- I have a Python script that generates XML. In this script, you pass in parameters, and then I use the ETree library in Python to generate the XML.
- I have some bash scripts that take the XML files, and invoke the Python XML API Wrapper, which in turn does the legwork to send the data to the API Server on the Firewall.
Normally one might create the Management Profile, Zones and Security Policies first. And THEN add or assign interfaces, routers, routes on those routers, etc.
This is the basic process I am following thus far:
- Create Management Profile
- Load Interface(s) - the management profile in #1 is included.
- Create Zone(s)
- Create Security Policies - the interfaces included
- Assign interface to default router
- Load Static Route on default router - include interface
Seems to be working okay although the process needs to be tightened up a bit so that you are not using one Python program to generate the xml, and another to call the API.
But it's good enough to load and test and see if I can get a firewall operational.
No comments:
Post a Comment