$largeGroupsCount = 491; $splitCount = 490; // is it a Panorma or PANOS config ? if ($mode == 'panorama') { // Create Panorama object $p = new PanoramaConf(); // and load it from a XML file $p->load_from_file($inputfile); // load the list of DeviceGroups in an array $subs = $p->deviceGroups; } else { if ($mode == 'panos') { // Create new PanConf object $p = new PANConf(); // load it from XML file $p->load_from_file($inputfile); // load the list of VSYS in an array $subs = $p->virtualSystems; } else { derr('Please set mode="panos" or mode ="panorama"'); } } print "\n***********\n\n"; // For every VSYS/DeviceGroups we're going to list Groups and count their members. foreach ($subs as $sub) { print "Found DeviceGroup/VirtualSystem named '" . $sub->name() . "'\n"; $countGroups = $sub->addressStore->countAddressGroups(); print " Found {$countGroups} AddressGroups in this DV"; $Groups = $sub->addressStore->addressGroups(); foreach ($Groups as $group) { $membersCount = $group->count();
* * This script is doing basic use PAN-Configurator API. * * It will load a sample PANOS config and make some rules and object * editing. * *****************************************************************************/ // load PAN-Configurator library require_once "../lib/panconfigurator.php"; // input and output files $origfile = "sample-configs/policy-best-practices.xml"; $outputfile = "output.xml"; // We're going to load a PANConf object (PANConf is for PANOS Firewall, // PanoramaConf is obviously for Panorama which is covered in another example) $panc = new PANConf(); $panc->load_from_file($origfile); // Did we find VSYS1 ? $vsys1 = $panc->findVirtualSystem('vsys1'); if (is_null($vsys1)) { derr("vsys1 was not found ? Exit\n"); } print "\n***********************************************\n\n"; print "\n\n************ Security Rules before changes *********\n\n"; // $vsys1->securityRules is an object containing all VSYS1 rules. Here we call display() to print them in console. $vsys1->securityRules->display(); // Here we look for a rule named 'Mail Server incoming mails' $mailServerRule = $vsys1->securityRules->find('Mail Server incoming mails'); // exit if that rule was not found if ($mailServerRule === null) { derr("ERROR : Cannot find rule 'Mail Server incoming mails'\n"); }
/** * load all managed firewalls configs from a directory */ public function loadManagedFirewallsConfigs($fromDirectory = './') { $this->managedFirewalls = array(); $files = scandir($fromDirectory); foreach ($this->managedFirewallsSerials as &$serial) { $fw = FALSE; foreach ($files as &$file) { $pos = strpos($file, $serial); if ($pos !== FALSE) { //$fc = file_get_contents($file); //if( $fc === FALSE ) // derr("could not open file '$file'"); print "Loading FW '{$serial}' from file '{$file}'.\n"; $fw = new PANConf($this, $serial); $fw->load_from_file($fromDirectory . '/' . $file); $this->managedFirewalls[] = $fw; break; } } if ($fw === FALSE) { derr("couldn't find a suitable file to load for FW '{$serial}'"); } } //derr('not implemented yet'); }