vwire "tag_allowed" field requires a vartype of 'int' #221
Labels
Comments
|
🎉 Thanks for opening your first issue here! Welcome to the community! |
|
I was able to get it to successfully parse by changing the 'tag-allowed' param from vartype 'int' to 'none' within the class VirtualWire network.py line 571 |
|
I'm also having this issue, is anyone working to resolve this? |
Yesterday I created pull request 232 to remove the vartype from the tag-allowed VersionedParamPath call in network.py. Hopefully it is approved and merged soon. As a workaround I have manually made the change on my machine and have been using it without problems for weeks now. You can probably do the same. |
|
Thanks for opening this and for the pull request. Sorry for the slow reply. On the surface this seems like an easy change, but we have to ensure there aren’t previous versions of PAN-OS where we’d break support. We’re confirming this through testing. It’s important to us that older scripts on older PAN-OS continue to work on the latest versions of pandevice. Will try to get this merged in ASAP, thanks for helping us prioritize it. |
|
Related to PR #232 |
github-actions bot
pushed a commit
that referenced
this issue
Jul 24, 2020
## 1.0.0-alpha.1 (2020-07-24) ### Features * IP Classification and easier field usage. Fields added: user, src_class, dst_class, server_ip, server_location, client_ip, client_location. Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type. This is done to avoid naming conflicts. ([f2405cb](f2405cb)) * New App highlighting. When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them. Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6)) * Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220) * Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226) * Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410)) ### Bug Fixes * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f)) * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76)) * Correct how target_version is determined ([4269200](4269200)), closes [#216](#216) * Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221) * if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9)) ### Reverts * Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9)) * Revert "Possible Malware Traffic table search made much more efficient". It is more efficient, on initial testing, but requires more testing of corner cases. Reversing the commit until more testing can be done. ([90fae34](90fae34))
github-actions bot
pushed a commit
that referenced
this issue
Jul 24, 2020
## 1.0.0-beta.1 (2020-07-24) ### Features * IP Classification and easier field usage. Fields added: user, src_class, dst_class, server_ip, server_location, client_ip, client_location. Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type. This is done to avoid naming conflicts. ([f2405cb](f2405cb)) * New App highlighting. When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them. Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6)) * Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220) * Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226) * Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410)) ### Bug Fixes * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f)) * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76)) * Correct how target_version is determined ([4269200](4269200)), closes [#216](#216) * Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221) * if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9)) ### Reverts * Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9)) * Revert "Possible Malware Traffic table search made much more efficient". It is more efficient, on initial testing, but requires more testing of corner cases. Reversing the commit until more testing can be done. ([90fae34](90fae34))
github-actions bot
pushed a commit
that referenced
this issue
Jul 24, 2020
## 1.0.0-beta.1 (2020-07-24) ### Features * IP Classification and easier field usage. Fields added: user, src_class, dst_class, server_ip, server_location, client_ip, client_location. Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type. This is done to avoid naming conflicts. ([f2405cb](f2405cb)) * New App highlighting. When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them. Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6)) * Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220) * Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226) * Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410)) ### Bug Fixes * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f)) * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76)) * Correct how target_version is determined ([4269200](4269200)), closes [#216](#216) * Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221) * if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9)) ### Reverts * Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9)) * Revert "Possible Malware Traffic table search made much more efficient". It is more efficient, on initial testing, but requires more testing of corner cases. Reversing the commit until more testing can be done. ([90fae34](90fae34))
github-actions bot
pushed a commit
that referenced
this issue
Jul 24, 2020
## 1.0.0-beta.1 (2020-07-24) ### Features * IP Classification and easier field usage. Fields added: user, src_class, dst_class, server_ip, server_location, client_ip, client_location. Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type. This is done to avoid naming conflicts. ([f2405cb](f2405cb)) * New App highlighting. When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them. Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6)) * Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220) * Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226) * Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410)) ### Bug Fixes * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f)) * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76)) * Correct how target_version is determined ([4269200](4269200)), closes [#216](#216) * Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221) * if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9)) ### Reverts * Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9)) * Revert "Possible Malware Traffic table search made much more efficient". It is more efficient, on initial testing, but requires more testing of corner cases. Reversing the commit until more testing can be done. ([90fae34](90fae34))
github-actions bot
pushed a commit
that referenced
this issue
Aug 17, 2020
## 1.0.0 (2020-08-17) ### Features * IP Classification and easier field usage. Fields added: user, src_class, dst_class, server_ip, server_location, client_ip, client_location. Note that client_ip was already in use by the config logs and dashboard, so that client_ip field is renamed to admin_ip, and the client_type field is renamed to admin_type. This is done to avoid naming conflicts. ([f2405cb](f2405cb)) * New App highlighting. When apps are added to the master Palo Alto Networks applipedia, Splunk will get the apps and index them. Then, dashboard panels can be created to show when new apps are added, or if any traffic in the network is matching these new apps. ([550fca6](550fca6)) * Add `type` parameter to `CustomUrlCategory` ([f3c85d6](f3c85d6)), closes [#244](#244) * Add FQDN support to IKE gateways ([722594c](722594c)), closes [#250](#250) [#252](#252) * Add normalized objects for firewall and Panorama commits ([0983558](0983558)), closes [#220](#220) * Add support for wildcard address objects ([e859ff6](e859ff6)), closes [#228](#228) [#226](#226) * Support for Dynamic Address Groups and Dynamic Address Objects (IP address tagging). This feature is utilized similarly to 'panblock', but the command is 'pantag'. ([8753410](8753410)) ### Bug Fixes * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([5bb9a9f](5bb9a9f)) * config field 'host' overlapped with Splunk default field 'host'. Changed to 'client_ip'. Changed 'client' to 'client_type'. ([d1f5e76](d1f5e76)) * Correct how target_version is determined ([4269200](4269200)), closes [#216](#216) * Fix tag-allowed property of VirtualWire ([f02143e](f02143e)), closes [#232](#232) [#221](#221) * if there are no registered addresses iterator will throw exception ([eabfbd9](eabfbd9)) * Perform release on master branch ([7da85ef](7da85ef)) ### Reverts * Revert "Added a Splunk 6 Data Model to represent the Palo Alto Networks log structure. Currently this model is NOT accelerated due to known Splunk issue (SPL-74415)" ([60b23f9](60b23f9)) * Revert "Possible Malware Traffic table search made much more efficient". It is more efficient, on initial testing, but requires more testing of corner cases. Reversing the commit until more testing can be done. ([90fae34](90fae34))
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When initially pulling in Panorama templates and parsing an exception is thrown if any value other than int is entered, even though a range or list of numbers are also valid input
Describe the bug
While parsing the template the 'tag-allowed' is assigned a vartype of 'int' so the
parse_value_from_xml_last_tag does not see valid ranges or lists such as '0-4094' as valid and raises an exception
Expected behavior
Parsing should allow for ranges and lists such as 0-4094 , 1-10, or 5,10,20-25, etc.
Current behavior
In base.py, within 'parse_value_from_xml_last_tag' in the 'Do vartype processing' section
raises an exception
Possible solution
set the tag-allowed token to a type other than int. Possibly also test using a regex such as ^[0-9,,,-]+$
Steps to reproduce
Screenshots
Context
I am unable to leverage the pandevice library to manage our Panorama because it cannot successfully parse the existing configuration
Your Environment
Panorama: 80 Templates, 60 Template Stacks, 100+ Device Groups managing a few hundred firewalls
The text was updated successfully, but these errors were encountered: