From 47bdedda535d12323d6e05f30316f25bf63754d0 Mon Sep 17 00:00:00 2001
From: Kirk Byers <ktbyers@twb-tech.com>
Date: Fri, 12 Jan 2024 10:56:51 -0800
Subject: [PATCH 1/4] Sophos improvements

---
 netmiko/sophos/sophos_sfos_ssh.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/netmiko/sophos/sophos_sfos_ssh.py b/netmiko/sophos/sophos_sfos_ssh.py
index 27b34ee20..908533356 100644
--- a/netmiko/sophos/sophos_sfos_ssh.py
+++ b/netmiko/sophos/sophos_sfos_ssh.py
@@ -1,16 +1,20 @@
 """SophosXG (SFOS) Firewall support"""
-import time
 from typing import Any
+import time
+import os
 
 from netmiko.no_enable import NoEnable
 from netmiko.no_config import NoConfig
 from netmiko.cisco_base_connection import CiscoSSHConnection
 
 
+SOPHOS_MENU_DEFAULT = os.getenv("NETMIKO_SOPHOS_MENU", "4")
+
+
 class SophosSfosSSH(NoEnable, NoConfig, CiscoSSHConnection):
     def session_preparation(self) -> None:
         """Prepare the session after the connection has been established."""
-        self._test_channel_read()
+        self._test_channel_read(pattern=r"Main Menu")
         """
         Sophos Firmware Version SFOS 18.0.0 GA-Build339
 
@@ -27,7 +31,7 @@ def session_preparation(self) -> None:
 
             Select Menu Number [0-7]:
         """
-        self.write_channel("4" + self.RETURN)
+        self.write_channel(SOPHOS_MENU_DEFAULT + self.RETURN)
         self._test_channel_read(pattern=r"[console>]")
         self.set_base_prompt()
         # Clear the read buffer

From 918ffe2c104d8241f18c2cd64d57765e31ae96b6 Mon Sep 17 00:00:00 2001
From: Kirk Byers <ktbyers@twb-tech.com>
Date: Fri, 12 Jan 2024 11:08:18 -0800
Subject: [PATCH 2/4] More sophos improvements

---
 netmiko/sophos/sophos_sfos_ssh.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/netmiko/sophos/sophos_sfos_ssh.py b/netmiko/sophos/sophos_sfos_ssh.py
index 908533356..c1295c0bd 100644
--- a/netmiko/sophos/sophos_sfos_ssh.py
+++ b/netmiko/sophos/sophos_sfos_ssh.py
@@ -32,7 +32,7 @@ def session_preparation(self) -> None:
             Select Menu Number [0-7]:
         """
         self.write_channel(SOPHOS_MENU_DEFAULT + self.RETURN)
-        self._test_channel_read(pattern=r"[console>]")
+        self._test_channel_read(pattern=r"[#>]")
         self.set_base_prompt()
         # Clear the read buffer
         time.sleep(0.3 * self.global_delay_factor)

From 6a0779c6777e5509cc7bdc049cc8039f82645c26 Mon Sep 17 00:00:00 2001
From: Maxim Shpak <max.dw.i.git@outlook.com>
Date: Mon, 15 Jan 2024 17:10:37 +0300
Subject: [PATCH 3/4] Remove SecretsFilter from log after disconnection

A memory leak happens because a new 'SecretsFilter' is added to
the 'log' object every time a new 'BaseConnection' object is
initialized. Remove the filter when 'disconnect' is called.
---
 netmiko/base_connection.py         |  4 +++-
 tests/unit/test_base_connection.py | 12 +++++++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/netmiko/base_connection.py b/netmiko/base_connection.py
index 39bac3b92..8433fc49f 100644
--- a/netmiko/base_connection.py
+++ b/netmiko/base_connection.py
@@ -388,7 +388,8 @@ def __init__(
         if self.secret:
             no_log["secret"] = self.secret
         # Always sanitize username and password
-        log.addFilter(SecretsFilter(no_log=no_log))
+        self._secrets_filter = SecretsFilter(no_log=no_log)
+        log.addFilter(self._secrets_filter)
 
         # Netmiko will close the session_log if we open the file
         if session_log is not None:
@@ -2480,6 +2481,7 @@ def disconnect(self) -> None:
             self.remote_conn = None
             if self.session_log:
                 self.session_log.close()
+            log.removeFilter(self._secrets_filter)
 
     def commit(self) -> str:
         """Commit method for platforms that support this."""
diff --git a/tests/unit/test_base_connection.py b/tests/unit/test_base_connection.py
index 350586402..1e8b7d037 100755
--- a/tests/unit/test_base_connection.py
+++ b/tests/unit/test_base_connection.py
@@ -4,7 +4,7 @@
 from os.path import dirname, join
 from threading import Lock
 
-from netmiko import NetmikoTimeoutException
+from netmiko import NetmikoTimeoutException, log
 from netmiko.base_connection import BaseConnection
 
 RESOURCE_FOLDER = join(dirname(dirname(__file__)), "etc")
@@ -480,3 +480,13 @@ def test_strip_ansi_codes():
 
     # code_next_line must be substituted with a return
     assert connection.strip_ansi_escape_codes("\x1bE") == "\n"
+
+
+def test_remove_SecretsFilter_after_disconnection():
+    connection = BaseConnection(
+        host="testhost",  # Enter the hostname to pass initialization
+        auto_connect=False,  # No need to connect for the test purposes
+    )
+    connection.disconnect()
+
+    assert not log.filters

From 16c889bb0a6cccdde69371b2f704a7899731b226 Mon Sep 17 00:00:00 2001
From: Tramontano <tramontanophillipe@gmail.com>
Date: Fri, 19 Jan 2024 16:49:40 -0300
Subject: [PATCH 4/4] Including Firepower on ssh_autodetect.py

Adding the logic for the Firepower Threat Defense in ssh_autodetect since "cisco_ftd" is already mapped.
---
 netmiko/ssh_autodetect.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/netmiko/ssh_autodetect.py b/netmiko/ssh_autodetect.py
index 186b8fd98..1722688d4 100644
--- a/netmiko/ssh_autodetect.py
+++ b/netmiko/ssh_autodetect.py
@@ -94,6 +94,12 @@
         "priority": 99,
         "dispatch": "_autodetect_std",
     },
+    "cisco_ftd": {
+        "cmd": "show version",
+        "search_patterns": [r"Cisco Firepower"],
+        "priority": 99,
+        "dispatch": "_autodetect_std",
+    },
     "cisco_ios": {
         "cmd": "show version",
         "search_patterns": [