Giter Club home page Giter Club logo

Comments (18)

EtienneMILON avatar EtienneMILON commented on July 25, 2024 1

Hello,

I have solved this issue with the parameter "max_recv=1".

query = VPNSAQuery(firewall_name)
for sa in query.fetch_as_element(max_recv=1):
     print(sa)

Does it work for you?

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024 1

I precise, i do not have the same behaviour on 6.5 that return all , and 6.8 that not return all ;)
i have the problem due to the smc upgrade , i have coded the MR because of that

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

Ok,
I have tested this issue with docker container python:3.6-buster and I receive the same error. Looks like an issue with our SMC.
Do you have any idea how I can further debug this?

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

Another addition.. when I give the query enough time. I see this:

{'fetch': {},
 'format': {'field_format': 'id',
            'resolving': {'senders': True},
            'type': 'texts'},
 'query': {'definition': 'ACTIVE_ALERTS', 'target': 'Shared Domain'}}
Query returned 31 records.
Query returned 0 records.
Caught exception in receive: <class 'TimeoutError'> -> [Errno 110] Connection timed out
Resetting dropped connection: 10.88.5.5
Incremented Retry for (url='/6.5/logout'): Retry(total=4, connect=4, read=5, redirect=None, status=None)
Retrying (Retry(total=4, connect=4, read=5, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fc44b69f940>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /6.5/logout
....

especially the part with "Query returned 0 records" is interesting. Did the generator get invoked again?

My code looks like this:

  active_alerts = alerts.ActiveAlertQuery(config['smc']['domain']).fetch_as_element()
  for alert in active_alerts:
      if alert.source == None:
          continue
  .... do more...

with config['smc']['domain'] = "Shared Domain"

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

Small addition. Same happens when I use API version 6.6 and 6.7. The only difference is that the connection is more stable and instead of a timeout I just see:

"Query returned 0 records" over and over again..

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

ping @gabstopper :)

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

Interesting observation:

query.fetch_batch() exits after a few minute and the code after it continues.
query.fetch_as_element() does not exit and I am further stuck in a loop

0.7.0-b23
Starting new HTTP connection (1): 10.88.5.5:8082
http://10.88.5.5:8082 "GET /api HTTP/1.1" 200 None
Starting new HTTP connection (1): 10.88.5.5:8082
http://10.88.5.5:8082 "POST /6.6/login HTTP/1.1" 200 0
Using SMC API version: 6.6
http://10.88.5.5:8082 "GET /6.6/api HTTP/1.1" 200 None
Loaded entry points with obtained session.
http://10.88.5.5:8082 "GET /6.6/system/current_user HTTP/1.1" 500 0
Login succeeded for admin: 7647560106141 in domain: Shared Domain, session: JSESSIONID=C7A5BB70621D9A45BD9FCF02E473EFC2
<generator object Query.fetch_batch at 0x6f4960e92820>
{'fetch': {'quantity': 0},
 'format': {'field_ids': [1, 602, 14, 4, 7, 8, 27, 11, 9, 10, 1000, 20000],
            'type': 'detailed'},
 'query': {}}
Event loop terminating.
Closed web socket connection normally.
{'fetch': {},
 'format': {'field_format': 'pretty',
            'resolving': {'senders': True},
            'type': 'texts'},
 'query': {'definition': 'ACTIVE_ALERTS',
           'filter': {'left': {'id': 7, 'type': 'field'},
                      'right': [],
                      'type': 'in'},
           'target': 'Shared Domain'}}
Query returned 0 records.
Event loop terminating.
Closed web socket connection normally.
(avency-alertctl) chris motoko ~/avency/avency-alertctl 12:35:28 7d44d2e1 master  
❯  cd /home/chris/avency/avency-alertctl ; env /home/chris/.virtualenvs/avency-alertctl/bin/python /home/chris/.vscode-oss/extensions/ms-python.python-2020.7.96456/pythonFiles/lib/python/debugpy/launcher 35295 -- /home/chris/avency/avency-alertctl/avency-alertctl.py -d -f prod.yml 
0.7.0-b23
Starting new HTTP connection (1): 10.88.5.5:8082
http://10.88.5.5:8082 "GET /api HTTP/1.1" 200 None
Starting new HTTP connection (1): 10.88.5.5:8082
http://10.88.5.5:8082 "POST /6.6/login HTTP/1.1" 200 0
Using SMC API version: 6.6
http://10.88.5.5:8082 "GET /6.6/api HTTP/1.1" 200 None
Loaded entry points with obtained session.
http://10.88.5.5:8082 "GET /6.6/system/current_user HTTP/1.1" 500 0
Login succeeded for admin: 7260571189649 in domain: Shared Domain, session: JSESSIONID=989E2C279E64547880809F0BA9188E53
{'fetch': {},
 'format': {'field_format': 'id',
            'resolving': {'senders': True},
            'type': 'texts'},
 'query': {'definition': 'ACTIVE_ALERTS',
           'filter': {'left': {'id': 7, 'type': 'field'},
                      'right': [],
                      'type': 'in'},
           'target': 'Shared Domain'}}
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.
Query returned 0 records.

