Getting Started with the Sophos Firewall SDK in Python
The Sophos Firewall SDK is a powerful tool for managing and automating Sophos firewalls. In this post, we'll cover the basics of getting started with the SDK in Python.
Step 1: Create a Python Virtual Environment
Before we begin, it's a good idea to create a virtual environment for our project. This will help keep our dependencies isolated and make it easier to manage our project. To create a virtual environment, open your terminal and run the following command:
Command Line:
python -m venv sophos-env
This will create a new virtual environment called sophos-env. To activate it, run:
Bash
source sophos-env/bin/activate
Powershell
./Sophos-env/bin/activate.ps1
Step 2: Install the Sophos Firewall SDK
Once our virtual environment is activated, we can install the Sophos Firewall SDK using pip:
Shell
pip install sophosfirewall-python
Step 3: Example Python app
Now that we have our virtual environment set up and our dependencies installed, we can start using the SDK. Here's an example of how to interact with SFOS Firewalls. It may be used to test credentials, or to retrieve configuration from a firewall:
Python <main.py>
import json
from argparse import ArgumentParser
from sophosfirewall_python.firewallapi import (
SophosFirewall as SFOS,
SophosFirewallAuthFailure,
)
def login(fw: SFOS, debug: bool):
try:
result = fw.login()
print("Credentials are valid")
if debug:
print("DEBUG:", result)
except SophosFirewallAuthFailure as e:
print("Authentication failed", str(e))
def get_tag(fw: SFOS, data: str, debug: bool):
try:
result = fw.get_tag(data)
if debug:
print("result received:", 0 if result is None else len(result))
print(json.dumps(result, indent=4))
except Exception as e:
print("exception type=", type(e), "message=", str(e))
# raise NotImplementedError("'find' not implemented")
def new_argument_parser() -> ArgumentParser:
new_parser = ArgumentParser(description="Process command line arguments.")
new_parser.add_argument("--user", type=str)
new_parser.add_argument("--pass", type=str)
new_parser.add_argument("--host", type=str, help="Hostname or IP")
new_parser.add_argument("--port", type=int, default=4444)
new_parser.add_argument("--data", type=str, default=None, help="Data")
new_parser.add_argument("--verify", type=str, choices=["yes", "no"], default="yes")
new_parser.add_argument("--debug", type=str, choices=["yes", "no"], default="yes")
return new_parser
def main():
parser = new_argument_parser()
args = parser.parse_args()
fw = SFOS(
username=args.username,
password=args.password,
hostname=args.hostname,
port=args.port,
verify=args.verify == "yes",
)
debug = args.debug == "yes"
if args.data is None:
login(fw, debug)
else:
get_tag(fw, args.data, debug)
if __name__ == "__main__":
main()
Examples:
Test login credentials on a firewall with a self-signed certificate:
Command Line
python main.py –user <USERNAME> --pass <PASSWORD> --host <IP_OR_HOSTNAME> --verify no
If the credentials are correct, then it will output:
Credentials are valid
To retrieve a list of all host objects:
python main.py –user <USERNAME> --pass <PASSWORD> --host <IP_OR_HOSTNAME> --data iphost --verify no
Conclusion
In this post, we covered the basics of getting started with the Sophos Firewall SDK in Python. We created a virtual environment, installed the SDK and additional requirements, and created script to exercise the API. This can be used as a starting point for your own exploration, and should give you a taste of how to start working with the SDK.