Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pouriyajamshidi/fortisslvpnuserrevoker

Python script to remove SSLVPN users of your Fortigate devices in complex setups.
https://github.com/pouriyajamshidi/fortisslvpnuserrevoker

Last synced: 8 days ago
JSON representation

Python script to remove SSLVPN users of your Fortigate devices in complex setups.

Host: GitHub
URL: https://github.com/pouriyajamshidi/fortisslvpnuserrevoker
Owner: pouriyajamshidi
License: mit
Created: 2021-02-25T20:38:52.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2023-12-26T19:31:18.000Z (10 months ago)
Last Synced: 2024-05-01T16:10:12.944Z (6 months ago)
Language: Python
Homepage:
Size: 20.5 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Fortigate SSLVPN User Revoker

Bunch of cross-platform Python scripts that are written to remove SSLVPN users from your Fortigate firewalls and store the states in a ```database``` file.

It comes in two flavors, ```SSH``` and ```API``` versions and you can pick both or either of these for your use case.

```fortidb.py``` module is called from the main programs and is used to ```log```, ```audit``` and keep ```track``` of user deletion process.

If you run ```fortidb.py``` directly, it will show you a list of users that have been given to be deleted, their status and also you get the option of viewing their group membership prior to deletion.

## Good to know

There is a function called ```sanitize_username``` in ```API``` version and a method called ```SanitizeUsername``` in ```SSH``` version that can be customized with the user format you use in your company, so that you could disregard the case-sensitivity of users upon feeding them to the scripts.

**Currently it just strips and returns what you input**.

## Requirements

```Python``` has to be installed on the machine, running the scripts.

```Paramiko```, ```Netmiko``` and ```FortiOSAPI``` are needed to run this script. You can install them using below [guide](#intsall-the-required-modules).

## Usage

Both scripts can get either a ```username``` or a ```text file``` with the users you want to delete, separated by ```newlines```.

**Make sure of the case sensitivity of users you want to delete. They should be the same as your firewalls unless you have modified the ```sanitize_username``` or ```SanitizeUsername```**.

### Clone the repository

```bash
git clone https://github.com/pouriyajamshidi/FortiSSLVPNUserRevoker.git
```

### Intsall the required modules

```bash
pip3 install -r requirements.txt
```

### Make the scripts executable

```bash
chmod +x FortiSSLVPNRevoker-API.py
chmod +x FortiSSLVPNRevoker-SSH.py
chmod +x fortidb.py
```

### To delete a single user:

```python
./FortiSSLVPNRevoker-SSH.py
OR
./FortiSSLVPNRevoker-API.py
```

### To delete a bunch of users in a text file:

```python
./FortiSSLVPNRevoker-SSH.py
OR
./FortiSSLVPNRevoker-API.py
```

## If you prefer to invoke them using Python:

### To delete a single user

```python
python3 FortiSSLVPNRevoker-SSH.py
OR
python3 FortiSSLVPNRevoker-API.py
```

### To delete a bunch of users in a text file

```python
python3 FortiSSLVPNRevoker-SSH.py
OR
python3 FortiSSLVPNRevoker-API.py
```

## Tested on

Linux and Windows machines.

## Contributing

Pull requests are welcome.

## License

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)