Search code examples
ibm-cloud-infrastructure

Canceling A firewall with Softlayer API

I am trying to Use the Python API FirewallManager class's cancel_firewall() function to cancel all of the firewalls in an account. 

# Connect to soflayer account
client = SoftLayer.create_client_from_env(username=user, api_key=api)

firewall_manager = SoftLayer.FirewallManager(client=client)
# Get a list of all of the firewalls in an account
firewalls = firewall_manager.get_firewalls()
# Cancel each firewall
for firewall in firewalls:
    dedicated = bool(firewall["dedicatedFirewallFlag"])
    firewall_manager.cancel_firewall(firewall_id=firewall["id"], dedicated=dedicated )

but when I run this code I get the error:

SoftLayerAPIError(SoftLayer_Exception_ObjectNotFound): Unable to find object with id of '284501'.

The code for canceling says that it takes a "firewall_id" but the id I give it doesnt seem to be working.... the source code for the manager is here

Solution

  • As I see in your code, you are sending the firewall['id'] to cancel_firewall method.

    Reviewing how SLCLI works, it is filtering depending if the firewall type is a vlan, vs or server. Following the same idea, you should take in account the existing filters in the following link:

    https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/CLI/firewall/list.py

    E.g:

    • VSI: firewall['id'] == vlan['firewallGuestNetworkComponents']*
    • Server: firewall['id'] == vlan['firewallNetworkComponents']
    • Vlan: firewall['id'] == vlan['networkVlanFirewall']['id']

    Well, it is something tedious to understand how it works, anyway, I used the bellow script, which uses the FirewallManager to delete all firewalls:

    """
cancels all firewall from the account

Important manual pages:
https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/managers/firewall.py
https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/CLI/firewall/list.py
https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/CLI/firewall/cancel.py

License: http://sldn.softlayer.com/article/License
Author: SoftLayer Technologies, Inc. <sldn@softlayer.com>
"""

import SoftLayer
from SoftLayer.CLI import formatting

# Your SoftLayer username and apiKey
user = 'set me'
api = 'set me'

# Connect to SoftLayer
client = SoftLayer.create_client_from_env(username=user, api_key=api)

# Declare Firewall Manager
firewall_manager = SoftLayer.FirewallManager(client=client)

# Getting firewalls from the account
fwvlans = firewall_manager.get_firewalls()

# Getting Dedicated firewalls
dedicated_firewalls = [firewall for firewall in fwvlans if firewall['dedicatedFirewallFlag']]

# Define a Vlans array to store vlans
vlans = []


# Method from: 
# https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/CLI/firewall/list.py
def has_firewall_component(server):
    """Helper to determine whether or not a server has a firewall.
    :param dict server: A dictionary representing a server
    :returns: True if the Server has a firewall.
    """
    if server['status'] != 'no_edit':
        return True

    return False

for vlan in dedicated_firewalls:
        features = []
        if vlan['highAvailabilityFirewallFlag']:
            features.append('HA')

        if features:
            feature_list = formatting.listing(features, separator=',')
        else:
            feature_list = formatting.blank()

        vlans.append('vlan:%s' % vlan['networkVlanFirewall']['id'])

shared_vlan = [firewall for firewall in fwvlans
                   if not firewall['dedicatedFirewallFlag']]

for vlan in shared_vlan:
        vs_firewalls = [guest
                        for guest in vlan['firewallGuestNetworkComponents']
                        if has_firewall_component(guest)]

        for firewall in vs_firewalls:
            vlans.append('vs:%s' % firewall['id'])
        server_firewalls = [server
                            for server in vlan['firewallNetworkComponents']
                            if has_firewall_component(server)]

        for firewall in server_firewalls:
            vlans.append('server:%s' % firewall['id'])

# Methods from:
# https://github.com/softlayer/softlayer-python/blob/master/SoftLayer/CLI/firewall/cancel.py
for item in vlans:
    firewall_type, firewall_id = item.split(':')
    if firewall_type in ['vs', 'server']:
        print(firewall_manager.cancel_firewall(firewall_id, dedicated=False))
    elif firewall_type == 'vlan':
        print(firewall_manager.cancel_firewall(firewall_id, dedicated=True))
    else:
        raise exceptions.CLIAbort('Unknown firewall type: %s' % firewall_type)

    I hope it helps, let me know if you have any question or comments about it. Keep in mind that the script is just an idea, it can be improved.