Download the latest release
There are multiple builds of the release, for different CPU architectures/platforms:
There are multiple builds of the release, for different CPU architectures/platforms. Download and unpack the release for your platform:
wget <release url>
tar xvfz <release file> nb2nfa$ ./nb2nfa --help
nb2nfa 0.2.0
Synchronize Netbox Prefixes with Noction NFA
Options:
-h, --help display help information
Commands:
help display help information
purge Purge all NFA Filters Managed by netbox-to-nfa
sync Run synchronization
prefixes List prefixes from NetBox that should be synced to NFA
filters List all NFA filters
config Get validated configuration variables
All of the below environment variables are required for netbox-to-nfa to run.
| Name | Description |
|---|---|
NETBOX_URL |
NetBox URL, e.g. https://netbox.example.com |
NETBOX_TOKEN |
NetBox API Token |
NETBOX_NFA_ROLE |
NetBox prefix role. A prefix must be assigned this role for it to be picked up. |
NFA_URL |
NFA URL, e.g. https://nfa.example.com |
NFA_USERNAME |
NFA admin username |
NB2NFA_EXCLUDED_RANGES |
Comma-separated list of prefixes for which traffic to/from will be excluded from each NFA filter |
For example, if you had a prefix from NetBox of 203.0.113.0/24, and set:
export NB2NFA_EXCLUDED_RANGES="192.0.2.0/24,2001:db8::/32"The resulting NFA filter logic would look something like:
- Anything from
203.0.113.0/24, unless the destination is192.0.2.0/24or2001:db8::/32 - Anything to
203.0.113.0/24, unless the source is192.0.2.0/24or2001:db8::/32
This project uses GoReleaser to manage releases. After completing code changes and committing them via Git, be sure to tag the release before pushing:
git tag <release>
Once a new tag is pushed, GoReleaser will automagically create a new build & release.