Reputation: 61
SMC-Python Adding and Removing Blacklisted IP's
I'm trying to programmatically add a blacklisted IP to the firewall. I try this but get an error. I'm not that new to python, but I'm not all that proficient in reading the documentation, so here is that if it helps.
https://media.readthedocs.org/pdf/smc-python/latest/smc-python.pdf
https://smc-python.readthedocs.io/en/latest/index.html
from smc import session
from smc_monitoring.monitors.blacklist import BlacklistQuery
from smc.core.engines import Engine
from smc.administration.system import System
session.login(url='http://nope', api_key='supersecret')
print("logged in")
# # Method 1 ERROR
system = System()
print(system.smc_version)
system.blacklist(src='1.1.1.1/32', dst='2.2.2.2/32', duration=3600)
session.logout()
Traceback (most recent call last): File "/home/matthew/PycharmProjects/GitSMC/BlacklistTest.py", line 12, in
system.blacklist(src='1.1.1.1/32', dst='2.2.2.2/32', duration=3600)
File "/home/matthew/PycharmProjects/GitSMC/venv/lib/python3.7/site-packages/smc/administration/system.py", line 159, in blacklist json=prepare_blacklist(src, dst, duration, **kw))
File "/home/matthew/PycharmProjects/GitSMC/venv/lib/python3.7/site-packages/smc/base/mixins.py", line 32, in make_request result = getattr(request, method)()
File "/home/matthew/PycharmProjects/GitSMC/venv/lib/python3.7/site-packages/smc/api/common.py", line 66, in create return self._make_request(method='POST')
File "/home/matthew/PycharmProjects/GitSMC/venv/lib/python3.7/site-packages/smc/api/common.py", line 101, in _make_request raise err
smc.api.exceptions.ActionCommandFailed: Invalid JSON format: At line 1 and column 17, end_point1 is not recognized as JSON attribute.
Upvotes: 2
Views: 294
Answers (1)
Reputation: 31
There are multiple ways to blacklist, either through the System entry point like you have above, or individually against a single firewall/cluster. If using the System entry point, the blacklist entry will go to all SMC managed firewalls. Based on the message, it appears you might be using a newer version of smc-python (i.e. >6.5.x).
In that case it's best to use the engine level blacklisting:
from smc.elements.other import Blacklist
engine = Engine('myfw')
blacklist = Blacklist()
blacklist.add_entry(src='1.1.1.1/32', dst='2.2.2.2/32')
engine.blacklist_bulk(blacklist)
I just noticed that the System entry point does not have a blacklist function for SMC 6.5 (which hasn't technically been fully certified for this library yet), but I will add to the develop branch as 6.5.x will be officially supported in the next couple of weeks.
If you are using SMC version <= 6.4.x, you can use the engine.blacklist, or System.blacklist commands.
DLP
Upvotes: 3
Related Questions
- django permissions for block ip addresses import Blocklist
- Use python IP address to mask IP addresses
- change IP range address
- Script function to check if there is strange IP (IP which is not in whitelisted) in Python
- IP Spoofing in python 3
- Ip address short list in python
- Python- IP address module
- Pyboto: remove an ip based rule from a security group
- How to properly perform host or dig command in python
- How to determine if IP address in whitelist with IPy?