The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.

NAME

Net::Fortinet::FortiManager - Fortinet FortiManager REST API client library

VERSION

version 0.004000

SYNOPSIS

use strict;
use warnings;
use Net::Fortinet::FortiManager;

my $fortimanager = Net::Fortinet::FortiManager->new(
    server      => 'https://fortimanager.example.com',
    user        => 'username',
    passwd      => '$password',
    clientattrs => {
        timeout     => 10,
    },
);

$fortimanager->login;

$fortimanager->adom('adomname');

DESCRIPTION

This module is a client library for the Fortigate FortiManager JSONRPC-like API. Currently it is developed and tested against version 6.4.6. All requests have the verbose parameter set to 1 to ensure that enums return their strings instead of undocumented ids.

ATTRIBUTES

adoms

Returns a list of hashrefs containing name and uuid of all ADOMs which gets populated by "login".

adom

The name of the ADOM which is used by all methods. Defaults to 'root'.

METHODS

exec_method

Executes a method with the specified parameters.

Returns its response.

This is the lowest level method which can be used to execute every API action that's available. It does the http and JSONRPC error handling and extraction of the result from the JSONRPC response.

exec_method_multi

Executes a method with multiple specified parameters.

Returns its responses.

This is also a low level method which can be used to execute multiple API actions in a single JSONRPC call. The only restriction of the JSONRPC API is that all actions need to use the same method. It does the http and JSONRPC error handling and extraction of the results from the JSONRPC response.

login

Logs into the Fortinet FortiManager and switches to the first available ADOM if the currently set adom isn't available, for example because the user is limited to one or more ADOMs.

logout

Logs out of the Fortinet FortiManager.

get_sys_status

Returns /sys/status.

list_adoms

Takes an optional parameter hashref.

Returns an arrayref of ADOMs.

list_adoms_by_name

Returns an arrayref of ADOMs sorted by name.

list_firewall_addresses

Returns an arrayref of firewall addresses.

get_firewall_address

Takes a firewall address name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_address

Takes a firewall address name and a hashref of address config.

Returns true on success.

Throws an exception on error.

update_firewall_address

Takes a firewall address name and a hashref of address config.

Returns true on success.

Throws an exception on error.

delete_firewall_address

Takes a firewall address name.

Returns true on success.

Throws an exception on error.

list_firewall_address_groups

Returns an arrayref of firewall address groups.

get_firewall_address_group

Takes a firewall address group name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_address_group

Takes a firewall address group name and a hashref of address group config.

Returns true on success.

Throws an exception on error.

update_firewall_address_group

Takes a firewall address group name and a hashref of address group config.

Returns true on success.

Throws an exception on error.

delete_firewall_address_group

Takes a firewall address group name.

Returns true on success.

Throws an exception on error.

list_firewall_ipv6_addresses

Returns an arrayref of firewall IPv6 addresses.

get_firewall_ipv6_address

Takes a firewall IPv6 address name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_ipv6_address

Takes a firewall IPv6 address name and a hashref of address config.

Returns true on success.

Throws an exception on error.

update_firewall_ipv6_address

Takes a firewall IPv6 address name and a hashref of address config.

Returns true on success.

Throws an exception on error.

delete_firewall_ipv6_address

Takes a firewall IPv6 address name.

Returns true on success.

Throws an exception on error.

list_firewall_ipv6_address_groups

Returns an arrayref of firewall IPv6 address groups.

get_firewall_ipv6_address_group

Takes a firewall IPv6 address group name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_ipv6_address_group

Takes a firewall IPv6 address group name and a hashref of address group config.

Returns true on success.

Throws an exception on error.

update_firewall_ipv6_address_group

Takes a firewall IPv6 address group name and a hashref of address group config.

Returns true on success.

Throws an exception on error.

delete_firewall_ipv6_address_group

Takes a firewall IPv6 address group name.

Returns true on success.

Throws an exception on error.

list_firewall_wildcard_fqdns

Returns an arrayref of firewall wildcard FQDN objects.

get_firewall_wildcard_fqdn

Takes a firewall wildcard FQDN name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_wildcard_fqdn

Takes a firewall wildcard FQDN name and a hashref of wildcard FQDN config.

Returns true on success.

