Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sirpsycho/firecall

Automate SSH communication with firewalls, switches, etc.
https://github.com/sirpsycho/firecall

Last synced: 3 months ago
JSON representation

Automate SSH communication with firewalls, switches, etc.

Host: GitHub
URL: https://github.com/sirpsycho/firecall
Owner: sirpsycho
Created: 2018-01-08T20:57:54.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2018-03-29T12:39:28.000Z (over 6 years ago)
Last Synced: 2024-07-16T14:54:12.654Z (4 months ago)
Language: Python
Size: 52.7 KB
Stars: 26
Watchers: 6
Forks: 6
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-network-stuff - **21**星

README

# firecall
Automate SSH communication with firewalls, switches, etc.

# Description

These scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into other scripts. These scripts were created with automation/orchestration in mind - if done securely, these scripts could ingest security intelligence data to automatically block malicious IPs based on certain criteria.

# Configuration

1) Run `bash install.sh` to set helpful aliases and enable logging
2) Configure "config" in a text editor to add firewall address(es), authentication, & any other applicable options such as:

- add multiple firewalls to configure them all simultaneously
- configure email alerting to be alerted when an IP is blocked or un-blocked
- whitelist IPs that you never want to get blocked
- optional logging feature for audit capability

# blockip

The "blockip" script is designed to quickly block a host by simply providing the IP address.

Just type `blockip` and then the ip address that you want to block.

Example usage:
```
# blockip 12.34.56.78
[-] (firewall01) Added IP '12.34.56.78' to firewall group 'Deny_All_Group'
```
# removeip

This script works in the same way as blockip, except it removes an IP block from the firewall. It can be used to quickly "undo" a block made by blockip.

Example usage:
```
# removeip 12.34.56.78
[-] (firewall01) Successfully removed IP '12.34.56.78' from firewall group 'Deny_All_Group'
```

# Dependencies

"paramiko" must be installed for this program to run. To install paramiko, try running "pip install paramiko". On Macs, you may have to install a version of Python that has "pip". To do this, you can use either easy_install or homebrew (run "sudo easy_install pip" or "brew install python")