pango

package module
v0.3.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 21, 2019 License: ISC Imports: 21 Imported by: 21

README

Palo Alto Networks pango

GoDoc Build Status

Package pango is a golang cross version mechanism for interacting with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). Versioning support is in place for PANOS 6.1 to 8.1.

Please refer to the godoc reference documentation above to get started.

Using pango

To start, create a client connection with the desired parameters and then initialize the connection:

package main

import (
    "log"
    "github.com/PaloAltoNetworks/pango"
)

func main() {
    var err error

    c := &pango.Firewall{Client: pango.Client{
        Hostname: "127.0.0.1",
        Username: "admin",
        Password: "admin",
        Logging: pango.LogAction | pango.LogOp,
    }}
    if err = c.Initialize(); err != nil {
        log.Printf("Failed to initialize client: %s", err)
        return
    }
    log.Printf("Initialize ok")
}

Initializing the connection creates the API key (if it was not already specified), then performs show system info to get the PANOS version. Once the firewall client connection is created, you can query and configure the Palo Alto Networks device from the functions inside the various namespaces of the client connection. Namespaces correspond to the various configuration areas available in the GUI. For example:

    err = c.Network.EthernetInterface.Set(...)
    myPolicies, err := c.Policies.Security.GetList()

Generally speaking, there are the following functions inside each namespace:

  • GetList()
  • ShowList()
  • Get()
  • Show()
  • Set()
  • Edit()
  • Delete()

These functions correspond with PANOS Get, Show, Set, Edit, and Delete API calls. Get(), Set(), and Edit() take and return normalized, version independent objects. These version safe objects are typically named Entry, which corresponds to how the object is placed in the PANOS XPATH.

Some Entry objects have a special function, Defaults(). Invoking this function will initialize the object with some default values. Each Entry that implements Defaults() calls out in its documentation what parameters are affected by this, and what the defaults are.

For any version safe object, attempting to configure a parameter that your PANOS doesn't support will be safely ignored in the resultant XML sent to the firewall / Panorama.

Using Edit Functions

The PANOS XML API Edit command can be used to both create as well as update existing config, however it can also truncate config for the given XPATH. Due to this, if you want to use Edit(), you need to make sure that you perform either a Get() or a Show() first, make your modification, then invoke Edit() using that object. If you don't do this, you will truncate any sub config.

Documentation

Overview

Package pango is a golang cross version mechanism for interacting with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). Versioning support is in place for PAN-OS 6.1 to 8.1.

To start, create a client connection with the desired parameters and then initialize the connection:

package main

import (
    "log"
    "github.com/PaloAltoNetworks/pango"
)

func main() {
    var err error
    c := pango.Firewall{Client: pango.Client{
        Hostname: "127.0.0.1",
        Username: "admin",
        Password: "admin",
        Logging: pango.LogAction | pango.LogOp,
    }}
    if err = c.Initialize(); err != nil {
        log.Printf("Failed to initialize client: %s", err)
        return
    }
    log.Printf("Initialize ok")
}

Initializing the connection creates the API key (if it was not already specified), then performs "show system info" to get the PAN-OS version. Once the firewall client is created, you can query and configure the Palo Alto Networks device from the functions inside the various namespaces of the client connection. Namespaces correspond to the various configuration areas available in the GUI. For example:

err = c.Network.EthernetInterface.Set(...)
myPolicies, err := c.Policies.Security.GetList(...)

Generally speaking, there are the following functions inside each namespace:

  • GetList
  • ShowList
  • Get
  • Show
  • Set
  • Edit
  • Delete

These functions correspond with PAN-OS Get, Show, Set, Edit, and Delete API calls. Get(), Set(), and Edit() take and return normalized, version independent objects. These version safe objects are typically named Entry, which corresponds to how the object is placed in the PAN-OS XPATH.

Some Entry objects have a special function, Defaults(). Invoking this function will initialize the object with some default values. Each Entry that implements Defaults() calls out in its documentation what parameters are affected by this, and what the defaults are.

For any version safe object, attempting to configure a parameter that your PAN-OS doesn't support will be safely ignored in the resultant XML sent to the firewall / Panorama.

Using Edit Functions

The PAN-OS XML API Edit command can be used to both create as well as update existing config, however it can also truncate config for the given XPATH. Due to this, if you want to use Edit(), you need to make sure that you perform either a Get() or a Show() first, make your modification, then invoke Edit() using that object. If you don't do this, you will truncate any sub config.

To learn more about PAN-OS XML API, please refer to the Palo Alto Netowrks API documentation.

Example (CreateInterface)

ExampleCreateInterface demonstrates how to use pango to create an interface if the interface is not already configured.

package main

import (
	"log"

	"github.com/PaloAltoNetworks/pango"
	"github.com/PaloAltoNetworks/pango/netw/interface/eth"
)

func main() {
	var err error

	// Connect to the firewall.
	fw := pango.Firewall{Client: pango.Client{
		Hostname: "192.168.1.1",
		Username: "admin",
		Password: "admin",
	}}

	// Connect to the firewall and verify authentication params.
	if err = fw.Initialize(); err != nil {
		log.Fatalf("Failed to connect to %s: %s", fw.Hostname, err)
	}

	// Define the ethernet interface we want to configure.
	e := eth.Entry{
		Name:      "ethernet1/7",
		Mode:      "layer3",
		Comment:   "Made by pango",
		StaticIps: []string{"10.1.1.1/24", "10.2.1.1/24"},
	}

	// If the interface is already present, leave it alone.
	ethList, err := fw.Network.EthernetInterface.GetList()
	if err != nil {
		log.Fatalf("Failed to get interface listing: %s", err)
	}
	for i := range ethList {
		if ethList[i] == e.Name {
			log.Printf("Interface %q already exists, quitting.", e.Name)
			return
		}
	}

	// Since the interface is not present, configure it.
	if err = fw.Network.EthernetInterface.Set("vsys1", e); err != nil {
		log.Fatalf("Failed to create %q: %s", e.Name, err)
	}
	log.Printf("Created %q ok", e.Name)
}
Output:

Example (OutputApiKey)

ExamplePanosInfo outputs various info about a PAN-OS device as JSON.

package main

import (
	"encoding/json"
	"fmt"

	"github.com/PaloAltoNetworks/pango"
)

// About is a struct to hold information about the given PAN-OS device.
type About struct {
	Hostname string `json:"hostname"`
	Type     string `json:"type"`
	Model    string `json:"model"`
	Version  string `json:"version"`
	Serial   string `json:"serial"`
}

// ExamplePanosInfo outputs various info about a PAN-OS device as
// JSON.
func main() {
	var out About

	conInfo := pango.Client{
		Hostname: "192.168.1.1",
		Username: "admin",
		Password: "admin",
		Logging:  pango.LogQuiet,
	}

	con, err := pango.Connect(conInfo)
	if err != nil {
		return
	}

	switch x := con.(type) {
	case *pango.Firewall:
		out = About{
			Hostname: x.Hostname,
			Type:     "NGFW",
			Model:    x.SystemInfo["model"],
			Version:  x.Version.String(),
			Serial:   x.SystemInfo["serial"],
		}
	case *pango.Panorama:
		out = About{
			Hostname: x.Hostname,
			Type:     "Panorama",
			Model:    x.SystemInfo["model"],
			Version:  x.Version.String(),
			Serial:   x.SystemInfo["serial"],
		}
	}

	b, err := json.Marshal(out)
	if err != nil {
		return
	}

	fmt.Printf("%s\n", b)
}
Output:

Index

Examples

Constants

View Source
const (
	LogQuiet = 1 << (iota + 1)
	LogAction
	LogQuery
	LogOp
	LogUid
	LogXpath
	LogSend
	LogReceive
)

These bit flags control what is logged by client connections. Of the flags available for use, LogSend and LogReceive will log ALL communication between the connection object and the PAN-OS XML API. The API key being used for communication will be blanked out, but no other sensitive data will be. As such, those two flags should be considered for debugging only. To disable all logging, set the logging level as LogQuiet.

The bit-wise flags are as follows:

  • LogQuiet: disables all logging
  • LogAction: action being performed (Set / Delete functions)
  • LogQuery: queries being run (Get / Show functions)
  • LogOp: operation commands (Op functions)
  • LogUid: User-Id commands (Uid functions)
  • LogXpath: the resultant xpath
  • LogSend: xml docuemnt being sent
  • LogReceive: xml responses being received

Variables

This section is empty.

Functions

func Connect

func Connect(c Client) (interface{}, error)

Connect opens a connection to the PAN-OS client, then uses the "model" info to return a pointer to either a Firewall or Panorama struct.

The Initialize function is invoked as part of this discovery, so there is no need to Initialize() the Client connection prior to invoking this.

Types

type Client

type Client struct {
	// Connection properties.
	Hostname string
	Username string
	Password string
	ApiKey   string
	Protocol string
	Port     uint
	Timeout  int
	Target   string

	// Variables determined at runtime.
	Version    version.Number
	SystemInfo map[string]string
	Plugin     []map[string]string

	// Logging level.
	Logging uint32
	// contains filtered or unexported fields
}

Client is a generic connector struct. It provides wrapper functions for invoking the various PAN-OS XPath API methods. After creating the client, invoke Initialize() to prepare it for use.

func (*Client) Commit

func (c *Client) Commit(desc string, admins []string, dan, pao, force, sync bool) (uint, error)

Commit performs a standard commit on this PAN-OS device.

Param desc is the optional commit description message you want associated with the commit.

Param admins is advanced options for doing partial commit admin-level changes, include the administrator name in the request.

Params dan and pao are advanced options for doing partial commits. Setting param dan to false excludes the Device and Network configuration, while setting param pao to false excludes the Policy and Object configuration.

Param force is if you want to force a commit even if no changes are required.

Param sync should be true if you want this function to block until the commit job completes.

Commits result in a job being submitted to the backend. The job ID and if an error was encountered or not are returned from this function. If the job ID returned is 0, then no commit was needed.

func (*Client) CommitConfig

func (c *Client) CommitConfig(cmd interface{}, action string, extras interface{}) (uint, []byte, error)

CommitConfig performs PAN-OS commits. This is the underlying function invoked by Firewall.Commit() and Panorama.Commit().

The cmd param can be either a properly formatted XML string or a struct that can be marshalled into XML.

The action param is the commit action to be taken, if any (e.g. - "all").

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

Commits result in a job being submitted to the backend. The job ID, assuming the commit action was successfully submitted, the response from the server, and if an error was encountered or not are all returned from this function.

func (*Client) CommitLocks

func (c *Client) CommitLocks(vsys string) ([]util.Lock, error)

CommitLocks returns any commit locks that are currently in place.

If vsys is an empty string, then the vsys will default to "shared".

func (*Client) Communicate

func (c *Client) Communicate(data url.Values, ans interface{}) ([]byte, error)

Communicate sends the given data to PAN-OS.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

Even if an answer struct is given, we first check for known error formats. If a known error format is detected, unmarshalling into the answer struct is not performed.

If the API key is set, but not present in the given data, then it is added in.

func (*Client) CommunicateFile

func (c *Client) CommunicateFile(content, filename, fp string, data url.Values, ans interface{}) ([]byte, error)

CommunicateFile does a file upload to PAN-OS.

The content param is the content of the file you want to upload.

The filename param is the basename of the file you want to specify in the multipart form upload.

The fp param is the name of the param for the file upload.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

Even if an answer struct is given, we first check for known error formats. If a known error format is detected, unmarshalling into the answer struct is not performed.

If the API key is set, but not present in the given data, then it is added in.

func (*Client) ConfigLocks

func (c *Client) ConfigLocks(vsys string) ([]util.Lock, error)

ConfigLocks returns any config locks that are currently in place.

If vsys is an empty string, then the vsys will default to "shared".

func (*Client) Delete

func (c *Client) Delete(path, extras, ans interface{}) ([]byte, error)

Delete runs a "delete" type command, removing the supplied xpath and everything underneath it.

The path param should be either a string or a slice of strings.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) Edit

func (c *Client) Edit(path, element, extras, ans interface{}) ([]byte, error)

Edit runs a "edit" type command, modifying what is at the given xpath with the supplied element.

The path param should be either a string or a slice of strings.

The element param can be either a string of properly formatted XML to send or a struct which can be marshaled into a string.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) EntryListUsing

func (c *Client) EntryListUsing(fn util.Retriever, path []string) ([]string, error)

EntryListUsing retrieves an list of entries using the given function, either Get or Show.

func (*Client) Get

func (c *Client) Get(path, extras, ans interface{}) ([]byte, error)

Get runs a "get" type command.

