Merge branch 'develop'

Author: btorresgil

HISTORY.rst

@@ -3,6 +3,19 @@
 History
 =======
 
+0.3.2
+-----
+
+Released: 2016-04-13
+
+Status: Alpha
+
+New objects:
+
+* policies.Rulebase
+* policies.PreRulebase
+* policies.PostRulebase
+
 0.3.1
 -----
 

docs/configtree.rst

@@ -52,4 +52,10 @@ Network
 
 .. graphviz:: _diagrams/pandevice.network.dot
 
+.. _tree:
+
+Policy
+------
+
+.. graphviz:: _diagrams/pandevice.policy.dot
 

docs/module-policies.rst

@@ -7,6 +7,11 @@ Inheritance diagram
 .. inheritance-diagram:: pandevice.policies
    :parts: 1
 
+Configuration tree diagram
+--------------------------
+
+.. graphviz:: _diagrams/pandevice.policies.dot 
+
 Class Reference
 ---------------
 

docs/moduleref.py

@@ -30,13 +30,13 @@
     'ha',
     'network',
     'panorama',
+    'policies',
 ]
 
 tree_not_exists = [
     'base',
     'errors',
     'objects',
-    'policies',
     'updater',
     'userid',
 ]

pandevice/__init__.py

@@ -24,7 +24,7 @@
 
 __author__ = 'Brian Torres-Gil'
 __email__ = 'btorres-gil@paloaltonetworks.com'
-__version__ = '0.3.1'
+__version__ = '0.3.2'
 
 
 import logging

pandevice/firewall.py

@@ -71,7 +71,7 @@ class Firewall(PanDevice):
         "ha.HighAvailability",
         "objects.AddressObject",
         "objects.AddressGroup",
-        "policies.SecurityRule",
+        "policies.Rulebase",
         "network.EthernetInterface",
         "network.AggregateInterface",
         "network.LoopbackInterface",

pandevice/panorama.py

@@ -63,7 +63,8 @@ class DeviceGroup(PanObject):
         "firewall.Firewall",
         "objects.AddressObject",
         "objects.AddressGroup",
-        "policies.SecurityRule",
+        "policies.PreRulebase",
+        "policies.PostRulebase",
     )
 
     @classmethod
@@ -97,7 +98,8 @@ class Panorama(base.PanDevice):
         "firewall.Firewall",
         "objects.AddressObject",
         "objects.AddressGroup",
-        "policies.SecurityRule",
+        "policies.PreRulebase",
+        "policies.PostRulebase",
     )
 
     def __init__(self,

pandevice/policies.py

@@ -31,9 +31,43 @@
 logger.addHandler(logging.NullHandler())
 
 
+class Rulebase(PanObject):
+    """Rulebase for a Firewall
+
+    Firewall only.  For Panorama, use :class:`pandevice.policies.PreRulebase` or
+    :class:`pandevice.policies.PostRulebase`.
+
+    """
+    ROOT = Root.VSYS
+    XPATH = "/rulebase"
+    CHILDTYPES = (
+        "policies.SecurityRule",
+    )
+
+
+class PreRulebase(Rulebase):
+    """Pre-rulebase for a Panorama
+
+    Panorama only.  For Firewall, use :class:`pandevice.policies.Rulebase`.
+
+    """
+    XPATH = "/pre-rulebase"
+
+
+class PostRulebase(Rulebase):
+    """Pre-rulebase for a Panorama
+
+    Panorama only.  For Firewall, use :class:`pandevice.policies.Rulebase`.
+
+    """
+    XPATH = "/post-rulebase"
+
+
 class SecurityRule(PanObject):
     """Security Rule
 
+    Firewall only.  Use SecurityPreRule or SecurityPostRule with Panorama.
+
     Args:
         name (str): Name of the rule
         from (list): From zones
@@ -66,9 +100,7 @@ class SecurityRule(PanObject):
         data-filtering (str): Data Filtering Security Profile
 
     """
-
-    ROOT = Root.VSYS
-    XPATH = "/rulebase/security/rules"
+    XPATH = "/security/rules"
     SUFFIX = ENTRY
 
     @classmethod

setup.py

@@ -22,7 +22,7 @@
 
 setup(
     name='pandevice',
-    version='0.3.1',
+    version='0.3.2',
     description='Framework for interacting with Palo Alto Networks devices via API',
     long_description='The Palo Alto Networks Device Framework is a way to interact with Palo Alto Networks devices (including Next-generation Firewalls and Panorama) using the device API that is object oriented and conceptually similar to interaction with the device via the GUI or CLI.',
     author='Brian Torres-Gil',