-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdel_block_firewall.php
93 lines (70 loc) · 2.52 KB
/
del_block_firewall.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
/**
remove ip addresses from firewall block group
*/
/**
* using the composer autoloader
*/
require_once('/vendor/autoload.php');
/**
* include the config file (place your credentials etc. there if not already present)
* see the config.template.php file for an example
*/
require_once('/config.php');
if (empty($argv[1])) {
echo "please pass ip addresses to delete from list\r\n";
exit(1);
}
/**
* initialize the UniFi API connection class and log in to the controller and do our thing
*/
$unifi_connection = new UniFi_API\Client($controlleruser, $controllerpassword, $controllerurl, $site_id, $controllerversion);
$set_debug_mode = $unifi_connection->set_debug($debug);
$loginresults = $unifi_connection->login();
/** make sure firewall rule exists **/
$data = $unifi_connection->list_firewallrules();
$rule_idx = array_search($rule_name,array_column($data,'name'));
if ($rule_idx !== false) {
/** echo json_encode($data[$rule_idx], JSON_PRETTY_PRINT);
**/
$rule_id = $data[$rule_idx]->_id;
echo "Id is ", $rule_id, "\r\n";
} else {
echo "Firewall rule $rule_name not found! exiting....", "\r\n";
exit(1);
}
/** list all firewall groups **/
$data = $unifi_connection->list_firewallgroups();
/** search for group name as specified above **/
$grp_idx = array_search($group_name,array_column($data,'name'));
if ($grp_idx !== false) {
$group_id = $data[$grp_idx]->_id;
echo "Id is ", $group_id, "\r\n";;
} else {
echo "Firewall Group $group_name not found! exiting....", "\r\n";;
exit(1);
}
echo "Before....\r\n";
echo json_encode($data[$grp_idx], JSON_PRETTY_PRINT);
/** loop through all ip addresses passed via command line **/
for ($i = 1; $i < $argc; $i++) {
echo "Removing address $argv[$i]\r\n";
$ip_addr=$argv[$i];
$pos = array_search($ip_addr,$data[$grp_idx]->group_members);
if ($pos !== false) {
echo "position is $pos\r\n";
echo "IP found! Deleting....", "\r\n";;
unset($data[$grp_idx]->group_members[$pos]);
$data[$grp_idx]->group_members = array_values($data[$grp_idx]->group_members);
} else {
echo "$ip_addr not found!\r\n", "\r\n";;
continue;
}
}
echo "After....\r\n";
echo json_encode($data[$grp_idx], JSON_PRETTY_PRINT);
$data = $unifi_connection->edit_firewallgroup($data[$grp_idx]->_id,$data[$grp_idx]->site_id,$data[$grp_idx]->name,$data[$grp_idx]->group_type,$data[$grp_idx]->group_members);
if (!$data) {
$error = $unifi_connection->get_last_results_raw();
echo json_encode($error, JSON_PRETTY_PRINT);
}