Skip to content

Pulling complete rule-base from palo alto firewall #585

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Gopiprashanthraju opened this issue Feb 20, 2025 · 1 comment
Open

Pulling complete rule-base from palo alto firewall #585

Gopiprashanthraju opened this issue Feb 20, 2025 · 1 comment
Labels
enhancement

Comments

@Gopiprashanthraju
Copy link

Is your feature request related to a problem?

I have around 100s of firewalls running I'm looking to automate rule addition on them but logging into panorama and fetching all of them is draining panorama resources it would be great if we can fetch all rules from Panos palo alto itself for each firewalls similar to the output we get when executed rule base command

Describe the solution you'd like

Describe alternatives you've considered

Additional context
@nikolay-matveev-kkr
Copy link

I am curious what prevents you from fetching all rules via Panorama? (I suppose you manage all your firewalls via Panorama)

All you need to do is instantiate a Panorama() instance, then instantiate the target DeviceGroup() (that contains the firewalls of interest), then associate it with the Panorama instance, then create PreRulebase() and PostRulebase() and associate them to the device group. After that you can pull any rules you want (for example, current_security_rules_pre = SecurityRule.refreshall(rulebase_pre))

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nikolay-matveev-kkr @Gopiprashanthraju