netbox-security 1.0.0__tar.gz

netbox_security-1.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Andy Wilson
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

netbox_security-1.0.0/PKG-INFO

@@ -0,0 +1,148 @@
+Metadata-Version: 2.4
+Name: netbox-security
+Version: 1.0.0
+Summary: NetBox Security is a NetBox plugin that enhances device and interface models with security specific data
+Author-email: Andy Wilson <andy@shady.org>
+Project-URL: Homepage, https://github.com/andy-shady-org/netbox-security
+Project-URL: Documentation, https://github.com/andy-shady-org/netbox-security/blob/main/README.md
+Project-URL: Repository, https://github.com/andy-shady-org/netbox-security
+Project-URL: Issues, https://github.com/andy-shady-org/netbox-security/issues
+Keywords: netbox,netbox-plugin,security
+Classifier: Development Status :: 5 - Production/Stable
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Dynamic: license-file
+
+# NetBox Security Plugin
+[Netbox](https://github.com/netbox-community/netbox) plugin for Security and NAT related objects documentation.
+
+<div align="center">
+<a href="https://pypi.org/project/netbox-security/"><img src="https://img.shields.io/pypi/v/netbox-security" alt="PyPi"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/network/members"><img src="https://img.shields.io/github/forks/andy-shady-org/netbox-security?style=flat" alt="Forks Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/issues"><img src="https://img.shields.io/github/issues/andy-shady-org/netbox-security" alt="Issues Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/pulls"><img src="https://img.shields.io/github/issues-pr/andy-shady-org/netbox-security" alt="Pull Requests Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/graphs/contributors"><img alt="GitHub contributors" src="https://img.shields.io/github/contributors/andy-shady-org/netbox-security?color=2b9348"></a>
+<a href="https://github.com/andy-shady-org/netbox-security/blob/master/LICENSE"><img src="https://img.shields.io/github/license/andy-shady-org/netbox-security?color=2b9348" alt="License Badge"/></a>
+<a href="https://github.com/psf/black"><img src="https://img.shields.io/badge/code%20style-black-000000.svg" alt="Code Style Black"/></a>
+</div>
+
+
+## Features
+This plugin provides following Models:
+* Addresses
+* Address Sets
+* Address Lists
+* Security Zones
+* Security Zone Policies
+* NAT Pools
+* NAT Pool Members
+* NAT Rule-sets
+* NAT Rules
+* Firewall Filters
+* Firewall Filter Rules
+
+## Compatibility
+
+|            |           |
+|------------|-----------|
+| NetBox 4.2 | \>= 1.0.0 |
+
+## Installation
+
+The plugin is available as a Python package in pypi and can be installed with pip  
+
+```
+pip install netbox-security
+```
+Enable the plugin in /opt/netbox/netbox/netbox/configuration.py:
+```
+PLUGINS = ['netbox_security']
+```
+Restart NetBox and add `netbox-security` to your local_requirements.txt
+
+Perform database migrations:
+```bash
+cd /opt/netbox
+source venv/bin/activate
+python ./netbox/manage.py migrate netbox_security
+python ./netbox/manage.py reindex netbox_security
+```
+
+Full documentation on using plugins with NetBox: [Using Plugins - NetBox Documentation](https://netbox.readthedocs.io/en/stable/plugins/)
+
+
+## Configuration
+
+The following options are available:
+* `device_ext_page`: String (default left) Device related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `virtual_ext_page`: String (default left) Virtual Context related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `interface_ext_page`: String (default left) Interface related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `address_ext_page`: String (default right) Address/Address Set related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `top_level_menu`: Boolean (default True) Display plugin menu at the top level. The following values are available: True, False.
+
+
+## Contribute
+
+Contributions are always welcome! Please see the [Contribution Guidelines](CONTRIBUTING.md)
+
+
+## Documentation
+
+For further information, please refer to the full documentation: [Using NetBox Security](docs/using_netbox_security.md)
+
+
+## Credits
+
+- Thanks to Peter Eckel for providing some lovely examples which I've happily borrowed, and for providing excellent guidance.
+- Thanks to Dan Sheppard for the abstracted field generation stuff which I also used.
+- Thanks to Kris Beevers and Mark Coleman at Netbox Labs for encouragement and engagement.
+
+
+## Screenshots
+Addresses
+![List Addresses](docs/img/address_list.png)
+![View Address](docs/img/address.png)
+
+Address Sets
+![List Address Sets](docs/img/address_set_list.png)
+![View Address](docs/img/address_set.png)
+
+Security Zones
+![List Security Zones](docs/img/security_zone_list.png)
+![View Security Zone](docs/img/security_zone.png)
+
+Security Zone Policies
+![List Security Zone Policies](docs/img/policies_list.png)
+![View Security Zone Policy](docs/img/policy.png)
+
+NAT Pools
+![List NAT Pools](docs/img/nat-pool-list.png)
+![View NAT Pool](docs/img/nat-pool.png)
+
+NAT Pool Members
+![List NAT Pool Members](docs/img/members.png)
+![View NAT Pool Member](docs/img/nat-pool-member.png)
+
+NAT Rule Sets
+![List NAT Rule Sets](docs/img/nat-rule-set-list.png)
+![View NAT Rule Set](docs/img/nat-rule-set.png)
+
+NAT Rules
+![List NAT Rules](docs/img/nat-rule-list.png)
+![View NAT Rule](docs/img/nat-rule.png)
+
+Firewall Filters
+![List Firewall Filters](docs/img/firewall-filter-list.png)
+![View Firewall Filter](docs/img/firewall-filter.png)
+
+Firewall Filter Rules
+![List Firewall Filter Rules](docs/img/firewall-rule-list.png)
+![View Firewall Filter Rule](docs/img/firewall-rule.png)
+
+Device
+![View Device](docs/img/device.png)

netbox_security-1.0.0/README.md

@@ -0,0 +1,132 @@
+# NetBox Security Plugin
+[Netbox](https://github.com/netbox-community/netbox) plugin for Security and NAT related objects documentation.
+
+<div align="center">
+<a href="https://pypi.org/project/netbox-security/"><img src="https://img.shields.io/pypi/v/netbox-security" alt="PyPi"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/network/members"><img src="https://img.shields.io/github/forks/andy-shady-org/netbox-security?style=flat" alt="Forks Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/issues"><img src="https://img.shields.io/github/issues/andy-shady-org/netbox-security" alt="Issues Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/pulls"><img src="https://img.shields.io/github/issues-pr/andy-shady-org/netbox-security" alt="Pull Requests Badge"/></a>
+<a href="https://github.com/andy-shady-org/netbox-security/graphs/contributors"><img alt="GitHub contributors" src="https://img.shields.io/github/contributors/andy-shady-org/netbox-security?color=2b9348"></a>
+<a href="https://github.com/andy-shady-org/netbox-security/blob/master/LICENSE"><img src="https://img.shields.io/github/license/andy-shady-org/netbox-security?color=2b9348" alt="License Badge"/></a>
+<a href="https://github.com/psf/black"><img src="https://img.shields.io/badge/code%20style-black-000000.svg" alt="Code Style Black"/></a>
+</div>
+
+
+## Features
+This plugin provides following Models:
+* Addresses
+* Address Sets
+* Address Lists
+* Security Zones
+* Security Zone Policies
+* NAT Pools
+* NAT Pool Members
+* NAT Rule-sets
+* NAT Rules
+* Firewall Filters
+* Firewall Filter Rules
+
+## Compatibility
+
+|            |           |
+|------------|-----------|
+| NetBox 4.2 | \>= 1.0.0 |
+
+## Installation
+
+The plugin is available as a Python package in pypi and can be installed with pip  
+
+```
+pip install netbox-security
+```
+Enable the plugin in /opt/netbox/netbox/netbox/configuration.py:
+```
+PLUGINS = ['netbox_security']
+```
+Restart NetBox and add `netbox-security` to your local_requirements.txt
+
+Perform database migrations:
+```bash
+cd /opt/netbox
+source venv/bin/activate
+python ./netbox/manage.py migrate netbox_security
+python ./netbox/manage.py reindex netbox_security
+```
+
+Full documentation on using plugins with NetBox: [Using Plugins - NetBox Documentation](https://netbox.readthedocs.io/en/stable/plugins/)
+
+
+## Configuration
+
+The following options are available:
+* `device_ext_page`: String (default left) Device related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `virtual_ext_page`: String (default left) Virtual Context related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `interface_ext_page`: String (default left) Interface related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `address_ext_page`: String (default right) Address/Address Set related objects table position. The following values are available:  
+left, right, full_width. Set empty value for disable.
+* `top_level_menu`: Boolean (default True) Display plugin menu at the top level. The following values are available: True, False.
+
+
+## Contribute
+
+Contributions are always welcome! Please see the [Contribution Guidelines](CONTRIBUTING.md)
+
+
+## Documentation
+
+For further information, please refer to the full documentation: [Using NetBox Security](docs/using_netbox_security.md)
+
+
+## Credits
+
+- Thanks to Peter Eckel for providing some lovely examples which I've happily borrowed, and for providing excellent guidance.
+- Thanks to Dan Sheppard for the abstracted field generation stuff which I also used.
+- Thanks to Kris Beevers and Mark Coleman at Netbox Labs for encouragement and engagement.
+
+
+## Screenshots
+Addresses
+![List Addresses](docs/img/address_list.png)
+![View Address](docs/img/address.png)
+
+Address Sets
+![List Address Sets](docs/img/address_set_list.png)
+![View Address](docs/img/address_set.png)
+
+Security Zones
+![List Security Zones](docs/img/security_zone_list.png)
+![View Security Zone](docs/img/security_zone.png)
+
+Security Zone Policies
+![List Security Zone Policies](docs/img/policies_list.png)
+![View Security Zone Policy](docs/img/policy.png)
+
+NAT Pools
+![List NAT Pools](docs/img/nat-pool-list.png)
+![View NAT Pool](docs/img/nat-pool.png)
+
+NAT Pool Members
+![List NAT Pool Members](docs/img/members.png)
+![View NAT Pool Member](docs/img/nat-pool-member.png)
+
+NAT Rule Sets
+![List NAT Rule Sets](docs/img/nat-rule-set-list.png)
+![View NAT Rule Set](docs/img/nat-rule-set.png)
+
+NAT Rules
+![List NAT Rules](docs/img/nat-rule-list.png)
+![View NAT Rule](docs/img/nat-rule.png)
+
+Firewall Filters
+![List Firewall Filters](docs/img/firewall-filter-list.png)
+![View Firewall Filter](docs/img/firewall-filter.png)
+
+Firewall Filter Rules
+![List Firewall Filter Rules](docs/img/firewall-rule-list.png)
+![View Firewall Filter Rule](docs/img/firewall-rule.png)
+
+Device
+![View Device](docs/img/device.png)

