8000 pyFG does not handle "move" command under "config firewall policy" correctly? · Issue #34 · spotify/pyfg · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Mar 28, 2022. It is now read-only.
This repository was archived by the owner on Mar 28, 2022. It is now read-only.
pyFG does not handle "move" command under "config firewall policy" correctly? #34
Open
Open
pyFG does not handle "move" command under "config firewall policy" correctly?#34
@kkyick2

Description

@kkyick2
kkyick2
opened on Oct 5, 2018

Hello guys,

I recently tried to use pyFG to config Fortigate (5.4.x firmware). It is good for the "config" and "edit" cmd.
However, when I trying to use "move" cmd under "config firewall policy" to re-order a policy, It is found that the compare_config() method cannot return the changed config.
As a result the diff cannot be committed.

Below are the cmds that I would like to execute, to move the policy id 611 after id 999.
'move_policy.txt'

config firewall policy
move 611 after 999
end

This is the script that I modify from "https://github.com/spotify/pyfg/blob/master/examples/example5.py" to execute the above move_policy.txt to the 'vpn' vdom

#!/usr/bin/env python

# Gets router bgp config from the device, then do some changes to the BGP parameters, deletes a neighbor,
# creates a new one, modifies another and computes the difference
from pyFG import FortiOS
import logging

host = '1.1.1.1'
vdom = 'vpn'
cmdfile = 'move_policy.txt'
user = 'admin'
passwd = 'password'

if __name__ == '__main__':
    f = open(cmdfile, 'r')
    candidate = f.read()
    f.close()

    print "*** This is the candidate configs:"
    print candidate
    print "\n"

    d = FortiOS(hostname=host, vdom=vdom, username=user, password=passwd)
    d.open()
    d.load_config(config_text=candidate, in_candidate=True)

    print "*** This is the diff of the conigs: (compare_config(text=True))"
    print (d.compare_config(text=True))
    print "\n"

    print "*** This is how to reach the desired state: (compare_config())"
    config_changes = d.compare_config()
    print config_changes

    print "*** Result of applying the changes: (d.commit)"
    print d.commit(config_changes, force=True)

    d.close()

This is the output of the result,
the "move" cmd cannot be compared such that nothing can be committed.
The move 611 after 999 cmd cannot found in diff

*** This is the candidate configs:
config firewall policy
move 611 after 999
end


*** This is the diff of the configs: (compare_config(text=True))
+     config firewall policy
+     end


*** This is how to reach the desired state: (compare_config())

*** Result of applying the changes: (d.commit)
None

Process finished with exit code 0

Are are any suggestion to execute "move" command in firewall policy using PyFG?
thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0