Merge branch 'release/0.3.3'

Author: btorresgil

HISTORY.rst

@@ -3,6 +3,21 @@
 History
 =======
 
+0.3.3
+-----
+
+Released: 2016-04-15
+
+Status: Alpha
+
+New objects:
+
+* objects.Tag
+
+Updated objects:
+
+* policies.Rulebase
+
 0.3.2
 -----
 

pandevice/__init__.py

@@ -24,7 +24,7 @@
 
 __author__ = 'Brian Torres-Gil'
 __email__ = 'btorres-gil@paloaltonetworks.com'
-__version__ = '0.3.2'
+__version__ = '0.3.3'
 
 
 import logging

pandevice/objects.py

@@ -81,3 +81,58 @@ def variables(cls):
             Var("dynamic/filter", "dynamic_value"),
             Var("description"),
         )
+
+
+class Tag(PanObject):
+    """Administrative tag
+
+    Args:
+        name (str): Name of the tag
+        color (str): Color ID or name (eg. 'color1', 'color4', 'purple')
+        comments (str): Comments
+
+    """
+    ROOT = Root.VSYS
+    XPATH = "/tag"
+    SUFFIX = ENTRY
+
+    COLOR = {
+        "red":         1,
+        "green":       2,
+        "blue":        3,
+        "yello":       4,
+        "copper":      5,
+        "orange":      6,
+        "purple":      7,
+        "gray":        8,
+        "light green": 9,
+        "cyan":        10,
+        "light gray":  11,
+        "blue gray":   12,
+        "lime":        13,
+        "black":       14,
+        "gold":        15,
+        "brown":       16,
+    }
+
+    def __init__(self, *args, **kwargs):
+        super(Tag, self).__init__(*args, **kwargs)
+        if not hasattr(self, "_color"):
+            self._color = None
+
+    @classmethod
+    def variables(cls):
+        return (
+            Var("color"),
+            Var("comments"),
+        )
+
+    @property
+    def color(self):
+        if self._color in self.COLOR:
+            return "color"+str(self.COLOR[self._color])
+        return self._color
+
+    @color.setter
+    def color(self, value):
+        self._color = value

pandevice/policies.py

@@ -70,12 +70,12 @@ class SecurityRule(PanObject):
 
     Args:
         name (str): Name of the rule
-        from (list): From zones
-        to (list): To zones
+        fromzone (list): From zones
+        tozone (list): To zones
         source (list): Source addresses
         destination (list): Destination addresses
         application (list): Applications
-        service (list): Destination services (ports)
+        service (list): Destination services (ports) (Default: application-default)
         category (list): Destination URL Categories
         action (str): Action to take (deny, allow, drop, reset-client, reset-server, reset-both)
             Note: Not all options are available on all PAN-OS versions.
@@ -84,43 +84,46 @@ class SecurityRule(PanObject):
         log_end (bool): Log at session end
         description (str): Description of this rule
         type (str): 'universal', 'intrazone', or 'intrazone' (Default: universal)
+        tag (list): Administrative tags
         negate_source (bool): Match on the reverse of the 'source' attribute
         negate_destination (bool): Match on the reverse of the 'destination' attribute
         disabled (bool): Disable this rule
-        schedule (str): Schedule for this rule
-        icmp-unreachable (bool): Send ICMP Unreachable
+        schedule (str): Schedule Profile
+        icmp_unreachable (bool): Send ICMP Unreachable
         disable_server_response_inspection (bool): Disable server response inspection
         group (str): Security Profile Group
         virus (str): Antivirus Security Profile
         spyware (str): Anti-Spyware Security Profile
         vulnerability (str): Vulnerability Protection Security Profile
-        url-filtering (str): URL Filtering Security Profile
-        file-blocking (str): File Blocking Security Profile
-        wildfire-analysis (str): Wildfire Analysis Security Profile
-        data-filtering (str): Data Filtering Security Profile
+        url_filtering (str): URL Filtering Security Profile
+        file_blocking (str): File Blocking Security Profile
+        wildfire_analysis (str): Wildfire Analysis Security Profile
+        data_filtering (str): Data Filtering Security Profile
 
     """
+    # TODO: Add QoS variables
     XPATH = "/security/rules"
     SUFFIX = ENTRY
 
     @classmethod
     def variables(cls):
         return (
-            Var("from", vartype="member", default=("any",)),
-            Var("to", vartype="member", default=("any",)),
+            Var("from", "fromzone", vartype="member", default=("any",)),
+            Var("to", "tozone", vartype="member", default=("any",)),
             Var("source", vartype="member", default=("any",)),
             Var("source-user", vartype="member", default=("any",)),
             Var("hip-profiles", vartype="member", default=("any",)),
             Var("destination", vartype="member", default=("any",)),
             Var("application", vartype="member", default=("any",)),
-            Var("service", vartype="member", default=("any",)),
+            Var("service", vartype="member", default=("application-default",)),
             Var("category", vartype="member", default=("any",)),
             Var("action"),
             Var("log-setting"),
             Var("log-start", vartype="bool"),
             Var("log-end", vartype="bool"),
             Var("description"),
             Var("rule-type", "type", default="universal"),
+            Var("tag", vartype="member"),
             Var("negate-source", vartype="bool"),
             Var("negate-destination", vartype="bool"),
             Var("disabled", vartype="bool"),

setup.py

@@ -22,7 +22,7 @@
 
 setup(
     name='pandevice',
-    version='0.3.2',
+    version='0.3.3',
     description='Framework for interacting with Palo Alto Networks devices via API',
     long_description='The Palo Alto Networks Device Framework is a way to interact with Palo Alto Networks devices (including Next-generation Firewalls and Panorama) using the device API that is object oriented and conceptually similar to interaction with the device via the GUI or CLI.',
     author='Brian Torres-Gil',