App-PaloAlto-PolicyVerify
4 results

 view release on metacpan or  search on metacpan

MANIFEST  view on Meta::CPAN 

# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.012.
Changes
LICENSE
MANIFEST
META.json
META.yml
Makefile.PL
README
bin/pa_policy_verify
dist.ini
lib/App/PaloAlto/PolicyVerify.pm
t/00-load.t
t/author-critic.t

Makefile.PL  view on Meta::CPAN 

use ExtUtils::MakeMaker;

my %WriteMakefileArgs = (
  "ABSTRACT" => "Test firewall rules using log files.",
  "AUTHOR" => "Greg Foletta <greg\@foletta.org>",
  "CONFIGURE_REQUIRES" => {
    "ExtUtils::MakeMaker" => 0
  },
  "DISTNAME" => "App-PaloAlto-PolicyVerify",
  "EXE_FILES" => [
    "bin/pa_policy_verify"
  ],
  "LICENSE" => "perl",
  "MIN_PERL_VERSION" => "5.010",
  "NAME" => "App::PaloAlto::PolicyVerify",
  "PREREQ_PM" => {
    "Device::Firewall::PaloAlto" => 0,
    "Getopt::Long" => 0,
    "Pod::Usage" => 0,
    "Text::CSV" => 0,
    "constant" => 0,

bin/pa_policy_verify  view on Meta::CPAN 

#!/usr/bin/env perl

use strict;
use warnings;
use 5.010;
use Pod::Usage;
use Getopt::Long;
use App::PaloAlto::PolicyVerify;

# PODNAME: pa_policy_verify

my %args;
GetOptions( \%args, 'uri=s', 'username=s', 'password=s', 'vr=s', 'vsys=i',
    'insecure', 'logfile=s', 'sepchar=s', 'fields=s',
    'help' => sub { pod2usage(1) } )
  or pod2usage(2);

# --logfile is the only mandatory field.
die "No --logfile specified" unless $args{logfile};

bin/pa_policy_verify  view on Meta::CPAN 

$app->run();

__END__

=pod

=encoding UTF-8

=head1 NAME

pa_policy_verify

=head1 VERSION

version 0.0.2

=head1 SYNOPSIS

Usage: pa_policy_verify [options]

=head2 Palo Alto arguments

--uri <fw uri>

--username <username>

--password <password>

--insecure

bin/pa_policy_verify  view on Meta::CPAN 

=head2 Logfile Arguments

--logfile <path>

--sepchar <character>

--fields <sip,dip,sport,dport,proto>

=head1 DESCRIPTION

B<pa_policy_verify> will do something.

=head1 NAME

pa_policy_verify - verify a Palo Alto firewall ruleset using logs.

=head1 OPTIONS

=over 4

=item B<-c|--uri>

The URI for the Palo Alto firewall (e.g. https://pa.localdomain). Accepts either http or https. The module uses the L<Device::Firewall::PaloAlto> module under the hood which will use the B<PA_FW_URI> environment variable if no URI is specified.

=item B<-u|--username>

bin/pa_policy_verify  view on Meta::CPAN 

=item B<-s|--sepchar>

The character which separates the fields in the logfile. If not provided a comma (',') will be used. Remember to escape any characters which may be first interpreted by the shell. For example if the logfile is separated by semicolons, you will need t...

=item B<-f|--fields>

The columns of the logfile where the pertinent fields are, indexed at 0. The pertinent fields are source IP, destination IP, source port, destination port, protocol. The fields are specified as comma separated values.

As an example, if the source IP, destination IP, source port and destination port are at columns 3, 4, 5, 6, but the protocol is at column 11, you would use the following command line:

    pa_policy_verify --fields 3,4,5,6,11

If not specified, '0,1,2,3,4' is used.

=back

=head1 AUTHOR

Greg Foletta <greg@foletta.org>

=head1 COPYRIGHT AND LICENSE

lib/App/PaloAlto/PolicyVerify.pm  view on Meta::CPAN 


    # Extract and check the fields
    $obj{fields} = [ split( ',', $arguments{fields} ) ];
    if ( ( my $nfields = @{ $obj{fields} } ) != 5 ) {
        die
"'fields' argument has $nfields comma-separated values; needs to be 5 - e.g. '2,4,7,8,9'";
    }

    # Set up the firewall object
    my %pa_args = %arguments{qw(uri username password insecure)};
    $pa_args{verify_hostname} = delete $pa_args{insecure};
    $obj{vr}                  = $arguments{vr};

    $obj{fw} = Device::Firewall::PaloAlto->new(%pa_args)->auth()
      or die $obj{fw}->error;

    # Set up the CSV object
    $obj{csv} =
      Text::CSV->new( { binary => 1, sep_char => $arguments{sepchar} } )
      or die Text::CSV->error_diag();

lib/App/PaloAlto/PolicyVerify.pm  view on Meta::CPAN 

=head1 NAME

App::PaloAlto::PolicyVerify - Test firewall rules using log files.

=head1 VERSION

version 0.0.2

=head1 SYNOPSIS

This is the supporting module for the L<pa_policy_verify> application.

=head1 DESCRIPTION

This module contains the methods used by the L<pa_policy_verify> application.
It takes in information allowing it to connect to a Palo Alto firewall, and a logfile containing
flows - source/destination IP & ports, and a protocol.

It then runs each flow in the log against the security rulebase currently installed on the Palo Alto firewall 
and returns a result. The result contains:

=over 2

=item Which rule the flow would have hit

lib/App/PaloAlto/PolicyVerify.pm  view on Meta::CPAN 

        username => 'admin',
        password => 'redacted',
        insecure => 0,
        vr => 'default',
        vsys => 1,
        logfile => '/home/user/logs.csv',
        sepchar => ',',
        fields => '0,1,2,3,4'
    );

Contructs the object. Each argument maps to a command line switch in L<pa_policy_verify>. Please refer to its
documentation for information and default values.

The only argument without a default is C<logfile>.

=head2 sepchar

    $fw_tester->sepchar(';');

Sets the separating character between the fields in the logfile.



( run in 0.659 second using v1.01-cache-2.11-cpan-73692580452 )