fortigate adapter

Inmanta module to manage fortigate

Features

The module supports all existing fortigate resources used for policies, networking rules and resources and resource management.

Environment variables

Env variable name	Description
FORTIGATE_API_TOKEN	Fortigate api token, used as main credentials to interact with netbox. Only required if you use fortigate::base::Api with api_token_env_var.
Defined by the user	Fortigate Flex api username, used as main credentials to interact with Fortiflex. Only required if you use fortigate::fortiflex::BaseFlexApi with username_env_var.
Defined by the user	Fortigate Flex api password, used as main credentials to interact with Fortiflex. Only required if you use fortigate::fortiflex::BaseFlexApi with password_env_var.

Usage example

This simple example shows how to create one interfac with one policy attached to the interface:

import fortigate
import fortigate::base
import fortigate::common
import fortigate::firewall_policy

api = fortigate::base::Api(
    token_env_var="FORTIGATE_API_TOKEN",
    base_url="https//example.com",
)

purged = false

policy = fortigate::Policy(
    dstaddr = [Dstaddr(name="all")],
    dstintf = [Dstintf(name="l2t.root")],
    logtraffic = "all",
    policyid=1,
    name = "test_policy_on_first_itf",
    schedule = "always",
    service = [Service(name="ALL")],
    srcaddr = [Srcaddr(name="all")],
    srcintf = [Srcintf(name=vlan_itf.name)],
    action = "accept",
    nat = 'disable',
    purged = purged,
    api = api,
)

if purged:
    policy.provides += vlan_itf
else:
    policy.requires += vlan_itf
end

vlan_itf = fortigate::Interface(
    name = "vlan_itf",
    interface = "port2",
    vlanid = 43,
    role = "lan",
    vdom = "root",
    purged = purged,
    api = api,
)

• Module fortigate
• Changelog