Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Export Script: VM300 export all Config / Rulesets / Policy etc to excel. Error 500

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Export Script: VM300 export all Config / Rulesets / Policy etc to excel. Error 500

L0 Member

Palo Gurus,

 

Unit: VM-300

OS: PAN-OS® 8.0 release (current)

 

I need some help on a Perl script, that has been edited for security (IP, user etc), where I am able to:

  1. Setup and API Admin, grant all permissions, use password without special charaters,
  2. Setup an Admin Role for API user
  3. Connect via https and test API to get the "key"to ensure credentials work, no errors there...
    ( https://<hostname>/api/?type=keygen&user=<username>&password=<password> )
  4. Installed Perl ( https://learn.perl.org/installing/windows.html ) on Jump Box

Jump Box is not domain joined and can reach the PaloAlto Unit. via https: ..

When running script, under debug in the Perl IDE, it runs, acquires the API key, then suddenly stops with a 500 error

If i manually change the my $key and code the actual key from webpage, its then created a blank excel, and posts 500 error again.

 

Getting the key..
500 Can't connect to 127.0.0.1:443 < not the real IP of the Palo of course..
Press any key to continue . . .

 

 

 

use LWP::UserAgent;
use Excel::Writer::XLSX;
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
use strict;

 

my $username="APIAdmin2017Sample";
my $password="notmypass";
my $paloIP = "127.0.0.1";

 

#get the key 
my $paloRESTaddr="https://$paloIP/api/?";
my $key=GetTheKey($paloRESTaddr, $username, $password);
my $datestring = localtime();
print "Local date and time: $datestring\n";

my $excelfile="Palo_Alto.xlsx";

 

#creating workbook
print "Creating the xlsx file...\n";
my $workbook = Excel::Writer::XLSX->new( $excelfile );
die "Problems creating new Excel file: $!" unless defined $workbook;

 

my @addr_objects;

my $request="type=config&action=show&key=$key&xpath=/config/devices/entry/vsys/entry/address";
GetAddrObjects ($paloRESTaddr,$request, \@addr_objects, "vsys");

$request="type=config&action=show&key=$key&xpath=/config/shared/address";
GetAddrObjects ($paloRESTaddr,$request, \@addr_objects, "shared");

AddrObjectsToXls (\@addr_objects,$workbook );


my @rullarray;
GetNATRules($paloRESTaddr,$key, \@rullarray);

 

#NatRulesToTxt(\@rullarray);
NatRulesToXLS(\@rullarray, $workbook);

my @rullaray_sec;

GetSecurityRules ($paloRESTaddr,$key, \@rullaray_sec);

SecurityRulesToXLS (\@rullaray_sec, $workbook);

 


######sub begin here############
sub AddrObjectsToXls
{
my $objectarray_ref=$_[0];
my $workbook=$_[1];
my $wrksheet = $workbook->add_worksheet('Address Objects');
my $bold = $workbook->add_format( bold => 1 );
my @headers=('Object Name','Address','Tags','Description','Dev' );
CreateHeaders(0, $wrksheet, \@headers, $bold);
my @addr= @{$objectarray_ref};
my $row=1;
foreach my $i (0..$#addr) 
{
my $col=0;
print "$i"."==";
my $format = $workbook->add_format();
my $name=${addr[$i]}{'Name'};
$wrksheet->write($row,$col, $name, $format);
$col++;

my $address=${addr[$i]}{'Address'};
$wrksheet->write($row,$col, $address, $format);
$col++;

my $tags=${addr[$i]}{'Tags'};
$wrksheet->write($row,$col, $tags, $format);
$col++;

my $desc=${addr[$i]}{'Description'};
$wrksheet->write($row,$col, $desc, $format);
$col++;

my $dev=${addr[$i]}{'Dev'};
$wrksheet->write($row,$col, $dev, $format);
$col++;
$row++;

}
}

sub GetAddrObjects
{
my $host=$_[0];
my $request=$_[1];
my $objectarray_ref=$_[2];
my $which=$_[3];

my $reply=SendREST("\nGetting the $which address objects..\n",$host,$request);
#if ($which=~/shared/)
#{
# print $reply;
# exit;
#}

