def _setup(self):
# xpaths
self._xpaths.add_profile(value='/variable')
# params
params = []
params.append(VersionedParamPath('value', path='type/{variable_type}'))
params.append(
VersionedParamPath('variable_type',
default='ip-netmask',
path='type/{variable_type}',
values=[
'ip-netmask', 'ip-range', 'fqdn',
'group-id', 'interface'
]))
params[-1].add_profile('9.0.0',
path='type/{variable_type}',
values=[
'ip-netmask',
'ip-range',
'fqdn',
'group-id',
'interface',
'device-priority',
'device-id',
])
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/server')
# params
params = []
params.append(VersionedParamPath('server', path='server'))
params.append(
VersionedParamPath('transport',
default='UDP',
values=['UDP', 'TCP', 'SSL'],
path='transport'))
params.append(VersionedParamPath('port', vartype='int', path='port'))
params.append(
VersionedParamPath('format',
default='BSD',
values=['BSD', 'IETF'],
path='format'))
params.append(
VersionedParamPath('facility',
default='LOG_USER',
path='facility',
values=[
'LOG_USER',
] +
['LOG_LOCAL{0}'.format(x) for x in range(8)]))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/password-profile')
# params
params = []
params.append(
VersionedParamPath('expiration',
vartype='int',
path='password-change/expiration-period'))
params.append(
VersionedParamPath(
'warning',
vartype='int',
path='password-change/expiration-warning-period'))
params.append(
VersionedParamPath(
'login_count',
vartype='int',
path='password-change/post-expiration-admin-login-count'))
params.append(
VersionedParamPath(
'grace_period',
vartype='int',
path='password-change/post-expiration-grace-period'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/password-profile')
self._xpaths.add_profile(value='{0}/password-profile'.format(
self._TEMPLATE_MGTCONFIG_XPATH),
parents=('Template', 'TemplateStack'))
# params
params = []
params.append(
VersionedParamPath('expiration',
vartype='int',
path='password-change/expiration-period'))
params.append(
VersionedParamPath(
'warning',
vartype='int',
path='password-change/expiration-warning-period'))
params.append(
VersionedParamPath(
'login_count',
vartype='int',
path='password-change/post-expiration-admin-login-count'))
params.append(
VersionedParamPath(
'grace_period',
vartype='int',
path='password-change/post-expiration-grace-period'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/version/v2c/server')
# params
params = []
params.append(VersionedParamPath('manager', path='manager'))
params.append(VersionedParamPath('community', path='community'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/tag')
# params
params = []
params.append(VersionedParamPath('color', path='color'))
params.append(VersionedParamPath('comments', path='comments'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/dynamic-user-group')
# params
params = []
params.append(VersionedParamPath('description', path='description'))
params.append(VersionedParamPath('filter', path='filter'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/profiles/custom-url-category')
# params
params = []
params.append(
VersionedParamPath('url_value', path='list', vartype='member'))
params.append(VersionedParamPath('description', path='description'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/application-group')
# params
params = []
params.append(
VersionedParamPath('value', path='members', vartype='member'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/template-stack')
# params
params = []
params.append(VersionedParamPath('description', path='description'))
params.append(
VersionedParamPath('templates', path='templates',
vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/server')
# params
params = []
params.append(VersionedParamPath('address', path='address'))
params.append(
VersionedParamPath('protocol',
default='HTTPS',
values=['HTTP', 'HTTPS'],
path='protocol'))
params.append(
VersionedParamPath('port', default=443, vartype='int',
path='port'))
params.append(VersionedParamPath('tls_version', exclude=True))
params[-1].add_profile('9.0.0',
values=['1.0', '1.1', '1.2'],
path='tls-version')
params.append(VersionedParamPath('certificate_profile', exclude=True))
params[-1].add_profile('9.0.0', path='certificate-profile')
params.append(
VersionedParamPath('http_method',
default='POST',
path='http-method'))
params.append(VersionedParamPath('username', path='username'))
params.append(
VersionedParamPath('password',
vartype='encrypted',
path='password'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/log-settings/profiles')
# params
params = []
params.append(VersionedParamPath('description', path='description'))
params.append(VersionedParamPath('enhanced_logging', exclude=True))
params[-1].add_profile('8.1.0',
vartype='yesno',
path='enhanced-application-logging')
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/server')
# params
params = []
params.append(VersionedParamPath('display_name', path='display-name'))
params.append(VersionedParamPath('from', path='from'))
params.append(VersionedParamPath('to', path='to'))
params.append(VersionedParamPath('also_to', path='and-also-to'))
params.append(VersionedParamPath('email_gateway', path='gateway'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/vsys')
# params
params = []
params.append(VersionedParamPath(
'display_name', path='display-name'))
params.append(VersionedParamPath(
'interface', vartype='member',
path='import/network/interface'))
params.append(VersionedParamPath(
'vlans', vartype='member',
path='import/network/vlan'))
params.append(VersionedParamPath(
'virtual_wires', vartype='member',
path='import/network/virtual-wire'))
params.append(VersionedParamPath(
'virtual_routers', vartype='member',
path='import/network/virtual-router'))
params.append(VersionedParamPath(
'visible_vsys', vartype='member',
path='import/visible-vsys'))
params.append(VersionedParamPath(
'dns_proxy', path='import/dns-proxy'))
params.append(VersionedParamPath(
'decrypt_forwarding', vartype='yesno',
path='setting/ssl-decrypt/allow-forward-decrypted-content'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/import/resource')
self._xpaths.add_profile(value='{0}/import/resource'.format(
self._TEMPLATE_VSYS_XPATH),
parents=('Template', ))
# params
params = []
int_params = (
"max-security-rules",
"max-nat-rules",
"max-ssl-decryption-rules",
"max-qos-rules",
"max-application-override-rules",
"max-pbf-rules",
"max-cp-rules",
"max-dos-rules",
"max-site-to-site-vpn-tunnels",
"max-concurrent-ssl-vpn-tunnels",
"max-sessions",
)
for x in int_params:
params.append(VersionedParamPath(x, path=x, vartype='int'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/address-group')
# params
params = []
params.append(
VersionedParamPath('static_value', path='static',
vartype='member'))
params.append(
VersionedParamPath('dynamic_value', path='dynamic/filter'))
params.append(VersionedParamPath('description', path='description'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/address')
# params
params = []
params.append(VersionedParamPath('value', path='{type}'))
params.append(
VersionedParamPath('type',
default='ip-netmask',
values=['ip-netmask', 'ip-range', 'fqdn'],
path='{type}'))
params.append(VersionedParamPath('description', path='description'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/profile-group')
# params
params = []
params.append(
VersionedParamPath('virus', path='virus', vartype='member'))
params.append(
VersionedParamPath('spyware', path='spyware', vartype='member'))
params.append(
VersionedParamPath('vulnerability',
path='vulnerability',
vartype='member'))
params.append(
VersionedParamPath('url_filtering',
path='url-filtering',
vartype='member'))
params.append(
VersionedParamPath('file_blocking',
path='file-blocking',
vartype='member'))
params.append(
VersionedParamPath('data_filtering',
path='data-filtering',
vartype='member'))
params.append(
VersionedParamPath('wildfire_analysis',
path='wildfire-analysis',
vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/actions')
# params
params = []
params.append(
VersionedParamPath('action_type',
default='tagging',
values=[
'tagging',
],
path='type/{action_type}'))
params[-1].add_profile('8.1.0',
values=['tagging', 'integration'],
path='type/{action_type}')
params.append(
VersionedParamPath('action',
path='type/{action_type}/action',
values=['add-tag', 'remove-tag']))
params[-1].add_profile('8.1.0',
path='type/{action_type}/action',
values=[
'Azure-Security-Center-Integration',
'add-tag', 'remove-tag'
])
params.append(
VersionedParamPath(
'target',
path='type/{action_type}/target',
condition={'action_type': 'tagging'},
values=['source-address', 'destination-address']))
params.append(
VersionedParamPath(
'registration',
values=['localhost', 'panorama', 'remote'],
condition={'action_type': 'tagging'},
path='type/{action_type}/registration/{registration}'))
params.append(
VersionedParamPath(
'http_profile',
condition={
'action_type': 'tagging',
'registration': 'remote'
},
path=
'type/{action_type}/registration/{registration}/http-profile'))
