rodvand / netbox-paloalto Goto Github PK
View Code? Open in Web Editor NEWNetBox plugin for listing firewall rules (from a Palo Alto Networks firewall/Panorama) associated with a NetBox object.
License: Apache License 2.0
NetBox plugin for listing firewall rules (from a Palo Alto Networks firewall/Panorama) associated with a NetBox object.
License: Apache License 2.0
Netbox object Server01 is in an address group name Server-devices. Server-devices again is in an address group named NTP-access.
Only one nesting is supported.
Add the ability to define the number of levels to support nesting. Finding the address groups within address groups requires plenty of loops and a natural performance hit. Make it user-definable as a variable in PLUGINS_CONFIG.
NetBox object name is SERVER01 with the IP address of 10.20.30.254. On the firewall/Panorama the object is named SERVER01.30.254 to easily indicate the last two octets of the object. Make this object name configurable.
Not all objects will be present on all firewalls. Make a way of designating through the admin interface the attributes to match on.
If the firewall is down or not responding, the connection will hang and only timeout on the gunicorn timeout.
Check if it is possible to set a timeout on the connection in pandevice. If not in pandevice, see if it is possible to get the timeout value and make sure we terminate before it runs out.
Currently the search assumes the NetBox object has a corresponding object on the firewall. It is known that many rules are created without referencing objects, just using the IP of the device.
Add logging statements for easier debug.
NetBox 3.2.0 was just released and has a number of extension improvements.
Furthermore, a NetBox 3.2 plugin tutorial was released
If no firewall config is defined - print error message when trying to show rules.
If the firewall connection throws any errors, like invalid credentials or timeout, make sure to present this message to the user.
Trying to see firewall rules for an object without a defined primary address results in an Exception:
AttributeError at /plugins/paloalto/loading-fw02/
'NoneType' object has no attribute 'address'
URL: /plugins/paloalto/ currently requires a in the URL.
Add a landing page with a text box where we can choose a device or virtual machine to create the url /plugins/paloalto/
Make sure to show the different device groups, and the pre and post rulebase.
To avoid having to create the object, show a small area on the device/vm page with information about the object. If it exists on the firewall/Panorama.
Check if the load times makes this feasible. If possible add a setting to turn on/off this view.
Object Server01 is in both address group adr-group-1 and adr-group-2.
When listing rules the one rule with both address groups show up twice.
Make sure the rules are unique when listing them.
Investigate if it is possible to cache the firewall rules returned by the pandevice API calls.
When visiting /plugins/paloalto/Server01 and no rules match, the panel with "Firewalls/device groups" is still presented.
If none match, omit the panel and output a message saying there are no rules matching.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.