security

package
v0.3.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2019 License: ISC Imports: 4 Imported by: 4

Documentation

Overview

Package security is the client.Policies.Security namespace.

Normalized object: Entry

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Entry

type Entry struct {
	Name                            string
	Type                            string
	Description                     string
	Tags                            []string // ordered
	SourceZones                     []string // unordered
	SourceAddresses                 []string // unordered
	NegateSource                    bool
	SourceUsers                     []string // unordered
	HipProfiles                     []string // unordered
	DestinationZones                []string // unordered
	DestinationAddresses            []string // unordered
	NegateDestination               bool
	Applications                    []string // unordered
	Services                        []string // unordered
	Categories                      []string // unordered
	Action                          string
	LogSetting                      string
	LogStart                        bool
	LogEnd                          bool
	Disabled                        bool
	Schedule                        string
	IcmpUnreachable                 bool
	DisableServerResponseInspection bool
	Group                           string
	Targets                         map[string][]string
	NegateTarget                    bool
	Virus                           string
	Spyware                         string
	Vulnerability                   string
	UrlFiltering                    string
	FileBlocking                    string
	WildFireAnalysis                string
	DataFiltering                   string
}

Entry is a normalized, version independent representation of a security rule.

Targets is a map where the key is the serial number of the target device and the value is a list of specific vsys on that device. The list of vsys is nil if all vsys on that device should be included or if the device is a virtual firewall (and thus only has vsys1).

func (*Entry) Copy

func (o *Entry) Copy(s Entry)

Copy copies the information from source Entry `s` to this object. As the Name field relates to the XPATH of this object, this field is not copied.

func (*Entry) Defaults

func (o *Entry) Defaults()

Defaults sets params with uninitialized values to their GUI default setting.

The defaults are as follows:

  • Type: "universal"
  • SourceZones: ["any"]
  • SourceAddresses: ["any"]
  • SourceUsers: ["any"]
  • HipProfiles: ["any"]
  • DestinationZones: ["any"]
  • DestinationAddresses: ["any"]
  • Applications: ["any"]
  • Services: ["application-default"]
  • Categories: ["any"]
  • Action: "allow"
  • LogEnd: true

type FwSecurity

type FwSecurity struct {
	// contains filtered or unexported fields
}

FwSecurity is the client.Policies.Security namespace.

func (*FwSecurity) Delete

func (c *FwSecurity) Delete(vsys string, e ...interface{}) error

Delete removes the given security policies.

Security policies can be either a string or an Entry object.

func (*FwSecurity) DeleteAll

func (c *FwSecurity) DeleteAll(vsys string) error

DeleteAll removes all security policies from the specified vsys.

func (*FwSecurity) Edit

func (c *FwSecurity) Edit(vsys string, e Entry) error

Edit performs EDIT to create / update a security policy.

func (*FwSecurity) Get

func (c *FwSecurity) Get(vsys, name string) (Entry, error)

Get performs GET to retrieve information for the given security policy.

func (*FwSecurity) GetList

func (c *FwSecurity) GetList(vsys string) ([]string, error)

GetList performs GET to retrieve a list of security policies.

func (*FwSecurity) Initialize

func (c *FwSecurity) Initialize(con util.XapiClient)

Initialize is invoed by client.Initialize().

func (*FwSecurity) MoveGroup

func (c *FwSecurity) MoveGroup(vsys string, movement int, rule string, e ...Entry) error

MoveGroup moves a logical group of security policies somewhere in relation to another security policy.

The `movement` param should be one of the Move constants in the util package.

The `rule` param is the other rule the `movement` param is referencing. If this is an empty string, then the first policy in the group isn't moved anywhere, but all other policies will still be moved to be grouped with the first one.

func (*FwSecurity) Set

func (c *FwSecurity) Set(vsys string, e ...Entry) error

Set performs SET to create / update one or more security policies.

func (*FwSecurity) Show

func (c *FwSecurity) Show(vsys, name string) (Entry, error)

Get performs SHOW to retrieve information for the given security policy.

func (*FwSecurity) ShowList

func (c *FwSecurity) ShowList(vsys string) ([]string, error)

ShowList performs SHOW to retrieve a list of security policies.