params.append(
VersionedParamPath('tags',
condition={'action_type': 'tagging'},
vartype='member',
path='type/{action_type}/tags'))
params.append(VersionedParamPath('timeout', exclude=True))
params[-1].add_profile('9.0.0',
vartype='int',
path='type/{action_type}/timeout',
condition={'action_type': 'tagging'})
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/device-group')
# params
params = []
params.append(VersionedParamPath('tag', vartype='entry'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/service')
# params
params = []
params.append(VersionedParamPath(
'protocol', path='protocol/{protocol}',
values=['tcp', 'udp'], default='tcp'))
params.append(VersionedParamPath(
'source_port', path='protocol/{protocol}/source-port'))
params.append(VersionedParamPath(
'destination_port', path='protocol/{protocol}/port'))
params.append(VersionedParamPath(
'description', path='description'))
params.append(VersionedParamPath(
'tag', path='tag', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/application-container')
# params
params = []
params.append(VersionedParamPath(
'applications', path='functions', vartype='member'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/version/v3/server')
# params
params = []
params.append(VersionedParamPath('manager', path='manager'))
params.append(VersionedParamPath('user', path='user'))
params.append(VersionedParamPath('engine_id', path='engineid'))
params.append(
VersionedParamPath('auth_password',
vartype='encrypted',
path='authpwd'))
params.append(
VersionedParamPath('priv_password',
vartype='encrypted',
path='privpwd'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/template')
# params
params = []
params.append(VersionedParamPath(
'description', path='description'))
params.append(VersionedParamPath(
'devices', vartype='entry', path='devices'))
params.append(VersionedParamPath(
'default_vsys', exclude=True))
params[-1].add_profile(
'7.0.0',
path='settings/default-vsys')
params.append(VersionedParamPath(
'multi_vsys', vartype='yesno', path='settings/multi-vsys'))
params[-1].add_profile(
'7.0.0',
exclude=True)
params.append(VersionedParamPath(
'mode', default='normal', path='settings/operational-mode'))
params[-1].add_profile(
'7.0.0',
exclude=True)
params.append(VersionedParamPath(
'vpn_disable_mode', vartype='yesno',
path='settings/vpn-disable-mode'))
params[-1].add_profile(
'7.0.0',
exclude=True)
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/log-settings/snmptrap')
# params
params = []
params.append(
VersionedParamPath('version',
default='v2c',
values=['v2c', 'v3'],
path='version/{version}'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/match-list')
# params
params = []
params.append(VersionedParamPath('description', path='action-desc'))
params.append(
VersionedParamPath('log_type',
path='log-type',
values=[
'traffic', 'threat', 'wildfire', 'url',
'data', 'gtp', 'tunnel', 'auth'
]))
params[-1].add_profile('8.1.0',
path='log-type',
values=[
'traffic', 'threat', 'wildfire', 'url',
'data', 'gtp', 'tunnel', 'auth', 'sctp'
])
params.append(VersionedParamPath('filter', path='filter'))
params.append(
VersionedParamPath('send_to_panorama',
vartype='yesno',
path='send-to-panorama'))
params.append(
VersionedParamPath('snmp_profiles',
vartype='member',
path='send-snmptrap'))
params.append(
VersionedParamPath('email_profiles',
vartype='member',
path='send-email'))
params.append(
VersionedParamPath('syslog_profiles',
vartype='member',
path='send-syslog'))
params.append(
VersionedParamPath('http_profiles',
vartype='member',
path='send-http'))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/update-schedule/statistics-service')
bool_params = (
('app_reports', 'application-reports'),
('threat_reports', 'threat-prevention-reports'),
('url_reports', 'url-reports'),
('file_type_reports', 'file-identification-reports'),
('threat_data', 'threat-prevention-information'),
('threat_pcaps', 'threat-prevention-pcap'),
('product_usage_stats', 'health-performance-reports'),
('passive_dns_monitoring', 'passive-dns-monitoring'),
)
self._params = tuple(
VersionedParamPath(param, vartype='yesno', path=path)
for param, path in bool_params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/nat/rules')
# params
params = []
params.append(VersionedParamPath('description', path='description'))
params.append(
VersionedParamPath('nat_type',
path='nat-type',
default='ipv4',
values=('ipv4', 'nat64', 'nptv6')))
params.append(
VersionedParamPath('fromzone',
default=[
'any',
],
vartype='member',
path='from'))
params.append(VersionedParamPath('tozone', vartype='member',
path='to'))
params.append(VersionedParamPath('to_interface', path='to-interface'))
params.append(
VersionedParamPath('service', default='any', path='service'))
params.append(
VersionedParamPath('source',
default=[
'any',
],
vartype='member',
path='source'))
params.append(
VersionedParamPath('destination',
default=[
'any',
],
vartype='member',
path='destination'))
params.append(
VersionedParamPath(
'source_translation_type',
path='source-translation/{source_translation_type}',
values=('dynamic-ip-and-port', 'dynamic-ip', 'static-ip')))
params.append(
VersionedParamPath('source_translation_address_type',
path='/'.join(
('source-translation',
'{source_translation_type}',
'{source_translation_address_type}')),
values=('interface-address',
'translated-address'),
default='translated-address',
condition={
'source_translation_type':
['dynamic-ip-and-port', 'dynamic-ip']
}))
params.append(
VersionedParamPath(
'source_translation_interface',
path='/'.join(
('source-translation', '{source_translation_type}',
'{source_translation_address_type}', 'interface')),
condition={
'source_translation_type': 'dynamic-ip-and-port',
'source_translation_address_type': 'interface-address'
}))
params.append(
VersionedParamPath(
'source_translation_ip_address',
path='/'.join(
('source-translation', '{source_translation_type}',
'{source_translation_address_type}', 'ip')),
condition={
'source_translation_type': 'dynamic-ip-and-port',
'source_translation_address_type': 'interface-address'
}))
params.append(
VersionedParamPath('source_translation_translated_addresses',
vartype='member',
path='/'.join(
('source-translation',
'{source_translation_type}',
'{source_translation_address_type}')),
condition={
'source_translation_type':
['dynamic-ip-and-port', 'dynamic-ip'],
'source_translation_address_type':
'translated-address'
}))
params.append(
VersionedParamPath(
'source_translation_fallback_type',
path='/'.join(
('source-translation', '{source_translation_type}',
'fallback', '{source_translation_fallback_type}')),
values=('translated-address', 'interface-address'),
condition={'source_translation_type': 'dynamic-ip'}))
params.append(
VersionedParamPath(
'source_translation_fallback_translated_addresses',
path='/'.join(
('source-translation', '{source_translation_type}',
'fallback', '{source_translation_fallback_type}')),
vartype='member',
condition={
'source_translation_type': 'dynamic-ip',
'source_translation_fallback_type': 'translated-address'
}))
params.append(
VersionedParamPath('source_translation_fallback_interface',
path='/'.join(
('source-translation',
'{source_translation_type}', 'fallback',
'{source_translation_fallback_type}',
'interface')),
condition={
'source_translation_type':
'dynamic-ip',
'source_translation_fallback_type':
'interface-address'
}))
params.append(
VersionedParamPath('source_translation_fallback_ip_type',
path='/'.join(
('source-translation',
'{source_translation_type}', 'fallback',
'{source_translation_fallback_type}',
'{source_translation_fallback_ip_type}')),
values=('ip', 'floating-ip'),
default='ip',
condition={
'source_translation_type':
'dynamic-ip',
'source_translation_fallback_type':
'interface-address'
}))
params.append(
VersionedParamPath('source_translation_fallback_ip_address',
path='/'.join(
('source-translation',
'{source_translation_type}', 'fallback',
'{source_translation_fallback_type}',
'{source_translation_fallback_ip_type}')),
condition={
'source_translation_type':
'dynamic-ip',
'source_translation_fallback_type':
'interface-address'
}))
params.append(
VersionedParamPath(
'source_translation_static_translated_address',
path='/'.join(
('source-translation', '{source_translation_type}',
'translated-address')),
condition={'source_translation_type': 'static-ip'}))
params.append(
VersionedParamPath(
'source_translation_static_bi_directional',
vartype='yesno',
path='/'.join(('source-translation',
'{source_translation_type}', 'bi-directional')),
condition={'source_translation_type': 'static-ip'}))
params.append(
VersionedParamPath(
'destination_translated_address',
path='destination-translation/translated-address'))
params.append(
VersionedParamPath('destination_translated_port',
vartype='int',
path='destination-translation/translated-port'))
params.append(
VersionedParamPath('ha_binding',
path='active-active-device-binding',
values=('primary', 'both', '0', '1')))
params.append(
