def _parse_service_xml(self, xml): """parse the xml into actual objects and store them in the dicts""" for elm in xml: obj = objects.ServiceObject() obj.refresh(xml=elm) self.service_objects[obj.name] = obj
def create_object(**kwargs): if kwargs['addressobject']: newobject = objects.AddressObject( name=kwargs['addressobject'], value=kwargs['address'], type=kwargs['address_type'], description=kwargs['description'], tag=kwargs['tag_name'] ) if newobject.type and newobject.value: return newobject else: return False elif kwargs['addressgroup']: newobject = objects.AddressGroup( name=kwargs['addressgroup'], static_value=kwargs['static_value'], dynamic_value=kwargs['dynamic_value'], description=kwargs['description'], tag=kwargs['tag_name'] ) if newobject.static_value or newobject.dynamic_value: return newobject else: return False elif kwargs['serviceobject']: newobject = objects.ServiceObject( name=kwargs['serviceobject'], protocol=kwargs['protocol'], source_port=kwargs['source_port'], destination_port=kwargs['destination_port'], tag=kwargs['tag_name'] ) if newobject.protocol and newobject.destination_port: return newobject else: return False elif kwargs['servicegroup']: newobject = objects.ServiceGroup( name=kwargs['servicegroup'], value=kwargs['services'], tag=kwargs['tag_name'] ) if newobject.value: return newobject else: return False elif kwargs['tag_name']: newobject = objects.Tag( name=kwargs['tag_name'], color=kwargs['color'], comments=kwargs['description'] ) if newobject.name: return newobject else: return False else: return False
def setup_state_obj(self, dev, state): state.obj = objects.ServiceObject( testlib.random_name(), protocol='tcp', source_port='1025-65535', destination_port='80,443,8080', description='My service object', ) dev.add(state.obj)
def from_criteria(cls, criteria): """Create an instance from the provided criteria """ pandevice_object = objects.ServiceObject() pandevice_object.name = criteria['name'] pandevice_object.protocol = criteria['protocol'] pandevice_object.destination_port = criteria['port'] return cls(pandevice_object)
def _parse_services(self): """retrieve all the pandevice.objects.ServiceObject's and parse them and store in the dg node""" # create the "any" object any_service_pandevice_obj = objects.ServiceObject() any_service_pandevice_obj.name = 'any' any_service_pandevice_obj.protocol = 'any' any_service_pandevice_obj.destination_port = 'any' any_service = PaloAltoService(any_service_pandevice_obj) # create the "application-default" object app_default_service_pan_obj = objects.ServiceObject() app_default_service_pan_obj.name = 'application-default' app_default_service = PaloAltoService(app_default_service_pan_obj) for dg_node in self.dg_hierarchy.get_all_nodes(): for s in dg_node.device_group.findall(objects.ServiceObject): dg_node.insert(PaloAltoService(s)) # add the "any" object dg_node.insert(any_service) # add the "application-default" object dg_node.insert(app_default_service)
def create_dependencies(self, dev, state): state.tag = None state.services = [ objects.ServiceObject( testlib.random_name(), 'tcp' if x % 2 == 0 else 'udp', destination_port=2000 + x, description='Service {0}'.format(x)) for x in range(4) ] for x in state.services: dev.add(x) x.create() state.tag = objects.Tag(testlib.random_name(), 'color5') dev.add(state.tag) state.tag.create()
def main(): argument_spec = dict(ip_address=dict(required=True), username=dict(default='admin'), password=dict(no_log=True), api_key=dict(no_log=True), name=dict(type='str', required=True), protocol=dict(default='tcp', choices=['tcp', 'udp']), source_port=dict(type='str'), destination_port=dict(type='str'), description=dict(type='str'), tag=dict(type='list'), device_group=dict(type='str'), vsys=dict(type='str', default='vsys1'), state=dict(default='present', choices=['present', 'absent']), commit=dict(type='bool', default=False)) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False) if not HAS_LIB: module.fail_json( msg='pan-python and pandevice are required for this module.') ip_address = module.params['ip_address'] username = module.params['username'] password = module.params['password'] api_key = module.params['api_key'] name = module.params['name'] protocol = module.params['protocol'] source_port = module.params['source_port'] destination_port = module.params['destination_port'] description = module.params['description'] tag = module.params['tag'] device_group = module.params['device_group'] vsys = module.params['vsys'] state = module.params['state'] commit = module.params['commit'] changed = False try: device = base.PanDevice.create_from_device(ip_address, username, password, api_key=api_key) if isinstance(device, firewall.Firewall): device.vsys = vsys if device_group: if device_group.lower() == 'shared': device_group = None else: if not get_devicegroup(device, device_group): module.fail_json(msg='Could not find {} device group.'. format(device_group)) if state == 'present': if not destination_port: module.fail_json( msg='Must specify \'destination_port\' if \'state\' is ' '\'present\'.') existing_obj = find_object(device, name, objects.ServiceObject, device_group) new_obj = objects.ServiceObject(name=name, protocol=protocol, source_port=source_port, destination_port=destination_port, description=description, tag=tag) if not existing_obj: add_object(device, new_obj, device_group) new_obj.create() changed = True elif not existing_obj.equal(new_obj): existing_obj.protocol = protocol existing_obj.source_port = source_port existing_obj.destination_port = destination_port existing_obj.description = description existing_obj.tag = tag existing_obj.apply() changed = True elif state == 'absent': existing_obj = find_object(device, name, objects.ServiceObject, device_group) if existing_obj: existing_obj.delete() changed = True if commit and changed: perform_commit(module, device, device_group) except PanDeviceError as e: module.fail_json(msg=e.message) module.exit_json(changed=changed)