├── output_import_fw.png ├── api_sophos_allowed.png ├── example_hosts.txt ├── README.md └── sf_import_hosts.py /output_import_fw.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jh00nbr/Sophos-firewall-tools/HEAD/output_import_fw.png -------------------------------------------------------------------------------- /api_sophos_allowed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jh00nbr/Sophos-firewall-tools/HEAD/api_sophos_allowed.png -------------------------------------------------------------------------------- /example_hosts.txt: -------------------------------------------------------------------------------- 1 | host1:10.80.50.208 2 | host2:200.192.139.14 3 | host3:201.16.134.82 4 | host4:216.58.222.3 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Sophos-firewall-tools 2 | Scripts developed for process automation and testing in Sophos firewall. 3 | 4 | ## SF Import hosts - Tool to import objects of hosts in the Firewall XG Sophos 5 | 6 | 7 | * Enable the API on sophos firewall 8 | ![alt text](https://raw.githubusercontent.com/jh00nbr/Sophos-firewall-tools/master/api_sophos_allowed.png) 9 | 10 | > **Example File format of the objects to be imported: example_hosts.txt; 11 | The format of each line is separated by ":" (host: ip address)** 12 | 13 | 14 | ./sfimport.py -l -gw -u -p -P --importhost 15 | 16 | 17 | ![alt text](https://raw.githubusercontent.com/jh00nbr/Sophos-firewall-tools/master/output_import_fw.png) 18 | 19 | -------------------------------------------------------------------------------- /sf_import_hosts.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | # Tool to import objects of hosts in the Firewall XG Sophos 5 | 6 | # ------------------------------------------------- 7 | # Author: Jhonathan Davi A.K.A jh00nbr 8 | # Insightl4b: lab.insightsecurity.com.br 9 | # jh00nbr: http://jhonathandavi.com.br 10 | # Github: github.com/jh00nbr 11 | # Twitter @jh00nbr 12 | # ------------------------------------------------- 13 | 14 | import requests 15 | import urllib3 16 | import argparse 17 | import re 18 | import sys 19 | 20 | __author__ = "Jhonathan Davi A.K.A jh00nbr" 21 | __email__ = "jdavi@insightsecurity.com.br" 22 | 23 | urllib3.disable_warnings() # Disable warning alerts requests SSL 24 | 25 | parser = argparse.ArgumentParser(prog='SFimport objects') 26 | 27 | parser.add_argument("-l", "--listobjects", help="List with objects to be imported.", default="objects.list", required=True) 28 | parser.add_argument("-gw", "--hostgw", help="Host firewall Sophos.", required=True) 29 | parser.add_argument("-host", "--importhost", help="Import option", default=1,action="store_true",required=False) 30 | parser.add_argument("-u", "--user", help="User firewall Sophos.", default="admin", required=True) 31 | parser.add_argument("-p", "--passwd", help="Password firewall Sophos.", required=True) 32 | parser.add_argument("-P", "--port", help="Web port Sophos", required=True) 33 | 34 | args = parser.parse_args() 35 | 36 | list_object = args.listobjects 37 | import_host = args.importhost 38 | host_fw = args.hostgw 39 | user_fw = args.user 40 | passwd_fw = args.passwd 41 | default_port = args.port 42 | 43 | _CONFIGS = {'username_fw': user_fw, 'passwd_fw': passwd_fw, 'host_fw': host_fw, 'default_port': default_port} 44 | _COLORS = {'MAGENTA':'\033[35mMagenta','BLUE': '\033[34m', 'OK' : '\033[92m', 'ERRO' : '\033[91m', 'WARNING' : '\033[93m', 'UNDERLINE':'\033[4m','ENDC' : '\033[0m'} 45 | 46 | 47 | def import_objects(file): 48 | read_file = [re.split(r' \s+', x.strip()) for x in open(file, "r").readlines()] 49 | OBJECT_EXCEPTION = [] 50 | OBJECTS = [] 51 | 52 | for x in read_file: 53 | REGEX_IP = re.findall(r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}',x[0]) # Regex to Verify if exist ip address in object name 54 | if REGEX_IP: 55 | OBJECT_EXCEPTION.append(x) 56 | try: 57 | OBJECT_NAME = x[0] 58 | OBJECT_VALUE = x[1] 59 | OBJECTS.append({ OBJECT_NAME : OBJECT_VALUE }) 60 | except: 61 | pass 62 | return OBJECTS 63 | 64 | 65 | def create_iphost(nameObj, ipAddr, type_obj='IP_HOST'): # Create a object type Ip host 66 | NAME_OBJECT = nameObj 67 | IP_ADDRESS = ipAddr 68 | 69 | try: 70 | r_api = requests.get("https://{host_fw}:{defaultport}/webconsole/APIController?reqxml={username}{password}{name}IPv4IP{ipaddress}".format(host_fw=_CONFIGS['host_fw'],defaultport=_CONFIGS['default_port'],username=_CONFIGS['username_fw'], password=_CONFIGS['passwd_fw'], name=NAME_OBJECT, ipaddress=IP_ADDRESS),verify=False) 71 | if 'API operations are not allowed from the requester IP address' in r_api.content: 72 | print('{0}[+]{1} API operations are not allowed from the requester IP address'.format(_COLORS['OK'],_COLORS['ENDC'],NAME_OBJECT)) 73 | sys.exit(0) 74 | if 'Configuration applied successfully' in r_api.content: 75 | print('{0}[+]{1} [{2}] [{3}] [{4}] Object added successfully'.format(_COLORS['OK'],_COLORS['ENDC'],NAME_OBJECT, IP_ADDRESS, type_obj)) 76 | elif 'Operation failed. Entity having same name already exists': 77 | print('{0}[-]{1} [{2}] [{3}] [{4}] An object with this name already exists'.format(_COLORS['ERRO'],_COLORS['ENDC'],NAME_OBJECT, IP_ADDRESS, type_obj)) 78 | else: 79 | print('{0}[-]{1} unknown erro {2}]'.format(_COLORS['ERRO'] ,_COLORS['ENDC'], NAME_OBJECT)) 80 | except Exception as e: 81 | print(NAME_OBJECT, e) 82 | 83 | 84 | if __name__ == '__main__': 85 | 86 | if import_host: # Verify if the option host import is enabled 87 | for obj in import_objects(list_object): # Import file with object in list 88 | create_iphost(obj.keys()[0], obj.values()[0]) 89 | --------------------------------------------------------------------------------