ping @lmartinson

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024

I have the same behaviour with VPNSA when I have 0 results. A ticket is open on Forcepoint support portal

from fp-ngfw-smc-python.

shibumi avatar shibumi commented on July 25, 2024

@EtienneMILON I need to try this out, thanks a lot!

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024

it's working but only return one element

from fp-ngfw-smc-python.

EtienneMILON avatar EtienneMILON commented on July 25, 2024

When you say one element it is one SA?
Do you have more SA in the VPN SA of the SMC GUI client?

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024

hello, see : #12 :)

from fp-ngfw-smc-python.

ggrimaux avatar ggrimaux commented on July 25, 2024

Hello,

@ad1rie1 you should not wait for 1.
Let's have following example:
In your case when checking VPNSAs monitoring you usually have 5 entries. So the max_recv should be at least 5 or a little more just to be sure.

BR,
/Greg.

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024

if set max_recv is the number max of SA (or log entry) returned.
if max_recv is set to 5 and you have 6 SA, if you see the returned result, you only see 5 Result

i dont remember if you set max_recv = 7 with 6 SA block or nor sorry

If you remplace you wsocket.py by the MR one, you have just to do :
query = VPNSAQuery("PACS-SDWAN", query_timeout=10)
tab = query.fetch_raw(query_timeout=10)

after 10 sec of work it stop and return the result

from fp-ngfw-smc-python.

ggrimaux avatar ggrimaux commented on July 25, 2024

I did try it with max_recv=10 with 6 VPN SAs.

Yes, what you propose is an enhancement to the current method that could be done.

from fp-ngfw-smc-python.

EtienneMILON avatar EtienneMILON commented on July 25, 2024

Hello,

I don't agree with your explanation of "max_recv".
If I execute this:

query = VPNSAQuery(firewall_name)
for sa in query.fetch_as_element(max_recv=1):
     print(sa)

I don't get only 1 SA but all the SA corresponding to "firewall_name".
As I understand, it doesn't limit the number of results but the number of "loops" done.

However, the timeout is a good improvement!

Etienne

from fp-ngfw-smc-python.

ggrimaux avatar ggrimaux commented on July 25, 2024

Yes sorry

From SMCSocketProtocol

        :param int max_recv: for queries that are not 'live', set
            this to supply a max number of receive iterations.

It is not number but iteration.

from fp-ngfw-smc-python.

ad1rie1 avatar ad1rie1 commented on July 25, 2024

Its strange your doc is different from fetchraw one ... test and see :)
From fetchraw:
param int max_recv: max number of socket receive calls before
returning from this query. If you want to wait longer for
results before returning, increase max_iterations (default: 0

from fp-ngfw-smc-python.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.