func (*FwSecurity) VerifiableEdit

func (c *FwSecurity) VerifiableEdit(vsys string, e ...Entry) error

VerifiableEdit behaves like Edit(), except policies with LogEnd as true will first be created with LogEnd as false, and then a second Set() is performed which will do LogEnd as true. This is due to the unique combination of being a boolean value that is true by default, the XML returned from querying the rule details will omit the LogEnd setting, which will be interpreted as false, when in fact it is true. We can get around this by setting the value to a non-standard value, then back again, in which case it will properly show up in the returned XML.

func (*FwSecurity) VerifiableSet

func (c *FwSecurity) VerifiableSet(vsys string, e ...Entry) error

VerifiableSet behaves like Set(), except policies with LogEnd as true will first be created with LogEnd as false, and then a second Set() is performed which will do LogEnd as true. This is due to the unique combination of being a boolean value that is true by default, the XML returned from querying the rule details will omit the LogEnd setting, which will be interpreted as false, when in fact it is true. We can get around this by setting the value to a non-standard value, then back again, in which case it will properly show up in the returned XML.

type PanoSecurity

type PanoSecurity struct {
	// contains filtered or unexported fields
}

PanoSecurity is the client.Policies.Security namespace.

func (*PanoSecurity) Delete

func (c *PanoSecurity) Delete(dg, base string, e ...interface{}) error

Delete removes the given security policies.

Security policies can be either a string or an Entry object.

func (*PanoSecurity) DeleteAll

func (c *PanoSecurity) DeleteAll(dg, base string) error

DeleteAll removes all security policies from the specified dg / rulebase.

func (*PanoSecurity) Edit

func (c *PanoSecurity) Edit(dg, base string, e Entry) error

Edit performs EDIT to create / update a security policy.

func (*PanoSecurity) Get

func (c *PanoSecurity) Get(dg, base, name string) (Entry, error)

Get performs GET to retrieve information for the given security policy.

func (*PanoSecurity) GetList

func (c *PanoSecurity) GetList(dg, base string) ([]string, error)

GetList performs GET to retrieve a list of security policies.

func (*PanoSecurity) Initialize

func (c *PanoSecurity) Initialize(con util.XapiClient)

Initialize is invoed by client.Initialize().

func (*PanoSecurity) MoveGroup

func (c *PanoSecurity) MoveGroup(dg, base string, movement int, rule string, e ...Entry) error

MoveGroup moves a logical group of security policies somewhere in relation to another security policy.

The `movement` param should be one of the Move constants in the util package.

The `rule` param is the other rule the `movement` param is referencing. If this is an empty string, then the first policy in the group isn't moved anywhere, but all other policies will still be moved to be grouped with the first one.

func (*PanoSecurity) Set

func (c *PanoSecurity) Set(dg, base string, e ...Entry) error

Set performs SET to create / update one or more security policies.

func (*PanoSecurity) Show

func (c *PanoSecurity) Show(dg, base, name string) (Entry, error)

Get performs SHOW to retrieve information for the given security policy.

func (*PanoSecurity) ShowList

func (c *PanoSecurity) ShowList(dg, base string) ([]string, error)

ShowList performs SHOW to retrieve a list of security policies.

func (*PanoSecurity) VerifiableEdit

func (c *PanoSecurity) VerifiableEdit(dg, base string, e ...Entry) error

VerifiableEdit behaves like Edit(), except policies with LogEnd as true will first be created with LogEnd as false, and then a second Set() is performed which will do LogEnd as true. This is due to the unique combination of being a boolean value that is true by default, the XML returned from querying the rule details will omit the LogEnd setting, which will be interpreted as false, when in fact it is true. We can get around this by setting the value to a non-standard value, then back again, in which case it will properly show up in the returned XML.

func (*PanoSecurity) VerifiableSet

func (c *PanoSecurity) VerifiableSet(dg, base string, e ...Entry) error

VerifiableSet behaves like Set(), except policies with LogEnd as true will first be created with LogEnd as false, and then a second Set() is performed which will do LogEnd as true. This is due to the unique combination of being a boolean value that is true by default, the XML returned from querying the rule details will omit the LogEnd setting, which will be interpreted as false, when in fact it is true. We can get around this by setting the value to a non-standard value, then back again, in which case it will properly show up in the returned XML.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL