Giter VIP home page Giter VIP logo

algosec-python's Introduction

AlgoSec Python SDK

docs Documentation Status
tests
package

A Python SDK providing simple access to AlgoSec APIs, including handy methods to implement common network security policy management tasks, such as:

  • Check whether specific traffic is allowed by the firewalls and security devices in the network.
  • Open a network security change request.
  • Check status of existing change requests.
  • Update business application connectivity requirements (and automatically trigger change requests as needed)

Useful for automation and orchestration (e.g. DevOps), building custom portals, or exposing specific functionality to Application Owners, IT, Helpdesk, Information Security, Security Operations, etc.

Included in this package are clients for AlgoSec Firewall Analyzer, FireFlow and BusinessFlow.

Installation

Install the latest version from PyPi by running:

pip install algosec --upgrade

or clone this repo and run:

python setup.py install

Contribution

Contributions are welcome! Please follow the standard pull request process.

Documentation

Documentation Status

Documentation available online at: https://algosec-python.readthedocs.io/en/latest/

How to build doc's locally?

Using Spinx:

$ cd docs
$ make html

Then see the docs/_build folder created for the html files.

Developing

To install the package for local development just run:

pipenv install

This will install all the dependencies and set the project up for local usage and development .

Testing

To run the unittests for all supported python versions, simply run:

tox

algosec-python's People

Contributors

almogcohen avatar chanilurya avatar pyup-bot avatar yaelmagrafta avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

eugene-ky-wong libermandovev cryptforall st3p1n psychedelys chanilh nathanawmk chanilurya rajat-gupta-algosec kmghari001

algosec-python's Issues

incorrect documentation: import firewall analyzer

In the documentation the step to import the firewallanalyzerapiclient is wrong
it states: from algosec.api_clients import FirewallAnalyzerAPIClient while it should be from algosec.api_clients.firewall_analyzer import FirewallAnalyzerAPIClient

Fireflow Module- No parameter to pass application as input

If we need to create a change request for ICMP rule in Algosec through algosec python module, currently there is no option to provide application parameter input. It will great if application parameter can be provided with the fireflow.py. It will help to deploy the ICMP rules by creating change request in algosec.

export simulation to pdf

Hi there Algosec Team

I was wondering if there is a way to export the query to pdf from this python SDK?

Need way to set device IP in create_change_request

I don't see a way to set the device IP in create_change_request. There is no argument for it, and it's not part of traffic_lines. When I submit a CR, I get a good request, but with no device selected.

client = FireFlowAPIClient("algosec.test.local", "(UserID)", "(Password)", verify_ssl=False)

subject="Test - please ignore"
description="This is a test"
requestor_name="Ansible"
email="[email protected]"
template="Firewall Rule Request template 601"
traffic_lines = [
    ChangeRequestTrafficLine(
        ChangeRequestAction.ALLOW,
        # IP, IP subnets and object names that are defined on AFF
        ['0.0.0.0/0'],
        ['0.0.0.0/0'],
        ['*']
    )
]
NewReq = client.create_change_request( subject,requestor_name,email,traffic_lines,description,template)

If I use get_change_request_by_id to pull an existing request that used the same template, besides the rest of the data that I expect, I get a value for devices, which contains the actual IP of the firewall the change was requested for, in underscore notation (data has been scrubbed):

(ticket){
   template = "Firewall Rule Request template 601"
   cc = None
   description = "This is a bogus request"
   devices[] =
     "10_10_10_10",
   due = None
   owner = "xyz123"
   priority = "0"
   requestor = "Ansible user"
   subject = "Test rule"
   trafficLines[] =
      (trafficLine){
         action = 1
         nat =
            (trafficNAT){
               type = -1
            }
         trafficDestination[] =
            (trafficAddress){
               address = "10.255.255.19"
            },
            (trafficAddress){
               address = "10.255.255.20"
            },
            (trafficAddress){
               address = "10.255.255.21"
            },
            (trafficAddress){
               address = "10.255.255.18"
            },
            (trafficAddress){
               address = "10.255.255.16"
            },
         trafficService[] =
            (trafficService){
               service = "icmp/*"
            },
            (trafficService){
               service = "tcp/1521"
            },
         trafficSource[] =
            (trafficAddress){
               address = "192.168.255.220"
            },
            (trafficAddress){
               address = "192.168.255.221"
            },
         trafficUser[] =
            (trafficUser){
               user = "Any"
            },
         trafficApplication[] =
            (trafficApplication){
               application = "Any"
            },
         trafficLineOriginalId = "1;2"
      },
   status = "resolved"
   id = 5367
 }

How do I submit this via the SDK?

Issue using the SDK

I'm reposting @julien2404 post from here for proper tracking of issues. I'll follow up with a response.

Hi,

I've installed the latest client version V1.1.0 and started writting a little script. However I'm getting an error.
Here is the script :

#!/opt/rh/rh-python36/root/usr/bin/python

from algosec.api_clients.firewall_analyzer import FirewallAnalyzerAPIClient

ip='XX.XX.XX.XX'
username='admin'
password='hidexxx'
verify_ssl=0

source='YY.YY.YY.YY'
dest='ZZ.ZZ.ZZ.ZZ'
service='tcp/80'

client = FirewallAnalyzerAPIClient(ip, username, password, verify_ssl)
query_result = client.run_traffic_simulation_query(source,dest,service)
here is the error :

<suds.sax.document.Document object at 0x7f883954aac8>
Traceback (most recent call last):
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds_requests.py", line 16, in wrapper
return f(*args, **kwargs)
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds_requests.py", line 54, in send
resp.raise_for_status()
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/requests/models.py", line 939, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 500 Server Error: Internal Server Error - AFA for url: https://XX.XX.XX.XX/AFA/php/ws.php

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds/client.py", line 613, in send
reply = self.options.transport.send(request)
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds_requests.py", line 22, in wrapper
buf,
suds.transport.TransportError: Error in requests
Traceback (most recent call last):
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds_requests.py", line 16, in wrapper
return f(*args, **kwargs)
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/suds_requests.py", line 54, in send
resp.raise_for_status()
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/requests/models.py", line 939, in raise_for_status
raise HTTPError(http_error_msg, response=self)

Question : is the URL correct : https://XX.XX.XX.XX/AFA/php/ws.php ? I saw in algosec doc that the URL must be https://XX.XX.XX.XX/AFA/php/ws.php?wsdl

I'm not sure if I'm writting this comment in the good section. Feel free to tell me.

Thank you in advance

Clarification

Does algosec aff module support Implementation of NAT rules? How do we implement NAT through algosec aff python module ?

Full unit test coverage

Would be pretty easy to do so, and add travis to this repo.

Most of the mock responses needed for the API could be copied from the algosec-ruby package that have full unittest coverage.

Once implemented, it would be really easy to implement #13

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.