fmc

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 8, 2025 License: MPL-2.0 Imports: 15 Imported by: 0

README

Tests

go-fmc

go-fmc is a Go client library for Cisco Secure FMC (Firewall Management Center). It is based on Nathan's excellent goaci module and features a simple, extensible API and advanced JSON manipulation.

Getting Started

Installing

To start using go-fmc, install Go and go get:

$ go get -u github.com/netascode/go-fmc

Basic Usage
package main

import "github.com/netascode/go-fmc"

func main() {
    client, _ := fmc.NewClient("https://1.1.1.1", "user", "pwd")

    res, _ := client.Get("/api/fmc_config/v1/domain/{DOMAIN_UUID}/object/networks")
    println(res.Get("items.0.name").String())
}

This will print something like:

any-ipv4
Result manipulation

fmc.Result uses GJSON to simplify handling JSON results. See the GJSON documentation for more detail.

res, _ := client.Get("/api/fmc_config/v1/domain/{DOMAIN_UUID}/object/networks")

for _, obj := range res.Get("items").Array() {
    println(obj.Get("@pretty").String()) // pretty print network objects
}
POST data creation

fmc.Body is a wrapper for SJSON. SJSON supports a path syntax simplifying JSON creation.

body := fmc.Body{}.
    Set("name", "net1").
    Set("value", "1.5.4.0/24")
client.Post("/api/fmc_config/v1/domain/{DOMAIN_UUID}/object/networks", body.Str)

Documentation

See the documentation for more details.

Documentation

Overview

Package fmc is a Cisco Secure FMC (Firewall Management Center) REST client library for Go.

Index

Constants

View Source 
const DefaultBackoffDelayFactor float64 = 3
View Source 
const DefaultBackoffMaxDelay int = 60
View Source 
const DefaultBackoffMinDelay int = 2
View Source 
const DefaultMaxRetries int = 3

Variables

This section is empty.

Functions

func BackoffDelayFactor 

func BackoffDelayFactor(x float64) func(*Client)

BackoffDelayFactor modifies the backoff delay factor from the default of 3.

func BackoffMaxDelay 

func BackoffMaxDelay(x int) func(*Client)

BackoffMaxDelay modifies the maximum delay between two retries from the default of 60.

func BackoffMinDelay 

func BackoffMinDelay(x int) func(*Client)

BackoffMinDelay modifies the minimum delay between two retries from the default of 2.

func CustomHttpClient 

func CustomHttpClient(httpClient *http.Client) func(*Client)

Replace the default HTTP client with a custom one.

func DomainName 

func DomainName(x string) func(*Req)

DomainName modifies the domain to be used for the request.

func Insecure 

func Insecure(x bool) func(*Client)

Insecure determines if insecure https connections are allowed. Default value is true.

func MaxRetries 

func MaxRetries(x int) func(*Client)

MaxRetries modifies the maximum number of retries from the default of 3.

func NoLogPayload 

func NoLogPayload(req *Req)

NoLogPayload prevents logging of payloads. Primarily used by the Login and Refresh methods where this could expose secrets.

func RequestTimeout 

func RequestTimeout(x time.Duration) func(*Client)

RequestTimeout modifies the HTTP request timeout from the default of 60 seconds.

Types

type Body 

type Body struct {
	Str string
}

Body wraps SJSON for building JSON body strings. Usage example: 

Body{}.Set("name", "ABC").Str

func (Body) Delete 

func (body Body) Delete(path string) Body

Delete deletes a JSON path.

func (Body) Res 

func (body Body) Res() Res

Res creates a Res object, i.e. a GJSON result object.

func (Body) Set 

func (body Body) Set(path string, value interface{}) Body

Set sets a JSON path to a value.

func (Body) SetRaw 

func (body Body) SetRaw(path, rawValue string) Body

SetRaw sets a JSON path to a raw string value. This is primarily used for building up nested structures, e.g.: 

Body{}.SetRaw("children", Body{}.Set("name", "New").Str).Str

type Client 

type Client struct {
	// HttpClient is the *http.Client used for API requests.
	HttpClient *http.Client
	// Url is the FMC IP or hostname, e.g. https://10.0.0.1:443 (port is optional).
	Url string
	// Authentication token is the current authentication token
	AuthToken string
	// Refresh token is the current authentication token
	RefreshToken string
	// Usr is the FMC username.
	Usr string
	// Pwd is the FMC password.
	Pwd string
	// Insecure determines if insecure https connections are allowed.
	Insecure bool
	// Maximum number of retries
	MaxRetries int
	// Minimum delay between two retries
	BackoffMinDelay int
	// Maximum delay between two retries
	BackoffMaxDelay int
	// Backoff delay factor
	BackoffDelayFactor float64

	// LastRefresh is the timestamp of the last authentication token refresh
	LastRefresh time.Time
	// RefreshCount is the number to authentication token refreshes with the same refresh token
	RefreshCount int
	// DomainUUID is the UUID of the global domain returned when generating a token
	DomainUUID string
	// Map of domain names to domain UUIDs
	Domains map[string]string
	// FMC Version
	FMCVersion string

	RateLimiterBucket *ratelimit.Bucket
	// contains filtered or unexported fields
}

Client is an HTTP FMC client. Use fmc.NewClient to initiate a client. This will ensure proper cookie handling and processing of modifiers.

Requests are protected from concurrent writing (concurrent DELETE/POST/PUT), across all API paths. Any GET requests, or requests from different clients are not protected against concurrent writing.

func NewClient 

func NewClient(url, usr, pwd string, mods ...func(*Client)) (Client, error)

NewClient creates a new FMC HTTP client. Pass modifiers in to modify the behavior of the client, e.g. 

client, _ := NewClient("fmc1.cisco.com", "user", "password", RequestTimeout(120))

func (*Client) Authenticate 

func (client *Client) Authenticate() error

Login if no token available.

func (*Client) Backoff 

func (client *Client) Backoff(attempts int) bool

Backoff waits following an exponential backoff algorithm

func (*Client) Delete 

func (client *Client) Delete(path string, mods ...func(*Req)) (Res, error)

Delete makes a DELETE request.

func (*Client) Do 

func (client *Client) Do(req Req) (Res, error)

Do makes a request. Requests for Do are built ouside of the client, e.g. 

req := client.NewReq("GET", "/api/fmc_config/v1/domain/{DOMAIN_UUID}/object/networks", nil)
res, _ := client.Do(req)

func (*Client) Get 

func (client *Client) Get(path string, mods ...func(*Req)) (Res, error)

Get makes a GET requests and returns a GJSON result. It handles pagination and returns all items in a single response.

func (*Client) GetFMCVersion 

func (client *Client) GetFMCVersion() error

Get FMC Version

func (*Client) Login 

func (client *Client) Login() error

Login authenticates to the FMC instance.

func (Client) NewReq 

func (client Client) NewReq(method, uri string, body io.Reader, mods ...func(*Req)) (Req, error)

NewReq creates a new Req request for this client. Use a "{DOMAIN_UUID}" placeholder in the URI to be replaced with the domain UUID.

func (*Client) Post 

func (client *Client) Post(path, data string, mods ...func(*Req)) (Res, error)

Post makes a POST request and returns a GJSON result. Hint: Use the Body struct to easily create POST body data.

func (*Client) Put 

func (client *Client) Put(path, data string, mods ...func(*Req)) (Res, error)

Put makes a PUT request and returns a GJSON result. Hint: Use the Body struct to easily create PUT body data.

func (*Client) Refresh 

func (client *Client) Refresh() error

Refresh refreshes the authentication token. Note that this will be handled automatically by default. Refresh will be checked every request and the token will be refreshed after 25 minutes.

type Req 

type Req struct {
	// HttpReq is the *http.Request obejct.
	HttpReq *http.Request
	// LogPayload indicates whether logging of payloads should be enabled.
	LogPayload bool
	// DomainName is the FMC domain to be used for the request.
	DomainName string
}

Req wraps http.Request for API requests.

type Res 

type Res = gjson.Result

Res is an API response returned by client requests. This is a GJSON result, which offers advanced and safe parsing capabilities. https://github.com/tidwall/gjson

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.