networking.psm1

<#
.SYNOPSIS
Get the networking information for one of the appliance's network interfaces.

.DESCRIPTION
Either get all network interfaces or one network interface as specified by the
Interface parameter. This will display networking information such as
IP address, netmask, gateway, and DNS servers. Supports IPv4 and IPv6.

.PARAMETER Appliance
IP address or hostname of a Safeguard appliance.

.PARAMETER AccessToken
A string containing the bearer token to be used with Safeguard Web API.

.PARAMETER Insecure
Ignore verification of Safeguard appliance SSL certificate.

.PARAMETER Interface
A string containing the name of the network interface to get (e.g. X0, X1).

.INPUTS
None.

.OUTPUTS
JSON response from Safeguard Web API.

.EXAMPLE
Get-SafeguardNetworkInterface X0

.EXAMPLE
Get-SafeguardNetworkInterface
#>

function Get-SafeguardNetworkInterface
{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$false)]
        [string]$Appliance,
        [Parameter(Mandatory=$false)]
        [object]$AccessToken,
        [Parameter(Mandatory=$false)]
        [switch]$Insecure,
        [Parameter(Mandatory=$false,Position=0)]
        [ValidateSet("Mgmt", "X0", "X1", IgnoreCase=$true)]
        [string]$Interface
    )

    $ErrorActionPreference = "Stop"
    if (-not $PSBoundParameters.ContainsKey("Verbose")) { $VerbosePreference = $PSCmdlet.GetVariableValue("VerbosePreference") }

    if ($PSBoundParameters.ContainsKey("Interface"))
    {
        Invoke-SafeguardMethod -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure Appliance GET "NetworkInterfaces/$($Interface.ToUpper())"
    }
    else
    {
        Invoke-SafeguardMethod -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure Appliance GET NetworkInterfaces
    }
}

<#
.SYNOPSIS
Change the networking information for the appliance's network interfaces.

.DESCRIPTION
Change the IP address, netmask, gateway, or DNS servers associated with a
Safeguard appliance network interface. Supports IPv4 and IPv6. If you
modify X0, you this script will wait until the interface becomes available
at the new address. You can turn off this behavior with a switch. You
may need to reconnect after modifying X0 using the Connect-Safeguard
cmdlet.

.PARAMETER Appliance
IP address or hostname of a Safeguard appliance.

.PARAMETER AccessToken
A string containing the bearer token to be used with Safeguard Web API.

.PARAMETER Insecure
Ignore verification of Safeguard appliance SSL certificate.

.PARAMETER Interface
A string containing the name of the network interface to set (e.g. X0, X1).

.PARAMETER Ipv4Address
A string containing the new address.

.PARAMETER Ipv4NetMask
A string containing the netmask (e.g. 255.255.255.0).

.PARAMETER Ipv4Gateway
A string containing the address of a gateway.

.PARAMETER Ipv6Address
A string containing the new address.

.PARAMETER Ipv6PrefixLength
An integer containing the prefix length (e.g. 48).

.PARAMETER Ipv6Gateway
A string containing the address of a gateway.

.PARAMETER DnsServers
An array of strings containing addresses for DNS servers.

.PARAMETER NetworkObject
An object containing the existing network interface object with desired properties set.

.INPUTS
None.

.OUTPUTS
JSON response from Safeguard Web API.

.EXAMPLE
Set-SafeguardNetworkInterface X0 -Ipv4Address "10.1.1.162" -Ipv4NetMask "255.255.255.0" -Ipv4Gateway "10.1.1.1" -DnsServers @("10.1.1.37","10.1.1.10")

.EXAMPLE
 Set-SafeguardNetworkInterface X0 -Ipv4Address "10.1.1.162"
#>

function Set-SafeguardNetworkInterface
{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$false)]
        [string]$Appliance,
        [Parameter(Mandatory=$false)]
        [object]$AccessToken,
        [Parameter(Mandatory=$false)]
        [switch]$Insecure,
        [Parameter(Mandatory=$true,Position=0)]
        [ValidateSet("Mgmt", "X0", "X1", IgnoreCase=$true)]
        [string]$Interface,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false,Position=1)]
        [string]$Ipv4Address,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false,Position=2)]
        [string]$Ipv4NetMask,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false,Position=3)]
        [string]$Ipv4Gateway,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false)]
        [string]$Ipv6Address,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false)]
        [int]$Ipv6PrefixLength,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false)]
        [string]$Ipv6Gateway,
        [Parameter(ParameterSetName="Attributes",Mandatory=$false)]
        [string[]]$DnsServers,
        [Parameter(ParameterSetName="Object",Mandatory=$true)]
        [object]$NetworkObject,
        [Parameter(Mandatory=$false)]
        [switch]$NoWait
    )