The path param should be either a string or a slice of strings.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) Import

func (c *Client) Import(cat, content, filename, fp string, extras map[string]string, ans interface{}) ([]byte, error)

Import performs an import type command.

The cat param is the category.

The content param is the content of the file you want to upload.

The filename param is the basename of the file you want to specify in the multipart form upload.

The fp param is the name of the param for the file upload.

The extras param is any additional key/value file upload params.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) Initialize

func (c *Client) Initialize() error

Initialize does some initial setup of the Client connection, retrieves the API key if it was not already present, then performs "show system info" to get the PAN-OS version. The full results are saved into the client's SystemInfo map.

If not specified, the following is assumed:

  • Protocol: https
  • Port: (unspecified)
  • Timeout: 10
  • Logging: LogAction | LogUid

func (*Client) IsImported

func (c *Client) IsImported(loc, tmpl, ts, vsys, name string) (bool, error)

IsImported checks if the importable object is actually imported in the specified location.

func (*Client) LockCommits

func (c *Client) LockCommits(vsys, comment string) error

LockCommits locks commits for the given scope with the given comment.

If vsys is an empty string, the scope defaults to "shared".

func (*Client) LockConfig

func (c *Client) LockConfig(vsys, comment string) error

LockConfig locks the config for the given scope with the given comment.

If vsys is an empty string, the scope defaults to "shared".

func (*Client) LogAction

func (c *Client) LogAction(msg string, i ...interface{})

LogAction writes a log message for SET/DELETE operations if LogAction is set.

func (*Client) LogOp

func (c *Client) LogOp(msg string, i ...interface{})

LogOp writes a log message for OP operations if LogOp is set.

func (*Client) LogQuery

func (c *Client) LogQuery(msg string, i ...interface{})

LogQuery writes a log message for GET/SHOW operations if LogQuery is set.

func (*Client) LogUid

func (c *Client) LogUid(msg string, i ...interface{})

LogUid writes a log message for User-Id operations if LogUid is set.

func (*Client) MemberListUsing

func (c *Client) MemberListUsing(fn util.Retriever, path []string) ([]string, error)

MemberListUsing retrieves an list of members using the given function, either Get or Show.

func (*Client) Move

func (c *Client) Move(path interface{}, where, dst string, extras, ans interface{}) ([]byte, error)

Move does a "move" type command.

func (*Client) Op

func (c *Client) Op(req interface{}, vsys string, extras, ans interface{}) ([]byte, error)

Op runs an operational or "op" type command.

The req param can be either a properly formatted XML string or a struct that can be marshalled into XML.

The vsys param is the vsys the op command should be executed in, if any.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) Plugins added in v0.2.0

func (c *Client) Plugins() []map[string]string

Plugins returns the plugin information.

func (*Client) PositionFirstEntity

func (c *Client) PositionFirstEntity(mvt int, rel, ent string, path, elms []string) error

PositionFirstEntity moves an element before another one using the Move API command.

Param `mvt` is a util.Move* constant.

Param `rel` is the relative entity that `mvt` is in relation to.

Param `ent` is the entity that is to be positioned.

Param `path` is the XPATH of `ent`.

Param `elms` is the ordered list of entities that should include both `rel` and `ent`. be found.

func (*Client) RequestPasswordHash

func (c *Client) RequestPasswordHash(val string) (string, error)

RequestPasswordHash requests a password hash of the given string.

func (*Client) RetrieveApiKey

func (c *Client) RetrieveApiKey() error

RetrieveApiKey retrieves the API key, which will require that both the username and password are defined.

The currently set ApiKey is forgotten when invoking this function.

func (*Client) RevertToRunningConfig

func (c *Client) RevertToRunningConfig() error

RevertToRunningConfig discards any changes made and reverts to the last config committed.

func (*Client) Set

func (c *Client) Set(path, element, extras, ans interface{}) ([]byte, error)

Set runs a "set" type command, creating the element at the given xpath.

The path param should be either a string or a slice of strings.

The element param can be either a string of properly formatted XML to send or a struct which can be marshaled into a string.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) Show

func (c *Client) Show(path, extras, ans interface{}) ([]byte, error)

Show runs a "show" type command.

The path param should be either a string or a slice of strings.

The extras param should be either nil or a url.Values{} to be mixed in with the constructed request.

The ans param should be a pointer to a struct to unmarshal the response into or nil.

Any response received from the server is returned, along with any errors encountered.

func (*Client) String

func (c *Client) String() string

String is the string representation of a client connection. Both the password and API key are replaced with stars, if set, making it safe to print the client connection in log messages.

func (*Client) Uid

func (c *Client) Uid(cmd interface{}, vsys string, extras, ans interface{}) ([]byte, error)

Uid performs User-ID API calls.

func (*Client) UnlockCommits

func (c *Client) UnlockCommits(vsys, admin string) error

UnlockCommits removes the commit lock on the given scope owned by the given admin, if this admin is someone other than the current acting admin.

If vsys is an empty string, the scope defaults to "shared".

func (*Client) UnlockConfig

func (c *Client) UnlockConfig(vsys string) error

UnlockConfig removes the config lock on the given scope.

If vsys is an empty string, the scope defaults to "shared".

func (*Client) ValidateConfig

func (c *Client) ValidateConfig(sync bool) (uint, error)

ValidateConfig performs a commit config validation check.

Setting sync to true means that this function will block until the job finishes.

This function returns the job ID and if any errors were encountered.

func (*Client) Versioning

func (c *Client) Versioning() version.Number

Versioning returns the client version number.

func (*Client) VsysImport

func (c *Client) VsysImport(loc, tmpl, ts, vsys string, names []string) error

VsysImport imports the given names into the specified template / vsys.

func (*Client) VsysUnimport

func (c *Client) VsysUnimport(loc, tmpl, ts string, names []string) error

VsysUnimport removes the given names from all (template, optional) vsys.

func (*Client) WaitForJob

func (c *Client) WaitForJob(id uint, resp interface{}) error

WaitForJob polls the device, waiting for the specified job to finish.

If you want to unmarshal the response into a struct, then pass in a pointer to the struct for the "resp" param. If you just want to know if the job completed with a status other than "FAIL", you only need to check the returned error message.

In the case that there are multiple errors returned from the job, the first error is returned as the error string, and no unmarshaling is attempted.

type Firewall

type Firewall struct {
	Client

	// Namespaces
	Network   *netw.FwNetw
	Device    *dev.FwDev
	Policies  *poli.FwPoli
	Objects   *objs.FwObjs
	Licensing *licen.Licen
	UserId    *userid.UserId
}

Firewall is a firewall specific client, providing version safe functions for the PAN-OS Xpath API methods. After creating the object, invoke Initialize() to prepare it for use.

It has the following namespaces:

  • Network
  • Device
  • Policies
  • Objects
  • Licensing
  • UserId

func (*Firewall) GetDhcpInfo

func (c *Firewall) GetDhcpInfo(i string) (map[string]string, error)

GetDhcpInfo returns the DHCP client information about the given interface.

func (*Firewall) Initialize

func (c *Firewall) Initialize() error

Initialize does some initial setup of the Firewall connection, retrieves the API key if it was not already present, then performs "show system info" to get the PAN-OS version. The full results are saved into the client's SystemInfo map.

If not specified, the following is assumed:

  • Protocol: https
  • Port: (unspecified)
  • Timeout: 10
  • Logging: LogAction | LogUid

type Panorama

type Panorama struct {
	Client

	// Namespaces
	Device    *dev.PanoDev
	Licensing *licen.Licen
	UserId    *userid.UserId
	Panorama  *pnrm.Pnrm
	Objects   *objs.PanoObjs
	Policies  *poli.PanoPoli
	Network   *netw.PanoNetw
}

Panorama is a panorama specific client, providing version safe functions for the PAN-OS Xpath API methods. After creating the object, invoke Initialize() to prepare it for use.

It has the following namespaces:

  • Licensing
  • UserId

func (*Panorama) CommitAll

func (c *Panorama) CommitAll(dg, desc string, serials []string, tmpl, sync bool) (uint, error)

CommitAll performs a Panorama commit-all.

