benclerc/fortinet-fortiosapi
最新稳定版本:6.4.5
Composer 安装命令:
composer require benclerc/fortinet-fortiosapi
包简介
PHP library used for interacting with Fortigate firewall (FortiOS) APIs.
README 文档
README
This library is automatically generated, if you want support for a newer version, please open an issue.
PHP library used for interacting with Fortigate firewall (FortiOS) APIs (CMDB (Configuration), Log and Monitor). This library can retrieve, create, update and delete configuration on the firewall.
You can find all supported methods on Fortinet's developer website, you will need an account to browse information.
Table of contents
Getting started
- Get Composer.
- Install the library using composer
composer require benclerc/fortinet-fortiosapi. - Add the following to your application's main PHP file
require 'vendor/autoload.php';. - Instanciate the Config class with the firewall's hostname, username and password
$configConnection = new \Fortinet\FortiOSAPI\Config('123.123.123.123', 'admin', 'password');. - Use the Config object previously created to instanciate the FortiOSAPI object
$firewallConf = new \Fortinet\FortiOSAPI\Configuration($configConnection);. - Start using the library
$staticRoutes = $firewallConf->getAllRouterStatic();.
Documentation
You can find a full documentation here.
Config class
Usage
This Config class is used to prepare the mandatory configuration information to instanciate and use the FortiOSAPI... classes. In the constructor you must pass :
- The firewall's hostname (FQDN) or IP address
- A valid user's username
- The valid user's password
Optional parameters :
- Timeout : 5000ms. Use
setTimeout()to change. - SSL verify peer option : TRUE. Use
setSSLVerifyPeer()to change. - SSL verify host option : 2. Use
setSSLVerifyHost()to change. - API version : 2. Use
setAPIVersion()to change.
Examples
// Basic configuration $configConnection = new \Fortinet\FortiOSAPI\Config('123.123.123.123', 'admin', 'password'); // Configuration for very slow firewalls/long requests $configConnection = new \Fortinet\FortiOSAPI\Config('123.123.123.123', 'admin', 'password'); $configConnection->setTimeout(20000); // Unsecure configuration $configConnection = new \Fortinet\FortiOSAPI\Config('123.123.123.123', 'admin', 'password'); $configConnection->setSSLVerifyPeer(FALSE)->setSSLVerifyHost(FALSE); // Special API version $configConnection = new \Fortinet\FortiOSAPI\Config('123.123.123.123', 'admin', 'password'); $configConnection->setAPIVersion(1); // The class logins to the firewall when being instanciated hence the try/catch statement. // Here I use the class Configuration for the example but it the same for Log and Monitor classes. try { $firewallConf = new \Fortinet\FortiOSAPI\Configuration($configConnection); } catch (Exception $e) { echo('Handle error : '.$e->getMessage()); }
Configuration, Log and Monitor classes
Usage
These classes uses Exception to handle errors, for nominal execution you should instanciate and request methods inside try/catch statements.
Examples
// Get one particular static route try { $res = $firewallConf->getRouterStatic(1); echo('Gateway is : '.$res->results[0]->gateway); } catch (Exception $e) { echo('Handle error : '.$e->getMessage()); } // Get routes using filters try { // Will return fields dst and status of default gateways $res = $firewallConf->getAllRouterStatic(NULL, NULL, NULL, NULL, NULL, NULL, ['dst', 'status'], ['dst==0.0.0.0 0.0.0.0']); // For obvious reasons, it would be a charm to use the new PHP 8.0 syntax to call the method : // $firewallConf->getAllRouterStatic(format: ['dst', 'status'], filter: ['dst==0.0.0.0 0.0.0.0']) } catch (Exception $e) { echo('Handle error : '.$e->getMessage()); } // Set a static route // Define the route $staticRoute = new stdClass; $staticRoute->status = 'enable'; $staticRoute->dst = '1.1.1.1 255.255.255.255'; $staticRoute->src = '198.168.1.0 255.255.255.0'; $staticRoute->gateway = '198.168.1.254'; $staticRoute->device = 'lan'; $staticRoute->distance = 20; // Send the request to the firewall try { $res = $firewallConf->addRouterStatic($staticRoute); if ($res->status == 'success') { echo('Route added'); } else { echo('Route adding failed'); } } catch (Exception $e) { echo('Handle error : '.$e->getMessage()); }
Transactions
This library also supports transactions : start a transaction, create, update, delete, and depending on the result commit or abort your changes.
// Start transaction $firewallConf->startTransaction(); // Create many IP objects $error = FALSE; for ($i=1; $i < 50; $i++) { // Create body object $ip = new stdClass; $ip->name = 'IP'.$i; $ip->type = 'subnet'; $ip->subnet = '10.1.'.$i.'.0/24'; // Create object on the firewall try { $firewallConf->addFirewallAddress($ip); echo("[SUCCESS] Created IP ".$ip->name.".\n"); } catch (Exception $e) { echo("[ERROR] Unable to create IP : ".$ip->name.". Details : ".$e->getMessage()."\n"); $error = TRUE; } } // Check error if ($error === FALSE) { // No errors, commit $firewallConf->commitTransaction(); } else { // Errors, abort and rollback $firewallConf->abortTransaction(); }
统计信息
- 总下载量: 352
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 5
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-03-31