    $ErrorActionPreference = "Stop"
    if (-not $PSBoundParameters.ContainsKey("Verbose")) { $VerbosePreference = $PSCmdlet.GetVariableValue("VerbosePreference") }
    Import-Module -Name "$PSScriptRoot\ps-utilities.psm1" -Scope Local
    Import-Module -name "$PSScriptRoot\sg-utilities.psm1" -Scope Local

    if (-not ($PsCmdlet.ParameterSetName -eq "Object"))
    {
        $NetworkObject = (Get-SafeguardNetworkInterface -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure $Interface)

        if ($PSBoundParameters.ContainsKey("Ipv4Address")) { $NetworkObject.Ipv4Address = $Ipv4Address }
        if ($PSBoundParameters.ContainsKey("Ipv4NetMask")) { $NetworkObject.Ipv4NetMask = $Ipv4NetMask }
        if ($PSBoundParameters.ContainsKey("Ipv4Gateway")) { $NetworkObject.Ipv4Gateway = $Ipv4Gateway }
        if ($PSBoundParameters.ContainsKey("Ipv6Address")) { $NetworkObject.Ipv6Address = $Ipv6Address }
        if ($PSBoundParameters.ContainsKey("Ipv6PrefixLength")) { $NetworkObject.Ipv6PrefixLength = $Ipv6PrefixLength }
        if ($PSBoundParameters.ContainsKey("Ipv6Gateway")) { $NetworkObject.Ipv6Gateway = $Ipv6Gateway }
        if ($PSBoundParameters.ContainsKey("DnsServers")) { $NetworkObject.DnsServers = $DnsServers }
    }

    Invoke-SafeguardMethod -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure Appliance PUT "NetworkInterfaces/$($Interface.ToUpper())" -Body $NetworkObject

    if ($Interface -ieq "X0" -and -not $NoWait)
    {
        if ($PSBoundParameters.ContainsKey("Insecure"))
        {
            $Insecure = $true
        }
        elseif (-not $Appliance -and $SafeguardSession)
        {
            $Insecure = $SafeguardSession["Insecure"]
        }
        Write-Host "Waiting up to 5 minutes for Safeguard to come back online at new IP address."
        if ($NetworkObject.Ipv4Address)
        {
            Wait-SafeguardOnlineStatus -Appliance $NetworkObject.Ipv4Address -Insecure:$Insecure -Timeout 300
        }
        else
        {
            Wait-SafeguardOnlineStatus -Appliance $NetworkObject.Ipv6Address -Insecure:$Insecure -Timeout 300
        }
        Write-Host "You may need to re-run Connect-Safeguard to connect to the new address."
    }
}

<#
.SYNOPSIS
Get the DNS suffixes for one of the appliance's network interfaces.

.DESCRIPTION
Get the currently configured DNS suffixes for a single network interface.

.PARAMETER Appliance
IP address or hostname of a Safeguard appliance.

.PARAMETER AccessToken
A string containing the bearer token to be used with Safeguard Web API.

.PARAMETER Insecure
Ignore verification of Safeguard appliance SSL certificate.

.PARAMETER Interface
A string containing the name of the network interface to get (e.g. X0, X1).

.INPUTS
None.

.OUTPUTS
JSON response from Safeguard Web API.

.EXAMPLE
Get-SafeguardNetworkInterface X0

.EXAMPLE
Get-SafeguardNetworkInterface
#>

function Get-SafeguardDnsSuffix
{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$false)]
        [string]$Appliance,
        [Parameter(Mandatory=$false)]
        [object]$AccessToken,
        [Parameter(Mandatory=$false)]
        [switch]$Insecure,
        [Parameter(Mandatory=$true,Position=0)]
        [ValidateSet("Mgmt", "X0", "X1", IgnoreCase=$true)]
        [string]$Interface
    )

    $ErrorActionPreference = "Stop"
    if (-not $PSBoundParameters.ContainsKey("Verbose")) { $VerbosePreference = $PSCmdlet.GetVariableValue("VerbosePreference") }

    Invoke-SafeguardMethod -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure Appliance GET "NetworkDnsSuffixConfig/$($Interface.ToUpper())"
}

<#
.SYNOPSIS
Set the DNS suffixes for one of the appliance's network interfaces.

.DESCRIPTION
Set the DNS suffixes for a single network interface.

.PARAMETER Appliance
IP address or hostname of a Safeguard appliance.

.PARAMETER AccessToken
A string containing the bearer token to be used with Safeguard Web API.

.PARAMETER Insecure
Ignore verification of Safeguard appliance SSL certificate.

.PARAMETER Interface
A string containing the name of the network interface to set DNS suffixes for (e.g. X0, X1).

.PARAMETER DnsSuffixes
An array of strings containing the DNS suffixes to set.

.INPUTS
None.

.OUTPUTS
JSON response from Safeguard Web API.

.EXAMPLE
Get-SafeguardNetworkInterface X0 example.com

.EXAMPLE
Get-SafeguardNetworkInterface X1 "example.com","help.com"
#>

function Set-SafeguardDnsSuffix
{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$false)]
        [string]$Appliance,
        [Parameter(Mandatory=$false)]
        [object]$AccessToken,
        [Parameter(Mandatory=$false)]
        [switch]$Insecure,
        [Parameter(Mandatory=$true,Position=0)]
        [ValidateSet("Mgmt", "X0", "X1", IgnoreCase=$true)]
        [string]$Interface,
        [Parameter(Mandatory=$true,Position=1)]
        [string[]]$DnsSuffixes
    )

    $ErrorActionPreference = "Stop"
    if (-not $PSBoundParameters.ContainsKey("Verbose")) { $VerbosePreference = $PSCmdlet.GetVariableValue("VerbosePreference") }

    Invoke-SafeguardMethod -AccessToken $AccessToken -Appliance $Appliance -Insecure:$Insecure Appliance PUT "NetworkDnsSuffixConfig/$($Interface.ToUpper())" -Body @{
        DomainNames = $DnsSuffixes
    }
}