Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API for Manipulating "Static Route Templates" Not Public #56

Open
Almujalled opened this issue Jun 22, 2024 · 2 comments
Open

API for Manipulating "Static Route Templates" Not Public #56

Almujalled opened this issue Jun 22, 2024 · 2 comments

Comments

@Almujalled
Copy link

Hi,

Similar to issue #52, it appears that the API for manipulating "Static Route Templates" under "Provisioning Templates" is not made public.

I have attempted to debug the FortiManager CLI while creating a template group through the GUI, but I was unable to identify the URL.

Could you please confirm if my observation is correct? If so, could you kindly point me to the correct URL to use fortimanager_json_generic_api to address this?

Thank you!

@MaxxLiu22
Copy link

Hi @Almujalled ,

Thank you for bringing this issue to our attention. We appreciate your diligence. It appears that this API method has not yet been exposed. I have reported this to the API team along with your issue #52 . In the meantime, I have found a way to create a static router template and an IPv4 static route using fortimanager_json_generic_api.

resource "fortimanager_json_generic_api" "template" {
  json_content = <<JSON
{
    "method": "add",
    "params": [
        {
            "data": {
                "name": "static-3",
                "template setting": {
                    "stype": "_router_static",
                    "widgets": "_router_static"
                },
                "type": "template"
            },
            "url": "/pm/template/_router_static/adom/root"
        }
    ]
}
JSON
}

resource "fortimanager_json_generic_api" "ipv4" {
  depends_on = [fortimanager_json_generic_api.template]
  json_content = <<JSON
{
    "method": "post",
    "params": [
        {
            "data": [
                {
                    "action": "conf-static-router",
                    "seq": 1,
                    "value": {
                        "bfd": 0,
                        "blackhole": 0,
                        "device": [
                            "port2"
                        ],
                        "distance": 10,
                        "dst": "0.0.0.0/0.0.0.0",
                        "dynamic-gateway": 0,
                        "gateway": "0.0.0.0",
                        "internet-service": [
                            10354860
                        ],
                        "link-monitor-exempt": 0,
                        "preferred-source": "0.0.0.0",
                        "priority": 1,
                        "sdwan-zone": null,
                        "seq-num": 0,
                        "src": "0.0.0.0/0.0.0.0",
                        "status": 1,
                        "tag": 0,
                        "vrf": "unspecified",
                        "weight": 0
                    }
                }
            ],
            "method": "set",
            "option": "sync",
            "url": "/pm/config/adom/root/template/_router_static/static-3/action-list/"
        }
    ]
}
JSON
}


To identify the URLs that are not public on the FNDN website, we can either use the network monitor in our browser (by pressing F12) or run debug cmd in the CLI to observe how the GUI performs certain operations, you are welcome to ask us in GitHub forum as well
browser moniter
.

diagnose debug service main 255
diagnose debug enable
{ "client": "gui json:32659", "id": "d70b2b82-3491-465c-b978-83c19c0972a1", "keep_session_idle": 1, "method": "post", "params": [{ "data": [{ "action": "conf-static-router", "seq": 1, "value": { "bfd": 0, "blackhole": 0, "device": ["port2"], "distance": 10, "dst": "0.0.0.0\/0.0.0.0", "dynamic-gateway": 0, "gateway": "0.0.0.0", "internet-service": [10354860], "link-monitor-exempt": 0, "preferred-source": "0.0.0.0", "priority": 1, "sdwan-zone": null, "seq-num": 0, "src": "0.0.0.0\/0.0.0.0", "status": 1, "tag": 0, "vrf": "unspecified", "weight": 0}}], "method": "set", "option": "sync", "url": "\/pm\/config\/adom\/root\/template\/_router_static\/gui\/action-list\/"}], "session": 29262}

Thank you for your patience and understanding. Please feel free to reach out if you have any further questions or concerns.
Thanks,
Maxx

@Almujalled
Copy link
Author

Almujalled commented Jul 8, 2024

Hi @MaxxLiu22,

Thank you for the explanation.

That works for creating one "route" inside a static route template. How would you code it if you want to have multiple entries within a template? As far as I have tested, it seems that the API is expecting all of the entries to be sent within one request, thus eliminating the possibility of using a for_each?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants