diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index b88b4eda..c3c76b1c 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,9 +1,44 @@
CHANGELOG
-2.1.12
+2.1.13
+UTIL:
+* type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname
+* type=address actions=upload-address-2cloudmanager | extend validation if object name is already available
+* type=servicegroup-merger | introduce validation extension for childDG merger
+* type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1'
+* type=rule-compare | introduce argument 'generateRuleHtmlFile'
+* type=servicegroup-merger | extend with childancestor validation
+* type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers
+* type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content
+* type=dhcp | introduce actions=exporttoexcel:file.html
+* type=dhcp | improvement for actions=exporttoexcel
+* type=dhcp actions=display/exporttoexcel | extend with additional DHCP information
+* type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location
+* type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output
+* type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location
+* class Address - use $RuleReferenceLocation
+* type=zone | introduce 'filter=(interface is.set)'
+
+BUGFIX:
+* class Region | bugfix - introduce method type() - to handle "type=address actions="
+* type=address actions=move - bugifx/workaround - do not move region objects
+* type=addressgroup-merger | bugfix to check childancestor objects availability
+* type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging
+* class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary'
+* type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects
+* type=dhcp actions=exporttoexcel | bugfix to add correct template
+* class PH - workaround for none working API mode connector - discard setType()
+* class RULEUTIL - defaultSecurityRules not available in Fawkes Snippet
+* type=rule - actions=display/exporttoexcel:resolveaddresssummary | add new src/dst_resovled_sum - for better nested calculation
+
+GENERAL:
+* PAN-OS dynamic content update to version 8741-8213
+
+
+2.1.12 (20230731)
UTIL:
* type=bpa-generator | extend response output if not valid JSON
-* type=gcp | extend for mqsql usage and bring in mysql pw in type=key-manager
+* type=gcp | extend for mysql usage and bring in mysql pw in type=key-manager
BUGFIX:
* type=XYZ | in=api://{MGMT-IP} actions=name-rename - bugfix for API usage
diff --git a/lib/container-classes/AddressRuleContainer.php b/lib/container-classes/AddressRuleContainer.php
index c3a8a26a..1da07a29 100644
--- a/lib/container-classes/AddressRuleContainer.php
+++ b/lib/container-classes/AddressRuleContainer.php
@@ -189,7 +189,7 @@ public function API_remove($Obj, $forceAny = FALSE, $context = null)
}
- public function API_sync()
+ public function API_sync( $new = false )
{
$con = findConnectorOrDie($this);
@@ -210,7 +210,14 @@ public function API_sync()
}
}
elseif( $con->isSaseAPI() )
- $con->sendPUTRequest($this);
+ {
+ if( $new )
+ $con->sendCreateRequest($this);
+ else
+ $con->sendPUTRequest($this);
+ }
+
+
}
public function setAny()
@@ -616,7 +623,7 @@ public function getIP4Mapping( $RuleReferenceLocation = null )
elseif( $member->isAddress() )
{
/** @var Address $member */
- $localMap = $member->getIP4Mapping();
+ $localMap = $member->getIP4Mapping( $RuleReferenceLocation );
$mapObject->addMap($localMap, TRUE);
}
elseif( $member->isGroup() )
@@ -633,7 +640,7 @@ public function getIP4Mapping( $RuleReferenceLocation = null )
elseif( $member->isRegion() )
{
/** @var Region $member */
- $localMap = $member->getIP4Mapping();
+ $localMap = $member->getIP4Mapping( $RuleReferenceLocation );
$mapObject->addMap($localMap, TRUE);
}
else
diff --git a/lib/misc-classes/PH.php b/lib/misc-classes/PH.php
index 8544b613..e38f0202 100644
--- a/lib/misc-classes/PH.php
+++ b/lib/misc-classes/PH.php
@@ -182,7 +182,7 @@ function __construct($argv, $argc)
private static $library_version_major = 2;
private static $library_version_sub = 1;
- private static $library_version_bugfix = 12;
+ private static $library_version_bugfix = 13;
//BASIC AUTH PAN-OS 7.1
public static $softwareupdate_key = "658d787f293e631196dac9fb29490f1cc1bb3827";
@@ -471,7 +471,8 @@ public static function &processIOMethod($str, $checkFileExists)
$host = $fileExplode[0];
}
$connector = PanAPIConnector::findOrCreateConnectorFromHost($host);
- $connector->setType($connector->info_deviceType);
+ #swaschkut: not working 20230807
+ #$connector->setType($connector->info_deviceType);
}
else
{
diff --git a/lib/misc-classes/PanSaseAPIConnector.php b/lib/misc-classes/PanSaseAPIConnector.php
index 22917638..79230368 100644
--- a/lib/misc-classes/PanSaseAPIConnector.php
+++ b/lib/misc-classes/PanSaseAPIConnector.php
@@ -41,6 +41,8 @@ class PanSaseAPIConnector
public $url_token = "https://auth.apps.paloaltonetworks.com/oauth2/access_token";
public $url_api = "https://api.sase.paloaltonetworks.com";
+ #public $url_api = "https://api.stratacloud.paloaltonetworks.com"; //identical to api.sase.paloaltonetworks.com but introduced on 20230801
+
static public $folderArray = array(
"All",
@@ -640,6 +642,7 @@ function importConfig($sub, $folder, $type, $jsonArray)
$tmp_addressgroup->setSaseID( $object['id'] );
}
+ //elseif( isset($object['dynamic']) )
}
}
elseif( $type === "services" )
@@ -902,6 +905,26 @@ public function getDataFromObject( $object )
$bodyArray['folder'] = $object->owner->owner->name();
+ return $bodyArray;
+ }
+ if( get_class( $object ) == "AddressGroup" )
+ {
+ //Sase-API
+
+ $bodyArray['description'] = $object->description();
+ $bodyArray['name'] = $object->name();
+ $bodyArray['folder'] = $object->owner->owner->name();
+ $memberArray = $object->members();
+ if( !$object->isDynamic() )
+ {
+ $bodyArray['static'] = array();
+ foreach($memberArray as $member)
+ $bodyArray['static'][] = $member->name();
+ }
+ else
+ $bodyArray['dynamic']['filter'] = $object->filter;
+
+
return $bodyArray;
}
elseif( get_class( $object ) == "Service" )
diff --git a/lib/misc-classes/filters/filters-Zone.php b/lib/misc-classes/filters/filters-Zone.php
index 595b8064..cc8f2040 100644
--- a/lib/misc-classes/filters/filters-Zone.php
+++ b/lib/misc-classes/filters/filters-Zone.php
@@ -471,4 +471,19 @@
'input' => 'input/panorama-8.0.xml'
)
);
+
+RQuery::$defaultFilters['zone']['interface']['operators']['is.set'] = array(
+ 'Function' => function (ZoneRQueryContext $context) {
+ $object = $context->object;
+
+ $interfaces = $object->attachedInterfaces->getAll();
+ if( count($interfaces) > 0)
+ return TRUE;
+ else
+ return FALSE;
+
+ return null;
+ },
+ 'arg' => FALSE
+);
//
\ No newline at end of file
diff --git a/lib/misc-classes/trait/XmlConvertible.php b/lib/misc-classes/trait/XmlConvertible.php
index 7cabae6f..cd26e4f3 100644
--- a/lib/misc-classes/trait/XmlConvertible.php
+++ b/lib/misc-classes/trait/XmlConvertible.php
@@ -54,7 +54,7 @@ function &getChildXmlText_inline()
return DH::domlist_to_xml($this->xmlroot->childNodes, -1, FALSE);
}
- public function API_sync()
+ public function API_sync( $new = false)
{
$xpath = DH::elementToPanXPath($this->xmlroot);
$con = findConnectorOrDie($this);
@@ -62,7 +62,13 @@ public function API_sync()
if( $con->isAPI() )
$con->sendEditRequest($xpath, $this->getXmlText_inline());
elseif( $con->isSaseAPI() )
- $con->sendPUTRequest($this);
+ {
+ if( $new )
+ $con->sendCreateRequest($this);
+ else
+ $con->sendPUTRequest($this);
+ }
+
}
diff --git a/lib/network-classes/Certificate.php b/lib/network-classes/Certificate.php
index 47b4ddd2..540b2ce3 100644
--- a/lib/network-classes/Certificate.php
+++ b/lib/network-classes/Certificate.php
@@ -266,14 +266,13 @@ public function API_setName($newname)
$c = findConnectorOrDie($this);
$path = $this->getXPath();
+ $this->setName($newname);
$c->sendRenameRequest($path, $newname);
}
else
{
mwarning('this is a temporary object, cannot be renamed from API');
}
-
- $this->setName($newname);
}
public function hasPublicKey()
diff --git a/lib/network-classes/DHCP.php b/lib/network-classes/DHCP.php
index b021189e..4631817e 100644
--- a/lib/network-classes/DHCP.php
+++ b/lib/network-classes/DHCP.php
@@ -27,6 +27,11 @@ class DHCP
/** @var DHCPStore */
public $owner;
public $server_leases = array();
+ public $server_ip_pool = array();
+ public $relay_ipv4 = array();
+ public $relay_ipv6 = array();
+ public $relay_ipv4_status = false;
+ public $relay_ipv6_status = false;
/**
* @param $name string
@@ -76,9 +81,69 @@ public function load_from_domxml($xml)
$tmp_mac = $tmp_mac_xml->textContent;
$this->server_leases[] = array( 'ip' => $tmp_IP, 'mac' => $tmp_mac );
- #PH::print_stdout(" * "."IP: ".$tmp_IP." | mac: ".$tmp_mac);
}
+ }
+ }
+
+ $tmp_ip_pool = DH::findFirstElement("ip-pool", $tmp_server);
+ if( $tmp_ip_pool !== false )
+ {
+ foreach( $tmp_ip_pool->childNodes as $entry )
+ {
+ if( $entry->nodeType != XML_ELEMENT_NODE )
+ continue;
+
+ $this->server_ip_pool[] = $entry->textContent;
+ }
+ }
+ /*
+
+ auto
+ */
+ }
+ $tmp_relay = DH::findFirstElement("relay", $xml);
+ if( $tmp_relay !== false )
+ {
+ $tmp_relay_ipv4 = DH::findFirstElement("ip", $tmp_relay);
+ if( $tmp_relay_ipv4 !== false )
+ {
+ $tmp_enabled = DH::findFirstElement("enabled", $tmp_relay_ipv4);
+ if( $tmp_enabled->textContent == "yes" )
+ $this->relay_ipv4_status = true;
+ $tmp_server = DH::findFirstElement("server", $tmp_relay_ipv4);
+ if( $tmp_server !== false )
+ {
+ foreach( $tmp_server->childNodes as $entry )
+ {
+ if( $entry->nodeType != XML_ELEMENT_NODE )
+ continue;
+
+ $this->relay_ipv4[] = $entry->textContent;
+ }
+ }
+ }
+ $tmp_relay_ipv6 = DH::findFirstElement("ipv6", $tmp_relay);
+ if( $tmp_relay_ipv6 !== false )
+ {
+ $tmp_enabled = DH::findFirstElement("enabled", $tmp_relay_ipv6);
+ if( $tmp_enabled->textContent == "yes" )
+ $this->relay_ipv6_status = true;
+
+ $tmp_server = DH::findFirstElement("server", $tmp_relay_ipv6);
+ if( $tmp_server !== false )
+ {
+ foreach( $tmp_server->childNodes as $entry )
+ {
+ if( $entry->nodeType != XML_ELEMENT_NODE )
+ continue;
+
+ $this->relay_ipv6[] = $entry->textContent;
+ }
}
}
}
diff --git a/lib/network-classes/Zone.php b/lib/network-classes/Zone.php
index 0af6864d..3e765a5e 100644
--- a/lib/network-classes/Zone.php
+++ b/lib/network-classes/Zone.php
@@ -259,14 +259,13 @@ public function API_setName($newname)
$c = findConnectorOrDie($this);
$path = $this->getXPath();
+ $this->setName($newname);
$c->sendRenameRequest($path, $newname);
}
else
{
mwarning('this is a temporary object, cannot be renamed from API');
}
-
- $this->setName($newname);
}
/**
diff --git a/lib/object-classes/Address.php b/lib/object-classes/Address.php
index 63522ff6..bf12ba71 100644
--- a/lib/object-classes/Address.php
+++ b/lib/object-classes/Address.php
@@ -452,34 +452,39 @@ public function sameValue(Address $otherObject)
* Return an array['start']= startip and ['end']= endip
* @return IP4Map
*/
- public function getIP4Mapping()
+ public function getIP4Mapping( $RuleReferenceLocation = null )
{
- if( isset($this->_ip4Map) )
+ if( $RuleReferenceLocation !== null )
+ $object = $RuleReferenceLocation->addressStore->find($this->name());
+ else
+ $object = $this;
+
+ if( isset($object->_ip4Map) )
{
- return $this->_ip4Map;
+ return $object->_ip4Map;
}
- if( $this->isTmpAddr() )
+ if( $object->isTmpAddr() )
{
- if( !$this->nameIsValidRuleIPEntry() )
+ if( !$object->nameIsValidRuleIPEntry() )
{
// if this object is temporary/unsupported, we send an empty mapping
- $this->_ip4Map = new IP4Map();
- $this->_ip4Map->unresolved[$this->name] = $this;
+ $object->_ip4Map = new IP4Map();
+ $object->_ip4Map->unresolved[$object->name] = $object;
}
else
- $this->_ip4Map = IP4Map::mapFromText($this->name);
+ $object->_ip4Map = IP4Map::mapFromText($object->name);
}
- elseif( $this->type != self::TypeIpRange && $this->type != self::TypeIpNetmask && $this->type != self::TypeIpWildcard )
+ elseif( $object->type != self::TypeIpRange && $object->type != self::TypeIpNetmask && $object->type != self::TypeIpWildcard )
{
- $this->_ip4Map = new IP4Map();
- $this->_ip4Map->unresolved[$this->name] = $this;
+ $object->_ip4Map = new IP4Map();
+ $object->_ip4Map->unresolved[$object->name] = $object;
}
- elseif( $this->type == self::TypeIpNetmask || $this->type == self::TypeIpRange || $this->type == self::TypeIpWildcard )
+ elseif( $object->type == self::TypeIpNetmask || $object->type == self::TypeIpRange || $object->type == self::TypeIpWildcard )
{
- if( $this->type == self::TypeIpWildcard )
+ if( $object->type == self::TypeIpWildcard )
{
- $array = explode( "/", $this->value() );
+ $array = explode( "/", $object->value() );
$address = $array[0];
$wildcardmask = $array[1];
@@ -499,29 +504,29 @@ public function getIP4Mapping()
{
$tmp_value = $address."/".$cidr;
- $this->_ip4Map = IP4Map::mapFromText($tmp_value);
- if( $this->_ip4Map->count() == 0 )
- $this->_ip4Map->unresolved[$this->name] = $this->value();
+ $object->_ip4Map = IP4Map::mapFromText($tmp_value);
+ if( $object->_ip4Map->count() == 0 )
+ $object->_ip4Map->unresolved[$object->name] = $object->value();
}
else
{
- $this->_ip4Map->unresolved[$this->name] = $this->value();
+ $object->_ip4Map->unresolved[$object->name] = $object->value();
}
}
else
{
- $this->_ip4Map = IP4Map::mapFromText($this->value);
- if( $this->_ip4Map->count() == 0 )
- $this->_ip4Map->unresolved[$this->name] = $this;
+ $object->_ip4Map = IP4Map::mapFromText($object->value);
+ if( $object->_ip4Map->count() == 0 )
+ $object->_ip4Map->unresolved[$object->name] = $object;
}
}
else
{
- derr("unexpected type: ".$this->type() );
+ derr("unexpected type: ".$object->type() );
}
- return $this->_ip4Map;
+ return $object->_ip4Map;
}
diff --git a/lib/object-classes/AddressGroup.php b/lib/object-classes/AddressGroup.php
index 000a6d14..543c3954 100644
--- a/lib/object-classes/AddressGroup.php
+++ b/lib/object-classes/AddressGroup.php
@@ -47,6 +47,7 @@ class AddressGroup
public $filter;
public $ancestor;
+ public $childancestor;
/**
* Constructor for AddressGroup. There is little chance that you will ever need that. Look at AddressStore if you want to create an AddressGroup
@@ -847,7 +848,7 @@ public function & expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleRef
if( array_key_exists($serial, $grpArray) )
{
#mwarning("addressgroup with name: " . $object->name() . " is added as subgroup to addressgroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false, false);
- return $ret;
+ #return $ret;
}
else
{
@@ -864,10 +865,10 @@ public function & expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleRef
}
/** @var AddressGroup $object */
- $tmpList = $object->expand( $keepGroupsInList, $grpArray );
+ $tmpList = $object->expand( $keepGroupsInList, $grpArray, $RuleReferenceLocation );
- //$ret = array_merge($ret, $tmpList);
- $ret = $ret + $tmpList;
+ $ret = array_merge($ret, $tmpList);
+ #$ret = $ret + $tmpList;
unset($tmpList);
if( $keepGroupsInList )
diff --git a/lib/object-classes/Region.php b/lib/object-classes/Region.php
index 81be45c3..eb2e5610 100644
--- a/lib/object-classes/Region.php
+++ b/lib/object-classes/Region.php
@@ -156,7 +156,7 @@ public function API_setName($newName)
* Return an array['start']= startip and ['end']= endip
* @return IP4Map
*/
- public function getIP4Mapping()
+ public function getIP4Mapping( $RuleReferenceLocation = null)
{
if( isset($this->_ip4Map) )
{
@@ -180,5 +180,30 @@ public function members()
return $this->members;
}
+ /**
+ * @return string ie: 'ip-netmask' 'ip-range'
+ */
+ public function type()
+ {
+ return "region";
+ }
+
+ /**
+ * @param $otherObject Region
+ * @return bool
+ */
+ public function equals($otherObject)
+ {
+ if( !$otherObject->isRegion() )
+ return FALSE;
+
+ if( $otherObject->name != $this->name )
+ return FALSE;
+
+ //Todo: same value of Region objects
+ #return $this->sameValue($otherObject);
+ return False;
+ }
+
static protected $templatexml = 'tempvaluechangeme';
}
\ No newline at end of file
diff --git a/lib/object-classes/ServiceGroup.php b/lib/object-classes/ServiceGroup.php
index 09846ce2..0710c9ba 100644
--- a/lib/object-classes/ServiceGroup.php
+++ b/lib/object-classes/ServiceGroup.php
@@ -657,10 +657,18 @@ public function xml_convert_to_v6()
* @param bool $keepGroupsInList
* @return Service[]|ServiceGroup[] list of all member objects, if some of them are groups, they are exploded and their members inserted
*/
- public function &expand($keepGroupsInList = FALSE, &$grpArray=array())
+ public function &expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleReferenceLocation = null )
{
$ret = array();
+ $grpArray[$this->name()] = $this;
+
+ if( $RuleReferenceLocation !== null )
+ {
+ foreach( $this->members as $key => $member )
+ $this->members[$key] = $RuleReferenceLocation->serviceStore->find($member->name());
+ }
+
foreach( $this->members as $object )
{
#$serial = spl_object_hash($object);
@@ -669,8 +677,8 @@ public function &expand($keepGroupsInList = FALSE, &$grpArray=array())
{
if( array_key_exists($serial, $grpArray) )
{
- mwarning("servicegroup with name: " . $object->name() . " is added as subgroup to servicegroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false);
- return $ret;
+ #mwarning("servicegroup with name: " . $object->name() . " is added as subgroup to servicegroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false);
+ #return $ret;
}
else
$grpArray[$serial] = $serial;
@@ -682,7 +690,7 @@ public function &expand($keepGroupsInList = FALSE, &$grpArray=array())
}
/** @var ServiceGroup $object */
- $tmpList = $object->expand( $keepGroupsInList, $grpArray);
+ $tmpList = $object->expand( $keepGroupsInList, $grpArray, $RuleReferenceLocation);
$ret = array_merge($ret, $tmpList);
unset($tmpList);
diff --git a/lib/object-classes/ServiceStore.php b/lib/object-classes/ServiceStore.php
index 75beec56..ae0e9166 100644
--- a/lib/object-classes/ServiceStore.php
+++ b/lib/object-classes/ServiceStore.php
@@ -202,6 +202,7 @@ public function serviceGroups($sortByDependencies = FALSE)
unset($tmpGroupDeps[$groupName]);
}
}
+ /*
elseif( count($groupDependencies) == 1 )
{
unset($sortingArray[$groupName]);
@@ -218,6 +219,7 @@ public function serviceGroups($sortByDependencies = FALSE)
unset($tmpGroupDeps[$groupName]);
}
}
+ */
}
$loopCount++;
diff --git a/lib/object-classes/predefined.xml b/lib/object-classes/predefined.xml
index 2cea9d1f..c34c1aa8 100644
--- a/lib/object-classes/predefined.xml
+++ b/lib/object-classes/predefined.xml
@@ -1,6 +1,6 @@
- 8729-8157
+ 8741-8213
@@ -1988,6 +1988,12 @@
8212
+
+
+ ssl, web-browsing
+ 8732
+
+
ssl,web-browsing,websocket
@@ -2252,6 +2258,24 @@
667
+
+
+ ssl, web-browsing
+ 8732
+
+
+
+
+ web-browsing
+ 8732
+
+
+
+
+ web-browsing
+ 8732
+
+
ssl, web-browsing
@@ -2870,6 +2894,12 @@
8322
+
+
+ unknown-tcp, unknown-udp
+ 8732
+
+
ssl, web-browsing
@@ -3014,6 +3044,24 @@
573
+
+
+ grpc, ssl, web-browsing
+ 8732
+
+
+
+
+ ssl, web-browsing
+ 8732
+
+
+
+
+ ssl, web-browsing
+ 8732
+
+
websocket,web-browsing
@@ -4094,6 +4142,12 @@
541
+
+
+ google-base, ssl, web-browsing, websocket
+ 8732
+
+
ssl, web-browsing, websocket
@@ -5624,6 +5678,12 @@
592
+
+
+ web-browsing
+ 8732
+
+
rtcp, rtp, ssl, stun, web-browsing, websocket
@@ -5672,6 +5732,12 @@
704
+
+
+ unknown-tcp, unknown-udp
+ 8732
+
+
ssl, web-browsing
@@ -6698,6 +6764,12 @@
8681
+
+
+ web-browsing
+ 8732
+
+
ssl
@@ -7202,6 +7274,12 @@
8298
+
+
+ google-analytics, google-base, ssl, web-browsing, websocket
+ 8732
+
+
ssl, web-browsing
@@ -7400,6 +7478,12 @@
8462
+
+
+ ssl, web-browsing, unknown-tcp, unknown-udp
+ 8732
+
+
ssl, web-browsing
@@ -7868,6 +7952,12 @@
8408
+
+
+ unknown-tcp, unknown-udp
+ 8732
+
+
websocket,web-browsing
@@ -7880,6 +7970,228 @@
8356
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
+
+
+ mitsubishi-melsec
+ 8732
+
+
unknown-tcp
@@ -8678,6 +8990,12 @@
8356
+
+
+ ssl, web-browsing, websocket
+ 8732
+
+
ssl, web-browsing
@@ -10268,6 +10586,12 @@
8508
+
+
+ net.tcp
+ 8732
+
+
unknown-udp
@@ -10850,6 +11174,12 @@
8298
+
+
+ google-cloud-storage-download, google-cloud-storage-upload, ssl, web-browsing, websocket
+ 8732
+
+
ssl,web-browsing
@@ -11156,6 +11486,12 @@
8724
+
+
+ soap
+ 8732
+
+
unknown-tcp
@@ -12340,6 +12676,12 @@
8008
+
+
+ ssl, web-browsing
+ 8732
+
+
unknown-tcp
@@ -12412,6 +12754,12 @@
490
+
+
+ ssl, web-browsing
+ 8732
+
+
jabber, ssl
@@ -12430,6 +12778,12 @@
603
+
+
+ unknown-tcp
+ 8732
+
+
ssl, stun, web-browsing
@@ -12496,6 +12850,12 @@
507
+
+
+ unknown-tcp
+ 8732
+
+
unknown-tcp
@@ -13012,6 +13372,12 @@
509
+
+
+ ssl, web-browsing
+ 8732
+
+
unknown-udp, open-vpn, ike, ipsec-esp-udp
@@ -14161,6 +14527,19 @@ Autodesk, Inc. is an American multinational software corporation that makes soft
carbonite-uploading
+
+ Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation.
+
+
+ https://en.wikipedia.org/wiki/Character.ai
+
+
+
+ character-ai-base
+ character-ai-posting
+ character-ai-uploading
+
+
CheckMarket is a cloud-based survey tool.
@@ -14437,6 +14816,19 @@ Autodesk, Inc. is an American multinational software corporation that makes soft
dcinside-posting
+
+ DeepL is a deep learning company that develops artificial intelligence systems for languages.
+
+
+ https://www.deepl.com/
+
+
+
+ deepl-base
+ deepl-translator
+ deepl-write
+
+
DF-1 / DF1 protocol is an asynchronous byte-oriented protocol that is used to communicate with Allen Bradley PLCs.
@@ -16466,6 +16858,54 @@ Kaixin001's success can be partly credited to the Great Firewall of China. Due t
mercurial-uploading
+
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC communication traffic running over Ethernet.
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+ mitsubishi-melsec-base
+ mitsubishi-melsec-batch-blk-rd
+ mitsubishi-melsec-batch-blk-rw
+ mitsubishi-melsec-batch-read
+ mitsubishi-melsec-batch-write
+ mitsubishi-melsec-clear-error
+ mitsubishi-melsec-close-file
+ mitsubishi-melsec-copy-file
+ mitsubishi-melsec-create-file
+ mitsubishi-melsec-delete-file
+ mitsubishi-melsec-entry-mon-dev
+ mitsubishi-melsec-intel-func-rd
+ mitsubishi-melsec-intel-func-wr
+ mitsubishi-melsec-latch-clear
+ mitsubishi-melsec-lbl-array-rd
+ mitsubishi-melsec-lbl-array-wr
+ mitsubishi-melsec-lbl-random-rd
+ mitsubishi-melsec-lbl-random-wr
+ mitsubishi-melsec-lock-passwd
+ mitsubishi-melsec-loopback-test
+ mitsubishi-melsec-mem-batch-rd
+ mitsubishi-melsec-mem-batch-wr
+ mitsubishi-melsec-mod-file-attr
+ mitsubishi-melsec-mod-file-date
+ mitsubishi-melsec-open-file
+ mitsubishi-melsec-random-read
+ mitsubishi-melsec-random-write
+ mitsubishi-melsec-rd-file-list
+ mitsubishi-melsec-read-file
+ mitsubishi-melsec-read-model
+ mitsubishi-melsec-read-mon-dev
+ mitsubishi-melsec-remote-passwd
+ mitsubishi-melsec-remote-pause
+ mitsubishi-melsec-remote-reset
+ mitsubishi-melsec-remote-run
+ mitsubishi-melsec-remote-stop
+ mitsubishi-melsec-search-file
+ mitsubishi-melsec-write-file
+
+
mixi, Inc. is one of several SNS (social networking service) sites in Japan. As of May 2008, mixi had over 10 million users and an 80% share of the social networking market in Japan. Founded by Kenji Kasahara, under E-Mercury, Inc. (Actually Mixi, Inc.).
@@ -40786,7 +41226,6 @@ bet365's site is available in 14 different languages and supports a wide variety
drop-reset
no
yes
- yes
web20_parrent_app
@@ -42088,6 +42527,53 @@ and ensure your investments align to real business requirements.
2
bluejeans
+
+ business-systems
+ general-business
+ client-server
+ BlueXP is a unified control plane that delivers global visibility and operational simplicity of storage and data services across on-premises and cloud environments. This App-ID covers the traffic for BlueXP application.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.netapp.com/bluexp/
+
+
+
+
+ tcp/80,443
+
+
+
+ ssl
+ web-browsing
+
+ 1
+
business-systems
management
@@ -44032,7 +44518,6 @@ BrightTALK Webcasts provide individual and customized webcasts delivered through
drop-reset
no
yes
- yes
https://www.cadwell.com/cadlink/
@@ -45834,6 +46319,160 @@ Channel 4 was established with, and continues to hold, a remit of public service
16
+
+ character-ai
+ saas
+ artificial-intelligence
+ browser-based
+ Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. Users can create characters, craft their personalities, set specific parameters, and then publish them to the community for others to chat with. This App-ID covers the traffic of Character.AI.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ yes
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://en.wikipedia.org/wiki/Character.ai
+
+
+
+
+ tcp/80,443
+
+
+
+ discord
+ facebook-base
+ google-base
+
+
+ character-ai-posting
+ character-ai-uploading
+
+ 2
+ character-ai
+
+
+ saas
+ artificial-intelligence
+ browser-based
+ Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. This App-ID covers the posting traffic of Character.AI.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ yes
+ no
+ drop-reset
+ no
+ yes
+ yes
+ character-ai-base
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Posting]
+ [Web App]
+
+
+
+ https://en.wikipedia.org/wiki/Character.ai
+
+
+
+
+ tcp/80,443
+
+
+
+ character-ai-base
+
+ 2
+ character-ai
+
+
+ saas
+ artificial-intelligence
+ browser-based
+ Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. This App-ID covers the uploading traffic of Character.AI.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ yes
+ no
+ drop-reset
+ yes
+ no
+ yes
+ yes
+ yes
+ character-ai-base
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Uploading]
+ [Web App]
+
+
+
+ https://en.wikipedia.org/wiki/Character.ai
+
+
+
+
+ tcp/80,443
+
+
+
+ character-ai-base
+
+ 3
+ character-ai
+
business-systems
management
@@ -48058,7 +48697,7 @@ Channel 4 was established with, and continues to hold, a remit of public service
business-systems
management
client-server
- Citrix Director is a monitoring and troubleshooting console for Citrix Virtual Apps and Desktops. This App-ID will cover traffic for Citrix Director.
+ Citrix Director is a monitoring and troubleshooting console for Citrix Virtual Apps and Desktops. On the other hand, Citrix Studio is a management console for configuring Citrix Virtual Apps and Desktops. They both display information from Citrix Delivery Controllers. This App-ID covers traffic for both Citrix Director and Citrix Studio.
yes
no
no
@@ -48075,7 +48714,7 @@ Channel 4 was established with, and continues to hold, a remit of public service
web20_parrent_app
- https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/director.html
+ https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/technical-overview.html
@@ -50609,7 +51248,6 @@ Drag your files into Drop Zone or paste them from Clipboard and you are ready to
scada
drop-reset
no
- yes
https://www.codesys.com/products/codesys-runtime.html
@@ -52812,6 +53450,39 @@ To access a website through the Coral cache (and thus reduce the load on the sit
1
+
+ media
+ photo-video
+ client-server
+ Crestron CIP (Crestron Control Interface Protocol) is a proprietary communication protocol used to monitor and control Crestron devices, including audiovisual equipment, lighting systems, HVAC and other building automation components. This App-ID covers the Crestron Control Interface Protocol.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ iot
+ drop-reset
+ no
+ yes
+
+
+ https://www.crestron.com/getmedia/4292ddca-5063-4b79-8d61-9b29fbb425eb/mg_sr_ip-guidelines-for-the-it-professional
+
+
+
+
+ tcp/41794
+ udp/41794
+
+
+ 1
+
networking
remote-access
@@ -55431,6 +56102,165 @@ To access a website through the Coral cache (and thus reduce the load on the sit
+
+ deepl
+ saas
+ artificial-intelligence
+ browser-based
+ DeepL is a deep learning company that develops artificial intelligence systems for languages. This App-ID covers the traffic of DeepL.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ yes
+ no
+ yes
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.deepl.com/
+
+
+
+
+ tcp/80,443
+
+
+
+ ssl
+ web-browsing
+
+
+ deepl-translator
+ deepl-write
+
+
+ ssl
+ web-browsing
+
+ 2
+ deepl
+
+
+ saas
+ artificial-intelligence
+ browser-based
+ DeepL Translator is a machine translation service that produces translations of unprecedented quality. This App-ID covers the traffic of DeepL Translator.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ yes
+ no
+ yes
+ yes
+ yes
+ deepl-base
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.deepl.com/translator
+
+
+
+
+ tcp/80,443
+
+
+
+ deepl-base
+
+ 2
+ deepl
+
+
+ saas
+ artificial-intelligence
+ browser-based
+ DeepL Write is an AI writing tool that can improve your written communication with just one click. It will help you with your writing by checking the grammar, punctuation, and style as well as providing suggestions and alternative phrasing. This App-ID covers the traffic of DeepL Write.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ deepl-base
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.deepl.com/write
+
+
+
+
+ tcp/80,443
+
+
+
+ deepl-translator
+
+ 1
+ deepl
+
general-internet
internet-utility
@@ -63516,12 +64346,11 @@ For large businesses and publications, DivShare offers powerful and flexible ent
2
docusign
-
+
business-systems
management
client-server
Docuware is a document management software that allows users to electronically manage, store and share documents, regardless of format. It can automatically process any type of document regardless of its source, with internal control procedures that help meet audit and compliance requirements. Industries using this technology include health care, education, financial services, local government, transportation and manufacturing. DocuWare is available in 16 languages.
- no
yes
no
no
@@ -63533,7 +64362,6 @@ For large businesses and publications, DivShare offers powerful and flexible ent
no
no
drop-reset
- no
no
@@ -63542,9 +64370,16 @@ For large businesses and publications, DivShare offers powerful and flexible ent
- tcp/9000,9001
+ tcp/80,443,9000,9001
+
+ ssl
+ web-browsing
+
+
+ web-browsing
+
1
@@ -65153,6 +65988,52 @@ What separates DroidVPN from other VPN Applications is it can tunnel the traffic
1
+
+ collaboration
+ instant-messaging
+ client-server
+ DUST is a suite of digital safety tools for private communication, web search and identity theft protection. This App-ID covers the traffic of DUST.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ yes
+ web20_parrent_app
+
+
+ https://usedust.com/
+
+
+
+
+ tcp/80,443
+
+
+
+ google-base
+ ssl
+ web-browsing
+ websocket
+
+
+ ssl
+ web-browsing
+
+ 2
+
networking
remote-access
@@ -80759,6 +81640,42 @@ The Flumotion Streaming Platform is a CDN that supports leading formats like Win
5
+
+ business-systems
+ ics-protocols
+ client-server
+ Franklin Electric TSA (Tank Sentinel AnyWare) allows a remote connection to the Franklin Electric fuel management system console via a web browser interface. The TSA web interface enables users to view fuel management and compliance data, generate reports and access control functions for starting tank and line tests and dealing with alarms. This App-ID covers communication to the fuel management system from the Franklin Electric Tank Sentinel AnyWare web browser.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+
+
+ https://www.franklinfueling.com/
+
+
+
+
+ tcp/80,443
+
+
+
+ web-browsing
+
+ 1
+
free-conference
collaboration
@@ -81687,6 +82604,40 @@ It protects users from hackers and harmful apps, stop trackers, and can set the
4
+
+ networking
+ proxy
+ client-server
+ FRP is a fast reverse proxy that allows users to expose a local server located behind a NAT or firewall to the Internet. This App-ID covers the traffic of frp proxy.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ drop-reset
+ no
+ yes
+
+ [Proxy Avoidance]
+
+
+
+ https://gofrp.org/en/
+
+
+
+
+ tcp/7000
+ udp/7000
+
+
+ 2
+
general-internet
file-sharing
@@ -88747,6 +89698,7 @@ Google Cloud Storage allows world-wide storing and retrieval of any amount of da
avaya-spaces
+ retune
vimeo-uploading
@@ -95024,7 +95976,6 @@ It used to be that setting up a VPN tunnel was extremely difficult, however with
iot
drop-reset
no
- yes
https://us.hikvision.com/en
@@ -95966,6 +96917,42 @@ It used to be that setting up a VPN tunnel was extremely difficult, however with
20
+
+ business-systems
+ ics-protocols
+ client-server
+ HMS Anybus-S EtherNet/IP/Modbus TCP Interface includes a built-in web server that enables web pages to carry dynamic content such as I/O data, configuration settings, or even application specific data passed to the Anybus module. Anybus-S web server allows users to seamlessly inter-connect/extend PLC control systems and their connected devices on a Modbus TCP network. This App-ID covers HMS Anybus-S web server traffic.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+
+
+ https://www.anybus.com/products/gateway-index/anybus-xgateway/modbus-tcp-detail/anybus-s-ethernet-ip-modbus-tcp-inteface
+
+
+
+
+ tcp/80,443
+
+
+
+ web-browsing
+
+ 1
+
networking
encrypted-tunnel
@@ -105474,6 +106461,62 @@ Jango's music discovery engine recommends and plays additional songs based on th
5
+
+ saas
+ artificial-intelligence
+ browser-based
+ Jasper is an AI writer and AI art generator for teams. It helps user to create blog posts, marketing copy, and AI-generated images. This App-ID covers the traffic of Jasper AI.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ yes
+ websocket
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.jasper.ai/
+
+
+
+
+ tcp/80,443
+
+
+
+ google-analytics
+ google-base
+ ssl
+ web-browsing
+ websocket
+
+
+ ssl
+
+ 2
+
business-systems
management
@@ -108670,6 +109713,46 @@ Kaixin001's success can be partly credited to the Great Firewall of China. Due t
1
+
+ networking
+ remote-access
+ client-server
+ KhelpDesk is a remote access desktop application that provides remotely controllable desktops along with a helpdesk that allows managing multiple monitors, customizable modules, mobility management, and etc. This App-ID covers the remote access traffic of KhelpDesk.
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ web20_parrent_app
+
+ [Web App]
+
+
+
+ https://www.khelpdesk.com/
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ ssl
+ web-browsing
+
+ 2
+
kaixin
collaboration
@@ -118246,8 +119329,8 @@ Several SCOM servers can be aggregated together to monitor multiple networks acr
2
- business-systems
- ics-protocols
+ media
+ photo-video
client-server
XProtect by Milestone is a video management software (VMS) platform. This App-ID covers the traffic of Xprotect.
yes
@@ -118610,6 +119693,37 @@ A major benefit of the MIMACS system is that all components of system are modula
1
+
+ business-systems
+ medical
+ client-server
+ Mindray's BeneVision Telemetry aids in early detection of an ambulatory patient's changing condition. This App-ID covers the communication from a Mindray Telemetry Monitor.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://www.mindraynorthamerica.com/patient-monitoring-systems/telemetry-and-central-stations/
+
+
+
+
+ tcp/9999
+ udp/6678
+
+
+ 1
+
media
gaming
@@ -118816,11 +119930,311 @@ A major benefit of the MIMACS system is that all components of system are modula
1
-
+
+ mitsubishi-melsec
business-systems
ics-protocols
network-protocol
- MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC communication traffic running over Ethernet.