Param dg is the device group you want to commit-all on. Note that all other params are ignored / unused if the device group is left empty.

Param desc is the optional commit description message you want associated with the commit.

Param serials is the list of serial numbers you want to limit the commit-all to that are also in the device group dg.

Param tmpl should be true if you want to push template config as well.

Param sync should be true if you want this function to block until the commit job completes.

Commits result in a job being submitted to the backend. The job ID and if an error was encountered or not are returned from this function.

func (*Panorama) Initialize

func (c *Panorama) Initialize() error

Initialize does some initial setup of the Panorama connection, retrieves the API key if it was not already present, then performs "show system info" to get the PAN-OS version. The full results are saved into the client's SystemInfo map.

If not specified, the following is assumed:

  • Protocol: https
  • Port: (unspecified)
  • Timeout: 10
  • Logging: LogAction | LogUid

type PanosError

type PanosError struct {
	Msg  string
	Code int
}

PanosError is the error struct returned from the Communicate method.

func (PanosError) Error

func (e PanosError) Error() string

Error returns the error message.

func (PanosError) ObjectNotFound

func (e PanosError) ObjectNotFound() bool

ObjectNotFound returns true on missing object error.

Directories

Path Synopsis
dev
Package dev is the client.Device namespace.
Package dev is the client.Device namespace.
general
Package general is the client.Device.GeneralSettings namespace.
Package general is the client.Device.GeneralSettings namespace.
profile/email
Package email is the client.Object.EmailServerProfile namespace.
Package email is the client.Object.EmailServerProfile namespace.
profile/email/server
Package server is the client.Object.EmailServer namespace.
Package server is the client.Object.EmailServer namespace.
profile/http
Package http is the client.Object.HttpServerProfile namespace.
Package http is the client.Object.HttpServerProfile namespace.
profile/http/header
Package header is the client.Object.HttpHeader namespace.
Package header is the client.Object.HttpHeader namespace.
profile/http/param
Package param is the client.Object.HttpParam namespace.
Package param is the client.Object.HttpParam namespace.
profile/http/server
Package server is the client.Object.HttpServer namespace.
Package server is the client.Object.HttpServer namespace.
profile/snmp
Package snmp is the client.Object.SnmpServerProfile namespace.
Package snmp is the client.Object.SnmpServerProfile namespace.
profile/snmp/v2c
Package v2c is the client.Object.SnmpV2cServer namespace.
Package v2c is the client.Object.SnmpV2cServer namespace.
profile/snmp/v3
Package v3 is the client.Object.SnmpV3Server namespace.
Package v3 is the client.Object.SnmpV3Server namespace.
profile/syslog
Package syslog is the client.Object.SyslogServerProfile namespace.
Package syslog is the client.Object.SyslogServerProfile namespace.
profile/syslog/server
Package server is the client.Object.SyslogServer namespace.
Package server is the client.Object.SyslogServer namespace.
telemetry
Package telemetry is the firewall.Device.Telemetry namespace.
Package telemetry is the firewall.Device.Telemetry namespace.
Package licen is the client.Licensing namespace.
Package licen is the client.Licensing namespace.
Package netw is the client.Network namespace.
Package netw is the client.Network namespace.
ikegw
Package ikegw is the client.Network.IkeGateway namespace.
Package ikegw is the client.Network.IkeGateway namespace.
interface/aggregate
Package aggregate is the client.Network.AggregateInterface namespace.
Package aggregate is the client.Network.AggregateInterface namespace.
interface/eth
Package eth is the client.Network.EthernetInterface namespace.
Package eth is the client.Network.EthernetInterface namespace.
interface/loopback
Package loopback is the client.Network.LoopbackInterface namespace.
Package loopback is the client.Network.LoopbackInterface namespace.
interface/subinterface/layer2
Package layer2 is the client.Network.Layer2Subinterface namespace.
Package layer2 is the client.Network.Layer2Subinterface namespace.
interface/subinterface/layer3