netbox_security-1.0.0/netbox_security/__init__.py

@@ -0,0 +1,25 @@
+from django.utils.translation import gettext_lazy as _
+from netbox.plugins import PluginConfig
+from .version import __version__
+
+
+class SecurityConfig(PluginConfig):
+    name = "netbox_security"
+    verbose_name = _("Netbox Security")
+    description = _("Subsystem for tracking Security and NAT related objects")
+    version = __version__
+    author = "Andy Wilson"
+    author_email = "andy@shady.org"
+    base_url = "netbox-security"
+    required_settings = []
+    min_version = "4.2.0"
+    default_settings = {
+        "top_level_menu": True,
+        "virtual_ext_page": "left",
+        "device_ext_page": "left",
+        "interface_ext_page": "left",
+        "address_ext_page": "right",
+    }
+
+
+config = SecurityConfig  # noqa

netbox_security-1.0.0/netbox_security/api/serializers.py

@@ -0,0 +1,11 @@
+from .serializers_.address import *
+from .serializers_.address_set import *
+from .serializers_.address_list import *
+from .serializers_.securityzone import *
+from .serializers_.security_zone_policy import *
+from .serializers_.nat_pool import *
+from .serializers_.nat_pool_member import *
+from .serializers_.nat_rule_set import *
+from .serializers_.nat_rule import *
+from .serializers_.firewall_filter import *
+from .serializers_.firewall_filter_rule import *