+ Mitsubishi MELSEC communication protocol is a communication protocol for Mitsubishi MELSEC programmable controllers which is used when accessing programmable controllers from an external device. This App-ID covers Mitsubishi MELSEC communication traffic running over Ethernet.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ scada
+ drop-reset
+ no
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch block read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch block write command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch write command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC error clear command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC close file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC copy file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC create new file command carried in 3E and 4E frame types.
yes
no
no
@@ -118833,6 +120247,7 @@ A major benefit of the MIMACS system is that all components of system are modula
no
drop-reset
no
+ yes
https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
@@ -118844,7 +120259,1116 @@ A major benefit of the MIMACS system is that all components of system are modula
udp/dynamic
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC delete file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC entering of monitor device command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read from the buffer memory of an intelligent function module operation command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write to the buffer memory of an intelligent function module command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote latch clear command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read data from a label or array command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write data to a label of array command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC label random read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC label random write command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote password lock command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC loopback test command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC memory batch read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC memory batch write command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC modify file attribute command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC modify file date command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC open file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device random read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device random write command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC file list read command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read cpu command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read monitored device command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote password command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote pause module command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote reset command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote run module command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote stop module command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC search file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
+ 1
+ mitsubishi-melsec
+
+
+ business-systems
+ ics-protocols
+ network-protocol
+ MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write file command carried in 3E and 4E frame types.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf
+
+
+
+
+ tcp/dynamic
+ udp/dynamic
+
+
+
+ mitsubishi-melsec-base
+
+
+ ctd-dummy
+
1
+ mitsubishi-melsec
business-systems
@@ -127124,7 +129648,6 @@ The ms-onedrive-uploading application identifies file uploading activity of user
database
client-server
Microsoft SQL Server Analysis Services (SSAS) delivers online analytical processing (OLAP) and data mining functionality for business intelligence applications. Analysis Services supports OLAP by letting you design, create, and manage multidimensional structures that contain data aggregated from other data sources, such as relational databases. For data mining applications, Analysis Services lets you design, create, and visualize data mining models that are constructed from other data sources by using a wide variety of industry-standard data mining algorithms.
- no
yes
no
no
@@ -127136,7 +129659,6 @@ The ms-onedrive-uploading application identifies file uploading activity of user
yes
no
drop-reset
- no
no
@@ -127145,7 +129667,7 @@ The ms-onedrive-uploading application identifies file uploading activity of user
- tcp/2383
+ tcp/2382-2383
1
@@ -127864,6 +130386,47 @@ The ms-onedrive-uploading application identifies file uploading activity of user
2
+
+ business-systems
+ software-development
+ browser-based
+ The Visual Studio Code Remote Tunnels extension lets users connect to a remote machine, like a desktop PC or virtual machine (VM), via a secure tunnel. Users can connect to that machine from a VS Code client anywhere, without the requirement of SSH. This App-ID covers the traffic of Visual Studio Code Remote Tunnels.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ yes
+ no
+ drop-reset
+ no
+ yes
+ yes
+ websocket
+
+ [Web App]
+
+
+
+ https://code.visualstudio.com/docs/remote/tunnels
+
+
+
+
+ tcp/80,443
+
+
+
+ github-base
+ ssl
+ web-browsing
+
+ 2
+
ms-visual-studio-tfs
business-systems
@@ -135059,7 +137622,7 @@ Office Live Workspace is a free service for storing and sharing documents online
business-systems
- medical
+ ics-protocols
client-server
FINS, Factory Interface Network Service, is a network protocol used by Omron PLCs, over different physical networks like Ethernet, Controller Link, DeviceNet and RS-232C. This App-ID covers the FINS command access right acquire.
yes
@@ -135074,7 +137637,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135113,7 +137675,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135152,7 +137713,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135191,7 +137751,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135230,7 +137789,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135269,7 +137827,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135308,7 +137865,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135347,7 +137903,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135386,7 +137941,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135425,7 +137979,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135464,7 +138017,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135503,7 +138055,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135542,7 +138093,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135581,7 +138131,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135620,7 +138169,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135659,7 +138207,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135698,7 +138245,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135737,7 +138283,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135776,7 +138321,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135815,7 +138359,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135854,7 +138397,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135893,7 +138435,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135932,7 +138473,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -135971,7 +138511,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136010,7 +138549,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136034,7 +138572,7 @@ Office Live Workspace is a free service for storing and sharing documents online
business-systems
- medical
+ ics-protocols
client-server
FINS, Factory Interface Network Service, is a network protocol used by Omron PLCs, over different physical networks like Ethernet, Controller Link, DeviceNet and RS-232C. This App-ID covers the FINS command memory card format.
yes
@@ -136049,7 +138587,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136088,7 +138625,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136127,7 +138663,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136166,7 +138701,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136205,7 +138739,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136244,7 +138777,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136283,7 +138815,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136322,7 +138853,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136361,7 +138891,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136400,7 +138929,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136439,7 +138967,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136478,7 +139005,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136517,7 +139043,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136556,7 +139081,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136595,7 +139119,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136634,7 +139157,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136673,7 +139195,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136712,7 +139233,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -136751,7 +139271,6 @@ Office Live Workspace is a free service for storing and sharing documents online
no
drop-reset
no
- yes
omron-fins-base
@@ -147010,7 +149529,6 @@ PBwiki's investors include Mohr Davidow Ventures and the Seraph Group, as well a
no
drop-reset
no
- yes
https://pevco.com/
@@ -147185,6 +149703,37 @@ PBwiki's investors include Mohr Davidow Ventures and the Seraph Group, as well a
1
+
+ business-systems
+ medical
+ client-server
+ Philips Patient Information Center (PIC iX) facilitates visibility into a patient's condition, assisting caregivers with the early identification of potential for deterioration while enhancing clinical workflow. This App-ID covers the traffic of Philips Patient Information Center.
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+
+
+ https://www.usa.philips.com/healthcare/product/HCNOCTN171/patient-information-center-ix-pic-ix
+
+
+
+
+ tcp/8050
+
+
+ 1
+
business-systems
medical
@@ -157051,6 +159600,58 @@ infrastructure.
2
+
+ saas
+ artificial-intelligence
+ browser-based
+ re:tune is a tool for creating fine-tuned models using GPT-3. Users can train and customize their own AI models, and generate API to integrate them into apps. This App-ID covers the traffic of re:tune.
+ yes
+ yes
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ yes
+ no
+ yes
+ yes
+ yes
+ google-cloud-storage-upload
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://twitter.com/retune_so
+
+
+
+
+ tcp/80,443
+
+
+
+ google-base
+ ssl
+ web-browsing
+
+ 2
+
business-systems
general-business
@@ -157934,7 +160535,6 @@ infrastructure.
drop-reset
no
yes
- yes
web20_parrent_app
[Web App]
@@ -161413,7 +164013,6 @@ What began as just a startpage with widgets has morphed into a personalized laun
scada
drop-reset
no
- yes
https://www.se.com/ww/en/faqs/FA375309/
@@ -161432,6 +164031,44 @@ What began as just a startpage with widgets has morphed into a personalized laun
1
+
+ business-systems
+ ics-protocols
+ client-server
+ The Schneider EcoStruxure Panel Server supports Devices Profile for Web Services (DPWS) protocol for IP network discovery. This App-ID covers the DPWS traffic of Schneider EcoStruxure Panel Server.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+
+ [Web App]
+
+
+
+ https://www.productinfo.schneider-electric.com/ecostruxurepanelserverguide/doca0172-ecostruxure-panel-server-user-guide/English/DOCA0172EN-07.pdf
+
+
+
+
+ tcp/5357
+
+
+
+ soap
+
+ 1
+
business-systems
ics-protocols
@@ -178726,6 +181363,57 @@ This app-id covers uploading workbooks from tableau desktop to tableau online.2
tableau
+
+ saas
+ artificial-intelligence
+ browser-based
+ Tabnine is an AI code assistant that uses generative AI technology to predict and suggests your next lines of code based on context & syntax. This App-ID covers the traffic for tabnine application.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.tabnine.com
+
+
+
+
+ tcp/80,443
+
+
+
+ ssl
+ web-browsing
+
+
+ ssl
+ web-browsing
+
+ 1
+
business-systems
auth-service
@@ -180208,6 +182896,57 @@ TalesRunner is very popular in Korea and it is gaining increasing support in oth
1
+
+ saas
+ security
+ browser-based
+ Tenable Vulnerability Management (formerly Tenable.io) provides vulnerability coverage with real-time continuous assessment of the organization. This App-ID covers the traffic for tenable.io application.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.tenable.com/products/tenable-io
+
+
+
+
+ tcp/80,443
+
+
+
+ ssl
+ web-browsing
+
+
+ ssl
+ web-browsing
+
+ 1
+
collaboration
internet-conferencing
@@ -180336,6 +183075,38 @@ TalesRunner is very popular in Korea and it is gaining increasing support in oth
2
+
+ business-systems
+ medical
+ client-server
+ TeraRecon Intuition Thin Client is a client viewer software with 2D/3D/4D image processing and advanced visualization capabilities to assist physicians review medical images. This App-ID covers communication from the TeraRecon Thin Client to the TeraRecon image processing Intuition Server.
+ yes
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ medical
+ drop-reset
+ no
+ yes
+
+
+ https://www.terarecon.com/
+
+
+
+
+ tcp/1200
+
+
+ 1
+
networking
routing
@@ -181721,6 +184492,36 @@ In addition to the remote control features (screen-sharing), Timbuktu also allow
56
+
+ business-systems
+ ics-protocols
+ client-server
+ TOCNET-G4 by SCI(TM) Technology is both a command post and vehicle intercommunication system in a single package. This App-ID covers the Soft CAU connection on the TOCNET system.
+ yes
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+
+
+ https://www.sci.com/tocnet-g4/
+
+
+
+
+ tcp/1200
+
+
+ 1
+
saas
voip-video
@@ -190360,6 +193161,57 @@ Voddler's concept is similar to those of Amazon Video on Demand, Vudu, Headweb,
1
+
+ saas
+ general-business
+ browser-based
+ VSCO is a photo & video editing app and sharing platform that combines premium quality filters and tools. This App-ID covers the traffic for VSCO application.
+ yes
+ yes
+ no
+ no
+ no
+ yes
+ yes
+ no
+ no
+ no
+ no
+ drop-reset
+ no
+ yes
+ yes
+ web20_parrent_app
+ yes
+
+ no
+ no
+ no
+ no
+
+
+ [Web App]
+
+
+
+ https://www.vsco.co/
+
+
+
+
+ tcp/80,443
+
+
+
+ ssl
+ web-browsing
+
+
+ ssl
+ web-browsing
+
+ 2
+
collaboration
voip-video
@@ -192814,6 +195666,7 @@ WebQQ is the online service where you can do the QQ chat online without installi
glip
globalmeet-base
imgur-base
+ jasper-ai
jiomeet-base
jumpshare-base
kanbanize
@@ -192823,6 +195676,7 @@ WebQQ is the online service where you can do the QQ chat online without installi
mailchimp
moxtra
mqtt-base
+ ms-visual-studio-remote-tunnel
netlog
ocpp
openmeetings
@@ -230325,6 +233179,148 @@ Zwiki supports a number of wiki markup styles out of the box, including MoinMoin
+
+
+
+
+
+
+
+
+
+
+ web-browsing
+ dahua-p2p
+
+
+
+
+
+
+ ssl, web-browsing
+ docuware
+
+
+
+
+
+
+
+ unknown-tcp
+ ecmwf-mars
+
+
+
+
+
+
+
+
+
+
+
+ unknown-tcp
+ ms-sql-analysis-service
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ icloud-base
+ pages-uploading
+
+
+
+
+
+
+ panorama
+ paloalto-logging-service
+
+
+
+
+
+
+ unknown-tcp
+ perforce
+
+
+
+
+
+
+ unknown-tcp
+ sap
+
+
+
+
+
+
+ unknown-udp
+ sip
+
+
+
+
+
+
+ ssl, unknown-tcp
+ tanium
+
+
+
+
+
+
+ unknown-tcp
+ telegram-base
+
+
+
+
+
+
+ t.120
+ vmware-view
+
+
+
+
+
+
+ web-browsing
+ unknown-tcp
+
+
+
+
+
+
+
+
+
+
+ dns-base
+ ntp-base
+
+
+
+
+
@@ -235053,7 +238049,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
This tag groups all App-IDs for Microsoft Office 365 including Outlook, Teams, SharePoint, OneNote, Word, Excel, OneDrive, Forms, Planner, Yammer and more.
- 8729-8157
+ 8741-8213
@@ -274554,6 +277550,13 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Unruy Downloader Traffic Detection
+ downloader
+ medium
+
+ reset-both
+
Upatre Downloader Traffic Detection
downloader
@@ -274645,6 +277648,83 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ medium
+
+ alert
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Gh0st RAT Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ RelevantKnowledge Adware Traffic Detection
+ spyware
+ medium
+
+ alert
+
EmailSpyPro
adware
@@ -285677,6 +288757,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Generic PHP Webshell File Detection
+ webshell
+ high
+
+ reset-both
+
+
+ China Chopper Webshell File Detection
+ webshell
+ high
+
+ reset-both
+
Viking Command and Control Traffic Detected
spyware
@@ -288535,7 +291629,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
- TrickBot TLS Fingerprint Detection
+ Malicious TLS Fingerprint Detection
tls-fingerprint
low
@@ -295638,12 +298732,11 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
- PoshC2 Command and Control Traffic Detection
+ Potential PoshC2 Command and Control Traffic Detected
spyware
- critical
+ informational
- yes
- reset-both
+ alert
AZORult Command and Control Traffic Detection
@@ -297165,6 +300258,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Mythic Agent Thanatos Command and Control Traffic Detection
+ hacktool
+ critical
+
+ reset-both
+
+
+ Mythic Agent Medusa Command and Control Traffic Detection
+ hacktool
+ critical
+
+ reset-both
+
Hoaxshell Command and Control Traffic Detection
hacktool
@@ -297193,6 +300300,69 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Alchimist Command and Control Traffic Detection
+ command-and-control
+ critical
+
+ reset-both
+
+
+ Cobalt Strike Beacon Command and Control Traffic Detection
+ hacktool
+ critical
+
+ reset-both
+
+
+ Possible Malicious SSL Certificate Traffic Detection
+ spyware
+ low
+
+ alert
+
+
+ Storm-0978 Malicious Office Document Detection
+ downloader
+ critical
+
+ reset-both
+
+
+ Storm-0978 Malicious Traffic Detection
+ spyware
+ critical
+
+ reset-both
+
+
+ Storm-0978 Malicious ASP File Detection
+ spyware
+ critical
+
+ reset-both
+
+
+ Hoaxshell Command and Control Traffic Detection
+ hacktool
+ critical
+
+ reset-both
+
+
+ Cobalt Strike Beacon Command and Control Traffic Detection
+ hacktool
+ critical
+
+ reset-both
+
+
+ NodeStealer Malware Download Traffic Detection
+ downloader
+ critical
+
+ reset-both
+
Backdoor.BO.Rootme
backdoor
@@ -298935,7 +302105,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
10
- 100
+ 50
source-and-destination
@@ -316212,7 +319382,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
code-execution
critical
-
+
yes
@@ -318321,6 +321491,45 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Solarwinds Insecure Deserialization Vulnerability
+
+ CVE-2022-47503
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Solarwinds Insecure Deserialization Vulnerability
+
+ CVE-2022-47504
+
+ code-execution
+ high
+
+
+ yes
+
+ alert
+
+
+ Redis Buffer Overflow Vulnerability
+
+ CVE-2022-24834
+
+ overflow
+ high
+
+
+ yes
+
+ reset-server
+
Palo Alto Networks PAN-OS Denial-of-Service Vulnerability
@@ -357038,7 +360247,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
LAquis SCADA Software Directory Traversal Vulnerability
- 2017-6020
+ CVE-2017-6020
info-leak
medium
@@ -398315,9 +401524,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
Nmap Active Directory Enumeration Via NTLM
-
- -
-
hacktool
low
@@ -399165,9 +402371,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
HTTP Cross Site Scripting Vulnerability
-
- -
-
code-execution
medium
@@ -399919,9 +403122,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
H3C IMC Intelligent Management Center Remote Code Execution Vulnerability
-
- -
-
code-execution
medium
@@ -400258,9 +403458,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
HTTP SQL Injection Attempt
-
- -
-
sql-injection
medium
@@ -404384,7 +407581,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
Generic Router Remote Command Execution Vulnerability
code-execution
- medium
+ high
yes
@@ -405639,6 +408836,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ PostgreSQL pgadmin Command Injection Vulnerability
+
+ CVE-2022-4223
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
TP-Link Router AX50 Remote Code Execution Vulnerability
@@ -407387,7 +410597,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
- Microsoft Office Suspicious UNC Path Detection
+ Microsoft Office Suspicious File Detection
CVE-2023-23397
@@ -408376,6 +411586,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Microsoft Windows Eot Font Engine Remote Code Execution Vulnerability
+
+ CVE-2018-1013
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
Google Chrome Use-After-Free Vulnerability
@@ -409265,6 +412488,16 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Sielco Analog FM Transmitter Unauthorized Access Vulnerability
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
Google Chrome Buffer Overflow Vulnerability
@@ -409421,6 +412654,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ WordPress Paid Memberships Pro Plugin SQL Injection Vulnerability
+
+ CVE-2023-0631
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
Generic HTTP Command Injection Vulnerability
code-execution
@@ -409851,7 +413097,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
Siemens APOGEE PXC and TALON TC BACnet Automation Controller Information Disclosure Vulnerability
CVE-2017-9946
- CVE-2017-9947
info-leak
informational
@@ -410251,6 +413496,16 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Bwapp Cross-Site Scripting Vulnerability
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
Oracle WebLogic Server Side Request Forgery Vulnerability
@@ -410950,6 +414205,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Openfire Directory Traversal Vulnerability
+
+ CVE-2023-32315
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
Mozilla Firefox Use-After-Free Vulnerability
@@ -411106,6 +414374,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Hitachi Vantara Pentaho Information Disclosure Vulnerability
+
+ CVE-2021-31601
+
+ info-leak
+ medium
+
+
+ yes
+
+ alert
+
+
+ Dell EMC Isilon Cross-Site Scripting Vulnerability
+
+ CVE-2018-1188
+
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
Beijing Grandview Century eHR Software SQL Injection vulnerability
sql-injection
@@ -411116,6 +414410,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Microsoft Internet Explorer saveHistory Memory Corruption Vulnerability
+
+ CVE-2013-0088
+
+
+ MS13-021
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-both
+
Microsoft Internet Explorer Memory Corruption Vulnerability
@@ -411132,6 +414442,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ Cisco WebEx Player ATAS32.DLL Remote Code Execution Vulnerability
+
+ CVE-2011-4004
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
WordPress Steveas WP Live Chat Shoutbox Plugin SQL Injection Vulnerability
@@ -411145,6 +414468,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Microsoft Tablet Input Band Use-After-Free Vulnerability
+
+ CVE-2015-2548
+
+
+ MS15-109
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
Adiscon LogAnalyzer SQL Injection Vulnerability
@@ -411158,6 +414497,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Microsoft Windows Remote Code Execution Vulnerability
+
+ CVE-2018-8475
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
Microsoft Outlook Remote Code Execution Vulnerability
@@ -411171,6 +414523,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ MiniDLNA ReadyMedia Buffer Overflow Vulnerability
+
+ CVE-2023-33476
+
+ overflow
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Microsoft SharePoint Server Elevation Of Privilege Vulnerability
+
+ CVE-2023-29357
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
Gentoo Soko SQL Injection Vulnerability
@@ -411184,13 +414562,39 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ AdminStudio LaunchHelp.dll ActiveX Control Code Execution Vulnerability
+
+ CVE-2011-2657
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Next.js Directory Traversal Vulnerability
+
+ CVE-2020-5284
+
+ info-leak
+ medium
+
+
+ yes
+
+ alert
+
- WordPress Gift Cards Plugin SQL Injection Vulnerability
+ WordPress Popup Banners Plugin SQL Injection Vulnerability
- CVE-2023-28662
+ CVE-2023-28661
sql-injection
- critical
+ high
yes
@@ -411198,9 +414602,17 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
- WordPress Random Text Plugin SQL Injection Vulnerability
+ WordPress Multiple Plugins SQL Injection Vulnerability
CVE-2023-0388
+ CVE-2023-0262
+ CVE-2023-0260
+ CVE-2023-0259
+ CVE-2023-0220
+ CVE-2023-0261
+ CVE-2023-0263
+ CVE-2023-0381
+ CVE-2023-0630
sql-injection
high
@@ -411223,6 +414635,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Microsoft Internet Explorer Memory Corruption Vulnerability
+
+ CVE-2015-2499
+
+
+ MS15-094
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Nginx WebUI Command Execution Vulnerability
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
Microsoft SharePoint Remote Code Execution Vulnerability
@@ -411236,6 +414674,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
+
+ SAP Knowledge Warehouse Cross-Site Scripting Vulnerability
+
+ CVE-2021-42063
+
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
WordPress File Manager Advanced Shortcode Plugin File Upload Vulnerability
@@ -411300,6 +414751,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
yes
+
+ Microsoft Internet Explorer Memory Corruption Vulnerability
+
+ CVE-2013-3114
+
+
+ MS13-047
+
+ dos
+ medium
+
+
+ yes
+
+ alert
+
Adobe CodeFusion Unrestricted Endpoint Acceess Detection
@@ -411316,6 +414783,133 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Generic Cross-Site Scripting Vulnerability
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
+
+ Multiple Products XML External Entity Injection Vulnerability
+
+ CVE-2020-11991
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-both
+
+
+ WordPress Fastest Cache Plugin Server-Side Request Forgery Vulnerability
+
+ CVE-2023-1938
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Ultimate Member Plugin Privilege Escalation Vulnerability
+
+ CVE-2023-3460
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Customizer Export-Import Plugin Deserialization Vulnerability
+
+ CVE-2023-1347
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Avirato Hotels Online Booking Plugin SQL Injection Vulnerability
+
+ CVE-2023-0768
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Xwiki Remote Code Execution Vulnerability
+
+ CVE-2023-29509
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Ad Inserter Plugin Deserialization Vulnerability
+
+ CVE-2023-1549
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Progress MOVEit Transfer UserProcessPassChangeRequest SQL Injection Vulnerability
+
+ CVE-2023-36934
+
+ sql-injection
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Contec CONPROSYS HMI System SQL Injection Vulnerability
+
+ CVE-2023-29154
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
Adobe ColdFusion Remote Code Execution Vulnerability
@@ -411332,6 +414926,1332 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ WordPress Quiz And Survey Master Plugin Cross-Site Request Forgery Vulnerability
+
+ CVE-2023-0292
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-both
+
+
+ WordPress BuddyForms Plugin Deserialization Vulnerability
+
+ CVE-2023-26326
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Weintek EasyBuilder Pro cMT Series Project File Directory Traversal Vulnerability
+
+ CVE-2023-0104
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ mySCADA myPRO Command Injection Vulnerability
+
+ CVE-2023-28400
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-33192
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-33195
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-33204
+ CVE-2022-33205
+ CVE-2022-33206
+ CVE-2022-33207
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-29520
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ VideoLAN VLC Media Player PNG Code Execution Vulnerability
+
+ CVE-2012-5470
+
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
+
+ WordPress WC Fields Factory Plugin SQL Injection Vulnerability
+
+ CVE-2023-0277
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Video List Manager Plugin SQL Injection Vulnerability
+
+ CVE-2023-1408
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Otter Plugin Deserialization Vulnerability
+
+ CVE-2023-2288
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Schneider Electric IGSS Insecure Deserialization Vulnerability
+
+ CVE-2023-3001
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Abode Systems Memory Corruption Vulnerability
+
+ CVE-2022-35244
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-32773
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Memory Corruption Vulnerability
+
+ CVE-2022-35876
+ CVE-2022-35877
+ CVE-2022-35875
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Contec CONPROSYS HMI System Stored Cross-Site Scripting Vulnerability
+
+ CVE-2023-28651
+
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
+
+ WordPress SEOPress Plugin Deserialization Vulnerability
+
+ CVE-2023-1669
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress My Sticky Elements Plugin SQL Injection Vulnerability
+
+ CVE-2023-0487
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress TranslatePress Multilinugal Plugin SQL Injection Vulnerability
+
+ CVE-2022-3141
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Hikvision Hybrid SAN Products SQL Injection Vulnerability
+
+ CVE-2022-28171
+
+ sql-injection
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Betheme Plugin Deserialization Vulnerability
+
+ CVE-2022-3861
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Ghost Foundation Information Disclosure Vulnerability
+
+ CVE-2023-31133
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Simple URLs Plugin SQL Injection Vulnerability
+
+ CVE-2023-0098
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress WPBakery Page Builder Plugin Local File Inclusion Vulnerability
+
+ CVE-2023-0159
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress SiteGround Security Plugin SQL Injection Vulnerability
+
+ CVE-2023-0234
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Git Git Source Code Management apply reject Arbitrary File Write Vulnerability
+
+ CVE-2023-25652
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-27804
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Enable Media Replace Plugin File Upload Vulnerability
+
+ CVE-2023-0255
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Generic Malicious XML File Detection
+ code-execution
+ medium
+
+
+ yes
+
+ alert
+
+
+ Delta Electronics InfraSuite Security Feature Bypass Vulnerability
+
+ CVE-2023-30765
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Adobe ColdFusion Remote Code Execution Vulnerability
+
+ CVE-2023-38203
+ CVE-2023-38204
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Artifex Ghostscript Code Execution Vulnerability
+
+ CVE-2023-36664
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Cisco SPA112 Remote Code Execution Vulnerability
+
+ CVE-2023-20126
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-both
+
+
+ Citrix ADC and NetScaler Gateway Remote Code Execution Vulnerability
+
+ CVE-2023-3519
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ CloudPanel Remote Code Execution Vulnerability
+
+ CVE-2023-35885
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress ReviewX Plugin SQL Injection Vulnerability
+
+ CVE-2023-26325
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ ASUS RT-AX56U and RT-AC86U Routers Format String Vulnerability
+
+ CVE-2023-35086
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Abode Systems Command Injection Vulnerability
+
+ CVE-2022-33189
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Progress MOVEit Transfer FolderListRecursive SQL Injection Vulnerability
+
+ CVE-2023-36932
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Progress MOVEit Transfer MOVEitISAPI X-siLock-FileID SQL Injection Vulnerability
+
+ CVE-2023-36932
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress WP Statistics Plugin SQL Injection Vulnerability
+
+ CVE-2023-0955
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Weaver e-cology XXE Vulnerability
+
+ CVE-2023-2806
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress WP Meta SEO Plugin SQL Injection Vulnerability
+
+ CVE-2023-0875
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Correos Oficial Plugin File Download Vulnerability
+
+ CVE-2023-0331
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Microsoft Windows Common Log File System Driver Elevation Of Privilege Vulnerability
+
+ CVE-2023-36900
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Citrix ShareFile Storage Zones Controller Directory Traversal Vulnerability
+
+ CVE-2023-24489
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Shopping Cart and eCommerce Store Plugin File Inclusion Vulnerability
+
+ CVE-2023-1124
+
+ info-leak
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress JetEngine Plugin Code Execution Vulnerability
+
+ CVE-2023-1406
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Xstream Java XML Deserialization Command Execution Vulnerability
+
+ CVE-2013-7285
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress ANGradeBook Plugin SQL Injection Vulnerability
+
+ CVE-2023-2636
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
+
+ CVE-2023-35078
+
+ info-leak
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Google Chrome Type Confusion Vulnerability
+
+ CVE-2023-2033
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Metabase Remote Code Execution Vulnerability
+
+ CVE-2023-38646
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Formidable PRO2PDF Plugin SQL Injection Vulnerability
+
+ CVE-2023-28663
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Events Made Easy Plugin SQL Injection Vulnerability
+
+ CVE-2023-28660
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Google Chrome Out-Of-Bounds Read Vulnerability
+
+ CVE-2023-2134
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Google Chrome Out-Of-Bounds Read Vulnerability
+
+ CVE-2023-2133
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Google Chrome Out-Of-Bounds Write Vulnerability
+
+ CVE-2023-2929
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ WordPress One-click Countdowns Plugin SQL Injection Vulnerability
+
+ CVE-2023-28659
+
+ sql-injection
+ high
+
+
+ yes
+
+ reset-server
+
+
+ WordPress Gift Cards Plugin SQL Injection Vulnerability
+
+ CVE-2023-28662
+
+ sql-injection
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Google Chrome Security Check Bypass Vulnerability
+
+ CVE-2022-4906
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Apache Airflow SQL Injection Vulnerability
+
+ CVE-2023-22884
+
+ sql-injection
+ critical
+
+
+ yes
+
+ reset-server
+
+
+ Adobe Reader Memory Corruption Vulnerability
+
+ CVE-2023-38246
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38236
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38233
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38237
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38234
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38230
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38227
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38239
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38229
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38244
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38225
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38222
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-29303
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38240
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38238
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38231
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38242
+ CVE-2023-38243
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38226
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38235
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38232
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38223
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38224
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38241
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38248
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Adobe Reader Installer Corruption Vulnerability
+
+ CVE-2023-29299
+
+
+ APSB23-30
+
+ dos
+ high
+
+
+ yes
+
+ reset-both
+
+
+ WordPress Advanced Uploader Plugin File Upload Vulnerability
+
+ CVE-2022-1103
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Acrobat Reader Memory Corruption Vulnerability
+
+ CVE-2023-38228
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Adobe Reader Memory Corruption Vulnerability
+
+ CVE-2023-38245
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Adobe Reader Restrictions Bypass Vulnerability
+
+ CVE-2023-29320
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ Adobe Reader Memory Corruption Vulnerability
+
+ CVE-2023-38247
+
+
+ APSB23-30
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
+
+ WordPress Meta SEO Plugin Deserialization Vulnerability
+
+ CVE-2023-1381
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Google Chrome Type Confusion Vulnerability
+
+ CVE-2022-3723
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-both
+
Mozilla Firefox Browser Engine Multiple Unspecified Vulnerabilities
@@ -433665,7 +438585,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
overflow
high
-
+
yes
@@ -441355,10 +446275,11 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
CVE-2016-4350
CVE-2018-12464
CVE-2019-17357
+ CVE-2022-23305
sql-injection
medium
-
+
yes
@@ -441902,9 +446823,9 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
Various Evasion Techniques
code-execution
medium
-
+
- yes
+ yes
alert
@@ -456321,7 +461242,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-both
- Malware XOR Obfuscation Detection
+ PE File XOR Obfuscation Detection
code-execution
medium
@@ -485020,7 +489941,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
code-execution
high
-
+
yes
@@ -516823,7 +521744,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
code-execution
high
-
+
yes
@@ -528790,10 +533711,25 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ IKE Protocol Extensions Remote Code Execution Vulnerability
+
+ CVE-2022-34720
+ CVE-2022-34721
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
Microsoft Windows Internet Key Exchange Extension Denial-of-Service Vulnerability
CVE-2023-21758
+ CVE-2023-21547
dos
high
@@ -533575,6 +538511,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Microsoft Windows Server Service Tampering Vulnerability
+
+ CVE-2022-30216
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
+
+ Microsoft Windows Server Message Block Buffer Overflow Vulnerability
+
+ CVE-2017-0145
+
+ code-execution
+ high
+
+
+ yes
+
+ reset-server
+
Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability
@@ -541146,6 +546108,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Apache RocketMQ Command Injection Vulnerability
+
+ CVE-2023-33246
+
+ code-execution
+ critical
+
+
+ yes
+
+ reset-server
+
Cisco Secure ACS EAP-TLS Authentication Bypass Vulnerability
@@ -541341,6 +546316,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Microsoft Windows Network Policy Server RADIUS Implementation Denial-of-Service Vulnerability
+
+ CVE-2015-0015
+
+
+ MS15-007
+
+ dos
+ high
+
+
+ yes
+
+ alert
+
Sun Solaris SAdmin Client Credentials Remote Command Execution Vulnerability
@@ -548251,7 +553242,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
yes
- reset-both
+ alert
OpenSSL TLS Heartbleed Vulnerability
@@ -549642,6 +554633,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability
+
+ CVE-2015-0208
+
+ dos
+ high
+
+
+ yes
+
+ alert
+
RSA PKCS1 Cryptographic Vulnerability
info-leak
@@ -556967,6 +561971,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
alert
+
+ Ivanti Avalanche EnterpriseServer GetSettings Authentication Bypass Vulnerability
+
+ CVE-2023-28126
+
+ info-leak
+ medium
+
+
+ yes
+
+ alert
+
MariaDB Denial-of-Service Vulnerability
@@ -556993,6 +562010,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
reset-server
+
+ Microsoft Message Queuing Denial-of-Service Vulnerability
+
+ CVE-2023-21769
+ CVE-2023-28302
+
+ dos
+ high
+
+
+ yes
+
+ reset-server
+
Realtek Jungle SDK Buffer Overflow Vulnerability
@@ -557378,6 +562409,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
scan
medium
+
+ scan
+ medium
+
@@ -559532,6 +564567,17 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
+
+
+
+
+
+
+
+
+
+
+
@@ -562921,6 +567967,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
modbus-req-subreq-data
+ modbus-req-outputs-value