Package layer3 is the client.Network.Layer3Subinterface namespace.
Package layer3 is the client.Network.Layer3Subinterface namespace.
interface/tunnel
Package loopback is the client.Network.TunnelInterface namespace.
Package loopback is the client.Network.TunnelInterface namespace.
interface/vlan
Package vlan is the client.Network.VlanInterface namespace.
Package vlan is the client.Network.VlanInterface namespace.
ipsectunnel
Package ipsectunnel is the client.Network.IpsecTunnel namespace.
Package ipsectunnel is the client.Network.IpsecTunnel namespace.
ipsectunnel/proxyid/ipv4
Package ipv4 is the client.Network.IpsecTunnelProxyId namespace.
Package ipv4 is the client.Network.IpsecTunnelProxyId namespace.
profile/bfd
Package bfd is the client.Network.BfdProfile namespace.
Package bfd is the client.Network.BfdProfile namespace.
profile/ike
Package ike is the client.Network.IkeCryptoProfile namespace.
Package ike is the client.Network.IkeCryptoProfile namespace.
profile/ipsec
Package ipsec is the client.Network.IpsecCryptoProfile namespace.
Package ipsec is the client.Network.IpsecCryptoProfile namespace.
profile/mngtprof
Package mngtprof is the client.Network.ManagementProfile namespace.
Package mngtprof is the client.Network.ManagementProfile namespace.
profile/monitor
Package monitor is the client.Network.MonitorProfile namespace.
Package monitor is the client.Network.MonitorProfile namespace.
routing/profile/redist/ipv4
Package ipv4 is the client.Network.RedistributionProfile namespace.
Package ipv4 is the client.Network.RedistributionProfile namespace.
routing/protocol/bgp
Package bgp is the client.Network.BgpConfig namespace.
Package bgp is the client.Network.BgpConfig namespace.
routing/protocol/bgp/aggregate
Package aggregate is the client.Network.BgpAggregation namespace.
Package aggregate is the client.Network.BgpAggregation namespace.
routing/protocol/bgp/aggregate/filter/advertise
Package advertise is the client.Network.BgpAggAdvertiseFilter namespace.
Package advertise is the client.Network.BgpAggAdvertiseFilter namespace.
routing/protocol/bgp/aggregate/filter/suppress
Package suppress is the client.Network.BgpAggSuppressFilter namespace.
Package suppress is the client.Network.BgpAggSuppressFilter namespace.
routing/protocol/bgp/conadv
Package conadv is the client.Network.BgpConditionalAdv namespace.
Package conadv is the client.Network.BgpConditionalAdv namespace.
routing/protocol/bgp/conadv/filter/advertise
Package advertise is the client.Network.BgpConAdvAdvertiseFilter namespace.
Package advertise is the client.Network.BgpConAdvAdvertiseFilter namespace.
routing/protocol/bgp/conadv/filter/nonexist
Package nonexist is the client.Network.BgpConAdvNonExistFilter namespace.
Package nonexist is the client.Network.BgpConAdvNonExistFilter namespace.
routing/protocol/bgp/exp
Package exp is the client.Network.BgpExport namespace.
Package exp is the client.Network.BgpExport namespace.
routing/protocol/bgp/imp
Package imp is the client.Network.BgpImport namespace.
Package imp is the client.Network.BgpImport namespace.
routing/protocol/bgp/peer
Package peer is the client.Network.BgpPeer namespace.
Package peer is the client.Network.BgpPeer namespace.
routing/protocol/bgp/peer/group
Package group is the client.Network.BgpPeerGroup namespace.
Package group is the client.Network.BgpPeerGroup namespace.
routing/protocol/bgp/profile/auth
Package auth is the client.Network.BgpAuthProfile namespace.
Package auth is the client.Network.BgpAuthProfile namespace.
routing/protocol/bgp/profile/dampening
Package dampening is the client.Network.BgpDampeningProfile namespace.
Package dampening is the client.Network.BgpDampeningProfile namespace.
routing/protocol/bgp/redist
Package redist is the client.Network.BgpRedistRule namespace.
Package redist is the client.Network.BgpRedistRule namespace.
routing/route/static/ipv4
Package ipv4 is the client.Network.StaticRoute namespace.
Package ipv4 is the client.Network.StaticRoute namespace.
routing/router
Package router is the client.Network.VirtualRouter namespace.
Package router is the client.Network.VirtualRouter namespace.
tunnel/gre
Package gre is the client.Network.GreTunnel namespace.
Package gre is the client.Network.GreTunnel namespace.
vlan
Package vlan is the client.Network.Vlan namespace.
Package vlan is the client.Network.Vlan namespace.
zone
Package zone is the client.Network.Zone namespace.
Package zone is the client.Network.Zone namespace.
Package objs is the client.Objects namespace.
Package objs is the client.Objects namespace.
addr
Package addr is the ngfw.Objects.Address namespace.
Package addr is the ngfw.Objects.Address namespace.
addrgrp
Package addrgrp is the client.Objects.AddressGroup namespace.
Package addrgrp is the client.Objects.AddressGroup namespace.
app
Package app is the client.Objects.Application namespace.
Package app is the client.Objects.Application namespace.
app/group
Package group is the client.Objects.AppGroup namespace.
Package group is the client.Objects.AppGroup namespace.
app/signature
Package signature is the client.Objects.AppSignature namespace.
Package signature is the client.Objects.AppSignature namespace.
app/signature/andcond
Package andcond is the client.Objects.AppSigAndCond namespace.
Package andcond is the client.Objects.AppSigAndCond namespace.
app/signature/orcond
Package orcond is the client.Objects.AppSigAndCondOrCond namespace.
Package orcond is the client.Objects.AppSigAndCondOrCond namespace.
edl
Package edl is the ngfw.Objects.Edl namespace.
Package edl is the ngfw.Objects.Edl namespace.
profile/logfwd
Package logfwd is the client.Object.LogForwardingProfile namespace.
Package logfwd is the client.Object.LogForwardingProfile namespace.
profile/logfwd/matchlist
Package matchlist is the client.Object.LogForwardingProfileMatchList namespace.
Package matchlist is the client.Object.LogForwardingProfileMatchList namespace.
profile/logfwd/matchlist/action
Package action is the client.Object.LogForwardingProfileMatchListAction namespace.
Package action is the client.Object.LogForwardingProfileMatchListAction namespace.
srvc
Package srvc is the client.Objects.Services namespace.
Package srvc is the client.Objects.Services namespace.
srvcgrp
Package srvcgrp is the client.Objects.ServiceGroup namespace.
Package srvcgrp is the client.Objects.ServiceGroup namespace.
tags
Package tags is the client.Objects.Tags namespace.
Package tags is the client.Objects.Tags namespace.
Package pnrm is the client.Panorama namespace.
Package pnrm is the client.Panorama namespace.
dg
Package dg is the client.Panorama.DeviceGroup namespace.
Package dg is the client.Panorama.DeviceGroup namespace.
plugins/gcp/account
Package account is the client.Panorama.GcpAccount namespace.
Package account is the client.Panorama.GcpAccount namespace.
plugins/gcp/gke/cluster
Package cluster is the client.Panorama.GkeCluster namespace.
Package cluster is the client.Panorama.GkeCluster namespace.
plugins/gcp/gke/cluster/group
Package group is the client.Panorama.GkeClusterGroup namespace.
Package group is the client.Panorama.GkeClusterGroup namespace.
template
Package template is the client.Panorama.Template namespace.
Package template is the client.Panorama.Template namespace.
template/stack
Package stack is the client.Panorama.TemplateStack namespace.
Package stack is the client.Panorama.TemplateStack namespace.
template/variable
Package variable is the client.Panorama.TemplateVariable namespace.
Package variable is the client.Panorama.TemplateVariable namespace.
Package poli is the client.Policies namespace.
Package poli is the client.Policies namespace.
nat
Package nat is the client.Policies.Nat namespace.
Package nat is the client.Policies.Nat namespace.
pbf
Package pbf is the client.Policies.PolicyBasedForwarding namespace.
Package pbf is the client.Policies.PolicyBasedForwarding namespace.
security
Package security is the client.Policies.Security namespace.
Package security is the client.Policies.Security namespace.
Package userid is the client.UserId namespace, for interacting with the User-ID API.
Package userid is the client.UserId namespace, for interacting with the User-ID API.
Package util contains various shared structs and functions used across the pango package.
Package util contains various shared structs and functions used across the pango package.
Package version contains a version number struct that pango uses to make decisions on the specific structs to use when sending XML to the PANOS device.
Package version contains a version number struct that pango uses to make decisions on the specific structs to use when sending XML to the PANOS device.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL