version number: 0.9 author: Yann Hervé
smc-script allows to configure the forcepoint next-gen firewall using simple configuration files 'cnf', similar to terraform language (hcl)
For more flexibility, These files can be preprocessed using the mako template language
Example:
The following example installs a policy that allow all the traffic.
# cat create_policy.cnf
resource "#fw_policy" {
fw_policy "mypolicy" {
template "#fw_template_policy/Firewall Template";
}
}
resource "#fw_policy/mypolicy/fw_ipv6_access_rules" {
fw_ipv6_access_rule "allow_all" {
action.action = allow
destinations.any = true
sources.any = true
services.any = true
}
}
to install the policy, simply enter the following commands
$ smc-script login -k <apikey> <smc-ip-address>
$ smc-script apply create_policy.cnf
Download standalone smc-script for linux 64bits (built on ubuntu 18.04) Here and place it in your PATH (e.g. ~/bin)
requirements: python2.7, pip and virtualenv
git clone https://github.com/yherve/smc-script
. use_venv.sh
this scripts creates a virtualenv, installs requirements and adds an alias command 'smc-script' that runs directly from the source tree
git clone https://github.com/yherve/smc-script
make
the executable is in ./dist/smc-script
Documentation is available in the wiki: https://github.com/yherve/smc-script/wiki