Comments (3)
Attached serialization of a custom class 'Service Catalog'. Service Catalog can contain Service Groups, Services and Packets (as builing block for upper objects).
{
"name": "PGR_ITIST07_AVD",
"description": "A Service Catalog Containing 2 complex Service Groups",
"packets": [
"PGR_ITIST07_UDP_53",
"PGR_ITIST07_TCP_700-750",
"PGR_ITIST07_TCP_22",
"PGR_ITIST07_TCP_5000-6000",
"PGR_ITIST07_TCP_21",
"PGR_ITIST07_ICMP_6",
"PGR_ITIST07_UDP_7000-8000",
"PGR_ITIST07_TCP_2000",
"PGR_ITIST07_ICMP_7",
"PGR_ITIST07_TCP_3000",
"PGR_ITIST07_ICMP_8",
"PGR_ITIST07_UDP_67",
"PGR_ITIST07_TCP_9000-10000",
"PGR_ITIST07_IP_51"
],
"inner_packets": [{
"name": "PGR_ITIST07_UDP_53",
"protocol": 17,
"protocol_name": "UDP",
"description": "UDP 53 for DNS",
"icon": "static/PGR_ITIST07_UDP_53.png",
"ports": [
53
]
},
{
"name": "PGR_ITIST07_TCP_700-750",
"protocol": 6,
"protocol_name": "TCP",
"description": null,
"icon": "static/PGR_ITIST07_TCP_700-750.png",
"ports": [
700,
750
]
},
{
"name": "PGR_ITIST07_TCP_22",
"protocol": 6,
"protocol_name": "TCP",
"description": "SSH",
"icon": "static/PGR_ITIST07_TCP_22.png",
"ports": [
22
]
},
{
"name": "PGR_ITIST07_TCP_5000-6000",
"protocol": 6,
"protocol_name": "TCP",
"description": "SFTP Data Ports",
"icon": "static/PGR_ITIST07_TCP_5000-6000.png",
"ports": [
5000,
6000
]
},
{
"name": "PGR_ITIST07_TCP_21",
"protocol": 6,
"protocol_name": "TCP",
"description": "SFTP Control Port",
"icon": "static/PGR_ITIST07_TCP_21.png",
"ports": [
21
]
},
{
"name": "PGR_ITIST07_ICMP_6",
"protocol": 1,
"protocol_name": "Destination network unknown",
"description": "ICMP",
"icon": "static/PGR_ITIST07_ICMP_6.png",
"icmp_code": 6
},
{
"name": "PGR_ITIST07_UDP_7000-8000",
"protocol": 17,
"protocol_name": "UDP",
"description": null,
"icon": "static/PGR_ITIST07_UDP_7000-8000.png",
"ports": [
7000,
8000
]
},
{
"name": "PGR_ITIST07_TCP_2000",
"protocol": 6,
"protocol_name": "TCP",
"description": "A random port for testing",
"icon": "static/PGR_ITIST07_TCP_2000.png",
"ports": [
2000
]
},
{
"name": "PGR_ITIST07_ICMP_7",
"protocol": 1,
"protocol_name": "Destination host unknown",
"description": "ICMP",
"icon": "static/PGR_ITIST07_ICMP_7.png",
"icmp_code": 7
},
{
"name": "PGR_ITIST07_TCP_3000",
"protocol": 6,
"protocol_name": "TCP",
"description": "A random port for testing",
"icon": "static/PGR_ITIST07_TCP_3000.png",
"ports": [
3000
]
},
{
"name": "PGR_ITIST07_ICMP_8",
"protocol": 1,
"protocol_name": "Source host isolated error (military use only)",
"description": "ICMP",
"icon": "static/PGR_ITIST07_ICMP_8.png",
"icmp_code": 8
},
{
"name": "PGR_ITIST07_UDP_67",
"protocol": 17,
"protocol_name": "UDP",
"description": "UDP 67 for",
"icon": "static/PGR_ITIST07_UDP_67.png",
"ports": [
67
]
},
{
"name": "PGR_ITIST07_TCP_9000-10000",
"protocol": 6,
"protocol_name": "TCP",
"description": "A random port for testing",
"icon": "static/PGR_ITIST07_TCP_9000-10000.png",
"ports": [
9000,
10000
]
},
{
"name": "PGR_ITIST07_IP_51",
"protocol": 51,
"protocol_name": "AH Header",
"description": "VPN",
"icon": "static/PGR_ITIST07_IP_51.png"
}
],
"services": [
"PGR_ITIST07_AVDT02RWDC",
"PGR_ITIST07_AVDT12RWDC",
"PGR_ITIST07_AVDT22RWDC",
"PGR_ITIST07_AVD2SCCM",
"PGR_ITIST07_BOGUS"
],
"inner_services": [{
"name": "PGR_ITIST07_AVDT02RWDC",
"description": "Protocols and ports from AVD T0 to RWDC",
"packets": [
"PGR_ITIST07_UDP_53",
"PGR_ITIST07_TCP_700-750",
"PGR_ITIST07_TCP_22",
"PGR_ITIST07_TCP_5000-6000",
"PGR_ITIST07_TCP_21",
"PGR_ITIST07_ICMP_6"
]
},
{
"name": "PGR_ITIST07_AVDT12RWDC",
"description": "Protocols and ports from AVD T1 to RWDC",
"packets": [
"PGR_ITIST07_UDP_53",
"PGR_ITIST07_UDP_7000-8000",
"PGR_ITIST07_TCP_2000",
"PGR_ITIST07_ICMP_7"
]
},
{
"name": "PGR_ITIST07_AVDT22RWDC",
"description": "Protocols and ports from AVD T2 to RWDC",
"packets": [
"PGR_ITIST07_UDP_7000-8000",
"PGR_ITIST07_TCP_3000",
"PGR_ITIST07_ICMP_8"
]
},
{
"name": "PGR_ITIST07_AVD2SCCM",
"description": "Protocols and ports from AVD to SCCM",
"packets": [
"PGR_ITIST07_UDP_7000-8000",
"PGR_ITIST07_UDP_67",
"PGR_ITIST07_TCP_9000-10000",
"PGR_ITIST07_IP_51"
]
},
{
"name": "PGR_ITIST07_BOGUS",
"description": null,
"packets": [
"PGR_ITIST07_UDP_7000-8000",
"PGR_ITIST07_UDP_67"
]
}
],
"groups": [
"PGR_ITIST07_GROUP1",
"PGR_ITIST07_GROUP2"
],
"inner_groups": [{
"name": "PGR_ITIST07_GROUP1",
"parent": null,
"description": "PGR_ITIST07_GROUP1",
"services": [
"PGR_ITIST07_AVD2SCCM",
"PGR_ITIST07_AVDT22RWDC"
],
"packets": [
"PGR_ITIST07_TCP_21",
"PGR_ITIST07_ICMP_6"
]
},
{
"name": "PGR_ITIST07_GROUP2",
"parent": "PGR_ITIST07_GROUP1",
"description": "PGR_ITIST07_GROUP2",
"services": [ ],
"packets": [
"PGR_ITIST07_TCP_3000"
]
}
]
}
from nautobot-app-firewall-models.
Great idea, will need to review internally on introducing nested groups and what level of sanity validation would be needed from the Django ORM perspective.
from nautobot-app-firewall-models.
Hi there, as per now I went deep into two different and quite opposite firewall manufacturer API's. Main focus is to serialize custom objects yet extending a base one (service, address, etc up to ruleset). Implemented. For both cases I could say (testing alternatives) to achive "infinite" levels of inheretance between service and service group is to use same serializer object towards foreign API endpoint: the existance of "members" or similar key within the returned object is the only difference between a service and a service group. Altough this code is not yet into own dev-lab for nauto (azure extension for secrets procider is) there is no problem to share. Btw: what an evolution in 6 month, nice to see!
from nautobot-app-firewall-models.
Related Issues (20)
- Firewall plugin HOT 1
- Offer a rule policy existence checker HOT 2
- Add the "Tenant" field to the "Address Object" model.
- Sorting by Prefix in Address Object view results in error
- `service_objects` Isn't Documented in Swagger/OpenAPI Spec for Service Object Groups Create/POST
- Allow policy rules to have a souce_zone and destination_zone filter field
- Include IP protocol number in IP-based service objects HOT 1
- v2 migration failure
- Wrong URL field in API for Application Object Group
- Use Netutils libmapper for capirca platform.
- Add Aerleon support for generating rules HOT 2
- Docs: Incorrect documentation around slugs in admin install and configure guide
- firewall plugins - capirca policies - Missing views for action(s) add
- default job "Generate FW Config via Capirca" issue
- server error on device after running "Generate FW Config via Capirca" job
- another server error on device after running "Generate FW Config via Capirca" job
- AttributeError in running Generate FW Config via Capirca job
- Add M2M pre_change signal to `Policy.policy_rules` & signal for `PolicyRule.index` to enforce uniqueness on index of rules in a single policy
- More flexibly link zones to addresses/subnet/prefixes
- Server Error on policy when assigned to dynamic group
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nautobot-app-firewall-models.