Skip to content
This repository has been archived by the owner on Jun 15, 2022. It is now read-only.
/ netconf-rest Public archive

A bridge to transform netconf calls into REST API for Fortigate

License

Apache-2.0 license
6 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fortinet-solutions-cse/netconf-rest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits

keys

keys

 
 

netconf

netconf

 
 

sshutil

sshutil

 
 

tests

tests

 
 

yang2rest

yang2rest

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

kill_server.sh

kill_server.sh

 
 

netconf-rest.py

netconf-rest.py

 
 

python-sudo

python-sudo

 
 

Repository files navigation

netconf-rest

A bridge to transform netconf calls into REST API for Fortigate

It will listen to netconf request (port 830) and transform them into REST API calls. Only valid for Fortigate for now.
It does not validate internally against any schema. If the request is malformed, i.e. not according to a format FortiGate can understand, it will fail.

To write a new netconf request please to make use of FGT REST API schema. Check: https://fndn.fortinet.net/index.php?/documents/file/84-fortios-56-rest-api-reference/

At the moment cmdb and monitor commands are supported. Some special operations such as monitor with POST requests are not supported yet. Monitor requests with params are not supported either. Will be supported if there is popular demand.

Please check examples in ./tests/integration_test To run examples start the application and run some tests:

sudo ./netconf-rest.py
cd ./integration_test
./run_test.sh edit-config-create-child-object.sample

Please note that fortigate access parameters are hardcoded in the application. Feel free to edit ./netconf-rest.py and modify them according to your needs:

FGT_HOST='192.168.122.40'
FGT_USER='admin'
FGT_PASSWORD=''

Reference

Operation mapping between Netconf and REST protocols.

 +----------+-----------------------------------------+
 | RESTCONF | NETCONF                                 |
 +----------+-----------------------------------------+
 | OPTIONS  | none                                    |
 | HEAD     | none                                    |
 | GET      | < get - config >, < get >               |
 | POST     | < edit - config > (operation="create")  |
 | PUT      | < edit - config > (operation="replace") |
 | PUT      | < edit - config > (operation="merge")   |
 | DELETE   | < edit - config > (operation="delete")  |
 +----------+-----------------------------------------+

Operations supported currently

 Retrieve Table         yes
 Retrieve Table Schema  X
 Retrieve Table Default X
 Purge Table            X
 Retrieve Object        yes
 Create Object          yes
 Edit Object            yes
 Delete Object          yes
 Clone Object           X
 Move Object            X
 Retrieve Child Object  yes
 Append Child Object    yes
 Edit Child Object      yes
 Delete Child Object    yes
 Purge Child Table      X
 Retrieve complex Table X
 Edit Complex Table     X

 X Not supported

Note: For 'Monitor' (not CMDB) requests, POST operations and parameters are not supported.

Wish List
  • Avoid usage of mkey for create requests
  • POST operations for Monitor API commands
  • Parameters on Monitor API commands

About

A bridge to transform netconf calls into REST API for Fortigate

Topics

rest connector yang netconf

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

6 stars

Watchers

6 watching

Forks

3 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages