I am trying to script a way to create several MAC address objects in a FortiGate firewall via the
API.
FortiGate VM, running version 7.0.12
There is a tool called fgttool.py that is available from FortiGate that creates the session and allows you send commands. I am able to read address objects, and create IP address objects, but when I try to create a MAC address object, I keep getting an error 500.
Here is the command I am running, built using the FortiGate API definition:
python3 fgttool.py create firewall/address --vdom root --data '{"name": "TEST NAME", "type": "mac", "macaddr": [{"macaddr": "00:11:22:33:44:55"}], "comment": "Added via API", "associated-interface": {"q_origin_key": "INTERFACE1"}, "color": "0"}'
Add [{'name': 'TEST NAME', 'type': 'mac', 'macaddr': [{'macaddr': '00:11:22:33:44:55'}], 'comment': 'Added via API', 'associated-interface': {'q_origin_key': 'INTERFACE1'}, 'color': '0'}] in [firewall/address] (vdom: root)
<Response [500]>
500 Internal server error
I also tried formatting it a different way (thanks ChatGPT) but no dice:
python3 fgttool.py create firewall/address --vdom root --data '{"name": "TEST NAME", "start-ip": "00:11:22:33:44:55", "end-ip": "00:11:22:33:44:55", "comment": "Added via API", "associated-interface": {"q_origin_key": "INTERFACE1"}}'
Add [{'name': 'TEST NAME', 'start-ip': '00:11:22:33:44:55', 'end-ip': '00:11:22:33:44:55', 'comment': 'Added via API', 'associated-interface': {'q_origin_key': 'INTERFACE1'}}] in [firewall/address] (vdom: root)
<Response [500]>
500 Internal server error
When I sniff the POST request from Firefox when using the GUI, this is what the JSON payload looks like:
{"name":"TEST NAME","type":"mac","macaddr":[{"macaddr":"00:11:22:33:44:55"}],"comment":"testing gui insert","associated-interface":{"q_origin_key":"INTERFACE1"},"color":"0"}
I cannot figure out what is wrong with this create command. Grateful for any help. Note: I cannot post this to the FortiNet Developer Network forums because posting questions is hidden behind a license paywall :(