Throws an exception on error.

update_firewall_wildcard_fqdn

Takes a firewall wildcard FQDN name and a hashref of wildcard FQDN config.

Returns true on success.

Throws an exception on error.

delete_firewall_wildcard_fqdn

Takes a firewall wildcard FQDN name.

Returns true on success.

Throws an exception on error.

list_firewall_services

Returns an arrayref of firewall services.

get_firewall_service

Takes a firewall service name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_service

Takes a firewall service name and a hashref of service config.

Returns true on success.

Throws an exception on error.

update_firewall_service

Takes a firewall service name and a hashref of service config.

Returns true on success.

Throws an exception on error.

delete_firewall_service

Takes a firewall service name.

Returns true on success.

Throws an exception on error.

list_firewall_service_groups

Returns an arrayref of firewall service groups.

get_firewall_service_group

Takes a firewall service group name and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_service_group

Takes a firewall service group name and a hashref of service group config.

Returns true on success.

Throws an exception on error.

update_firewall_service_group

Takes a firewall service group name and a hashref of service group config.

Returns true on success.

Throws an exception on error.

delete_firewall_service_group

Takes a firewall service group name.

Returns true on success.

Throws an exception on error.

list_policy_packages

Takes optional parameters.

Returns an arrayref of policy packages.

get_policy_package

Takes a policy package name and an optional parameter hashref.

Returns its data as a hashref.

create_policy_package

Takes a policy package name and a hashref of attributes.

Returns true on success.

Throws an exception on error.

The firewall policies are configured depending on the 'ngfw-mode'. For profile-based policy packages you have to use the 'policy' methods, for policy-based the 'security_policy' methods.

update_policy_package

Takes a policy package name and a hashref of attributes.

Returns true on success.

Throws an exception on error.

delete_policy_package

Takes a policy package name.

Returns true on success.

Throws an exception on error.

install_policy_package

Takes a policy package name and a hashref of parameters.

Returns the task id on success.

Throws an exception on error.

list_tasks

Takes optional parameters.

Returns an arrayref of tasks.

get_task

Takes a task id and an optional parameter hashref.

Returns its data as a hashref.

wait_for_task

Takes a task id and checks its status every second until its percent have reached 100 and return the status. Takes an optional callback coderef which is called for every check with the task as argument.

list_firewall_policies

Takes a package name and optional parameters.

Returns an arrayref of firewall policies.

get_firewall_policy

Takes a policy package name, a firewall policy id and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_policy

Takes a policy package name and a hashref of firewall policy attributes.

Returns the response data from the API on success which is a hashref containing only the policyid.

Throws an exception on error.

update_firewall_policy

Takes a policy package name, a firewall policy id and a hashref of firewall policy attributes.

Returns the response data from the API on success which is a hashref containing only the policyid.

Throws an exception on error.

delete_firewall_policy

Takes a policy package name and a firewall policy id.

Returns true on success.

Throws an exception on error.

list_firewall_security_policies

Takes a package name and optional parameters.

Returns an arrayref of firewall security policies.

get_firewall_security_policy

Takes a policy package name, a firewall security policy id and an optional parameter hashref.

Returns its data as a hashref.

create_firewall_security_policy

Takes a policy package name and a hashref of firewall security policy attributes.

Returns the response data from the API on success which is a hashref containing only the policyid.

Throws an exception on error.

update_firewall_security_policy

Takes a policy package name, a firewall security policy id and a hashref of firewall security policy attributes.

Returns the response data from the API on success which is a hashref containing only the policyid.

Throws an exception on error.

delete_firewall_security_policy

Takes a policy package name and a firewall security policy id.

Returns true on success.

Throws an exception on error.

TESTS

To run the live API tests the following environment variables need to be set:

NET_FORTINET_FORTIMANAGER_HOSTNAME
NET_FORTINET_FORTIMANAGER_USERNAME
NET_FORTINET_FORTIMANAGER_PASSWORD
NET_FORTINET_FORTIMANAGER_POLICY

Several network objects are created as well as a policy package named by the NET_FORTINET_FORTIMANAGER_POLICY environment variable.

The test aborts if any of the objects can't be created, most likely if it already exists. All objects are deleted at the end of the test run, even when it aborts.

AUTHOR

Alexander Hartmaier <abraxxa@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2023 by Alexander Hartmaier.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.