+ modbus-req-registers-value
+ modbus-req-write-registers-value
+ modbus-req-mei-data
cotp-req-s7-header
@@ -562990,6 +568040,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n
rtsp-rsp-www-authenticate
rtsp-rsp-rtp-info
+
+ generic-req-nettcp-host
+ generic-req-nettcp-path
+
@@ -569805,6 +574859,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
@@ -570251,6 +575310,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
@@ -570283,6 +575347,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
@@ -570987,6 +576052,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
@@ -571054,6 +576120,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
@@ -571134,6 +576205,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
@@ -571405,7 +576477,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
-
+
@@ -571720,6 +576792,8 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
@@ -572477,6 +577551,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
@@ -572872,6 +577951,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
@@ -573045,6 +578125,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
@@ -573099,6 +578184,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo=
+
+
+
+
+
diff --git a/lib/rule-classes/Rule.php b/lib/rule-classes/Rule.php
index a57934a6..3f06864a 100644
--- a/lib/rule-classes/Rule.php
+++ b/lib/rule-classes/Rule.php
@@ -1799,7 +1799,7 @@ function ruleUsage81( &$sub, $vsys, $rule_base, $connector, $hitType, $unused_fl
}
}
- public function ServiceResolveSummary()
+ public function ServiceResolveSummary( $RuleReferenceLocation = null )
{
$port_mapping_text = array();
@@ -1844,6 +1844,12 @@ public function ServiceResolveSummary()
$objects = $this->services->getAll();
+ if( $RuleReferenceLocation !== null )
+ {
+ foreach( $objects as $key => $member )
+ $objects[$key] = $RuleReferenceLocation->serviceStore->find($member->name());
+ }
+
$array = array();
foreach( $objects as $object )
{
diff --git a/utils/common/AddressCallContext.php b/utils/common/AddressCallContext.php
index ad568131..4e849a70 100644
--- a/utils/common/AddressCallContext.php
+++ b/utils/common/AddressCallContext.php
@@ -21,8 +21,6 @@
class AddressCallContext extends CallContext
{
/** @var Address|AddressGroup */
- public $object;
- public $objectList;
public static $commonActionFunctions = array();
public static $supportedActions = array();
diff --git a/utils/common/ApplicationCallContext.php b/utils/common/ApplicationCallContext.php
index 64ce318b..acf53d8e 100644
--- a/utils/common/ApplicationCallContext.php
+++ b/utils/common/ApplicationCallContext.php
@@ -21,7 +21,6 @@
class ApplicationCallContext extends CallContext
{
/** @var App */
- public $object;
public $counter_containers;
public $tmpcounter;
diff --git a/utils/common/CallContext.php b/utils/common/CallContext.php
index 88083be6..ff4cef0b 100644
--- a/utils/common/CallContext.php
+++ b/utils/common/CallContext.php
@@ -26,6 +26,7 @@ class CallContext
/** @var Rule|SecurityRule|NatRule|DecryptionRule|AppOverrideRule|CaptivePortalRule|PbfRule|QoSRule|DoSRule $object */
public $object;
+ public $objectList;
public $actionRef;
@@ -278,4 +279,36 @@ public function toString()
return $ret;
}
+
+ public function encloseFunction( $value, $nowrap = TRUE )
+ {
+ if( is_string($value) )
+ $output = htmlspecialchars($value);
+ elseif( is_array($value) )
+ {
+ $output = '';
+ $first = TRUE;
+ foreach( $value as $subValue )
+ {
+ if( !$first )
+ {
+ $output .= '
';
+ }
+ else
+ $first = FALSE;
+
+ if( is_string($subValue) )
+ $output .= htmlspecialchars($subValue);
+ else
+ $output .= htmlspecialchars($subValue->name());
+ }
+ }
+ else
+ derr('unsupported');
+
+ if( $nowrap )
+ return '' . $output . ' | ';
+
+ return '' . $output . ' | ';
+ }
}
diff --git a/utils/common/DHCPCallContext.php b/utils/common/DHCPCallContext.php
index 8c14e914..9c5859c8 100644
--- a/utils/common/DHCPCallContext.php
+++ b/utils/common/DHCPCallContext.php
@@ -23,7 +23,7 @@ class DHCPCallContext extends CallContext
{
/** @var DHCP */
public $object;
-
+ public $objectList;
public static $commonActionFunctions = Array();
diff --git a/utils/common/RuleCallContext.php b/utils/common/RuleCallContext.php
index 92025282..2a4fea31 100644
--- a/utils/common/RuleCallContext.php
+++ b/utils/common/RuleCallContext.php
@@ -353,6 +353,15 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco
if( $rule->source->isAny() )
return self::enclose('any');
return self::enclose($rule->source->getAll(), $wrap);
+ /*
+ $members = $rule->source->getAll();
+ $string_array = array();
+ foreach( $members as $member )
+ {
+ $string_array[] = $member->name()." [".$member->owner->owner->name()."]";
+ }
+ return self::enclose($string_array);
+ */
}
if( $fieldName == 'destination' )
@@ -390,10 +399,26 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco
if( $fieldName == 'service_resolved_sum' )
{
- $port_mapping_text = $rule->ServiceResolveSummary( );
+ $port_mapping_text = $rule->ServiceResolveSummary( $rule->owner->owner );
return self::enclose($port_mapping_text);
}
+ if( $fieldName == 'service_resolved_nested_name' )
+ {
+ $strMapping = $this->ServiceResolveNameNestedSummary( $rule );
+ return self::enclose($strMapping);
+ }
+ if( $fieldName == 'service_resolved_nested_value' )
+ {
+ $strMapping = $this->ServiceResolveValueNestedSummary( $rule );
+ return self::enclose($strMapping);
+ }
+ if( $fieldName == 'service_resolved_nested_location' )
+ {
+ $strMapping = $this->ServiceResolveLocationNestedSummary( $rule );
+ return self::enclose($strMapping);
+ }
+
if( $fieldName == 'service_appdefault_resolved_sum' )
{
$port_mapping_text = $rule->ServiceAppDefaultResolveSummary( );
@@ -592,13 +617,20 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco
return self::enclose($resolve);
}
- if( $fieldName == 'src_resolved_sum' )
+ if( $fieldName == 'src_resolved_sumOLD' )
{
$unresolvedArray = array();
$strMapping = $this->AddressResolveSummary( $rule, "source", $unresolvedArray );
$strMapping = array_merge( $strMapping, $unresolvedArray );
return self::enclose($strMapping);
}
+ if( $fieldName == 'src_resolved_sum' )
+ {
+ $unresolvedArray = array();
+ $strMapping = $this->AddressResolveSummaryNEW( $rule, "source", $unresolvedArray );
+ $strMapping = array_merge( $strMapping, $unresolvedArray );
+ return self::enclose($strMapping);
+ }
if( $fieldName == 'src_resolved_nested_name' )
{
$unresolvedArray = array();
@@ -633,13 +665,20 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco
return self::enclose($resolve);
}
- if( $fieldName == 'dst_resolved_sum' )
+ if( $fieldName == 'dst_resolved_sumOLD' )
{
$unresolvedArray = array();
$strMapping = $this->AddressResolveSummary( $rule, "destination", $unresolvedArray );
$strMapping = array_merge( $strMapping, $unresolvedArray );
return self::enclose($strMapping);
}
+ if( $fieldName == 'dst_resolved_sum' )
+ {
+ $unresolvedArray = array();
+ $strMapping = $this->AddressResolveSummaryNEW( $rule, "destination", $unresolvedArray );
+ $strMapping = array_merge( $strMapping, $unresolvedArray );
+ return self::enclose($strMapping);
+ }
if( $fieldName == 'dst_resolved_nested_name' )
{
$unresolvedArray = array();
@@ -781,8 +820,11 @@ public function AddressResolveValueNestedSummary( $rule, $typeSrcDst, &$unresolv
{
if( $member->isGroup() )
{
+ /** @var AddressGroup $member */
$tmp_array = array();
$members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ #foreach($tmp_array as $groups)
+ # $strMapping[] = "";
foreach( $members as $member )
{
$tmp_member = $rule->owner->owner->addressStore->find($member->name());
@@ -805,6 +847,53 @@ public function AddressResolveValueNestedSummary( $rule, $typeSrcDst, &$unresolv
return $strMapping;
}
+
+ public function AddressResolveSummaryNEW( $rule, $typeSrcDst, &$unresolvedArray = array() )
+ {
+ $mapObject = new IP4Map();
+ if( $rule->$typeSrcDst->isAny() )
+ {
+ $localMap = IP4Map::mapFromText('0.0.0.0-255.255.255.255');
+ $mapObject->addMap($localMap, TRUE);
+ #$localMap = IP4Map::mapFromText('::0-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff');
+ #$mapObject->addMap($localMap, TRUE);
+ }
+
+ $allMembers = $rule->$typeSrcDst->getAll();
+ $strMapping = array();
+ foreach($allMembers as $member)
+ {
+ if( $member->isGroup() )
+ {
+ /** @var AddressGroup $member */
+ $tmp_array = array();
+ $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ foreach( $members as $member )
+ {
+ $tmp_member = $rule->owner->owner->addressStore->find($member->name());
+ $localMap = $tmp_member->getIP4Mapping();
+ $mapObject->addMap($localMap, TRUE);
+ }
+ }
+
+ else
+ {
+ $tmp_member = $rule->owner->owner->addressStore->find($member->name());
+ $localMap = $tmp_member->getIP4Mapping();
+ $mapObject->addMap($localMap, TRUE);
+ }
+
+ }
+
+ $mapObject->sortAndRecalculate();
+ $strMapping = explode(',', $mapObject->dumpToString());
+
+ if( count( $strMapping) === 1 && empty( $strMapping[0] ) )
+ $strMapping = array();
+
+ return $strMapping;
+ }
+
public function AddressResolveNameNestedSummary( $rule, $typeSrcDst, &$unresolvedArray = array() )
{
if( $rule->$typeSrcDst->isAny() )
@@ -818,6 +907,8 @@ public function AddressResolveNameNestedSummary( $rule, $typeSrcDst, &$unresolve
{
$tmp_array = array();
$members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ #foreach($tmp_array as $groups)
+ # $strMapping[] = $groups->name();
foreach( $members as $member )
{
$strMapping[] = $member->name();
@@ -848,6 +939,15 @@ public function AddressResolveLocationNestedSummary( $rule, $typeSrcDst, &$unres
{
$tmp_array = array();
$members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ /*
+ foreach($tmp_array as $groups)
+ {
+ $tmp_name = $groups->owner->owner->name();
+ if( empty($tmp_name) )
+ $tmp_name = "shared";
+
+ $strMapping[] = $tmp_name;
+ }*/
foreach( $members as $member )
{
$tmp_name = $member->owner->owner->name();
@@ -950,6 +1050,132 @@ public function ServiceCount( $rule, $type = "both" )
return $calculatedCounter;
}
+ public function ServiceResolveValueNestedSummary( $rule )
+ {
+ if( $rule->services->isAny() )
+ return array( '0.0.0.0/0', '::0-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff');
+
+ $allMembers = $rule->services->getAll();
+ $strMapping = array();
+ foreach($allMembers as $member)
+ {
+ if( $member->isGroup() )
+ {
+ $tmp_array = array();
+ $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ foreach( $members as $member )
+ {
+ $tmp_member = $rule->owner->owner->serviceStore->find($member->name());
+
+ $port_mapping = $tmp_member->dstPortMapping( array(), $rule->owner->owner );
+ $mapping_texts = $port_mapping->mappingToText();
+
+ //TODO: handle predefined service objects in a different way
+ if( $tmp_member->name() == 'service-http' )
+ $mapping_texts = 'tcp/80';
+ if( $tmp_member->name() == 'service-https' )
+ $mapping_texts = 'tcp/443';
+
+ $strMapping[] = $mapping_texts;
+ #$strMapping[] = "group";
+ }
+ }
+
+ else
+ {
+ $tmp_member = $rule->owner->owner->serviceStore->find($member->name());
+
+ $port_mapping = $tmp_member->dstPortMapping( array(), $rule->owner->owner );
+ $mapping_texts = $port_mapping->mappingToText();
+
+ //TODO: handle predefined service objects in a different way
+ if( $tmp_member->name() == 'service-http' )
+ $mapping_texts = 'tcp/80';
+ if( $tmp_member->name() == 'service-https' )
+ $mapping_texts = 'tcp/443';
+
+ $strMapping[] = $mapping_texts;
+
+ }
+
+ }
+
+
+ if( count( $strMapping) === 1 && empty( $strMapping[0] ) )
+ $strMapping = array();
+
+ return $strMapping;
+ }
+ public function ServiceResolveNameNestedSummary( $rule )
+ {
+ /** @var SecurityRule $rule */
+ if( $rule->services->isAny() )
+ return array('tcp/0-65535', 'udp/0-65535');
+
+ $allMembers = $rule->services->getAll();
+ $strMapping = array();
+ foreach($allMembers as $member1)
+ {
+ if( $member1->isGroup() )
+ {
+ $tmp_array = array();
+ $members = $member1->expand(FALSE, $tmp_array, $rule->owner->owner);
+ foreach( $members as $member2 )
+ {
+ $strMapping[] = $member2->name();
+ }
+ }
+
+ else
+ $strMapping[] = $member1->name();
+ }
+
+
+ if( count( $strMapping) === 1 && empty( $strMapping[0] ) )
+ $strMapping = array();
+
+ return $strMapping;
+ }
+
+ public function ServiceResolveLocationNestedSummary( $rule )
+ {
+ if( $rule->services->isAny() )
+ return array('tcp/0-65535', 'udp/0-65535');
+
+ $allMembers = $rule->services->getAll();
+ $strMapping = array();
+ foreach($allMembers as $member)
+ {
+ if( $member->isGroup() )
+ {
+ $tmp_array = array();
+ $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner);
+ foreach( $members as $member )
+ {
+ $tmp_name = $member->owner->owner->name();
+ if( empty($tmp_name) )
+ $tmp_name = "shared";
+
+ $strMapping[] = $tmp_name;
+ }
+ }
+ else
+ {
+ $tmp_name = $member->owner->owner->name();
+ if( empty($tmp_name) )
+ $tmp_name = "shared";
+
+ $strMapping[] = $tmp_name;
+ }
+ }
+
+
+ if( count( $strMapping) === 1 && empty( $strMapping[0] ) )
+ $strMapping = array();
+
+ return $strMapping;
+ }
+
public function ApplicationResolveSummary( $rule, $returnString = false )
{
$app_mapping = array();
diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php
index 2d0e793f..0a068470 100644
--- a/utils/common/actions-address.php
+++ b/utils/common/actions-address.php
@@ -697,7 +697,8 @@
}
/** @var AddressGroup $object */
- $members = $object->expand();
+ $tmp_array = array();
+ $members = $object->expand(FALSE,$tmp_array, $object->owner->owner);
$mapping = new IP4Map();
$listOfNotConvertibleObjects = array();
@@ -757,6 +758,7 @@
$addResolveGroupIPCoverage = FALSE;
$addNestedMembers = FALSE;
$addResolveIPNestedMembers = FALSE;
+ $addResolveLocationNestedMembers = FALSE;
$addNestedMembersCount = FALSE;
$optionalFields = &$context->arguments['additionalFields'];
@@ -774,6 +776,7 @@
{
$addNestedMembers = TRUE;
$addResolveIPNestedMembers = TRUE;
+ $addResolveLocationNestedMembers = TRUE;
$addNestedMembersCount = TRUE;
}
@@ -790,42 +793,12 @@
$headers .= 'nested members | ';
if( $addResolveIPNestedMembers )
$headers .= 'nested members ip resolution | ';
+ if( $addResolveLocationNestedMembers )
+ $headers .= 'nested members location resolution | ';
if( $addNestedMembersCount )
$headers .= 'nested members count | ';
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- elseif( is_object($subValue) )
- $output .= htmlspecialchars($subValue->name());
- else
- $output .= htmlspecialchars("-null-");
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$count = 0;
if( isset($context->objectList) )
@@ -840,60 +813,66 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- if( $object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() )
- $lines .= $encloseFunction('shared');
+ if( isset($object->owner) && isset($object->owner->owner) )
+ {
+ if($object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() )
+ $lines .= $context->encloseFunction('shared');
+ else
+ $lines .= $context->encloseFunction($object->owner->owner->name());
+ }
else
- $lines .= $encloseFunction($object->owner->owner->name());
+ $lines .= $context->encloseFunction("---");
+
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
if( $object->isGroup() )
{
if( $object->isDynamic() )
{
- $lines .= $encloseFunction('group-dynamic');
- #$lines .= $encloseFunction('');
- $lines .= $encloseFunction($object->members());
+ $lines .= $context->encloseFunction('group-dynamic');
+ #$lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction($object->members());
}
else
{
- $lines .= $encloseFunction('group-static');
- $lines .= $encloseFunction($object->members());
+ $lines .= $context->encloseFunction('group-static');
+ $lines .= $context->encloseFunction($object->members());
}
- $lines .= $encloseFunction($object->description(), FALSE);
+ $lines .= $context->encloseFunction($object->description(), FALSE);
if( $object->isGroup() )
- $lines .= $encloseFunction( (string)count( $object->members() ));
+ $lines .= $context->encloseFunction( (string)count( $object->members() ));
else
- $lines .= $encloseFunction( '---' );
+ $lines .= $context->encloseFunction( '---' );
$counter = 0;
- $members = $object->expand(FALSE);
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
foreach( $members as $member )
$counter += $member->getIPcount();
- $lines .= $encloseFunction((string)$counter);
+ $lines .= $context->encloseFunction((string)$counter);
- $lines .= $encloseFunction($object->tags->tags());
+ $lines .= $context->encloseFunction($object->tags->tags());
}
elseif( $object->isAddress() )
{
if( $object->isTmpAddr() )
{
- $lines .= $encloseFunction('unknown');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('unknown');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
else
{
- $lines .= $encloseFunction($object->type());
- $lines .= $encloseFunction($object->value());
- $lines .= $encloseFunction($object->description(), FALSE);
- $lines .= $encloseFunction( '---' );
- $lines .= $encloseFunction( (string)$object->getIPcount() );
- $lines .= $encloseFunction($object->tags->tags());
+ $lines .= $context->encloseFunction($object->type());
+ $lines .= $context->encloseFunction($object->value());
+ $lines .= $context->encloseFunction($object->description(), FALSE);
+ $lines .= $context->encloseFunction( '---' );
+ $lines .= $context->encloseFunction( (string)$object->getIPcount() );
+ $lines .= $context->encloseFunction($object->tags->tags());
}
}
elseif( $object->isRegion() )
@@ -908,7 +887,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -919,7 +898,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addResolveGroupIPCoverage )
{
@@ -929,39 +908,61 @@
foreach( array_keys($mapping->unresolved) as $unresolved )
$strMapping[] = $unresolved;
- $lines .= $encloseFunction($strMapping);
+ $lines .= $context->encloseFunction($strMapping);
}
if( $addNestedMembers )
{
if( $object->isGroup() )
{
- $members = $object->expand(FALSE);
- $lines .= $encloseFunction($members);
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ $lines .= $context->encloseFunction($members);
}
else
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
if( $addResolveIPNestedMembers )
{
if( $object->isGroup() )
{ $resolve = array();
- $members = $object->expand(FALSE);
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
foreach( $members as $member )
$resolve[] = $member->value();
- $lines .= $encloseFunction($resolve);
+ $lines .= $context->encloseFunction($resolve);
}
else
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ }
+ if( $addResolveLocationNestedMembers )
+ {
+ if( $object->isGroup() )
+ { $resolve = array();
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ foreach( $members as $member )
+ {
+ $tmp_name = $member->owner->owner->name();
+ if( empty($tmp_name) )
+ $tmp_name = "shared";
+ $resolve[] = $tmp_name;
+ }
+
+ $lines .= $context->encloseFunction($resolve);
+ }
+ else
+ $lines .= $context->encloseFunction('');
}
if( $addNestedMembersCount )
{
if( $object->isGroup() )
{ $resolve = array();
- $members = $object->expand(FALSE);
- $lines .= $encloseFunction( (string)count($members) );
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ $lines .= $context->encloseFunction( (string)count($members) );
}
else
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
$lines .= "
\n";
@@ -1424,6 +1425,13 @@
return;
}
+ if( $object->isRegion() )
+ {
+ $string = "this is a Region object - not supported yet";
+ PH::ACTIONstatus( $context, "SKIPPED", $string );
+ return;
+ }
+
$localLocation = 'shared';
if( !$object->owner->owner->isPanorama() && !$object->owner->owner->isFirewall() )
@@ -3198,4 +3206,211 @@
PH::ACTIONlog( $context, $string );
}
}
+);
+
+
+AddressCallContext::$supportedActions['upload-Address-2CloudManager'] = array(
+ 'name' => 'upload-address-2cloudmanager',
+ 'GlobalInitFunction' => function (AddressCallContext $context) {
+ //get Panorama config
+ //possible: XML file / XML API
+ //including DG
+
+ if( $context->isSaseAPI === False )
+ derr( "only Strata Cloud manager is supported for this type=address action", null, False );
+
+ $filename = $context->arguments['panorama_file'];
+ $DGname = $context->arguments['dg_name'];
+ $context->objectList = array();
+
+ ##########################################
+
+ $argv2 = array();
+ $argc2 = array();
+ PH::$args = array();
+ PH::$argv = array();
+ $argv2[0] = "test";
+
+ if( file_exists( $filename ) )
+ $argv2[] = "in=".$filename;
+ else
+ derr("cannot open file '{$filename}", null, False);
+
+ //create new UTIL with Panorama config in
+ $util2 = new UTIL("custom", $argv2, $argc2, "actions=upload-address-2cloudmanager");
+ $util2->utilInit();
+ $util2->load_config();
+
+##########################################
+##########################################
+
+ $pan = $util2->pan;
+
+ //check that load config file is Panorama
+ if( $pan->isPanorama() )
+ {
+ //find DG name
+ $sub = $pan->findDeviceGroup( $DGname );
+ if( $sub === null )
+ $util2->locationNotFound($DGname);
+ }
+
+ else
+ derr( "only Panorama config file is supported", null, False );
+
+ ##########################################
+
+ foreach( $sub->addressStore->all( "!(object is.group) and !(object is.tmp)" ) as $obj )
+ {
+ $context->objectList[] = $obj;
+ #print $obj->name()."\n";
+ }
+
+ },
+ 'MainFunction' => function (AddressCallContext $context) {
+
+ },
+ 'GlobalFinishFunction' => function (AddressCallContext $context) {
+
+ $addressStore = $context->subSystem->addressStore;
+
+ foreach( $context->objectList as $object )
+ {
+ if( $object->isGroup() || $object->isTmpAddr() )
+ {
+ $string = "Address object is Group or TMP - not supported";
+ PH::ACTIONstatus( $context, 'skipped', $string);
+ continue;
+ }
+
+ $newName = $object->name();
+ $value = $object->value();
+ $type = $object->type();
+
+ $tmpAddr = $addressStore->find( $newName );
+ if( $tmpAddr === null )
+ {
+ $string = "upload Address object : '" . $newName . "' - type: ".$type." - value: ".$value;
+ PH::ACTIONlog( $context, $string );
+
+ if( $context->isAPI )
+ $addressStore->API_newAddress($newName, $type, $value);
+ else
+ derr( "only API supported" );
+ }
+ else
+ mwarning( "objectname: ".$newName." is already available", null, false );
+ }
+ },
+ 'args' => array(
+ 'panorama_file' => Array( 'type' => 'string', 'default' => '*nodefault*'),
+ 'dg_name' => array('type' => 'string', 'default' => '*nodefault*')
+ )
+);
+
+AddressCallContext::$supportedActions['upload-AddressGroup-2CloudManager'] = array(
+ 'name' => 'upload-addressgroup-2cloudmanager',
+ 'GlobalInitFunction' => function (AddressCallContext $context) {
+ //get Panorama config
+ //possible: XML file / XML API
+ //including DG
+
+ if( $context->isSaseAPI === False )
+ derr( "only Strata Cloud manager is supported for this type=address action", null, False );
+
+ $filename = $context->arguments['panorama_file'];
+ $DGname = $context->arguments['dg_name'];
+ $context->objectList = array();
+
+ ##########################################
+
+ $argv2 = array();
+ $argc2 = array();
+ PH::$args = array();
+ PH::$argv = array();
+ $argv2[0] = "test";
+
+ if( file_exists( $filename ) )
+ $argv2[] = "in=".$filename;
+ else
+ derr("cannot open file '{$filename}", null, False);
+
+ //create new UTIL with Panorama config in
+ $util2 = new UTIL("custom", $argv2, $argc2, "actions=upload-address-2cloudmanager");
+ $util2->utilInit();
+ $util2->load_config();
+
+##########################################
+##########################################
+
+ $pan = $util2->pan;
+
+ //check that load config file is Panorama
+ if( $pan->isPanorama() )
+ {
+ //find DG name
+ $sub = $pan->findDeviceGroup( $DGname );
+ if( $sub === null )
+ $util2->locationNotFound($DGname);
+ }
+ else
+ derr( "only Panorama config file is supported", null, False );
+
+ ##########################################
+
+ foreach( $sub->addressStore->all( "(object is.group)" ) as $obj )
+ {
+ #print $obj->name()."\n";
+ /** @var $obj AddressGroup */
+ $context->objectList[$obj->name()]['obj'] = $obj;
+ }
+ },
+ 'MainFunction' => function (AddressCallContext $context) {
+ },
+ 'GlobalFinishFunction' => function (AddressCallContext $context) {
+
+ $addressStore = $context->subSystem->addressStore;
+
+ foreach( $context->objectList as $object_entry )
+ {
+ $object = $object_entry['obj'];
+ if( !$object->isGroup() )
+ {
+ $string = "Address object is not Group - not supported";
+ PH::ACTIONstatus( $context, 'skipped', $string);
+ continue;
+ }
+
+ $newName = $object->name();
+
+ $adrGrp = $addressStore->find( $newName );
+ if( $adrGrp === null )
+ {
+ $string = "upload AddressGroup object : '" . $newName;
+ PH::ACTIONlog( $context, $string );
+
+ //check that addressgroup and all members are available
+ //then API sync if possible
+
+ $adrGrp = $addressStore->newAddressGroup( $newName );
+ foreach( $object->members() as $member2 )
+ {
+ if( $object->owner === $member2->owner )
+ $adrGrp->addMember( $member2 );
+ else
+ mwarning( "this objectname: ".$member2->name()." is part of another DG: ".$member2->owner->owner->name() );
+ }
+
+
+ if( $context->isAPI )
+ $adrGrp->API_sync( true );
+ }
+ else
+ mwarning( "objectname: ".$newName." is already available", null, false );
+ }
+ },
+ 'args' => array(
+ 'panorama_file' => Array( 'type' => 'string', 'default' => '*nodefault*'),
+ 'dg_name' => array('type' => 'string', 'default' => '*nodefault*')
+ )
);
\ No newline at end of file
diff --git a/utils/common/actions-device.php b/utils/common/actions-device.php
index 7d23ecfb..aef3426c 100644
--- a/utils/common/actions-device.php
+++ b/utils/common/actions-device.php
@@ -730,36 +730,6 @@
$filename = "project/html/".$filename;
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$addWhereUsed = FALSE;
@@ -795,15 +765,15 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- #$lines .= $encloseFunction(PH::getLocationString($object));
+ #$lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
if( get_class($object) == "TemplateStack" )
{
- $lines .= $encloseFunction( array_reverse($object->templates) );
+ $lines .= $context->encloseFunction( array_reverse($object->templates) );
}
if( $addWhereUsed )
@@ -812,7 +782,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -823,7 +793,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
$lines .= "
\n";
@@ -1497,41 +1467,6 @@
$filename = "project/html/".$filename;
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- {
- #derr('unsupported');
- $output = 'unsupported value/type';
- }
-
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
-
$headers = 'sub | ruletype | ';
foreach( $context->fields as $fieldName => $fieldID )
@@ -1553,10 +1488,10 @@
else
$lines .= "";
- #$lines .= $encloseFunction(PH::getLocationString($object));
+ #$lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction( strval($subtype) );
- $lines .= $encloseFunction( strval($keyruletype) ) ;
+ $lines .= $context->encloseFunction( strval($subtype) );
+ $lines .= $context->encloseFunction( strval($keyruletype) ) ;
if( is_object( $rule['rule'] ) )
@@ -1564,13 +1499,13 @@
$line = "";
foreach( $context->fields as $fieldName => $fieldID )
$line .= $context->ruleContext->ruleFieldHtmlExport($rule['rule'], $fieldID);
- #$lines .= $encloseFunction( $line );
+ #$lines .= $context->encloseFunction( $line );
$lines .= $line;
- #$lines .= $encloseFunction( $rule['rule']->name() );
+ #$lines .= $context->encloseFunction( $rule['rule']->name() );
}
else
- $lines .= $encloseFunction( $rule['rule'] );
+ $lines .= $context->encloseFunction( $rule['rule'] );
$lines .= "
\n";
@@ -1582,8 +1517,8 @@
else
$lines .= "";
- $lines .= $encloseFunction( "---" );
- $lines .= $encloseFunction( "shadowed" ) ;
+ $lines .= $context->encloseFunction( "---" );
+ $lines .= $context->encloseFunction( "shadowed" ) ;
@@ -1592,14 +1527,14 @@
$line = "";
foreach( $context->fields as $fieldName => $fieldID )
$line .= $context->ruleContext->ruleFieldHtmlExport($ruleItem, $fieldID);
- #$lines .= $encloseFunction( $line );
+ #$lines .= $context->encloseFunction( $line );
$lines .= $line;
- #$lines .= $encloseFunction( $ruleItem->name() );
+ #$lines .= $context->encloseFunction( $ruleItem->name() );
}
else
- $lines .= $encloseFunction( strval($ruleItem) );
+ $lines .= $context->encloseFunction( strval($ruleItem) );
$lines .= "
\n";
}
diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php
index a530cd80..bd293200 100644
--- a/utils/common/actions-dhcp.php
+++ b/utils/common/actions-dhcp.php
@@ -22,24 +22,62 @@
DHCPCallContext::$supportedActions['display'] = Array(
'name' => 'display',
- 'MainFunction' => function ( DHCPCallContext $context )
- {
+ 'MainFunction' => function ( DHCPCallContext $context ) {
$object = $context->object;
- PH::print_stdout(" * ".get_class($object)." '{$object->name()}'" );
+ PH::print_stdout(" * " . get_class($object) . " '{$object->name()}'");
PH::$JSON_TMP['sub']['object'][$object->name()]['name'] = $object->name();
PH::$JSON_TMP['sub']['object'][$object->name()]['type'] = get_class($object);
- PH::print_stdout(" RESERVATION:" );
+ if( count($object->server_leases) > 0 )
+ {
+ PH::print_stdout(" SERVER reservation:");
+
+ foreach( $object->server_leases as $lease )
+ {
+ #PH::print_stdout(" - "."IP: ".$lease['ip']." | mac: ".$lease['mac']);
+ PH::print_stdout(" - " . "" . $lease['ip'] . " | " . $lease['mac']);
+ PH::$JSON_TMP['sub']['object'][$object->name()]['server']['reserved'][] = $lease;
+ }
+ }
+ if( count($object->server_ip_pool) > 0 )
+ {
+ PH::print_stdout(" SERVER ip-pool:");
+
+ foreach( $object->server_ip_pool as $ip_pool )
+ {
+ PH::print_stdout(" - " . "" . $ip_pool);
+ PH::$JSON_TMP['sub']['object'][$object->name()]['server']['ip-pool'][] = $ip_pool;
+ }
+ }
+
+ if( count($object->relay_ipv4) > 0 )
+ {
+ if( $object->relay_ipv4_status )
+ PH::print_stdout(" RELAY IPV4 [enabled]:" );
+ else
+ PH::print_stdout(" RELAY IPV4 [disabled]:" );
+ foreach( $object->relay_ipv4 as $server )
+ {
+ PH::print_stdout(" - "."".$server);
+ PH::$JSON_TMP['sub']['object'][$object->name()]['relay']['ipv4'][] = $server;
+ }
+ }
- foreach( $object->server_leases as $lease )
+ if( count($object->relay_ipv6) > 0 )
{
- #PH::print_stdout(" - "."IP: ".$lease['ip']." | mac: ".$lease['mac']);
- PH::print_stdout(" - "."".$lease['ip']." | ".$lease['mac']);
- PH::$JSON_TMP['sub']['object'][$object->name()]['server']['reserved'][] = $lease;
+ if( $object->relay_ipv6_status )
+ PH::print_stdout(" RELAY IPV6 [enabled]:" );
+ else
+ PH::print_stdout(" RELAY IPV6 [disabled]:" );
+ foreach( $object->relay_ipv6 as $server )
+ {
+ PH::print_stdout(" - "."".$server);
+ PH::$JSON_TMP['sub']['object'][$object->name()]['relay']['ipv6'][] = $server;
+ }
}
+
},
- //Todo: display routes to zone / Interface IP
);
DHCPCallContext::$supportedActions['dhcp-server-reservation-create'] = Array(
@@ -89,3 +127,167 @@
'mac' => array('type' => 'string', 'default' => 'false'),
),
);
+
+DHCPCallContext::$supportedActions['exportToExcel'] = array(
+ 'name' => 'exportToExcel',
+ 'MainFunction' => function (DHCPCallContext $context) {
+ $object = $context->object;
+ $context->objectList[] = $object;
+ },
+ 'GlobalInitFunction' => function (DHCPCallContext $context) {
+ $context->objectList = array();
+ },
+ 'GlobalFinishFunction' => function (DHCPCallContext $context) {
+ $args = &$context->arguments;
+ $filename = $args['filename'];
+
+ if( isset( $_SERVER['REQUEST_METHOD'] ) )
+ $filename = "project/html/".$filename;
+
+ $addWhereUsed = FALSE;
+ $addUsedInLocation = FALSE;
+
+ $optionalFields = &$context->arguments['additionalFields'];
+
+ if( isset($optionalFields['WhereUsed']) )
+ $addWhereUsed = TRUE;
+
+ if( isset($optionalFields['UsedInLocation']) )
+ $addUsedInLocation = TRUE;
+
+ $headers = 'ID | template | location | name | ';
+ $headers .= 'SERVER reservation | SERVER ip-pool | RELAY IPv4 | RELAY IPv6 | ';
+
+ if( $addWhereUsed )
+ $headers .= 'where used | ';
+ if( $addUsedInLocation )
+ $headers .= 'location used | ';
+
+
+ $lines = '';
+
+ $count = 0;
+ if( isset($context->objectList) )
+ {
+ foreach( $context->objectList as $object )
+ {
+ $count++;
+
+ /** @var DHCP $object */
+ if( $count % 2 == 1 )
+ $lines .= "\n";
+ else
+ $lines .= "
";
+
+ $lines .= $context->encloseFunction((string)$count);
+
+ if( get_class($object->owner->owner) == "PANConf" )
+ {
+ if( isset($object->owner->owner->owner) && $object->owner->owner->owner !== null && (get_class($object->owner->owner->owner) == "Template" || get_class($context->subSystem->owner) == "TemplateStack" ) )
+ {
+ $lines .= $context->encloseFunction($object->owner->owner->owner->name());
+ $lines .= $context->encloseFunction($object->owner->owner->name());
+ }
+ else
+ {
+ $lines .= $context->encloseFunction("---");
+ $lines .= $context->encloseFunction($object->owner->owner->name());
+ }
+ }
+
+
+ $lines .= $context->encloseFunction($object->name());
+
+ $tmpArray = array();
+ foreach( $object->server_leases as $lease )
+ $tmpArray[] = $lease['ip']." | ".$lease['mac'];
+ $lines .= $context->encloseFunction($tmpArray);
+
+ $tmpString = "";
+ #foreach( $object->server_ip_pool as $server )
+ # $tmpString .= $server;
+ $lines .= $context->encloseFunction($object->server_ip_pool);
+
+ $tmpArray = array();
+ if( count($object->relay_ipv4) > 0 )
+ {
+ if( $object->relay_ipv4_status )
+ $tmpArray[] = "[enabled]";
+ else
+ $tmpArray[] = "[disabled]";
+ foreach( $object->relay_ipv4 as $server )
+ $tmpArray[] = $server;
+ }
+ $lines .= $context->encloseFunction($tmpArray);
+
+ $tmpArray = array();
+ if( count($object->relay_ipv6) > 0 )
+ {
+ if( $object->relay_ipv6_status )
+ $tmpArray[] = "[enabled]";
+ else
+ $tmpArray[] = "[disabled]";
+ foreach( $object->relay_ipv6 as $server )
+ $tmpArray[] = $server;
+ }
+ $lines .= $context->encloseFunction($tmpArray);
+
+ if( $addWhereUsed )
+ {
+ $refTextArray = array();
+ foreach( $object->getReferences() as $ref )
+ $refTextArray[] = $ref->_PANC_shortName();
+
+ $lines .= $context->encloseFunction($refTextArray);
+ }
+ if( $addUsedInLocation )
+ {
+ $refTextArray = array();
+ foreach( $object->getReferences() as $ref )
+ {
+ $location = PH::getLocationString($object->owner);
+ $refTextArray[$location] = $location;
+ }
+
+ $lines .= $context->encloseFunction($refTextArray);
+ }
+
+
+ $lines .= "
\n";
+
+ }
+ }
+
+ $content = file_get_contents(dirname(__FILE__) . '/html/export-template.html');
+ $content = str_replace('%TableHeaders%', $headers, $content);
+
+ $content = str_replace('%lines%', $lines, $content);
+
+ $jscontent = file_get_contents(dirname(__FILE__) . '/html/jquery.min.js');
+ $jscontent .= "\n";
+ $jscontent .= file_get_contents(dirname(__FILE__) . '/html/jquery.stickytableheaders.min.js');
+ $jscontent .= "\n\$('table').stickyTableHeaders();\n";
+
+ $content = str_replace('%JSCONTENT%', $jscontent, $content);
+
+ file_put_contents($filename, $content);
+
+
+ file_put_contents($filename, $content);
+ },
+ 'args' => array('filename' => array('type' => 'string', 'default' => '*nodefault*'),
+ 'additionalFields' =>
+ array('type' => 'pipeSeparatedList',
+ 'subtype' => 'string',
+ 'default' => '*NONE*',
+ 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveIP', 'NestedMembers'),
+ 'help' =>
+ "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n" .
+ " - NestedMembers: lists all members, even the ones that may be included in nested groups\n" .
+ " - ResolveIP\n" .
+ " - UsedInLocation : list locations (vsys,dg,shared) where object is used\n" .
+ " - WhereUsed : list places where object is used (rules, groups ...)\n"
+ )
+ )
+
+);
\ No newline at end of file
diff --git a/utils/common/actions-rule.php b/utils/common/actions-rule.php
index 5f1166b3..04bb051b 100644
--- a/utils/common/actions-rule.php
+++ b/utils/common/actions-rule.php
@@ -3823,7 +3823,7 @@
if( $addResolvedAddressSummary )
{
$unresolvedArray = array();
- PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['resolved'] = $context->AddressResolveSummary( $rule, "source", $unresolvedArray );
+ PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['resolved'] = $context->AddressResolveSummaryNEW( $rule, "source", $unresolvedArray );
PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['unresolved'] = $unresolvedArray;
$unresolvedArray = array();
PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_value'] = $context->AddressResolveValueSummary( $rule, "source", $unresolvedArray );
@@ -3833,7 +3833,7 @@
PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_nested_value'] = $context->AddressResolveValueNestedSummary( $rule, "source", $unresolvedArray );
$unresolvedArray = array();
- PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['resolved'] = $context->AddressResolveSummary( $rule, "destination", $unresolvedArray );
+ PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['resolved'] = $context->AddressResolveSummaryNEW( $rule, "destination", $unresolvedArray );
PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['unresolved'] = $unresolvedArray;
$unresolvedArray = array();
PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_value'] = $context->AddressResolveValueSummary( $rule, "destination", $unresolvedArray );
@@ -3844,7 +3844,12 @@
}
if( $addResolvedServiceSummary )
- PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_sum'] = $rule->ServiceResolveSummary();
+ {
+ PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_sum'] = $rule->ServiceResolveSummary($rule->owner->owner);
+ PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_nested_name'] = $context->ServiceResolveNameNestedSummary( $rule );
+ PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_nested_value'] = $context->ServiceResolveValueNestedSummary( $rule );
+ }
+
if( $addResolvedServiceAppDefaultSummary )
PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_appdefault_resolved_sum'] = $rule->ServiceAppDefaultResolveSummary();
@@ -4300,36 +4305,6 @@
if( isset( $_SERVER['REQUEST_METHOD'] ) )
$filename = "project/html/".$filename;
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$addResolvedAddressSummary = FALSE;
$addResolvedServiceSummary = FALSE;
@@ -4369,6 +4344,7 @@
'src' => 'source',
'src_resolved_value' => 'src_resolved_value',
'src_resolved_sum' => 'src_resolved_sum',
+ 'src_resolved_sumOLD' => 'src_resolved_sumOLD',
'src_resolved_nested_name' => 'src_resolved_nested_name',
'src_resolved_nested_value' => 'src_resolved_nested_value',
'src_resolved_nested_location' => 'src_resolved_nested_location',
@@ -4377,11 +4353,15 @@
'dst_interface' => 'dst_interface',
'dst_resolved_value' => 'dst_resolved_value',
'dst_resolved_sum' => 'dst_resolved_sum',
+ 'dst_resolved_sumOLD' => 'dst_resolved_sumOLD',
'dst_resolved_nested_name' => 'dst_resolved_nested_name',
'dst_resolved_nested_value' => 'dst_resolved_nested_value',
'dst_resolved_nested_location' => 'dst_resolved_nested_location',
'service' => 'service',
'service_resolved_sum' => 'service_resolved_sum',
+ 'service_resolved_nested_name' => 'service_resolved_nested_name',
+ 'service_resolved_nested_value' => 'service_resolved_nested_value',
+ 'service_resolved_nested_location' => 'service_resolved_nested_location',
'service_appdefault_resolved_sum' => 'service_appdefault_resolved_sum',
'service_count' => 'service_count',
'service_count_tcp' => 'service_count_tcp',
@@ -4430,23 +4410,24 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
foreach( $fields as $fieldName => $fieldID )
{
if( ((
- $fieldName == 'src_resolved_sum' || $fieldName == 'src_resolved_value' ||
+ $fieldName == 'src_resolved_sum' || $fieldName == 'src_resolved_sumOLD' || $fieldName == 'src_resolved_value' ||
$fieldName == 'src_resolved_nested_name' || $fieldName == 'src_resolved_nested_value' || $fieldName == 'src_resolved_nested_location' ||
- $fieldName == 'dst_resolved_sum' || $fieldName == 'dst_resolved_value' ||
+ $fieldName == 'dst_resolved_sum' || $fieldName == 'dst_resolved_sumOLD' || $fieldName == 'dst_resolved_value' ||
$fieldName == 'dst_resolved_nested_name' || $fieldName == 'dst_resolved_nested_value' || $fieldName == 'dst_resolved_nested_location' ||
$fieldName == 'dnat_host_resolved_sum' ||
$fieldName == 'snat_address_resolved_sum')
&& !$addResolvedAddressSummary) ||
(($fieldName == 'service_resolved_sum' ||
+ $fieldName == 'service_resolved_nested_name' || $fieldName == 'service_resolved_nested_value' || $fieldName == 'service_resolved_nested_location' ||
$fieldName == 'service_count' || $fieldName == 'service_count_tcp' || $fieldName == 'service_count_udp') && !$addResolvedServiceSummary) ||
(($fieldName == 'service_appdefault_resolved_sum') && !$addResolvedServiceAppDefaultSummary) ||
(($fieldName == 'application_resolved_sum') && !$addResolvedApplicationSummary) ||
- (($fieldName == 'schedule_resolved_sum') && !$addResolvedScheduleSummary) ||
+ (($fieldName == 'schedule_resolved_sum' ) && !$addResolvedScheduleSummary) ||
(($fieldName == 'application_seen') && (!$addAppSeenSummary || !$context->isAPI) ) ||
(($fieldName == 'first-hit' || $fieldName == 'last-hit' || $fieldName == 'hit-count') && (!$addHitCountSummary || !$context->isAPI) ) ||
(($fieldName == 'nat_rule_type' || $fieldName == 'snat_type' || $fieldName == 'snat_address' ||