$reply=~ s/\R//g;
#remove line breaks
$reply=~s/\s+/ /g ;
#remove exessive whitespaces
my $addrobjects='';
$reply=~m/\<result\>.*\<address\>(.*)\<\/address\>\<\/result\>/;
if ($1)
{
$addrobjects=$1;
}
else
{
print "No address objects";
return;
}
#print $addrobjects;
while ($addrobjects=~m/\<entry name\=\"(.*?)\"\>(.*?)\<\/entry\>/gs)
{
my $addr_obj_txt=$2;
my %addr_obj_hash;
$addr_obj_hash{'Name'}=$1;
$addr_obj_hash{'Dev'}=$which;

my $address='';
if (($addr_obj_txt=~m/\<ip\-netmask\>(.*)\<\/ip\-netmask\>/) || ($addr_obj_txt=~m/\<ip\-range\>(.*)\<\/ip\-range\>/) || ($addr_obj_txt=~m/\<fqdn\>(.*)\<\/fqdn\>/))
{
$addr_obj_hash{'Address'}=$1; 
#print "\\\\\\\\\\\\\\".$1."\n";
}
if ($addr_obj_txt=~m/\<tag>(.*)\<\/tag\>/)
{
my @tags;
my $tags_txt=$1;
GetMembers ($tags_txt, \@tags);
$addr_obj_hash{'Tags'}=ArrayToString(\@tags);
}

if ($addr_obj_txt=~m/\<description>(.*)\<\/description\>/)
{
$addr_obj_hash{'Description'}= $1;
}
push @{$objectarray_ref}, \%addr_obj_hash;
}

}

sub SecurityRulesToXLS
{
my $rul_arr_ref=$_[0];
my $workbook=$_[1];
my $wrksheet = $workbook->add_worksheet('Security Policies');
my $bold = $workbook->add_format( bold => 1 );
my @headers=('Rule #','Policy Name','Source Zone', 'Source Address', 'Source User','Hip Profile','Destination Zone','Destination Address', 'Service', 'Application', 'Action', 'Profile', 'Category','QoS','Log', 'Schedule','Option', 'Disabled');
CreateHeaders(0, $wrksheet, \@headers, $bold);
my @rules= @{$rul_arr_ref};
my $row=1;
foreach my $i (0..$#rules) 
{
my $col=0;
print "$i"."==";
my $rule_num=$i+1;

my $dis=${rules[$i]}{'Disabled'};
my $action=${rules[$i]}{'Action'};
my $format = $workbook->add_format();
if ($dis=~m/yes/)
{

$format->set_italic(1);

}
else
{
$format->set_italic(0);
if ($action=~m/allow/)
{
$format->set_color('green');
#print "!!!"
}
else
{
$format->set_color('red');

}
}

$wrksheet->write($row,$col, $rule_num, $format);
$col++;
$wrksheet->write($row,$col,${rules[$i]}{'Name'},$format);
$col++;
my $from_ar_ref=${rules[$i]}{'From'};
$wrksheet->write($row,$col,ArrayToString($from_ar_ref),$format);
$col++;
my $src_ar_ref=${rules[$i]}{'Source'};
$wrksheet->write($row,$col,ArrayToString($src_ar_ref),$format);
$col++;

my $src_user_ref=${rules[$i]}{'S_user'};
$wrksheet->write($row,$col,ArrayToString($src_user_ref),$format);
$col++;

my $h_profile_ref=${rules[$i]}{'H_profile'};
$wrksheet->write($row,$col,ArrayToString($h_profile_ref),$format);
$col++;

my $to_ar_ref=${rules[$i]}{'To'};
$wrksheet->write($row,$col,ArrayToString($to_ar_ref),$format);
$col++;
my $dst_ar_ref=${rules[$i]}{'Destination'};
$wrksheet->write($row,$col,ArrayToString($dst_ar_ref),$format);
$col++;

my $srv_ar_ref=${rules[$i]}{'Service'};
$wrksheet->write($row,$col,ArrayToString($srv_ar_ref),$format);
$col++;

my $app_ar_ref=${rules[$i]}{'Application'};
$wrksheet->write($row,$col,ArrayToString($app_ar_ref),$format);
$col++;

$wrksheet->write($row,$col,$action,$format);
$col++;

my $profile=${rules[$i]}{'Profile'};
$wrksheet->write($row,$col,$profile,$format);
$col++;

my $category_ref=${rules[$i]}{'Category'};
$wrksheet->write($row,$col,ArrayToString($category_ref),$format);
$col++;

my $qos=${rules[$i]}{'QoS'};
$wrksheet->write($row,$col,$qos,$format);
$col++;

my $log=${rules[$i]}{'Log'};
$wrksheet->write($row,$col,$log,$format);
$col++;

my $schedule=${rules[$i]}{'Schedule'};
$wrksheet->write($row,$col,$schedule,$format);
$col++;

my $sec_opt=${rules[$i]}{'SecOptions'};
$wrksheet->write($row,$col,$sec_opt,$format);
$col++;

if ($dis=~m/yes/)
{
$wrksheet->write($row,$col,$dis,$format);
}
$col++;

$row++;
}
}

sub GetSecurityRules
{
my $host=$_[0];
my $key=$_[1];
my $rullarray_ref=$_[2];
my $request="type=config&action=show&key=$key&xpath=/config/devices/entry/vsys/entry/rulebase/security";
my $reply=SendREST("\nGetting the security rules..",$host,$request);
$reply=~ s/\R//g;
#remove line breaks
$reply=~s/\s+/ /g ;
#remove exessive whitespaces
$reply=~m/\<security\>.*\<rules\>(.*)\<\/rules\>\<\/security\>/;
my $rules='';
if ($1)
{
$rules=$1;
}
else
{
print "No Security rules";
return;
}
while ($rules=~m/\<entry name\=\"(.*?)\"\>(.*?)\<\/entry\>/gs)
{
my $rule_txt=$2;
my %rule_hash;
$rule_hash{'Name'}=$1;

#getting source zone
my @from_mem;
my $from_regexp="\<from\>(.*?)\<\/from\>";
RunRegexp ($from_regexp, $rule_txt, \@from_mem );
$rule_hash{'From'}=\@from_mem;

#getting destination zone
my @to_mem;
my $to_regexp="\<to\>(.*?)\<\/to\>";
RunRegexp( $to_regexp, $rule_txt, \@to_mem);
$rule_hash{'To'}=\@to_mem;

#getting source address
my @source_mem;
my $source_regexp="\<source\>(.*?)\<\/source\>";
RunRegexp( $source_regexp, $rule_txt, \@source_mem);
$rule_hash{'Source'}=\@source_mem;

#getting destination address
my @dest_mem;
my $dest_regexp="\<destination\>(.*?)\<\/destination\>";
RunRegexp( $dest_regexp, $rule_txt, \@dest_mem);
$rule_hash{'Destination'}=\@dest_mem;

#getting application
my @app_mem;
$dest_regexp="\<application\>(.*?)\<\/application\>";
RunRegexp( $dest_regexp, $rule_txt, \@app_mem);
$rule_hash{'Application'}=\@app_mem;

#getting service
my @serv_mem;
$dest_regexp="\<service\>(.*?)\<\/service\>";
RunRegexp( $dest_regexp, $rule_txt, \@serv_mem);
$rule_hash{'Service'}=\@serv_mem;

$rule_hash{'Action'}=GetAction($rule_txt);

$rule_hash{'Profile'}=GetProfile($rule_txt);

#log
$rule_hash{'Log'}=GetLog($rule_txt);

#source-user
my @s_user;
$dest_regexp="\<source\-user\>(.*?)\<\/source\-user\>";
RunRegexp( $dest_regexp, $rule_txt, \@s_user);
$rule_hash{'S_user'}=\@s_user;

#hip-profile
my @h_profile;
$dest_regexp="\<hip\-profiles\>(.*?)\<\/hip\-profiles\>";
RunRegexp( $dest_regexp, $rule_txt, \@h_profile);
$rule_hash{'H_profile'}=\@h_profile;

#category
my @category;
$dest_regexp="\<category\>(.*?)\<\/category\>";
RunRegexp( $dest_regexp, $rule_txt, \@category);
$rule_hash{'Category'}=\@category;

$rule_hash{'QoS'}=GetQoS($rule_txt);
$rule_hash{'Schedule'}=GetSchedule($rule_txt);
$rule_hash{'SecOptions'}=GetSecOptions($rule_txt);
$rule_hash{'Disabled'}=GetDisabled($rule_txt);
push @{$rullarray_ref}, \%rule_hash;

}

}

sub NatRulesToXLS
{
my $rul_arr_ref=$_[0];
my $workbook=$_[1];
my $wrksheet = $workbook->add_worksheet('NAT POlicies');
my $bold = $workbook->add_format( bold => 1 );
my @headers=('Rule #','Policy Name','Source Zone', 'Source Address', 'Destination Zone','Destination Address','Destination Interface', 'Service', 'Source Translation', 'Destination Translation', 'Disabled');
CreateHeaders(0, $wrksheet, \@headers, $bold);

my @rules= @{$rul_arr_ref};
my$row=1;
foreach my $i (0..$#rules) 
{

my $col=0;
print "$i"."==";
my $rule_num=$i+1;

my $dis=${rules[$i]}{'Disabled'};
my $format = $workbook->add_format();
if ($dis=~m/yes/)
{

$format->set_italic(1);
}
else
{
$format->set_italic(0);
}

$wrksheet->write($row,$col, $rule_num, $format);
$col++;
$wrksheet->write($row,$col,${rules[$i]}{'Name'},$format);
$col++;
my $from_ar_ref=${rules[$i]}{'From'};
$wrksheet->write($row,$col,ArrayToString($from_ar_ref),$format);
$col++;
my $src_ar_ref=${rules[$i]}{'Source'};
$wrksheet->write($row,$col,ArrayToString($src_ar_ref),$format);
$col++;
my $to_ar_ref=${rules[$i]}{'To'};
$wrksheet->write($row,$col,ArrayToString($to_ar_ref),$format);
$col++;
my $dst_ar_ref=${rules[$i]}{'Destination'};
$wrksheet->write($row,$col,ArrayToString($dst_ar_ref),$format);
$col++;

$wrksheet->write($row,$col,${rules[$i]}{'To-Interface'},$format);
$col++;

$wrksheet->write($row,$col,${rules[$i]}{'Service'},$format);
$col++;


my $src_tr_type=${rules[$i]}{'Source_Trans_type'};
if ($src_tr_type!~/none/)
{
my $addon=${rules[$i]}{'Source_Trans_addon'};
my $wr=$src_tr_type.", ".$addon;
$wrksheet->write($row,$col, $wr,$format);

}
else
{
$wrksheet->write($row,$col,${rules[$i]}{'Source_Trans_type'},$format);

}
$col++;

my $dst_tr_type=${rules[$i]}{'Dest_Trans_type'};
#print "$dst_tr_type---col=$col----row=$row\n";
if ($dst_tr_type!~/none/)
{
my $addon=${rules[$i]}{'Dest_Trans_addon'};
$wrksheet->write($row,$col, $addon,$format);

}
else
{
$wrksheet->write($row,$col,${rules[$i]}{'Dest_Trans_type'},$format);

}
$col++;


if ($dis=~m/yes/)
{
$wrksheet->write($row,$col,$dis,$format);
}

$row++;
}


}

sub NatRulesToTxt
{
my $rul_arr_ref=$_[0];
my @rules= @{$rul_arr_ref};
foreach my $i (0..$#rules) 
{
my $from_ar_ref=${rules[$i]}{'From'};
my @from=@{$from_ar_ref};
my $from_txt='==';
foreach my $n (0..$#from) 
{
$from_txt=$from_txt.$from[$n]." ";

}
$from_txt=$from_txt."==";
my $output=$i." ".${rules[$i]}{'Name'}." ".$from_txt."\n";
print $output;

}


}


sub GetNATRules
#retrives NAT rules
{
my $host=$_[0];
my $key=$_[1];
my $rullarray_ref=$_[2];

#push @{$rullarray_ref}, 'onee';
#push @{$rullarray_ref}, 'twoee';

my $request="type=config&action=show&key=$key&xpath=/config/devices/entry/vsys/entry/rulebase/nat";
my $reply=SendREST("\nGetting the nat rules..",$host,$request);
$reply=~ s/\R//g;
#remove line breaks
$reply=~s/\s+/ /g ;
#remove exessive whitespaces
$reply=~m/\<nat\>.*\<rules\>(.*)\<\/rules\>\<\/nat\>/;
my $rules;
if ($1)
{
$rules=$1;
}
else
{
print "No NAT rules";
return;
}
while ($rules=~m/\<entry name\=\"(.*?)\"\>(.*?)\<\/entry\>/gs)
{

#print $1."\n";
my $rule_txt=$2;
my %rule_hash;
$rule_hash{'Name'}=$1;
#getting source zone
my @from_mem;
my $from_regexp="\<from\>(.*?)\<\/from\>";
RunRegexp ($from_regexp, $rule_txt, \@from_mem );
$rule_hash{'From'}=\@from_mem;

#getting destination zone
my @to_mem;
my $to_regexp="\<to\>(.*?)\<\/to\>";
RunRegexp( $to_regexp, $rule_txt, \@to_mem);
$rule_hash{'To'}=\@to_mem;

#getting source address
my @source_mem;
my $source_regexp="\<source\>(.*?)\<\/source\>";
RunRegexp( $source_regexp, $rule_txt, \@source_mem);
$rule_hash{'Source'}=\@source_mem;

#getting destination address
my @dest_mem;
my $dest_regexp="\<destination\>(.*?)\<\/destination\>";
RunRegexp( $dest_regexp, $rule_txt, \@dest_mem);
$rule_hash{'Destination'}=\@dest_mem;

#getting non-member stuff
my %non_member_stuff;
GetNonMeberStuff(\%non_member_stuff, $rule_txt );
$rule_hash{'Service'}=$non_member_stuff{'service'};
$rule_hash{'To-Interface'}=$non_member_stuff{'To-Interface'};

#source translation
my %source_translation;
GetSourceTranslation(\%source_translation, $rule_txt );
$rule_hash{'Source_Trans_type'}=$source_translation{'type'};
$rule_hash{'Source_Trans_addon'}=$source_translation{'addon'};

#destination translation
my %destination_translation;
GetDestinationTranslation(\%destination_translation, $rule_txt);
$rule_hash{'Dest_Trans_type'}=$destination_translation{'type'};
$rule_hash{'Dest_Trans_addon'}=$destination_translation{'addon'};

$rule_hash{'Disabled'}=GetDisabled($rule_txt);

push @{$rullarray_ref}, \%rule_hash;
}

}

sub GetSecOptions
{
my $rule_txt=$_[0];
my $SecOptions='';
if ($rule_txt=~m/\<option\>(.*)\<\/option\>/)
{
my $option=$1;
if ($option=~m/\<disable\-server\-response\-inspection\>(.*)\<\/disable\-server\-response\-inspection\>/)
{
if ($1=~m/yes/)
{
$SecOptions="disable-server-response-inspection=yes"

}

}

}
return $SecOptions;
}
sub GetSchedule
{
my $rule_txt=$_[0];
my $schedule='';
if ($rule_txt=~m/\<schedule\>(.*)\<\/schedule\>/)
{

$schedule=$1;
}
return $schedule;
}

sub GetQoS
{
my $rule_txt=$_[0];
my $qos='';
my $q='';
if($rule_txt=~m/\<qos\>(.*)\<\/qos\>/)
{
$q=$1;
if ($q=~m/\<marking\>\s+\<(.*?)\>(.*?)\<\/(?:.*?)\>\s+\<\/marking\>/)
{
$qos=$1."=".$2;

}
elsif ($q=~m/\<marking\>\s+\<(.*?)\/\>\s+\<\/marking\>/)
{
$qos=$1;
}
}


return $qos;
}

sub GetLog
{
my $rule_txt=$_[0];
my $log='';
$rule_txt=~m/\<log\-start\>(.*)\<\/log\-start\>/;
if ($1=~m/yes/)
{
$log="log at start";

}
$rule_txt=~m/\<log\-end\>(.*)\<\/log\-end\>/;
if ($1=~m/yes/)
{

$log=$log."; log at end";
}
$log=~s/^;\s//;
#print "-----------//-----------\n";
#print $log."\n";
return $log;
}


sub GetProfile
{
my $rule_txt=$_[0];
my $profile='';
my $ret='';
$rule_txt=~m/\<profile-setting\>(.*)\<\/profile-setting\>/;
if ($1)
{
$profile=$1;

if ($profile=~m/\<profiles\>(.*)\<\/profiles\>/)
{
$profile=$1;

my $url_filt="\<url\-filtering\>(.*?)\<\/url\-filtering\>";
if ($profile=~m/$url_filt/)
{
my @url_filt;
RunRegexp( $url_filt, $profile, \@url_filt);
$ret=$ret."url filtering=".ArrayToString(\@url_filt)."; ";

}
my $virus="\<virus\>(.*?)\<\/virus\>";
if ($profile=~m/$virus/)
{
my @virus;
RunRegexp( $virus, $profile, \@virus);
$ret=$ret."virus=".ArrayToString(\@virus)."; ";


}

my $spyware="\<spyware\>(.*?)\<\/spyware\>";
if ($profile=~m/$spyware/)
{
my @spyware;
RunRegexp( $spyware, $profile, \@spyware);
$ret=$ret."spyware=".ArrayToString(\@spyware)."; ";

}

my $vulnerability="\<vulnerability\>(.*?)\<\/vulnerability\>";
if ($profile=~m/$vulnerability/)
{
my @vulnerability;
RunRegexp( $vulnerability, $profile, \@vulnerability);
$ret=$ret."vulnerability=".ArrayToString(\@vulnerability)."; ";

}

my $wildfire="\<wildfire\-analysis\>(.*?)\<\/wildfire\-analysis\>";
if ($profile=~m/$wildfire/)
{
my @wildfire;
RunRegexp( $wildfire, $profile, \@wildfire);
$ret=$ret."wildfire=".ArrayToString(\@wildfire)."; ";

}

my $data_filt="\<data\-filtering>(.*?)\<\/data\-filtering>";
if ($profile=~m/$data_filt/)
{
my @data_filt;
RunRegexp( $data_filt, $profile, \@data_filt);
$ret=$ret."data filtering=".ArrayToString(\@data_filt)."; ";

}

my $file_blck="\<file\-blocking>(.*?)\<\/file\-blocking";
if ($profile=~m/$file_blck/)
{
my @file_blck;
RunRegexp( $file_blck, $profile, \@file_blck);
$ret=$ret."file blocking=".ArrayToString(\@file_blck)."; ";

}
}
elsif ($profile=~m/\<group\>(.*)\<\/group\>/)
{
$profile=$1;
my @group;
GetMembers($profile,\@group);
$ret=$ret."Group=".ArrayToString(\@group)."; ";
}
}
#print $ret."\n";
return $ret;
}

sub GetAction
{
my $rule_txt=$_[0];
my $action='';
$rule_txt=~m/\<action\>(.*)\<\/action\>/;
$action=$1;
return $action;
}


sub GetDisabled
{
my $rule_txt=$_[0];
my $dis='';
$rule_txt=~m/\<disabled\>(.*)\<\/disabled\>/;
if ($1=~m/yes/)
{
$dis='yes';
}
else
{
$dis='no';
}
return $dis;
}

sub GetDestinationTranslation
{
my $destination_translation_ref=$_[0];
my $rule_txt=$_[1];
if ($rule_txt!~/destination\-translation/)
{
${$destination_translation_ref}{'type'}='none';


}
else
{
#$rule_txt=~m/<destination-translation>\s*<translated-port>(.*)<\/translated-port>\s*<translated-address>(.*)<\/translated-address>\s*<\/destination-translation>/;
my $dest_tr='';
$rule_txt=~m/destination\-translation>.*<translated\-address>(.*)<\/translated\-address>.*<\/destination\-translation>/;
$dest_tr="address: $1";
if ($rule_txt=~m/destination\-translation>.*<translated\-port>(.*)<\/translated\-port>.*<\/destination\-translation>/)
{

$dest_tr=$dest_tr.",port: $1";
}
#print $rule_txt."\n";
#exit;
${$destination_translation_ref}{'addon'}=$dest_tr;
}

}



sub GetSourceTranslation
{
my $source_translation_ref=$_[0];
my $rule_txt=$_[1];
#print "----------\n";
#print $rule_txt;
#print "----------\n";
if ($rule_txt!~/source\-translation/)
{
${$source_translation_ref}{'type'}='none';

}
else
{
#print $rule_txt;
#exit;
$rule_txt=~m/\<source\-translation\>\s+\<(.*?)\>/;
${$source_translation_ref}{'type'}=$1;
my $type=$1;
if ($type=~m/dynamic-ip-and-port/)
{
$rule_txt=~m/\<dynamic-ip-and-port\>\s+\<(.*?)\>/;
#${$source_translation_ref}{'addon'}=$1;
my $d_ip_a_port=$1;
#print "+++++++++++ $d_ip_a_port +++++++++++++++\n";

if ($d_ip_a_port=~m/translated\-address/)
{
my @tr_add;
$rule_txt=~m/\<dynamic-ip-and-port>\s+\<translated\-address\>(.*)\<\/translated\-address\>/;
my $mem=$1;
GetMembers($mem,\@tr_add);
#print Dumper @tr_add;
${$source_translation_ref}{'addon'}=ArrayToString(\@tr_add);
}
elsif ($d_ip_a_port=~m/interface\-address/)
{
$rule_txt=~m/\<source-translation\>\s*\<dynamic-ip-and-port\>\s*\<interface\-address>\s*<interface>(.*?)<\/interface>\s*<ip>(.*?)<\/ip>\s*<\/interface-address>/;
${$source_translation_ref}{'addon'}="$1, $2";


}

}
elsif ($type=~m/dynamic-ip/)
{
my @tr_add;
#print $rule_txt;
#exit;
$rule_txt=~m/<dynamic-ip>.*<translated-address>(.*)<\/translated-address>\s*<\/dynamic-ip>\s*<\/source-translation>/;
my $mem=$1;
GetMembers($mem,\@tr_add);

if ($rule_txt=~m/\<dynamic-ip\>.*\<fallback\>/)
{
if ($rule_txt=~m/\<fallback>\s*\<interface-address\>\s*<ip>(.*)<\/ip>\s*<interface>(.*)<\/interface>\s*<\/interface-address>\s*<\/fallback\>/)
{
#print "$1 $2";
#exit;
push @tr_add, "Fall-back interface address: $1";
push @tr_add, "Fall-back interface : $2";
}
elsif ($rule_txt=~m/\<fallback>\s*\<translated\-address\>(.*)<\/translated-address>\s*<\/fallback\>/)
{
#print $rule_txt;
#exit;
my @t2;
my $mem=$1;
GetMembers($mem,\@t2);
$mem=ArrayToString(\@t2);
push @tr_add, "Fallback address: $mem";

}
}
${$source_translation_ref}{'addon'}=ArrayToString(\@tr_add);
}
elsif ($type=~m/static-ip/)
{
my @tr_add;
#print $rule_txt."\n";
#exit;
$rule_txt=~m/<static-ip>.*<translated-address>(.*)<\/translated-address>.*<\/static-ip>/;
push @tr_add, "$1";
$rule_txt=~m/<static-ip>.*<bi\-directional>(.*)<\/bi\-directional>.*<\/static-ip>/;
push @tr_add, "bi-directional: $1";
${$source_translation_ref}{'addon'}=ArrayToString(\@tr_add);
}
}


}


sub GetNonMeberStuff
{
my $non_member_stuff_ref=$_[0];
my $rule_txt=$_[1];
#get service
#doing through the array, because we already have sub for that...we don't need array, but I am too lazy to rewrite the sub
my @array;
my $regexp="\<service\>(.*?)\<\/service\>";
RunRegexp( $regexp, $rule_txt, \@array);
my $variab= pop @array;
${$non_member_stuff_ref}{'service'}=$variab;

$regexp="\<to\-interface\>(.*?)\<\/to\-interface\>";
RunRegexp( $regexp, $rule_txt, \@array);
$variab= pop @array;
${$non_member_stuff_ref}{'To-Interface'}=$variab;

}



sub RunRegexp
{
my $regexp=$_[0];
my $rule_txt=$_[1];
my $mem_array_ref=$_[2];
#print $rule_txt."\n";
#print "-------//-------------//--------";
#print $regexp."\n\n";
#exit;

while ($rule_txt=~m/$regexp/gs)
{
my $mem=$1;
#print "=========RunRegexp=============="."\n";
#print $mem."\n";
#exit;
GetMembers($mem,$mem_array_ref);
#print ArrayToString (@{$mem_array_ref});
#print "\n";
#print "\n";
}
}


sub GetMembers
#pushes the array with members from the text
#if there is no members, pushes the text itself
{
my $txt=$_[0];
my $array_ref=$_[1];
if ($txt=~m/member/)
{
while ($txt=~m/\<member\>(.*?)\<\/member\>/gs)
{
#print $1."\n";
#push the member into the array
push @{$array_ref}, $1;
}

}
else
{
#as long as we do not have members, push the whole thing into the array
push @{$array_ref}, $txt;

}

}


sub GetTheKey
#retrievs the key
{
my $host=$_[0];
my $username=$_[1];
my $password=$_[2];
my $request="type=keygen&user=$username&password=$password";
my $reply=SendREST("Getting the key..",$host,$request);
if ($reply=~m/\<key\>(.*)\<\/key\>/)
{
my $key=$1;
return $key;
}
else
{
print "Error while getting the key\n";
print $reply."\n";
exit;
}


}

sub SendREST
#sends RESTful request and returns a response
{
my $reason=$_[0];
my $host=$_[1];
my $request=$_[2];
my $restline="$paloRESTaddr$request";
#print $restline;
#exit;
my $ua = LWP::UserAgent->new;
$ua->timeout(10);
$ua->ssl_opts( verify_hostnames => 0 ); 
#$ua->env_proxy;
print "$reason\n";
my $response = $ua->get($restline);
my $reply='';
if ($response->is_success) {
$reply= $response->decoded_content; 
if ($reply=~m/error/)
{
print $reply;
exit;
}

}
else {
$reply= $response->status_line;
print $reply."\n";
exit;
}
return $reply;
}

sub CreateHeaders
#creates headers , on row (starts from 0) 
{
my $row=$_[0];
my $wrksheet=$_[1];
my $headers_ref=$_[2];
my $bold=$_[3];
foreach my $i (0..$#{$headers_ref}) 
{
my $header=shift @{$headers_ref};
$wrksheet->write_rich_string( $row, $i, $bold, $header );
$i++; 
}

}

sub ArrayToString
{
my $ar_ref=$_[0];
my @from=@{$ar_ref};
my $m_txt='';
foreach my $n (0..$#from) 
{
$m_txt=$m_txt.$from[$n].", ";
}
#remove two last characters (last comma and space)
$m_txt=~s/..$//; 
return $m_txt
}

 

0 REPLIES 0
  • 1595 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!