netbox_security-1.0.0/netbox_security/api/serializers_/address.py

@@ -0,0 +1,82 @@
+from django.contrib.contenttypes.models import ContentType
+from rest_framework.serializers import (
+    HyperlinkedIdentityField,
+    SerializerMethodField,
+    JSONField,
+)
+from drf_spectacular.utils import extend_schema_field
+from netbox.api.fields import ContentTypeField
+from netbox.api.serializers import NetBoxModelSerializer
+from utilities.api import get_serializer_for_model
+from tenancy.api.serializers import TenantSerializer
+from ipam.api.field_serializers import IPNetworkField
+from netbox_security.models import Address, AddressAssignment
+
+
+class AddressSerializer(NetBoxModelSerializer):
+    url = HyperlinkedIdentityField(
+        view_name="plugins-api:netbox_security-api:address-detail"
+    )
+    tenant = TenantSerializer(nested=True, required=False, allow_null=True)
+    value = IPNetworkField()
+
+    class Meta:
+        model = Address
+        fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "value",
+            "description",
+            "tenant",
+            "comments",
+            "tags",
+            "custom_fields",
+            "created",
+            "last_updated",
+        )
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "value",
+            "description",
+        )
+
+
+class AddressAssignmentSerializer(NetBoxModelSerializer):
+    address = AddressSerializer(nested=True, required=True, allow_null=False)
+    assigned_object_type = ContentTypeField(queryset=ContentType.objects.all())
+    assigned_object = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = AddressAssignment
+        fields = [
+            "id",
+            "url",
+            "display",
+            "address",
+            "assigned_object_type",
+            "assigned_object_id",
+            "assigned_object",
+            "created",
+            "last_updated",
+        ]
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "address",
+            "assigned_object_type",
+            "assigned_object_id",
+        )
+
+    @extend_schema_field(JSONField(allow_null=True))
+    def get_assigned_object(self, obj):
+        if obj.assigned_object is None:
+            return None
+        serializer = get_serializer_for_model(obj.assigned_object)
+        context = {"request": self.context["request"]}
+        return serializer(obj.assigned_object, nested=True, context=context).data

netbox_security-1.0.0/netbox_security/api/serializers_/address_list.py

@@ -0,0 +1,86 @@
+from django.contrib.contenttypes.models import ContentType
+from rest_framework.serializers import (
+    HyperlinkedIdentityField,
+    SerializerMethodField,
+    JSONField,
+)
+from drf_spectacular.utils import extend_schema_field
+from netbox.api.fields import ContentTypeField
+from netbox.api.serializers import NetBoxModelSerializer
+from utilities.api import get_serializer_for_model
+
+from netbox_security.models import AddressList, AddressListAssignment
+
+
+class AddressListSerializer(NetBoxModelSerializer):
+    url = HyperlinkedIdentityField(
+        view_name="plugins-api:netbox_security-api:addresslist-detail"
+    )
+    assigned_object_type = ContentTypeField(queryset=ContentType.objects.all())
+    assigned_object = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = AddressList
+        fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "assigned_object_type",
+            "assigned_object_id",
+            "assigned_object",
+            "created",
+            "last_updated",
+        )
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "assigned_object_type",
+            "assigned_object_id",
+        )
+
+    @extend_schema_field(JSONField(allow_null=True))
+    def get_assigned_object(self, obj):
+        if obj.assigned_object is None:
+            return None
+        serializer = get_serializer_for_model(obj.assigned_object)
+        context = {"request": self.context["request"]}
+        return serializer(obj.assigned_object, nested=True, context=context).data
+
+
+class AddressListAssignmentSerializer(NetBoxModelSerializer):
+    address_list = AddressListSerializer(nested=True, required=True, allow_null=False)
+    assigned_object_type = ContentTypeField(queryset=ContentType.objects.all())
+    assigned_object = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = AddressListAssignment
+        fields = [
+            "id",
+            "url",
+            "display",
+            "address_list",
+            "assigned_object_type",
+            "assigned_object_id",
+            "assigned_object",
+            "created",
+            "last_updated",
+        ]
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "address_list",
+            "assigned_object_type",
+            "assigned_object_id",
+        )
+
+    @extend_schema_field(JSONField(allow_null=True))
+    def get_assigned_object(self, obj):
+        if obj.assigned_object is None:
+            return None
+        serializer = get_serializer_for_model(obj.assigned_object)
+        context = {"request": self.context["request"]}
+        return serializer(obj.assigned_object, nested=True, context=context).data

netbox_security-1.0.0/netbox_security/api/serializers_/address_set.py

@@ -0,0 +1,83 @@
+from django.contrib.contenttypes.models import ContentType
+from rest_framework.serializers import (
+    HyperlinkedIdentityField,
+    SerializerMethodField,
+    JSONField,
+)
+from drf_spectacular.utils import extend_schema_field
+from netbox.api.fields import ContentTypeField
+from netbox.api.serializers import NetBoxModelSerializer
+from utilities.api import get_serializer_for_model
+from tenancy.api.serializers import TenantSerializer
+
+from netbox_security.models import AddressSet, AddressSetAssignment
+from netbox_security.api.serializers import AddressSerializer
+
+
+class AddressSetSerializer(NetBoxModelSerializer):
+    url = HyperlinkedIdentityField(
+        view_name="plugins-api:netbox_security-api:address-detail"
+    )
+    addresses = AddressSerializer(nested=True, many=True, read_only=True)
+    tenant = TenantSerializer(nested=True, required=False, allow_null=True)
+
+    class Meta:
+        model = AddressSet
+        fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "addresses",
+            "description",
+            "tenant",
+            "comments",
+            "tags",
+            "custom_fields",
+            "created",
+            "last_updated",
+        )
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "addresses",
+            "description",
+        )
+
+
+class AddressSetAssignmentSerializer(NetBoxModelSerializer):
+    address_set = AddressSetSerializer(nested=True, required=True, allow_null=False)
+    assigned_object_type = ContentTypeField(queryset=ContentType.objects.all())
+    assigned_object = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = AddressSetAssignment
+        fields = [
+            "id",
+            "url",
+            "display",
+            "address_set",
+            "assigned_object_type",
+            "assigned_object_id",
+            "assigned_object",
+            "created",
+            "last_updated",
+        ]
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "address_set",
+            "assigned_object_type",
+            "assigned_object_id",
+        )
+
+    @extend_schema_field(JSONField(allow_null=True))
+    def get_assigned_object(self, obj):
+        if obj.assigned_object is None:
+            return None
+        serializer = get_serializer_for_model(obj.assigned_object)
+        context = {"request": self.context["request"]}
+        return serializer(obj.assigned_object, nested=True, context=context).data

netbox_security-1.0.0/netbox_security/api/serializers_/firewall_filter.py

@@ -0,0 +1,83 @@
+from django.contrib.contenttypes.models import ContentType
+from rest_framework.serializers import (
+    HyperlinkedIdentityField,
+    SerializerMethodField,
+    JSONField,
+)
+from drf_spectacular.utils import extend_schema_field
+from netbox.api.fields import ContentTypeField
+from netbox.api.serializers import NetBoxModelSerializer
+from utilities.api import get_serializer_for_model
+from tenancy.api.serializers import TenantSerializer
+
+from netbox_security.models import FirewallFilter, FirewallFilterAssignment
+
+
+class FirewallFilterSerializer(NetBoxModelSerializer):
+    url = HyperlinkedIdentityField(
+        view_name="plugins-api:netbox_security-api:firewallfilter-detail"
+    )
+    tenant = TenantSerializer(nested=True, required=False, allow_null=True)
+
+    class Meta:
+        model = FirewallFilter
+        fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "family",
+            "description",
+            "tenant",
+            "comments",
+            "tags",
+            "custom_fields",
+            "created",
+            "last_updated",
+        )
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "name",
+            "family",
+            "description",
+        )
+
+
+class FirewallFilterAssignmentSerializer(NetBoxModelSerializer):
+    firewall_filter = FirewallFilterSerializer(
+        nested=True, required=True, allow_null=False
+    )
+    assigned_object_type = ContentTypeField(queryset=ContentType.objects.all())
+    assigned_object = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = FirewallFilterAssignment
+        fields = [
+            "id",
+            "url",
+            "display",
+            "firewall_filter",
+            "assigned_object_type",
+            "assigned_object_id",
+            "assigned_object",
+            "created",
+            "last_updated",
+        ]
+        brief_fields = (
+            "id",
+            "url",
+            "display",
+            "firewall_filter",
+            "assigned_object_type",
+            "assigned_object_id",
+        )
+
+    @extend_schema_field(JSONField(allow_null=True))
+    def get_assigned_object(self, obj):
+        if obj.assigned_object is None:
+            return None
+        serializer = get_serializer_for_model(obj.assigned_object)
+        context = {"request": self.context["request"]}
+        return serializer(obj.assigned_object, nested=True, context=context).data