FortiAPI
Type-Safe and scalable API wrapper for FortiOS API v2 build in C++ using Nlohmann define_type_intrusive for easy scalability and expansion.
Motivation
This project was driven by the aspiration to bridge the gap between Fortinet's powerful firewall capabilities and the flexible control provided by third-party integrations. By combining these strengths, we chart a new frontier in proactive network security management.
FortiHole
Inspired by Pi-hole’s proven DNS filtering model, FortiHole leverages DNS filtering capabilities and External Threat Feed Connectors built into FortiGate devices to effectively block malicious traffic at the DNS level, enhancing network security right at the perimeter.
Forti2Ban (Concept)
Currently in conceptual stages, Forti2Ban aims to integrate Fail2Ban-like IP blocking directly into the FortiGate network edge via its own External Threat Feed Connector, utilizing the FortiAPI for rapid automated response against malicious requests.
Features
Nlohmann JSON Integration
Leveraging Nlohmann JSON's define_intrusive_type feature for lightweight, scalable, and robust JSON parsing. This ensures type-safe handling of FortiGate API responses, some containing upwards of 100 attributes, maintaining both performance and maintainability.
Dynamic API Import
Flexible modular design allows importing either the full FortiGate API suite or specific sections—such as External Connectors. The result is a minimal, robust, and highly adaptable integration tailored precisely to your needs.
Artifactory + Conan Package Management
Easily accessible via a private Artifactory CE instance hosted on my VPS. Effortlessly integrate the API wrapper into your Conan-managed project with just a simple remote repository configuration, accelerating development workflows.
Future Plans
Validate API v2 Longevity
Careful verification of FortiGate's API v2 roadmap ensures long-term viability, protecting your integration investment from unexpected API deprecations or major breaking changes.
Robust Integration Testing
Comprehensive testing suite planned to rigorously handle scenarios involving default configuration values, preventing inadvertent overwrites and preserving existing FortiGate setups.
Community and Talent Development
Proactively attract skilled contributors to expand and maintain the API mapping. Due to Fortinet’s sparse documentation, community involvement is essential to fully realize the potential of automated FortiGate integrations.
Seeking Competent Contributors
Must own a FortiGate device.
Open a PR if you expand functionality or improve integration. This initiative aims to foster a community-driven ecosystem, automating and refining security practices across threat feeds, policies, and security profiles.





