* This script will list all rules in DeviceGroup referenced in $targetDG * and force them into using profile group referenced in $targetProfile * * *****************************************************************************/ // load PAN-Configurator library require_once "../lib/panconfigurator.php"; // input and output files $origfile = "sample-configs/panorama-example.xml"; $outputfile = "output.xml"; $targetDG = 'Perimeter-FWs'; $targetProfile = 'Shared Production Profile'; // We're going to load a PANConf object (PANConf is for PANOS Firewall, // PanoramaConf is obviously for Panorama which is covered in another example) $panc = new PanoramaConf(); $panc->load_from_file($origfile); // Did we find VSYS1 ? $dg = $panc->findDeviceGroup($targetDG); if (is_null($dg)) { derr("DeviceGroup {$targetDV} was not found ? Exit\n"); } print "\n***********************************************\n\n"; // Going after each pre-Security rules to add a profile foreach ($dg->securityRules->rules() as $rule) { print "Rule '" . $rule->name() . "' modified\n"; $rule->setSecurityProfileGroup($targetProfile); } print "\n***********************************************\n"; $panc->save_to_file($outputfile); //display some statistics $panc->display_statistics();
<?php // load 'PAN Configurator' library require_once "../lib/panconfigurator.php"; /*************************************************************** ****************************************************************/ // input and ouput xml files $inputfile = 'sample-configs/panorama-example.xml'; $outputfile = 'output.xml'; // Create a new PanoramaConf object $p = new PanoramaConf(); // and load it from a XML file $p->load_from_file($inputfile); print "\n***********************************************\n\n"; // display some statiscs for debug and exit program! print "\n\n***********************************************\n"; $p->display_statistics();
// $configType = strtolower(PH::$args['type']); if ($configType != 'panos' && $configType != 'panorama') { derr("\n**ERROR** Unsupported config type '{$configType}'. Check your CLI arguments\n\n"); } print "Config type is '{$configType}', intput filename is '{$inputFile}'\n"; if (!file_exists($inputFile)) { derr("\n**ERROR** Input file '" . $inputFile . "' doesn't exists!\n\n"); } print "Loading config file '" . $inputFile . "'... "; if ($configType == 'panos') { $pan = new PANConf(); } else { $pan = new PanoramaConf(); } $pan->load_from_file($inputFile); print "OK!\n\n"; // Variable that will hold all groups to be processed $groupsToProcess = array(); // if $argv[4] is a file that exists then we must load it if ($groupFile !== null) { $fcontent = file_get_contents($groupFile); $groupsToProcess = explode("\n", $fcontent); } else { $groupsToProcess[] = $groupLocation . '/' . $groupName; } print "Sanitizing and listing groups from input:\n"; foreach ($groupsToProcess as $index => &$group) { if (strlen($group) < 3) { unset($groupsToProcess[$index]); }