VersionedParamPath('disabled', vartype='yesno', path='disabled'))
params.append(
VersionedParamPath('negate_target',
path='target/negate',
vartype='yesno'))
params.append(
VersionedParamPath('target',
path='target/devices',
vartype='entry'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
params.append(
VersionedParamPath('destination_dynamic_translated_address',
exclude=True))
params[-1].add_profile(
'8.1.0', path='dynamic-destination-translation/translated-address')
params.append(
VersionedParamPath('destination_dynamic_translated_port',
exclude=True))
params[-1].add_profile(
'8.1.0',
path='dynamic-destination-translation/translated-port',
vartype='int')
params.append(
VersionedParamPath('destination_dynamic_translated_distribution',
exclude=True))
params[-1].add_profile(
'8.1.0',
path='dynamic-destination-translation/distribution',
values=('round-robin', ))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/security/rules')
# params
params = []
any_defaults = (
('fromzone', 'from'),
('tozone', 'to'),
('source', 'source'),
('source_user', 'source-user'),
('hip_profiles', 'hip-profiles'),
('destination', 'destination'),
('application', 'application'),
)
for var_name, path in any_defaults:
params.append(
VersionedParamPath(var_name,
default=[
'any',
],
vartype='member',
path=path))
params.append(
VersionedParamPath('service',
default='application-default',
vartype='member',
path='service'))
params.append(
VersionedParamPath('category',
default=[
'any',
],
vartype='member',
path='category'))
params.append(VersionedParamPath('action', path='action'))
params.append(VersionedParamPath('log_setting', path='log-setting'))
params.append(
VersionedParamPath('log_start', path='log-start', vartype='yesno'))
params.append(
VersionedParamPath('log_end', path='log-end', vartype='yesno'))
params.append(VersionedParamPath('description', path='description'))
params.append(
VersionedParamPath('type', default='universal', path='rule-type'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
params.append(
VersionedParamPath('negate_source',
path='negate-source',
vartype='yesno'))
params.append(
VersionedParamPath('negate_destination',
path='negate-destination',
vartype='yesno'))
params.append(
VersionedParamPath('disabled', path='disabled', vartype='yesno'))
params.append(VersionedParamPath('schedule', path='schedule'))
params.append(
VersionedParamPath('icmp_unreachable', path='icmp-unreachable'))
params.append(
VersionedParamPath(
'disable_server_response_inspection',
vartype='yesno',
path='option/disable-server-response-inspection'))
params.append(
VersionedParamPath('group',
path='profile-setting/group',
vartype='member'))
params.append(
VersionedParamPath('negate_target',
path='target/negate',
vartype='yesno'))
params.append(
VersionedParamPath('target',
path='target/devices',
vartype='entry'))
member_profiles = (
'virus',
'spyware',
'vulnerability',
'url-filtering',
'file-blocking',
'wildfire-analysis',
'data-filtering',
)
for p in member_profiles:
params.append(
VersionedParamPath(
p,
vartype='member',
path='profile-setting/profiles/{0}'.format(p)))
self._params = tuple(params)
def _setup(self):
# xpaths
self._xpaths.add_profile(value='/application-filter')
# params
params = []
params.append(
VersionedParamPath('category', path='category', vartype='member'))
params.append(
VersionedParamPath('subcategory',
path='subcategory',
vartype='member'))
params.append(
VersionedParamPath('technology',
path='technology',
vartype='member'))
params.append(VersionedParamPath('risk', path='risk',
vartype='member'))
params.append(
VersionedParamPath('evasive', path='evasive', vartype='yesno'))
params.append(
VersionedParamPath('excessive_bandwidth_use',
path='excessive-bandwidth-use',
vartype='yesno'))
params.append(
VersionedParamPath('prone_to_misuse',
path='prone-to-misuse',
vartype='yesno'))
params.append(
VersionedParamPath('is_saas', path='is-saas', vartype='yesno'))
params.append(
VersionedParamPath('transfers_files',
path='transfers-files',
vartype='yesno'))
params.append(
VersionedParamPath('tunnels_other_apps',
path='tunnels-other-apps',
vartype='yesno'))
params.append(
VersionedParamPath('used_by_malware',
path='used-by-malware',
vartype='yesno'))
params.append(
VersionedParamPath('has_known_vulnerabilities',
path='has-known-vulnerabilities',
vartype='yesno'))
params.append(
VersionedParamPath('pervasive', path='pervasive', vartype='yesno'))
params.append(VersionedParamPath('tag', path='tag', vartype='member'))
self._params = tuple(params)
