Giters

batfish / batfish

Batfish is a network configuration analysis tool that can find bugs and guarantee the correctness of (planned or current) network configurations. It enables network engineers to rapidly and safely evolve their network, without fear of outages or security breaches.

Home Page:http://www.batfish.org

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Batfish Unrecognized Configurations from FortiGate 600E Running FortiOS 7.4.2

Rostislav0 opened this issue · comments

commented

*Describe the bug and expected behavior
I'm currently facing an issue with the Batfish network configuration analysis tool. I have a configuration file from a FortiGate 600E device running FortiOS version 7.4.2. However, Batfish seems to be unable to recognize some lines of the configuration. I suspect these lines might not have been loaded into Batfish yet. Is there a way to update the database or manually add these unrecognized lines? Any guidance would be greatly appreciated.

Runnable example

import pandas as pd
from pybatfish.client.session import Session
from pybatfish.datamodel import *
from pybatfish.datamodel.answer import *
from pybatfish.datamodel.flow import *
TXT = """
#config-version=FG6H0E-7.4.2-FW-build2571-231219:opmode=0:vdom=0:user=rest-api
#conf_file_ver=518290883598123
#buildno=2571
#global_vdom=1
config system timezone "America/El_Salvador"
end
config system timezone "America/Argentina/Buenos_Aires"
end
config system timezone "America/Caracas"
end
config system timezone "America/Santiago"
end
config system timezone "America/Asuncion"
end
config system timezone "America/Mexico_City"
end
config system timezone "America/Nuuk"
end
config system timezone "America/Los_Angeles"
end
config system timezone "America/Vancouver"
end
config system timezone "America/Lima"
end
config system timezone "America/Chihuahua"
end
config system timezone "America/Guyana"
end
config system global
    set alias "FortiGate-600E"
    set gui-auto-upgrade-setup-warning disable
    set hostname "FortiGate-600E"
    set switch-controller enable
    set timezone "Europe/Minsk"
end"""

bf = Session(host="localhost")
bf.set_network('example_dc')
bf.init_snapshot_from_text(TXT)

result = bf.q.parseWarning().answer().frame()
print(result)

Fill in the TXT above and add commands or questions (e.g., bf.q.initIssues().answer()) so that the code snippet, when run, serves as a standalone, working example of your problem.

The Batfish team will run your code example as-is and expect to see the problem demonstrated. Failure to provide a runnable, working example will very likely delay or entirely prevent a response to your issue.

You may attach a configuration file or an entire snapshot to the issue, and we can use bf.init_snapshot instead, however, the example must when run demonstrate your issue.

If you are concerned about the secrecy of your configuration, feel free to anonymize it manually or use netconan to anonymize it. However, the anonymized configuration must still demonstrate your issue when we run the code you provide.

Additional context
Unfortunately, I can’t upload the entire configuration to GitHub in code. I will leave the full configuration file below. There are also issues with recognizing other lines that didn’t fit here.
api_configbackup.txt