Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Readme(.md) for 0.8.0 #242

Merged
merged 5 commits into from
Feb 23, 2024
Merged

Update Readme(.md) for 0.8.0 #242

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
662ea33
README(.md): Update list of command for 0.8.0
alagoutte Feb 16, 2024
8a8794b
README(.md): Add new monitor cmdlet
alagoutte Feb 19, 2024
d172d79
README(.md): Add Security Profiles chapiter
alagoutte Feb 23, 2024
efb27ca
README(.md): add new set-fgtfirewallpolicy (with Security Profiles)
alagoutte Feb 23, 2024
9e71e26
README(.md): Add note about Get-FGTLogSetting for Log Settings
alagoutte Feb 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 41 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ With this module (version 0.7.0) you can manage:
- System Admin (Get)
- [System Global](#settings) (Get/Set)
- [System Settings](#settings) (Get/Set)
- [Security Profiles](#security-profiles) (Get)
- User LDAP (Get)
- User Local (Get)
- User Group (Get)
Expand Down Expand Up @@ -662,7 +663,7 @@ or delete it `Remove-FGTFirewallVIPGroup`.

You can create a new Policy `Add-FGTFirewallPolicy`, retrieve its information `Get-FGTFirewallPolicy`
Add member to source or destinationn address `Add-FGTFirewallPolicyMember` and remove member `Add-FGTFirewallPolicyMember`,
or delete it `Remove-FGTFirewallPolicy`.
set it `Set-FGTFirewallPolicy` or delete it `Remove-FGTFirewallPolicy`.

```powershell
# Get information about ALL Policies (using Format Table)
Expand Down Expand Up @@ -787,6 +788,20 @@ or delete it `Remove-FGTFirewallPolicy`.
[...]


# Change a Policy Settings (Security Profiles with default profiles)
Get-FGTFirewallPolicy -name MyFGTPolicy3 | Set-FGTFirewallPolicy -avprofile default -webfilterprofile default -dnsfilterprofile default -applicationlist default -ipssensor default

q_origin_key : 3
policyid : 3
name : MyFGTPolicy3
uuid : d7d0fa66-3352-51ec-52cf-a215389b0ddb
[...]
av-profile : default
webfilter-profile : default
dnsfilter-profile : default
application-list : default
ips-sensor : default

# Remove a Policy
Get-FGTFirewallPolicy -name MyFGTPolicy2 | Remove-FGTFirewallPolicy
Remove Policy on Fortigate
Expand Down Expand Up @@ -1050,6 +1065,19 @@ modify its properties `Set-FGTSystemInterface` or delete it `Remove-FGTSystemInt
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
```

### Security Profiles

You can change System Settings and System Global (settings) using `Set-FGTSystemSettings` and `Set-FGTSystemGlobal`

It is possible to Get Security Profiles (Antivirus, Application Control, DNS Filter, ISDB, SSL/SSH, IPS)

* `Get-FGTAntivirusProfile` List and Settings of Antivirus
* `Get-FGTApplicationList` List and Settings of Application (List)
* `Get-FGTDnsfilterProfile` List and Settings of DNS Filter Profile
* `Get-FGTFirewallInternetServiceName` List of Internet Service Name (ISDB)
* `Get-FGTFirewallSSLSSHProfile` List and Settings of SSL/SSH Profile
* `Get-FGTIpsSensor` List and Settings of IPS Sensor

### Settings

You can change System Settings and System Global (settings) using `Set-FGTSystemSettings` and `Set-FGTSystemGlobal`
Expand Down Expand Up @@ -1278,6 +1306,7 @@ It is possible to `monitor` FortiGate
* `Get-FGTMonitorSystemFirmware` Retrieve a list of firmware images available to use for upgrade on this device
* `Get-FGTMonitorSystemHAChecksum` List of checksums for members of HA cluster
* `Get-FGTMonitorSystemHAPeer` Get configuration of peer(s) in HA cluster
* `Get-FGTMonitorUtmApplicationCategories` Get list of (UTM) Application Categories
* `Get-FGTMonitorVpnIPsec` Return active IPsec VPNs
* `Get-FGTMonitorVpnSsl` Retrieve a list of all SSL-VPN sessions and sub-sessions and Return statistics about the SSL-VPN
* `Get-FGTMonitorWebfilterCategories` Return FortiGuard web filter categories
Expand Down Expand Up @@ -1343,6 +1372,8 @@ you can also get some extra info using -extra parameter :
* country_id to get country of IP Address

You can also select the 'timeline' using -since parameter 1h(our), 1d(ay), 7d(ays), 30(days), only for Fortiguard type

You can use also `Get-FGTLogSetting` for get setting for Log (Syslogd, FortiAnalyzer...)
```
### Invoke API
for example to get Fortigate System Global Info
Expand Down Expand Up @@ -1609,17 +1640,24 @@ Copy-FGTFirewallProxyAddressGroup
Copy-FGTFirewallVipGroup
Deploy-FGTVm
Disconnect-FGT
Get-FGTAntivirusProfile
Get-FGTApplicationList
Get-FGTDnsfilterProfile
Get-FGTFirewallAddress
Get-FGTFirewallAddressGroup
Get-FGTFirewallInternetServiceName
Get-FGTFirewallIPPool
Get-FGTFirewallPolicy
Get-FGTFirewallProxyAddress
Get-FGTFirewallProxyAddressGroup
Get-FGTFirewallProxyPolicy
Get-FGTFirewallServiceCustom
Get-FGTFirewallServiceGroup
Get-FGTFirewallSSLSSHProfile
Get-FGTFirewallVip
Get-FGTFirewallVipGroup
Get-FGTIpsSensor
Get-FGTLogSetting
Get-FGTLogTraffic
Get-FGTMonitorFirewallPolicy
Get-FGTMonitorFirewallSession
Expand All @@ -1630,6 +1668,7 @@ Get-FGTMonitorSystemConfigBackup
Get-FGTMonitorSystemFirmware
Get-FGTMonitorSystemHAChecksum
Get-FGTMonitorSystemHAPeer
Get-FGTMonitorUtmApplicationCategories
Get-FGTMonitorVpnIPsec
Get-FGTMonitorVpnSsl
Get-FGTMonitorWebfilterCategories
Expand Down Expand Up @@ -1682,6 +1721,7 @@ Set-FGTCipherSSL
Set-FGTConnection
Set-FGTFirewallAddress
Set-FGTFirewallAddressGroup
Set-FGTFirewallPolicy
Set-FGTFirewallProxyAddressGroup
Set-FGTFirewallVipGroup
Set-FGTSystemGlobal
Expand Down