Device-Firewall-PaloAlto
2 results

 view release on metacpan or  search on metacpan

lib/Device/Firewall/PaloAlto.pm  view on Meta::CPAN 

    my $flow = $fw->test->secpolicy(
       from => 'Trust', to => 'Untrust',
       src_ip => '192.0.2.1', dst_ip => '203.0.113.1',
       protocol => 6, port => 443
    );

    ok( $flow, 'Flow was allowed' );
    say "Flow hit rule: ".$flow->rulename;

    # Add and remove user ID information on the firewall
    $fw->user_id->add_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

    # If the module is used in a one liner, fw() sub is exported to make
    # it easier to use, and to_json() automatically prints to STDOUT.
    bash% perl -MDevice::Firewall::PaloAlto -E 'fw()->op->arp_table->to_json'

=head1 DESCRIPTION

This module provides an interface to the Palo Alto firewall API.

=head1 FUNCTIONS

lib/Device/Firewall/PaloAlto.pm  view on Meta::CPAN 

    my $arp_table = $fw->op->arp_table();

    # Returns the routes in the guest_vr virtual router
    my $routes = $fw->op->virtual_router('guest_vr');

=head2 user_id

Provides access to the L<Device::Firewall::PaloAlto::UserID> module. This module contains subroutines to add and remove dynamic IP to user mappings:

    # Add a mapping
    $fw->user_id->add_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

    # Remove a mapping
    $fw->user_id->rm_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

Refer to the module documentation for more information.

=head2 test

Provides access to the L<Device::Firewall::PaloAlto::Test> module. This module allows you to test the current state of a firewall.

    use Test::More;
    $test = $fw->test;
    ok( $test->interfaces('ethernet1/1', 'ethernet1/2'), 'Interfaces up' );

lib/Device/Firewall/PaloAlto/UserID.pm  view on Meta::CPAN 


Device::Firewall::PaloAlto::UserID - Palo Alto User-ID dynamic mapping operations.

=head1 VERSION

version 0.1.9

=head1 SYNOPSIS

    # Add an IP to user address mapping
    $ fw->user_id->add_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

    # Remove anb IP o user address mapping
    $ fw->user_id->rm_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

=head1 DESCRIPTION

This module allows for the addition and removal of dynamic IP to user address mappings.

=head1 METHODS

=head2 add_ip_mapping

Adds a user to IP mapping.

    # Bind the IP to a user with a timeout of 10 minutes
    $fw->user_id->add_ip_mapping('192.0.2.1', 'localdomain\greg.foletta', 10);

    # If no timeout is specified, defaults to one hour
    $fw->user_id->add_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

=head2 rm_ip_mapping

Removes an IP mapping. Returns true if the mapping is removed, or L<Class::Error> if there is an error.

If a mapping does not exist and a remove is attempted, true is still returned as it is not an error to remove an entry that doesn't exist.

    $fw->user_id->rm_ip_mapping('192.0.2.1', 'localdomain\greg.foletta');

=head1 AUTHOR

Greg Foletta <greg@foletta.org>

=head1 COPYRIGHT AND LICENSE

This software is copyright (c) 2019 by Greg Foletta.

This is free software; you can redistribute it and/or modify it under



( run in 0.223 second using v1.01-cache-2.11-cpan-3cd7ad12f66 )