$largeGroupsCount = 491;
$splitCount = 490;
// is it a Panorma or PANOS config ?
if ($mode == 'panorama') {
// Create Panorama object
$p = new PanoramaConf();
// and load it from a XML file
$p->load_from_file($inputfile);
// load the list of DeviceGroups in an array
$subs = $p->deviceGroups;
} else {
if ($mode == 'panos') {
// Create new PanConf object
$p = new PANConf();
// load it from XML file
$p->load_from_file($inputfile);
// load the list of VSYS in an array
$subs = $p->virtualSystems;
} else {
derr('Please set mode="panos" or mode ="panorama"');
}
}
print "\n***********\n\n";
// For every VSYS/DeviceGroups we're going to list Groups and count their members.
foreach ($subs as $sub) {
print "Found DeviceGroup/VirtualSystem named '" . $sub->name() . "'\n";
$countGroups = $sub->addressStore->countAddressGroups();
print " Found {$countGroups} AddressGroups in this DV";
$Groups = $sub->addressStore->addressGroups();
foreach ($Groups as $group) {
$membersCount = $group->count();
*
* This script is doing basic use PAN-Configurator API.
*
* It will load a sample PANOS config and make some rules and object
* editing.
*
*****************************************************************************/
// load PAN-Configurator library
require_once "../lib/panconfigurator.php";
// input and output files
$origfile = "sample-configs/policy-best-practices.xml";
$outputfile = "output.xml";
// We're going to load a PANConf object (PANConf is for PANOS Firewall,
// PanoramaConf is obviously for Panorama which is covered in another example)
$panc = new PANConf();
$panc->load_from_file($origfile);
// Did we find VSYS1 ?
$vsys1 = $panc->findVirtualSystem('vsys1');
if (is_null($vsys1)) {
derr("vsys1 was not found ? Exit\n");
}
print "\n***********************************************\n\n";
print "\n\n************ Security Rules before changes *********\n\n";
// $vsys1->securityRules is an object containing all VSYS1 rules. Here we call display() to print them in console.
$vsys1->securityRules->display();
// Here we look for a rule named 'Mail Server incoming mails'
$mailServerRule = $vsys1->securityRules->find('Mail Server incoming mails');
// exit if that rule was not found
if ($mailServerRule === null) {
derr("ERROR : Cannot find rule 'Mail Server incoming mails'\n");
}
/**
* load all managed firewalls configs from a directory
*/
public function loadManagedFirewallsConfigs($fromDirectory = './')
{
$this->managedFirewalls = array();
$files = scandir($fromDirectory);
foreach ($this->managedFirewallsSerials as &$serial) {
$fw = FALSE;
foreach ($files as &$file) {
$pos = strpos($file, $serial);
if ($pos !== FALSE) {
//$fc = file_get_contents($file);
//if( $fc === FALSE )
// derr("could not open file '$file'");
print "Loading FW '{$serial}' from file '{$file}'.\n";
$fw = new PANConf($this, $serial);
$fw->load_from_file($fromDirectory . '/' . $file);
$this->managedFirewalls[] = $fw;
break;
}
}
if ($fw === FALSE) {
derr("couldn't find a suitable file to load for FW '{$serial}'");
}
}
//derr('not implemented yet');
}
