How to start with pandievice and API

Reply
L4 Transporter

How to start with pandievice and API

Hi all, I feel a bit stupid asking the question, but surely, others had the same problem as me.

 

I am trying to create multiple address objects, service objects and rules from a CSV file input.

 

People are recommending using “pandevice”, however reading the documentation, it kind of assumes that the user is fluent with python. I did a lot of reading, but I am failing at just the basics of how to setup the python environment and create a script. Is there a simple guide of how to do, if you don’t have any python knowledge?

L4 Transporter

Re: How to start with pandievice and API

Hey, just trying to clarify:  are you asking for help getting a basic pandevice script to work?  Or are you asking for help setting up python itself in your environment?

L4 Transporter

Re: How to start with pandievice and API

Thank you for your response @gfreeman

I have some scripting understanding, but no Python knowledge and was looking for some simpler scripts which I can then modify. Reading the pandevice documentation makes sense, but I am a bit lost of how to actually practiclly use the modules. There are some examples in the pandevcie github page, but they seem to be a bit more complicated with some advanced functions and checks. 

I am just looking for crating bulk configuration items taking variables from file input. For example, a few hundred secruity polices from excel/csv file paramters.

I guess then principally it will be the same for any other configuration item, e.g. address and service objects. 

L4 Transporter

Re: How to start with pandievice and API

Can anyone assist? Let me rephrase the question: can you please recomend a method of creating a large amount of security policy from csv input file? 

L4 Transporter

Re: How to start with pandievice and API

Ok, so python has a csv module.  You use that to parse the csv file, then using pandevice to create the security policies.  So let me give the pandevice code you'll be using once you've parsed the csv file itself.  In this example, the variable configs is a list of the parsed values from the csv file, and each entry in configs is a python dict, where the key is the security rule parameter name, and the value is the value for that security rule.

 

from pandevice.firewall import Firewall
from pandevice.policies import Rulebase, SecurityRule

# Connect to the firewall.
fw = Firewall(hostname, username, password)

# Security rules are children of a rulebase, so create the rulebase object and
# add it to the firewall as a child object.
rb = Rulebase()
fw.add(rb)

# Load up the "configs" value here.  Each entry in "configs" is a python dict, but you could
# also just make it a list, it's up to you.
configs = []

# Now just iterate over each security rule and add it to the firewall.
for con_dict in configs:
    rule = SecurityRule(**con_dict)
    rb.add(rule)
    rule.create()

# Commit only after you're sure the above code works.
#fw.commit(sync=True)
L4 Transporter

Re: How to start with pandievice and API

@gfreeman Thank you for your reponse. It gives me better understanding and a good place to start.  I will spend some time working on that over the next week. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!