コード例 #1
0
$largeGroupsCount = 491;
$splitCount = 490;
// is it a Panorma or PANOS config ?
if ($mode == 'panorama') {
    // Create Panorama object
    $p = new PanoramaConf();
    // and load it from a XML file
    $p->load_from_file($inputfile);
    // load the list of DeviceGroups in an array
    $subs = $p->deviceGroups;
} else {
    if ($mode == 'panos') {
        // Create new PanConf object
        $p = new PANConf();
        // load it from XML file
        $p->load_from_file($inputfile);
        // load the list of VSYS in an array
        $subs = $p->virtualSystems;
    } else {
        derr('Please set mode="panos" or mode ="panorama"');
    }
}
print "\n***********\n\n";
// For every VSYS/DeviceGroups we're going to list Groups and count their members.
foreach ($subs as $sub) {
    print "Found DeviceGroup/VirtualSystem named '" . $sub->name() . "'\n";
    $countGroups = $sub->addressStore->countAddressGroups();
    print "  Found {$countGroups} AddressGroups in this DV";
    $Groups = $sub->addressStore->addressGroups();
    foreach ($Groups as $group) {
        $membersCount = $group->count();
コード例 #2
0
*
*	 This script is doing basic use PAN-Configurator API.
*		
*	It will load a sample PANOS config and make some rules and object 
*	editing.
*
*****************************************************************************/
// load PAN-Configurator library
require_once "../lib/panconfigurator.php";
// input and output files
$origfile = "sample-configs/policy-best-practices.xml";
$outputfile = "output.xml";
// We're going to load a PANConf object (PANConf is for PANOS Firewall,
//	PanoramaConf is obviously for Panorama which is covered in another example)
$panc = new PANConf();
$panc->load_from_file($origfile);
// Did we find VSYS1 ?
$vsys1 = $panc->findVirtualSystem('vsys1');
if (is_null($vsys1)) {
    derr("vsys1 was not found ? Exit\n");
}
print "\n***********************************************\n\n";
print "\n\n************ Security Rules before changes  *********\n\n";
// $vsys1->securityRules is an object containing all VSYS1 rules. Here we call display() to print them in console.
$vsys1->securityRules->display();
// Here we look for a rule named 'Mail Server incoming mails'
$mailServerRule = $vsys1->securityRules->find('Mail Server incoming mails');
// exit if that rule was not found
if ($mailServerRule === null) {
    derr("ERROR : Cannot find rule 'Mail Server incoming mails'\n");
}
コード例 #3
0
 /**
  *	load all managed firewalls configs from a directory
  */
 public function loadManagedFirewallsConfigs($fromDirectory = './')
 {
     $this->managedFirewalls = array();
     $files = scandir($fromDirectory);
     foreach ($this->managedFirewallsSerials as &$serial) {
         $fw = FALSE;
         foreach ($files as &$file) {
             $pos = strpos($file, $serial);
             if ($pos !== FALSE) {
                 //$fc = file_get_contents($file);
                 //if( $fc === FALSE )
                 //	derr("could not open file '$file'");
                 print "Loading FW '{$serial}' from file '{$file}'.\n";
                 $fw = new PANConf($this, $serial);
                 $fw->load_from_file($fromDirectory . '/' . $file);
                 $this->managedFirewalls[] = $fw;
                 break;
             }
         }
         if ($fw === FALSE) {
             derr("couldn't find a suitable file to load for FW '{$serial}'");
         }
     }
     //derr('not implemented yet');
 }