diff --git a/utils/common/actions-securityprofile.php b/utils/common/actions-securityprofile.php
index 7ffd0c7a..010773ed 100644
--- a/utils/common/actions-securityprofile.php
+++ b/utils/common/actions-securityprofile.php
@@ -469,36 +469,6 @@
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$count = 0;
if( isset($context->objectList) )
@@ -513,32 +483,32 @@
else
$lines .= "
";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
if( $object->owner->owner === null )
{
- $lines .= $encloseFunction('predefined');
+ $lines .= $context->encloseFunction('predefined');
}
else
{
if( $object->owner->owner !== null && ( $object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() ) )
- $lines .= $encloseFunction('shared');
+ $lines .= $context->encloseFunction('shared');
else
- $lines .= $encloseFunction($object->owner->owner->name());
+ $lines .= $context->encloseFunction($object->owner->owner->name());
}
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
- $lines .= $encloseFunction( $object->owner->name() );
+ $lines .= $context->encloseFunction( $object->owner->name() );
if( isset($object->secprof_type) )
- $lines .= $encloseFunction($object->secprof_type);
+ $lines .= $context->encloseFunction($object->secprof_type);
else
- $lines .= $encloseFunction(get_class($object) );
+ $lines .= $context->encloseFunction(get_class($object) );
- #$lines .= $encloseFunction($object->value());
+ #$lines .= $context->encloseFunction($object->value());
if( !empty( $object->threatException ) )
{
$tmp_array = array();
@@ -546,10 +516,10 @@
$tmp_array[] = $threatname;
$string = implode( ",", $tmp_array);
- $lines .= $encloseFunction( $string );
+ $lines .= $context->encloseFunction( $string );
}
else
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
if( get_class($object) == "customURLProfile" )
{
@@ -561,11 +531,11 @@
$tmp_array[] = $member;
$string = implode( ",", $tmp_array);
- $lines .= $encloseFunction( $tmp_array );
+ $lines .= $context->encloseFunction( $tmp_array );
}
else
{
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
if( $addWhereUsed )
@@ -574,7 +544,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -585,7 +555,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
$lines .= "
\n";
diff --git a/utils/common/actions-securityprofilegroup.php b/utils/common/actions-securityprofilegroup.php
index 05fa1b8a..24973b6c 100644
--- a/utils/common/actions-securityprofilegroup.php
+++ b/utils/common/actions-securityprofilegroup.php
@@ -228,44 +228,6 @@
$filename = "project/html/".$filename;
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- elseif( is_object($value) )
- $output = htmlspecialchars($value->name());
- elseif( $value == null )
- $output = "---";
- else
- {
- derr('unsupported');
- }
-
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
-
$addWhereUsed = FALSE;
$addUsedInLocation = FALSE;
@@ -299,11 +261,11 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- $lines .= $encloseFunction(PH::getLocationString($object));
+ $lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
$counter_array = array();
@@ -311,17 +273,17 @@
if( count( $refLoc ) == 0 )
{
$refLoc = "---";
- $lines .= $encloseFunction($refLoc);
+ $lines .= $context->encloseFunction($refLoc);
}
else
{
- $lines .= $encloseFunction($refLoc);
+ $lines .= $context->encloseFunction($refLoc);
}
if( count( $counter_array ) == 0 )
{
$refLoc = "---";
- $lines .= $encloseFunction($refLoc);
+ $lines .= $context->encloseFunction($refLoc);
}
else
{
@@ -330,7 +292,7 @@
$tmparray[$key] = (string)$counter_array[$key];
$counter_array = $tmparray;
- $lines .= $encloseFunction($counter_array);
+ $lines .= $context->encloseFunction($counter_array);
}
$refCount = $object->countReferences();
@@ -338,23 +300,23 @@
$refCount = "---";
else
$refCount = (string)$refCount ;
- $lines .= $encloseFunction( $refCount );
+ $lines .= $context->encloseFunction( $refCount );
//private $secprof_array = array('virus', 'spyware', 'vulnerability', 'file-blocking', 'wildfire-analysis', 'url-filtering', 'data-filtering');
- $lines .= $encloseFunction($object->secprofiles['virus']);
+ $lines .= $context->encloseFunction($object->secprofiles['virus']);
- $lines .= $encloseFunction($object->secprofiles['spyware']);
+ $lines .= $context->encloseFunction($object->secprofiles['spyware']);
- $lines .= $encloseFunction($object->secprofiles['vulnerability']);
+ $lines .= $context->encloseFunction($object->secprofiles['vulnerability']);
- $lines .= $encloseFunction($object->secprofiles['url-filtering']);
+ $lines .= $context->encloseFunction($object->secprofiles['url-filtering']);
- $lines .= $encloseFunction($object->secprofiles['file-blocking']);
+ $lines .= $context->encloseFunction($object->secprofiles['file-blocking']);
- $lines .= $encloseFunction($object->secprofiles['data-filtering']);
+ $lines .= $context->encloseFunction($object->secprofiles['data-filtering']);
- $lines .= $encloseFunction($object->secprofiles['wildfire-analysis']);
+ $lines .= $context->encloseFunction($object->secprofiles['wildfire-analysis']);
if( $addWhereUsed )
{
@@ -362,7 +324,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -373,7 +335,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
$lines .= "
\n";
diff --git a/utils/common/actions-service.php b/utils/common/actions-service.php
index c291db4a..71a50049 100644
--- a/utils/common/actions-service.php
+++ b/utils/common/actions-service.php
@@ -238,42 +238,13 @@
if( isset( $_SERVER['REQUEST_METHOD'] ) )
$filename = "project/html/".$filename;
- $lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
-
-
$addWhereUsed = FALSE;
$addUsedInLocation = FALSE;
$addResolveGroupSRVCoverage = FALSE;
+ $addNestedMembers = FALSE;
+ $addResolveSRVNestedMembers = FALSE;
+ $addResolveLocationNestedMembers = FALSE;
+ $addNestedMembersCount = FALSE;
$optionalFields = &$context->arguments['additionalFields'];
@@ -286,7 +257,15 @@
if( isset($optionalFields['ResolveSRV']) )
$addResolveGroupSRVCoverage = TRUE;
- $headers = 'ID | location | name | type | dport | sport | timeout | members | description | tags | ';
+ if( isset($optionalFields['NestedMembers']) )
+ {
+ $addNestedMembers = TRUE;
+ $addResolveSRVNestedMembers = TRUE;
+ $addResolveLocationNestedMembers = TRUE;
+ $addNestedMembersCount = TRUE;
+ }
+
+ $headers = 'ID | location | name | type | dport | sport | timeout | members | members count | description | tags | ';
$headers .= 'port.count | port.tcp.count | port.udp.count | ';
if( $addWhereUsed )
@@ -295,6 +274,17 @@
$headers .= 'location used | ';
if( $addResolveGroupSRVCoverage )
$headers .= 'srv resolution | ';
+ if( $addNestedMembers )
+ $headers .= 'nested members | ';
+ if( $addResolveSRVNestedMembers )
+ $headers .= 'nested members srv resolution | ';
+ if( $addResolveLocationNestedMembers )
+ $headers .= 'nested members location resolution | ';
+
+ if( $addNestedMembersCount )
+ $headers .= 'nested members count | ';
+
+ $lines = '';
$count = 0;
if( isset($context->objectList) )
@@ -309,57 +299,76 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- $lines .= $encloseFunction(PH::getLocationString($object));
+ $lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
if( $object->isGroup() )
{
- $lines .= $encloseFunction('group');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction($object->members());
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction($object->tags->tags());
+ $lines .= $context->encloseFunction('group');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction($object->members());
+ $lines .= $context->encloseFunction( (string)count( $object->members() ));
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction($object->tags->tags());
}
elseif( $object->isService() )
{
if( $object->isTmpSrv() )
{
- $lines .= $encloseFunction('unknown');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
+ if( $object->name() == "service-http" )
+ {
+ $lines .= $context->encloseFunction('service-tcp');
+ $lines .= $context->encloseFunction('40');
+ }
+ elseif( $object->name() == "service-https" )
+ {
+ $lines .= $context->encloseFunction('service-tcp');
+ $lines .= $context->encloseFunction('443');
+ }
+ else
+ {
+ $lines .= $context->encloseFunction('unknown');
+ $lines .= $context->encloseFunction('');
+ }
+
+
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction( '---' );
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
else
{
if( $object->isTcp() )
- $lines .= $encloseFunction('service-tcp');
+ $lines .= $context->encloseFunction('service-tcp');
else
- $lines .= $encloseFunction('service-udp');
-
- $lines .= $encloseFunction($object->getDestPort());
- $lines .= $encloseFunction($object->getSourcePort());
- $lines .= $encloseFunction($object->getTimeout());
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction($object->description(), FALSE);
- $lines .= $encloseFunction($object->tags->tags());
+ $lines .= $context->encloseFunction('service-udp');
+
+ $lines .= $context->encloseFunction($object->getDestPort());
+ $lines .= $context->encloseFunction($object->getSourcePort());
+ $lines .= $context->encloseFunction($object->getTimeout());
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction( '---' );
+ $lines .= $context->encloseFunction($object->description(), FALSE);
+ $lines .= $context->encloseFunction($object->tags->tags());
}
}
$calculatedCounter = $context->ServiceCount( $object, "both" );
- $lines .= $encloseFunction((string)$calculatedCounter);
+ $lines .= $context->encloseFunction((string)$calculatedCounter);
$calculatedCounter = $context->ServiceCount( $object, "tcp" );
- $lines .= $encloseFunction((string)$calculatedCounter);
+ $lines .= $context->encloseFunction((string)$calculatedCounter);
$calculatedCounter = $context->ServiceCount( $object, "udp" );
- $lines .= $encloseFunction((string)$calculatedCounter);
+ $lines .= $context->encloseFunction((string)$calculatedCounter);
if( $addWhereUsed )
@@ -368,7 +377,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -379,7 +388,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addResolveGroupSRVCoverage )
{
@@ -432,7 +441,68 @@
}
}
- $lines .= $encloseFunction($port_mapping_text);
+ $lines .= $context->encloseFunction($port_mapping_text);
+ }
+
+ if( $addNestedMembers )
+ {
+ if( $object->isGroup() )
+ {
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ $lines .= $context->encloseFunction($members);
+ }
+ else
+ $lines .= $context->encloseFunction('');
+ }
+ if( $addResolveSRVNestedMembers )
+ {
+ if( $object->isGroup() )
+ {
+ $resolve = array();
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ foreach( $members as $member )
+ {
+ $srcport = "";
+ if( $member->getSourcePort() !== "" )
+ $srcport = "srcp:".$member->getSourcePort();
+ $resolve[] = $member->protocol()."/".$member->getDestPort().$srcport;
+ }
+
+ $lines .= $context->encloseFunction($resolve);
+ }
+ else
+ $lines .= $context->encloseFunction('');
+ }
+ if( $addResolveLocationNestedMembers )
+ {
+ if( $object->isGroup() )
+ { $resolve = array();
+ $tmp_array = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ foreach( $members as $member )
+ {
+ $tmp_name = $member->owner->owner->name();
+ if( empty($tmp_name) )
+ $tmp_name = "shared";
+ $resolve[] = $tmp_name;
+ }
+
+ $lines .= $context->encloseFunction($resolve);
+ }
+ else
+ $lines .= $context->encloseFunction('');
+ }
+ if( $addNestedMembersCount )
+ {
+ if( $object->isGroup() )
+ { $resolve = array();
+ $members = $object->expand(FALSE, $tmp_array, $object->owner->owner);
+ $lines .= $context->encloseFunction( (string)count($members) );
+ }
+ else
+ $lines .= $context->encloseFunction('');
}
$lines .= "
\n";
@@ -458,11 +528,12 @@
array('type' => 'pipeSeparatedList',
'subtype' => 'string',
'default' => '*NONE*',
- 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveSRV'),
+ 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveSRV', 'NestedMembers'),
'help' =>
"pipe(|) separated list of additional field to include in the report. The following is available:\n" .
" - WhereUsed : list places where object is used (rules, groups ...)\n" .
" - UsedInLocation : list locations (vsys,dg,shared) where object is used\n".
+ " - NestedMembers: lists all members, even the ones that may be included in nested groups\n" .
" - ResolveSRV\n"
)
diff --git a/utils/common/actions-tag.php b/utils/common/actions-tag.php
index 9d5b5f28..dbab38ba 100644
--- a/utils/common/actions-tag.php
+++ b/utils/common/actions-tag.php
@@ -581,36 +581,6 @@
$filename = "project/html/".$filename;
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$addWhereUsed = FALSE;
@@ -645,24 +615,24 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- $lines .= $encloseFunction(PH::getLocationString($object));
+ $lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
if( $object->isTag() )
{
if( $object->isTmp() )
{
- $lines .= $encloseFunction('unknown');
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('unknown');
+ $lines .= $context->encloseFunction('');
}
else
{
- $lines .= $encloseFunction($object->color);
- $lines .= $encloseFunction($object->getComments());
+ $lines .= $context->encloseFunction($object->color);
+ $lines .= $context->encloseFunction($object->getComments());
}
}
@@ -672,7 +642,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -683,7 +653,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
$lines .= "
\n";
diff --git a/utils/common/actions-threat.php b/utils/common/actions-threat.php
index 9f40b999..ca7d07d5 100644
--- a/utils/common/actions-threat.php
+++ b/utils/common/actions-threat.php
@@ -82,37 +82,6 @@
$filename = "project/html/".$filename;
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
-
$addWhereUsed = FALSE;
$addUsedInLocation = FALSE;
@@ -146,21 +115,21 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
- $lines .= $encloseFunction(PH::getLocationString($object));
+ $lines .= $context->encloseFunction(PH::getLocationString($object));
- $lines .= $encloseFunction(get_class($object));
+ $lines .= $context->encloseFunction(get_class($object));
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
- $lines .= $encloseFunction($object->threatname());
+ $lines .= $context->encloseFunction($object->threatname());
- $lines .= $encloseFunction($object->category());
+ $lines .= $context->encloseFunction($object->category());
- $lines .= $encloseFunction($object->severity());
+ $lines .= $context->encloseFunction($object->severity());
- $lines .= $encloseFunction($object->defaultAction());
+ $lines .= $context->encloseFunction($object->defaultAction());
if( $addWhereUsed )
{
@@ -168,7 +137,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -179,7 +148,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
$lines .= "
\n";
diff --git a/utils/common/actions-zone.php b/utils/common/actions-zone.php
index 1903afa9..2d6a37af 100644
--- a/utils/common/actions-zone.php
+++ b/utils/common/actions-zone.php
@@ -680,36 +680,6 @@
$headers .= 'nested members | ';
$lines = '';
- $encloseFunction = function ($value, $nowrap = TRUE) {
- if( is_string($value) )
- $output = htmlspecialchars($value);
- elseif( is_array($value) )
- {
- $output = '';
- $first = TRUE;
- foreach( $value as $subValue )
- {
- if( !$first )
- {
- $output .= '
';
- }
- else
- $first = FALSE;
-
- if( is_string($subValue) )
- $output .= htmlspecialchars($subValue);
- else
- $output .= htmlspecialchars($subValue->name());
- }
- }
- else
- derr('unsupported');
-
- if( $nowrap )
- return '' . $output . ' | ';
-
- return '' . $output . ' | ';
- };
$count = 0;
if( isset($context->objectList) )
@@ -724,45 +694,45 @@
else
$lines .= "";
- $lines .= $encloseFunction( (string)$count );
+ $lines .= $context->encloseFunction( (string)$count );
if( $object->owner->owner->owner->owner !== null && get_class( $object->owner->owner->owner->owner ) == "Template" )
{
- $lines .= $encloseFunction($object->owner->owner->owner->owner->name());
- $lines .= $encloseFunction($object->owner->owner->name());
+ $lines .= $context->encloseFunction($object->owner->owner->owner->owner->name());
+ $lines .= $context->encloseFunction($object->owner->owner->name());
}
else
{
- $lines .= $encloseFunction( "" );
- $lines .= $encloseFunction($object->owner->owner->name());
+ $lines .= $context->encloseFunction( "" );
+ $lines .= $context->encloseFunction($object->owner->owner->name());
}
- $lines .= $encloseFunction($object->name());
+ $lines .= $context->encloseFunction($object->name());
if( $object->isTmp() )
{
- $lines .= $encloseFunction('unknown');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('unknown');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
else
{
- $lines .= $encloseFunction($object->type());
- $lines .= $encloseFunction( $object->attachedInterfaces->getAll() );
+ $lines .= $context->encloseFunction($object->type());
+ $lines .= $context->encloseFunction( $object->attachedInterfaces->getAll() );
if( $object->logsetting == null )
$tmpLogprof = "";
else
$tmpLogprof = $object->logsetting;
- $lines .= $encloseFunction( $tmpLogprof );
+ $lines .= $context->encloseFunction( $tmpLogprof );
if( $object->zoneProtectionProfile == null )
$tmpZPP = "";
else
$tmpZPP = $object->zoneProtectionProfile;
- $lines .= $encloseFunction( $tmpZPP );
+ $lines .= $context->encloseFunction( $tmpZPP );
}
if( $addWhereUsed )
@@ -771,7 +741,7 @@
foreach( $object->getReferences() as $ref )
$refTextArray[] = $ref->_PANC_shortName();
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addUsedInLocation )
{
@@ -782,7 +752,7 @@
$refTextArray[$location] = $location;
}
- $lines .= $encloseFunction($refTextArray);
+ $lines .= $context->encloseFunction($refTextArray);
}
if( $addResolveGroupIPCoverage )
{
@@ -792,17 +762,17 @@
foreach( array_keys($mapping->unresolved) as $unresolved )
$strMapping[] = $unresolved;
- $lines .= $encloseFunction($strMapping);
+ $lines .= $context->encloseFunction($strMapping);
}
if( $addNestedMembers )
{
if( $object->isGroup() )
{
$members = $object->expand(TRUE);
- $lines .= $encloseFunction($members);
+ $lines .= $context->encloseFunction($members);
}
else
- $lines .= $encloseFunction('');
+ $lines .= $context->encloseFunction('');
}
$lines .= "
\n";
diff --git a/utils/develop/ui/json_array.js b/utils/develop/ui/json_array.js
index 4f503232..c63ca4a2 100644
--- a/utils/develop/ui/json_array.js
+++ b/utils/develop/ui/json_array.js
@@ -384,6 +384,38 @@ var subjectObject =
}
}
},
+ "upload-address-2cloudmanager": {
+ "name": "upload-address-2cloudmanager",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "panorama_file": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "dg_name": {
+ "type": "string",
+ "default": "*nodefault*"
+ }
+ }
+ },
+ "upload-addressgroup-2cloudmanager": {
+ "name": "upload-addressgroup-2cloudmanager",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "panorama_file": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "dg_name": {
+ "type": "string",
+ "default": "*nodefault*"
+ }
+ }
+ },
"value-host-object-add-netmask-m32": {
"name": "value-host-object-add-netmask-m32",
"MainFunction": {}
@@ -1803,6 +1835,12 @@ var subjectObject =
"name": "template-delete",
"MainFunction": {}
},
+ "xml-extract": {
+ "name": "xml-extract",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {}
+ },
"zoneprotectionprofile-create-bp": {
"name": "zoneprotectionprofile-create-bp",
"GlobalInitFunction": {},
@@ -1931,6 +1969,30 @@ var subjectObject =
"display": {
"name": "display",
"MainFunction": {}
+ },
+ "exporttoexcel": {
+ "name": "exportToExcel",
+ "MainFunction": {},
+ "GlobalInitFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "filename": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "additionalFields": {
+ "type": "pipeSeparatedList",
+ "subtype": "string",
+ "default": "*NONE*",
+ "choices": [
+ "WhereUsed",
+ "UsedInLocation",
+ "ResolveIP",
+ "NestedMembers"
+ ],
+ "help": "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveIP\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - WhereUsed : list places where object is used (rules, groups ...)\n"
+ }
+ }
}
},
"filter": {
@@ -6153,9 +6215,10 @@ var subjectObject =
"choices": [
"WhereUsed",
"UsedInLocation",
- "ResolveSRV"
+ "ResolveSRV",
+ "NestedMembers"
],
- "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - ResolveSRV\n"
+ "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveSRV\n"
}
}
},
@@ -7652,6 +7715,14 @@ var subjectObject =
}
},
"filter": {
+ "interface": {
+ "operators": {
+ "is.set": {
+ "Function": {},
+ "arg": false
+ }
