02-05-2023 06:56 AM
Hello,
Using the Python panos module, I have succeeded in printing info about Layer3Subinterface objects that are children of an AggregateInterface object:
from panos.firewall import Firewall
from panos import network
fw = Firewall(hostname="1.2.3.4", api_username="test", api_password="REDACTED",
port=443, timeout=5, interval=3)
agg_ifaces = network.AggregateInterface().refreshall(fw)
for i in agg_ifaces:
print(i.about())
# the above prints out a dict showing a single AggregateInterface named 'ae1'
ae1 = network.AggregateInterface(name='ae1')
fw.add(ae1)
sub = network.Layer3Subinterface.refreshall(ae1)
# print info about all L3 Sub Interfaces of 'ae1'
for s in sub:
print(s.about())
# the above prints out dicts containing info about VLAN tags, ip ranges, and subinterface namesBelow is an example of a L3 Sub interface returned from the above:
{'tag': 10,
'ip': ['192.168.64.1/22'],
'ipv6_enabled': None,
'management_profile': 'ping_only',
'mtu': None,
'adjust_tcp_mss': False,
'netflow_profile': 'Netflow_Profile',
'comment': 'internal 1',
'ipv4_mss_adjust': None,
'ipv6_mss_adjust': None,
'enable_dhcp': None,
'create_dhcp_default_route': None,
'dhcp_default_route_metric': None,
'decrypt_forward': None,
'name': 'ae1.10'}Now I want to print out all the Static ARP mappings that are children of the 'ae1.10' Layer3Subinterface object. In the Firewall's Web UI -> "Network" tab -> "DHCP" menu, I can see lots of Reservations complete with IP address and MAC address. In the Configuration Tree diagram from the panos network module docs, network.Arp() objects can be children of AggregateInterface, VlanInterface, EthernetInterface, and Layer3Subinterface. I tried the following to print info on all the network.Arp() objects within L3Subinterface 'ae1.10':
l3subint_ae1_10 = network.Layer3Subinterface(name='ae1.10')
fw.add(l3subint_ae1_10)
arp_list = network.Arp.refreshall(l3subint_ae1_10)
for a in arp_list:
print(a.about())
The snippet above returns nothing, however, and arp_list is just an empty list. Just in case the Static ARP mappings were children of some other parent object (like AggregateInterface) I tried listing network.Arp objects under 'ae1' but still come up empty. I can also verify that this firewall does not have any VlanInterface objects and that EthernetInterface is set to Aggregate Mode for "ae1".
Could someone help me understand why I'm able to see Layer3Subinterface objects under AggregateInterface but I can't seem to find any network.Arp objects under these parent objects?
Thanks in advance
02-09-2023 02:59 PM
Do an operational command: https://pan-os-python.readthedocs.io/en/latest/getting-started.html#operational-commands
Execute this command:
show arp ethernet1/24.335
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClpnCAC
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
