mpc server for Fortiweb Wafs which uses the fortiweb-api package to perform the API calls
BE AWARE: The MPC Server expects to have your Credentials for the Fortiweb-device stored as env vars named FORTIWEB_USERNAME and FORTIWEB_PASSWORD. If the vars dont exist, the LLM will prompt you. You can enter it, but you have to keep in mind that the credentials are processed by the LLM then!! Inside the "src" folder, you can create a .env file with those vars which is loaded when starting the MCP Server
There is no "AI-Magic" to expect! An LLM is simply used to identify API Enpoint names in the context of the Prompt. It then returns Structured Data for the Process which is calling the devices API.
Example: " what is the bot mitigation policy of server policy abc on device 10.10.10.10 in vdom root?"
the LLMs job here is to identify bot mitigation policy as bot_mitigation_policy and server policy as server_policy with the given name as "abc", thats it. The baseline for the descision is the structure.yaml file which represents the Fortiweb objects and its relations.
the LLM then responds with a json like this:
{
"source_type": "server_policy", # <-- based on structure.yaml
"source_name": "abc",
"target_type": "bot_mitigation_policy", # <-- based on structure.yaml
"device": "10.10.10.10",
"vdom": "root",
"notes": "source_type: 10, source_name: 10, target_type: 8, device: 10, vdom: 10" # <-- informational only, represents the matching score
}since it has a source_type and target_type, it is then processed by the Walker Object instance walk() method. It has a Graph attached, also based on the structure.yaml. the wlak() method is now walking along this graph and makes API calls until it reaches the target_type. This type is then fed into the LLM to get a summary. If you dont want the LLM to summarize it, dont execute the final = ai.ask_ai(answer, user_text) but return the answer directly.
about items a target_type may contain items (a list of parameters.) if you're talking about an item in your prompt, for example: "what are the items in bot desception for bot mitigation policy of serverpolicy abc?", the json would include a "item_ep_name" thus leading the process to call the items of the bot_desception.
- clone this repo
- create a virtual environmen and install the dependencies from requirements.txt
- create .env file in src folder:
GEMINI_API_KEY="your AI API Key" #<-- you can create one here: https://aistudio.google.com/api-keys FORTIWEB_USERNAME="your fortiweb username" FORTIWEB_PASSWORD="your fortiweb password" - create the mcp config for your environment.
{ "servers": { "fortiweb_api_agent": { "type": "stdio", "command": "/path/to/your/venv/bin/python", "args": ["path/to/this/clone/mcp_server.py"] } } }
for running in VSCode, simply add this json to the .vscode folder and name it mcp.json