checkpointsw / cp_mgmt_api_python_sdk Goto Github PK
View Code? Open in Web Editor NEWCheck Point API Python Development Kit simplifies the use of the Check Point Management APIs.
License: Apache License 2.0
Check Point API Python Development Kit simplifies the use of the Check Point Management APIs.
License: Apache License 2.0
When I tried with my lab [EVE-NG R81.10] it appears that given script is executing, but it appears to run the script it requires Python3;
I assume, in my lab there is no policy i configured and I could not test it, also under access rule base export getting null value, but seems its complied. So this development kit should working on Python3 version and higher, kindly change compatible version.
[Expert@checkpoint-mgmt:0]# /opt/CPsuite-R81.10/fw1/Python/bin/python3 import_export_package.py
Welcome to the Policy Package Import/Export Tool.
What would you like to do?
[Expert@checkpoint-mgmt:0]# /opt/CPsuite-R81.10/fw1/Python/bin/python2 import_export_package.py
Traceback (most recent call last):
File "import_export_package.py", line 27, in
raise Exception("Min Python version required is 3.7")
Exception: Min Python version required is 3.7
[Expert@checkpoint-mgmt:0]#
[Expert@checkpoint-mgmt:0]# /opt/CPsuite-R81.10/fw1/Python/bin/python3.7 export_access_rulebase.py
[Expert@checkpoint-mgmt:0]#
Is there a good way for me to obtain all access sections under the layer?
Hi team
i was trying to do pip install but getting this error (windows machine)
C:>pip install cp_mgmt_api_python_sdk
Collecting cp_mgmt_api_python_sdk
Could not find a version that satisfies the requirement cp_mgmt_api_python_sdk
(from versions: )
No matching distribution found for cp_mgmt_api_python_sdk
Is it because of python3 in my windows machine?
Dear Developer,
For readability and Search Engine Optimization (SEO) it would be great if you could do the followings:
we can upload this to pypi and it will be easier to download and install through pip install
Hi,
When I attempt to use the library on Python 3.12 I receive the following error:
Enter server IP address or hostname:192.168.12.5
Enter username: admin
Enter password:
Traceback (most recent call last):
File "c:\Users\brad\Documents\GitHub\nvdlib\nvdlib\nvdlib\tests\testapi.py", line 67, in <module>
main()
File "c:\Users\brad\Documents\GitHub\nvdlib\nvdlib\nvdlib\tests\testapi.py", line 41, in main
login_res = client.login(username, password)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ n
File "C:\Program Files\Python312\Lib\site-packages\cpapi\mgmt_api.py", line 324, in api_ payload)call ^^^^^^^^^
conn = self.get_https_connection() mon_login_logic
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python312\Lib\site-packages\cpapi\mgmt_api.py", line 771, in get_https_connection call
self.conn = self.create_https_connection()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python312\Lib\site-packages\cpapi\mgmt_api.py", line 765, in creahttps_connectionte_https_connection
conn.connect()
File "C:\Program Files\Python312\Lib\site-packages\cpapi\mgmt_api.py", line 787, in connte_https_connectionect
self.sock = ssl.wrap_socket(self.sock, self.key_file, self.cert_file, cert_reqs=ssl.CEectRT_NONE) RT_NONE)
^^^^^^^^^^^^^^^
AttributeError: module 'ssl' has no attribute 'wrap_socket'
I believe this is due to ssl.wrap_socket
being deprecated in favor of ssl.SSLContext.wrap_socket
as stated in the What's New for Python 3.12: https://docs.python.org/3.12/whatsnew/3.12.html#ssl
Remove the ssl.wrap_socket() function, deprecated in Python 3.7: instead, create a ssl.SSLContext object and call its ssl.SSLContext.wrap_socket method. Any package that still uses ssl.wrap_socket() is broken and insecure. The function neither sends a SNI TLS extension nor validates server hostname. Code is subject to CWE-295: Improper Certificate Validation. (Contributed by Victor Stinner in gh-94199.)
Hello,
There is another package with the same name already published to pypi (https://pypi.org/project/cpapi/), so if someone accidentally type "pip install cpapi" after seeing a message "No module named 'cpapi'" he gets this OpenMaya package (why is it called cpapi - I don't know, I hope it's not malicious but it would be possible to use it as such).
It is kind of annoying that your package is not available via pypi, as it is hard to use it in another packages as dependency, also installing from git is not always an option; would it be possible to give the package unique name and publish it to pypi ?
Hi,
I testing your sdk and there is a problem with API_key request.
def main():
api_server = "10.0.20.254"
server_port = 8443
client_args = APIClientArgs(server=api_server, port=server_port)
api_key="xxxxxxxxxxxxxxxxxx=="
with APIClient(client_args) as client:
# login to server:
login_res = client.login_with_api_key(api_key)
if login_res.success is False:
print("Login failed: {}".format(login_res.error_message))
exit(1)
I have this error :
Login failed: APIResponse received a response which is not a valid JSON.
I tested with the original port (443) it's the same.
I tested the API_key on the MGMT locally and it's works.
With client.login(username,password) work fine.
Can you help me please ?
Hi Guys,
If there is a policy with an ipv6 only object the clone_host.py will throw a KeyError exception as the api will not return ipv4-address as part of the json response. Putting the ipv4 address check in a try statment seemed to be a good fix for the issue.
try:
if host_object["ipv4-address"] != orig_host_ip:
continue
except KeyError:
continue
[root@networks-test examples_python2]# python ./find_dup_ip.py
Enter server IP address or hostname:weed
Enter username: API_admin
Enter password:
Login failed:
APIResponse received a response which is not a valid JSON.
api_calls.json
[
{
"request": {
"headers": {
"Accept": "/",
"Content-Length": 98,
"Content-Type": "application/json",
"User-Agent": "python-api-wrapper"
},
"payload": {
"continue-last-session": false,
"password": "****",
"read-only": false,
"user": "API_admin"
},
"url": "/web_api/login"
},
"response": {
"data": null,
"status_code": 403
}
}
]
This worked for me 12 months ago. I have updated the management version to R80.30 possibly since it last worked.
Hello,
I am trying to find duplicate IPs on my R80.10 Management Server and getting following error when i run the script.
[Expert@P-WKG-VAP005:0]# $FWDIR/Python/bin/python find_dup_ip.py
Enter server IP address or hostname:localhost
Enter username: admin_ashfaquey
Enter password:
Saving data to debug file api_calls.json
Traceback (most recent call last):
File "find_dup_ip.py", line 93, in
main()
File "find_dup_ip.py", line 58, in main
exit(1)
File "/home/admin/cp_mgmt_api_python_sdk-master/lib/mgmt_api.py", line 109, in exit
self.save_debug_data()
File "/home/admin/cp_mgmt_api_python_sdk-master/lib/mgmt_api.py", line 128, in save_debug_data
out_file.write(json.dumps(self.api_calls, indent=4, sort_keys=True))
File "/opt/CPsuite-R80/fw1/Python/lib/python2.7/json/init.py", line 251, in dumps
sort_keys=sort_keys, **kw).encode(obj)
File "/opt/CPsuite-R80/fw1/Python/lib/python2.7/json/encoder.py", line 209, in encode
chunks = list(chunks)
MemoryError
Hello,
do you plan supporting Python 3 with your SDK? Python 2.7 will go out of life in 2 years, it's time to move to Python 3, don't you think?
Thanks.
Hey,
Not sure if this SDK is in use by anyone - If so this error is beyond me how it can exist for so long :) Or I am severly misunderstanding something? I hope so.
when calling any api call with the gen_api_query function from mgmt_api.py there is a hardcoded limit key value being injected.
from mgmt_api.py:
payload.update({"limit": limit, "offset": iterations * limit + offset, "details-level": details_level})
this part makes any query that does not take a limit flag fail - like show-access-layer.
The fix is replacing it with something like:
if limit > 0:
payload.update({"limit": limit, "offset": iterations * limit, "details-level": details_level})
else:
payload.update({"details-level": details_level})
When getting a PermissionError
in save_fingerprint_to_file
, the normal execution should continue.
However, due to a bug in the log call, this causes a failure.
Traceback (most recent call last):
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 667, in save_fingerprint_to_file
with open(filename, 'w') as filedump:
PermissionError: [Errno 13] Permission denied: 'fingerprints.txt'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/inmanta/lib64/python3.6/site-packages/inmanta/agent/handler.py", line 856, in execute
self.pre(ctx, resource)
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/code/modules/checkpoint/plugins/__init__.py", line 75, in pre
self._client.login()
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/code/modules/checkpoint/plugins/__init__.py", line 201, in login
self._username, self._password, payload={"session-name": self.SESSION_NAME}
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 198, in login
return self._common_login_logic(credentials, continue_last_session, domain, read_only, payload)
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 152, in _common_login_logic
login_res = self.api_call("login", credentials)
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 264, in api_call
self.check_fingerprint()
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 589, in check_fingerprint
self.save_fingerprint_to_file(self.server, server_fingerprint)
File "/var/lib/inmanta/eb192c74-a791-4a3d-8e1f-57100ca0d8bd/agent/env/lib/python3.6/site-packages/cpapi/mgmt_api.py", line 672, in save_fingerprint_to_file
print("Couldn't open file: " + filename + " for writing.\n" + e.message, file=sys.stderr)
AttributeError: 'PermissionError' object has no attribute 'message'
File "/usr/local/lib/python3.9/site-packages/cpapi/mgmt_api.py", line 176, in _common_login_logic
self.sid = login_res.data["sid"]
KeyError: 'sid'
Hey folks,
thanks for your great work!
For our current project - I was wondering wether a login with certificates is possible?
Looking forward to your answer,
Kristof
Currently when using APIClient as context manager and an exception is raised, the session is closed but stays in the session list containing all changes and locks.
I would like to have a variant, where all pending changes made in the APIClient session are automatically discarded, when an exception occurs.
can i use "show logs" cmd with this module? or is it limited to the cmds that are mentioned in readMe?
If we want to add a rule in a specific section (e.g we have a clean up rule, Main rule ) add a rule in "Main Rule" section at the bottom is not allowing
Hello.
How can I set the connection timeout? I don't see such a setting. The connection hangs if the api server is not available.
Hi,
I can't seem to find this package on Pypi.
Is published at all?
import setuptools
from setuptools import setup
setup(
name="cpapi",
version="1.1.2",
author="API team",
author_email="[email protected]",
description="Check Point Management API SDK",
long_description="Check Point API Python Development Kit simplifies the usage of the Check Point Management APIs. "
"The kit contains the API library project, "
"and sample projects demonstrating the capabilities of the library. "
"The kit is python 2 and 3 compatible code.",
long_description_content_type="text",
url="https://github.com/CheckPointSW/cp_mgmt_api_python_sdk.git",
packages=setuptools.find_packages(),
classifiers=[
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3",
"License :: OSI Approved :: Apache License",
"Operating System :: OS Independent",
],
)
help me
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.