Created
November 18, 2020 09:07
-
-
Save rdapaz/b5afcb1d24eb24418426d82be5930938 to your computer and use it in GitHub Desktop.
Get Object Names from set commands in Palo Alto Firewall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import re | |
| import sqlite3 | |
| from pathlib import Path | |
| def process(ary): | |
| conn = sqlite3.connect(db_path) | |
| cur = conn.cursor() | |
| sql = """CREATE TABLE IF NOT EXISTS objects_in_rules ( | |
| id integer primary key, | |
| object_name text, | |
| object_type text | |
| )""" | |
| cur.execute(sql) | |
| conn.commit() | |
| sql = """ | |
| INSERT INTO objects_in_rules | |
| (object_name, object_type) | |
| VALUES | |
| (?, ?) | |
| """ | |
| cur.executemany(sql, ary) | |
| conn.commit() | |
| print(ary) | |
| if __name__ == '__main__': | |
| cwd = Path.cwd() | |
| db_path = os.path.join(cwd, 'db', 'firewall.sqlite3') | |
| with open(os.path.join(cwd, 'firewall_security_rules.txt'), 'r') as fin: | |
| rules = fin.read() | |
| rex = re.compile(r'set rulebase security rules [A-Z\-_]+ (?:source|destination|service) (.*)') | |
| s = set() | |
| for line in rules.splitlines(): | |
| m = rex.search(line) | |
| if m: | |
| obj = m.group(1) | |
| obj = obj.replace('[ ', '').replace(' ]', '') | |
| s.add(obj) | |
| ary = [] | |
| for entry in sorted(list(s)): | |
| if entry in ('any', 'application-default'): | |
| continue | |
| else: | |
| if re.search(r'^SG', entry): | |
| _type = 'Service Groups' | |
| elif re.search(r'^TCP', entry): | |
| _type = 'Services' | |
| elif re.search(r'^OG', entry): | |
| _type = 'Address Groups' | |
| else: | |
| _type = 'Addresses' | |
| ary.append([entry, _type]) | |
| process(ary) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment