
}

PortObject Represents a TCP or UDP port

func (*PortObject) Reference 

func (p *PortObject) Reference() *ReferenceObject

Reference Returns a reference object

type PortObjectGroup 

type PortObjectGroup struct {
	ReferenceObject
	Description     string             `json:"description,omitempty"`
	IsSystemDefined bool               `json:"isSystemDefined,omitempty"`
	Objects         []*ReferenceObject `json:"objects,omitempty"`
	Links           *Links             `json:"links,omitempty"`
}

PortObjectGroup Port Object Group

func (*PortObjectGroup) Reference 

func (p *PortObjectGroup) Reference() *ReferenceObject

Reference Returns a reference object

type ReferenceObject 

type ReferenceObject struct {
	ID      string `json:"id,omitempty"`
	Version string `json:"version,omitempty"`
	Name    string `json:"name"`
	Type    string `json:"type"`
}

ReferenceObject FTD reference object

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.