Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Final Check - Multiple Issues #3

Open
codejulen opened this issue Dec 14, 2016 · 3 comments
Open

Final Check - Multiple Issues #3

codejulen opened this issue Dec 14, 2016 · 3 comments
Assignees
@taruch

Comments

@codejulen
Copy link

Before deployment, we require the following to be added:

Actions:

  1. Rename list networks in object to list connections
  2. Rename app type from Firewall to firewall
  3. Set the read_only flag for block ip and unblock ip to false
  4. Add primary: true to the IP parameter for both block ip and unblock ip
  5. Add contains: ["ip"] to the IP parameter for both block ip and unblock ip

Documentation:

  1. In app description, remove single quote after IPs, add period to end of description:

Old:
This app interfaces with Cisco Firepower devices to add or remove IP's or networks to a Firepower Network Group Object, which is configured with an ACL'

New:
This app interfaces with Cisco Firepower devices to add or remove IPs or networks to a Firepower Network Group Object, which is configured with an ACL.

App JSON:
Add a render dictionary and an output list to each respective action. This can be done by using the app_dev/create_output.py script - run the action on your Phantom instance, and use create_output.py from the console with the -n argument and the app_run number afterwards. For example:

python2.7 create_output.py -n 154

The app run number can be seen in the URL when viewing the details of an action run.

The create_output.py script will create a json with the render dictionary and output list in it.

After these fixes it should be all good! :)
@taruch
Copy link
Owner

taruch commented Dec 14, 2016
edited
Loading

  1. Rename list networks in object to list connections
  • This doesn't make any sense to me. Please elaborate.
  1. Rename app type from Firewall to firewall
  • Done.
  1. Set the read_only flag for block ip and unblock ip to false
  • Please state why.
  1. Add primary: true to the IP parameter for both block ip and unblock ip
  • Please state why.
  1. Add contains: ["ip"] to the IP parameter for both block ip and unblock ip
  • your contains ip does not work with a network/sm format, which this app can take. As I learned when doing my other app, it will error out if you have the contains ip and try to use a network/mask. Find me on the Slack channel and we can talk about this.

In app description, remove single quote after IPs, add period to end of description:

  • Done

@taruch taruch self-assigned this Dec 14, 2016
@codejulen
Copy link
Author

Oops, I meant, "Rename list networks in object to list networks". It's been a long day. Not sure where I got connections from, haha

@taruch
Copy link
Owner

taruch commented Dec 14, 2016
edited
Loading

Rename list networks in object to list networks - Done.
Set the read_only flag for block ip and unblock ip to false - Done

Commit: eb8cf04

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@taruch taruch

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@taruch @codejulen