+ }
+ },
"location": {
"operators": {
"is": {
diff --git a/utils/lib/GCP.php b/utils/lib/GCP.php
index b8ae105e..a288e9aa 100644
--- a/utils/lib/GCP.php
+++ b/utils/lib/GCP.php
@@ -300,7 +300,7 @@ public function main()
$this->execCLIWithOutput( $get_auth );
$mgmtsvc_tenantID = $this->grepAllPods( "mgmtsvc" );
- #PH::print_stdout( "mgmtsvc tenantID: '".$mgmtsvc_tenantID[0]."'");
+ PH::print_stdout( "mgmtsvc tenantID: '".$mgmtsvc_tenantID[0]."'");
$mgmtsvc = "kubectl exec -it ".$mgmtsvc_tenantID[0]." -c mgmtsvc --insecure-skip-tls-verify=true -- ";
diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php
index 3f02e995..ad0c1953 100644
--- a/utils/lib/MERGER.php
+++ b/utils/lib/MERGER.php
@@ -449,6 +449,19 @@ function findAncestor( $current, $object, $StoreType = "addressStore" )
}
}
+ function findChildAncestor( $childDeviceGroups, $object, $StoreType= "addressStore" )
+ {
+
+ foreach( $childDeviceGroups as $deviceGroup )
+ {
+ $findAncestor = $deviceGroup->addressStore->find($object->name(), null, FALSE);
+ if( $findAncestor !== null )
+ return $findAncestor;
+ }
+
+ return null;
+ }
+
function add_supported_arguments()
{
$this->supportedArguments[] = array('niceName' => 'in', 'shortHelp' => 'input file ie: in=config.xml', 'argDesc' => '[filename]');
@@ -779,6 +792,8 @@ function addressgroup_merging()
$hashMap[$value][] = $object;
if( $parentStore !== null )
$object->ancestor = self::findAncestor( $parentStore, $object, "addressStore");
+
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore");
}
else
$upperHashMap[$value][] = $object;
@@ -840,14 +855,14 @@ function addressgroup_merging()
$skip = false;
- /** @var DeviceGroup $pickedObject_DG */
+ //Todo: check all pickedObjects from hash
+ /*
$pickedObject_DG = $pickedObject->owner->owner;
if( $pickedObject_DG->parentDeviceGroup !== null )
{
$nextFindObject = $pickedObject_DG->parentDeviceGroup->addressStore->find( $pickedObject->name(), null, True );
if( $nextFindObject !== null )
{
- /** @var Address|AddressGroup $memberFound */
if( $pickedObject->isAddress() && $nextFindObject->isAddress() )
{
if( $pickedObject->value() !== $nextFindObject->value() )
@@ -862,8 +877,9 @@ function addressgroup_merging()
$diff = $pickedObject->getValueDiff($nextFindObject);
if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
{
- PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel");
+ PH::print_stdout(" * SKIPPED : this group has different membership compare to upperlevel");
$skip = TRUE;
+ break;
}
}
else
@@ -874,6 +890,13 @@ function addressgroup_merging()
}
}
}
+ */
+ $break = $this->checkParentPickObject( $hash );
+ if( $break )
+ {
+ PH::print_stdout(" this object can not be created" );
+ continue;
+ }
foreach( $pickedObject->members() as $memberObject )
{
@@ -928,8 +951,9 @@ function addressgroup_merging()
$diff = $memberObject->getValueDiff($memberFound);
if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
{
- PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve");
+ PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel");
$skip = TRUE;
+ break;
}
}
else
@@ -941,6 +965,8 @@ function addressgroup_merging()
}
}
+
+
if( $skip )
continue;
@@ -998,7 +1024,6 @@ function addressgroup_merging()
$this->skippedObject( $index, $pickedObject, $tmp_address, $stringSkippedReason);
continue;
}
-
}
}
@@ -1009,6 +1034,52 @@ function addressgroup_merging()
if( $tmp_address === null )
continue;
+ if( isset( $object->childancestor ) )
+ {
+ $childancestor = $object->childancestor;
+
+ if( $childancestor !== null )
+ {
+ if( !$childancestor->isGroup() )
+ {
+ PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value());
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor ));
+ break;
+ }
+
+ //Todo check ip4mapping of $childancestor and $object
+ /*
+ if( $hashGenerator($object) == $hashGenerator($ancestor) )
+ {
+ print "additional validation needed if same value\n";
+ break;
+ }
+ else
+ {
+
+ */
+ $this->addressgroupGetValueDiff($ancestor, $object, true);
+
+ if( isset($childancestor->owner) )
+ {
+ $tmp_ancestor_DGname = $childancestor->owner->owner->name();
+ if( $tmp_ancestor_DGname === "" )
+ $tmp_ancestor_DGname = "shared";
+ }
+ else
+ $tmp_ancestor_DGname = "shared";
+
+
+
+ PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname );
+ PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) );
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname);
+
+ break;
+ //}
+ }
+ }
+
if( $this->dupAlg == 'identical' )
if( $object->name() != $tmp_address->name() )
{
@@ -1144,6 +1215,51 @@ function addressgroup_merging()
}
+ if( isset( $object->childancestor ) )
+ {
+ $childancestor = $object->childancestor;
+
+ if( $childancestor !== null )
+ {
+ if( !$childancestor->isGroup() )
+ {
+ PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value());
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor ));
+ break;
+ }
+
+ //Todo check ip4mapping of $childancestor and $object
+ /*
+ if( $hashGenerator($object) == $hashGenerator($ancestor) )
+ {
+ print "additional validation needed if same value\n";
+ break;
+ }
+ else
+ {
+ */
+ $this->addressgroupGetValueDiff($childancestor, $object, true);
+
+ if( isset($childancestor->owner) )
+ {
+ $tmp_ancestor_DGname = $childancestor->owner->owner->name();
+ if( $tmp_ancestor_DGname === "" )
+ $tmp_ancestor_DGname = "shared";
+ }
+ else
+ $tmp_ancestor_DGname = "shared";
+
+
+
+ PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname );
+ PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) );
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname);
+
+ break;
+ //}
+ }
+ }
+
if( $object === $pickedObject )
{
#PH::print_stdout(" - SKIPPED: '{$object->name()}' === '{$pickedObject->name()}': ");
@@ -1377,9 +1493,9 @@ function address_merging()
{
$hashMap[$value][] = $object;
if( $parentStore !== null )
- {
$object->ancestor = self::findAncestor( $parentStore, $object, "addressStore" );
- }
+
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore");
}
else
$upperHashMap[$value][] = $object;
@@ -1405,9 +1521,9 @@ function address_merging()
{
$hashMap[$value][] = $object;
if( $parentStore !== null )
- {
$object->ancestor = self::findAncestor( $parentStore, $object, "addressStore" );
- }
+
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore");
}
else
$upperHashMap[$value][] = $object;
@@ -1910,6 +2026,88 @@ function PickObject(&$hash)
return $pickedObject;
}
+ function checkParentPickObject( $hash )
+ {
+ $break = False;
+ foreach( $hash as $pickedObject )
+ {
+ /** @var DeviceGroup $pickedObject_DG */
+ $pickedObject_DG = $pickedObject->owner->owner;
+ if( $pickedObject_DG->parentDeviceGroup !== null )
+ {
+ $nextFindObject = $pickedObject_DG->parentDeviceGroup->addressStore->find( $pickedObject->name(), null, True );
+ if( $nextFindObject !== null )
+ {
+ /** @var Address|AddressGroup $memberFound */
+ if( $pickedObject->isAddress() && $nextFindObject->isAddress() )
+ {
+ if( $pickedObject->value() !== $nextFindObject->value() )
+ {
+ PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value");
+ $break = TRUE;
+ }
+ }
+ elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() )
+ {
+ $diff = $pickedObject->getValueDiff($nextFindObject);
+ if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
+ {
+ PH::print_stdout(" * SKIPPED : this group has different membership compare to upperlevel");
+ $break = TRUE;
+ }
+ }
+ else
+ {
+ PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type");
+ $break = TRUE;
+ }
+ }
+ }
+ }
+ return $break;
+ }
+
+ function checkParentServicePickObject($hash)
+ {
+ $break = False;
+ foreach( $hash as $pickedObject )
+ {
+ /** @var DeviceGroup $pickedObject_DG */
+ $pickedObject_DG = $pickedObject->owner->owner;
+ if( $pickedObject_DG->parentDeviceGroup !== null )
+ {
+ $nextFindObject = $pickedObject_DG->parentDeviceGroup->serviceStore->find( $pickedObject->name(), null, True );
+ if( $nextFindObject !== null )
+ {
+ /** @var Service|ServiceGroup $memberFound */
+ if( $pickedObject->isService() && $nextFindObject->isService() )
+ {
+ if( $pickedObject->getDestPort() !== $nextFindObject->getDestPort() || $pickedObject->getSourcePort() !== $nextFindObject->getSourcePort() || $pickedObject->protocol() !== $nextFindObject->protocol() )
+ {
+ PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value or protocol");
+ $break = TRUE;
+ }
+ }
+ elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() )
+ {
+ //todo 20230518 check deeper if this group group part must be validate more
+ $diff = $pickedObject->getValueDiff($nextFindObject);
+ if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
+ {
+ PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel");
+ $break = TRUE;
+ }
+ }
+ else
+ {
+ PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type");
+ $break = TRUE;
+ }
+ }
+ }
+ }
+ return $break;
+ }
function servicegroup_merging()
{
@@ -2045,6 +2243,8 @@ function servicegroup_merging()
$hashMap[$value][] = $object;
if( $parentStore !== null )
$object->ancestor = self::findAncestor( $parentStore, $object, "serviceStore");
+
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore");
}
else
$upperHashMap[$value][] = $object;
@@ -2104,38 +2304,12 @@ function servicegroup_merging()
$skip = FALSE;
- /** @var DeviceGroup $pickedObject_DG */
- $pickedObject_DG = $pickedObject->owner->owner;
- if( $pickedObject_DG->parentDeviceGroup !== null )
+
+ $break = $this->checkParentServicePickObject( $hash );
+ if( $break )
{
- $nextFindObject = $pickedObject_DG->parentDeviceGroup->serviceStore->find( $pickedObject->name(), null, True );
- if( $nextFindObject !== null )
- {
- /** @var Service|ServiceGroup $memberFound */
- if( $pickedObject->isService() && $nextFindObject->isService() )
- {
- if( $pickedObject->getDestPort() !== $nextFindObject->getDestPort() || $pickedObject->getSourcePort() !== $nextFindObject->getSourcePort() || $pickedObject->protocol() !== $nextFindObject->protocol() )
- {
- PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value or protocol");
- $skip = TRUE;
- }
- }
- elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() )
- {
- //todo 20230518 check deeper if this group group part must be validate more
- $diff = $pickedObject->getValueDiff($nextFindObject);
- if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
- {
- PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve");
- $skip = TRUE;
- }
- }
- else
- {
- PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type");
- $skip = TRUE;
- }
- }
+ PH::print_stdout(" this object can not be created" );
+ continue;
}
foreach( $pickedObject->members() as $memberObject )
@@ -2164,7 +2338,7 @@ function servicegroup_merging()
$diff = $memberObject->getValueDiff($memberFound);
if( count($diff['minus']) != 0 || count($diff['plus']) != 0 )
{
- PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve");
+ PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel");
$skip = TRUE;
}
}
@@ -2366,6 +2540,50 @@ function servicegroup_merging()
continue;
}
+ if( isset( $object->childancestor ) )
+ {
+ $childancestor = $object->childancestor;
+
+ if( $childancestor !== null )
+ {
+ if( !$childancestor->isGroup() )
+ {
+ PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value());
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor ));
+ break;
+ }
+
+ //Todo check ip4mapping of $childancestor and $object
+ /*
+ if( $hashGenerator($object) == $hashGenerator($ancestor) )
+ {
+ print "additional validation needed if same value\n";
+ break;
+ }
+ else
+ {
+ */
+ $this->servicegroupGetValueDiff($childancestor, $object, true);
+
+ if( isset($childancestor->owner) )
+ {
+ $tmp_ancestor_DGname = $childancestor->owner->owner->name();
+ if( $tmp_ancestor_DGname === "" )
+ $tmp_ancestor_DGname = "shared";
+ }
+ else
+ $tmp_ancestor_DGname = "shared";
+
+
+
+ PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname );
+ PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) );
+ $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname);
+
+ break;
+ //}
+ }
+ }
if( $object === $pickedObject )
{
#PH::print_stdout(" - SKIPPED: '{$object->name()}' === '{$pickedObject->name()}': ");
@@ -2573,6 +2791,8 @@ function service_merging()
$hashMap[$value][] = $object;
if( $parentStore !== null )
$object->ancestor = self::findAncestor($parentStore, $object, "serviceStore");
+
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore");
}
else
$upperHashMap[$value][] = $object;
@@ -2600,6 +2820,7 @@ function service_merging()
$hashMap[$value][] = $object;
if( $parentStore !== null )
$object->ancestor = self::findAncestor($parentStore, $object, "serviceStore");
+ $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore");
}
else
$upperHashMap[$value][] = $object;
diff --git a/utils/lib/RULEUTIL.php b/utils/lib/RULEUTIL.php
index 8dbc9b67..831013df 100644
--- a/utils/lib/RULEUTIL.php
+++ b/utils/lib/RULEUTIL.php
@@ -323,7 +323,8 @@ public function location_filter_object()
}
if( array_search('any', $this->ruleTypes) !== FALSE || array_search('defaultsecurity', $this->ruleTypes) !== FALSE )
{
- $this->objectsToProcess[] = array('store' => $sub->defaultSecurityRules, 'rules' => $sub->defaultSecurityRules->rules());
+ if( get_class( $sub) !== "Snippet" )
+ $this->objectsToProcess[] = array('store' => $sub->defaultSecurityRules, 'rules' => $sub->defaultSecurityRules->rules());
}
if( array_search('any', $this->ruleTypes) !== FALSE || array_search('networkpacketbroker', $this->ruleTypes) !== FALSE )
{
diff --git a/utils/lib/RULE_COMPARE.php b/utils/lib/RULE_COMPARE.php
index d0b66a42..3ffe41c1 100644
--- a/utils/lib/RULE_COMPARE.php
+++ b/utils/lib/RULE_COMPARE.php
@@ -36,8 +36,10 @@ public function utilStart()
$this->supportedArguments['file1'] = array('niceName' => 'File1', 'shortHelp' => 'original PAN-OS XML configuration file');
$this->supportedArguments['file2'] = array('niceName' => 'File2', 'shortHelp' => 'manipulate/optimised former orginal PAN-OS XML configuration file');
+ $this->supportedArguments['keepjsonfile1'] = array('niceName' => 'KeepJsonFile1', 'shortHelp' => 'do not delete JsonFile1 at end of script run');
+ $this->supportedArguments['reusejsonfile1'] = array('niceName' => 'ReuseJsonFile1', 'shortHelp' => 'try to reuse an existing JsonFile1 which was not delete by a previous script run');
- $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " in=api:://[MGMT-IP] argument1 [optional_argument2]";
+ $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " file1=original.xml file2=change_config.xml [keepJSONfile1] [reuseJSONfile1] [generateRuleHTMLFile]";
@@ -51,6 +53,11 @@ public function main()
PH::print_stdout();
PH::print_stdout();
+ if( isset(PH::$args['help'] ) )
+ {
+ PH::print_stdout( $this->usageMsg );
+ exit();
+ }
$ruleDiff = FALSE;
@@ -58,6 +65,16 @@ public function main()
$type = 'resolved';
#$type = 'unresolved';
+ $keepjsonfile1 = false;
+ if( isset(PH::$args['keepjsonfile1'] ) )
+ $keepjsonfile1 = true;
+ $reusejsonfile1 = false;
+ if( isset(PH::$args['reusejsonfile1'] ) )
+ $reusejsonfile1 = true;
+ $generateRuleHTMLfile = false;
+ if( isset(PH::$args['generaterulehtmlfile'] ) )
+ $generateRuleHTMLfile = true;
+
$file1_name = PH::$args['file1'];
$file2_name = PH::$args['file2'];
@@ -76,50 +93,24 @@ public function main()
derr("cannot read configuration file '{$file2_name}''", null, FALSE);
############################################################
- $shadow_json = "shadow-json";
- $cli1 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file1_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file1_name;
- PH::print_stdout(" - run command: '" . $cli1 . "'");
- PH::print_stdout();
- PH::print_stdout(" running this command will take some time");
- $retValue = null;
- exec($cli1, $output, $retValue);
- foreach( $output as $line )
+ if( !$reusejsonfile1 )
{
- $string = ' ## ';
- $string .= $line;
- #PH::print_stdout( $string );
+ $this->createJson( $file1_name, $json_file1_name);
}
+ else
+ PH::print_stdout( "JSON file1 will be reuse" );
- if( $retValue != 0 )
- derr("CLI exit with error code '{$retValue}'");
-
- PH::print_stdout();
############################################################
- $shadow_json = "shadow-json";
- $cli2 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file2_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file2_name;
- PH::print_stdout(" - run command: '" . $cli2 . "'");
- PH::print_stdout();
- PH::print_stdout(" running this command will take some time");
- $retValue = null;
- exec($cli2, $output, $retValue);
- foreach( $output as $line )
- {
- $string = ' ## ';
- $string .= $line;
-
- #PH::print_stdout( $string );
- }
-
- if( $retValue != 0 )
- derr("CLI exit with error code '{$retValue}'");
-
- PH::print_stdout();
+ $this->createJson( $file2_name, $json_file2_name);
############################################################
#$file1 = file_get_contents($file1_name);
#$file2 = file_get_contents($file2_name);
+ if( !file_exists($json_file1_name) || filesize($json_file1_name) === 0 )
+ derr("cannot read JSON filename1 '{$json_file1_name}''", null, FALSE);
+
PH::print_stdout("compare JSON filename1: " . $json_file1_name);
PH::print_stdout("with JSON filename2: " . $json_file2_name);
@@ -202,6 +193,7 @@ public function main()
PH::print_stdout("--------------------------------------------------");
PH::print_stdout("SUB: '" . $subName . "' | Rule diff found: '" . PH::boldText($key)."'");
+
$finalArray[$subName][$key] = array();
if( !empty($diff_src) )
{
@@ -229,6 +221,13 @@ public function main()
$this->printArray($srv1, $srv2, $compareArray);
$finalArray[$subName][$key][$keyword] = $compareArray;
}
+
+ if( $generateRuleHTMLfile )
+ {
+ PH::print_stdout( "create HTML file");
+ $this->generateRuleHTMLfile( $file1_name, $subName, $key );
+ $this->generateRuleHTMLfile( $file2_name, $subName, $key );
+ }
}
}
}
@@ -255,7 +254,9 @@ public function main()
PH::$JSON_OUT['rule-compare'] = $finalArray;
//cleanup
- unlink($json_file1_name);
+ if( !$keepjsonfile1 )
+ unlink($json_file1_name);
+
unlink($json_file2_name);
unset($file1);
unset($file2);
@@ -348,4 +349,43 @@ function printArray($array1, $array2, &$compareArray)
$compareArray['file2'] = array();
}
}
+
+ function createJson( $file_name, $json_file_name)
+ {
+ $shadow_json = "shadow-json";
+ $cli = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file_name;
+
+ $this->executeCommand( $cli );
+
+ PH::print_stdout();
+ }
+
+ function generateRuleHTMLfile( $file_name, $subName, $key )
+ {
+ $shadow_json = "";
+ $spreadsheetFiletype = "html";
+ $cli = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=exporttoexcel:".$file_name."_".$subName."_".$key.".".$spreadsheetFiletype.",ResolveAddressSummary|ResolveServiceSummary' 'location=".$subName."' in=" . $file_name . " 'filter=(name eq ".$key.")'" . $shadow_json . " shadow-ignoreinvalidaddressobjects";
+
+ $this->executeCommand( $cli );
+
+ PH::print_stdout();
+ }
+
+ function executeCommand( $cli )
+ {
+ PH::print_stdout(" - run command: '" . $cli . "'");
+ PH::print_stdout();
+ PH::print_stdout(" running this command will take some time");
+ $retValue = null;
+ exec($cli, $output, $retValue);
+ foreach( $output as $line )
+ {
+ $string = ' ## ';
+ $string .= $line;
+ #PH::print_stdout( $string );
+ }
+
+ if( $retValue != 0 )
+ derr("CLI exit with error code '{$retValue}'");
+ }
}
\ No newline at end of file
diff --git a/utils/lib/UTIL.php b/utils/lib/UTIL.php
index 1eafde5e..99c7a08f 100644
--- a/utils/lib/UTIL.php
+++ b/utils/lib/UTIL.php
@@ -1210,7 +1210,7 @@ public function extracting_actions( $utilType = null)
elseif( $this->configInput['type'] == 'sase-api' )
{
$context->isAPI = TRUE;
- #$context->isSaseAPI = TRUE;
+ $context->isSaseAPI = TRUE;
}
diff --git a/utils/lib/util_action_filter.json b/utils/lib/util_action_filter.json
index 04d4b701..3ba08c78 100644
--- a/utils/lib/util_action_filter.json
+++ b/utils/lib/util_action_filter.json
@@ -383,6 +383,38 @@
}
}
},
+ "upload-address-2cloudmanager": {
+ "name": "upload-address-2cloudmanager",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "panorama_file": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "dg_name": {
+ "type": "string",
+ "default": "*nodefault*"
+ }
+ }
+ },
+ "upload-addressgroup-2cloudmanager": {
+ "name": "upload-addressgroup-2cloudmanager",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "panorama_file": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "dg_name": {
+ "type": "string",
+ "default": "*nodefault*"
+ }
+ }
+ },
"value-host-object-add-netmask-m32": {
"name": "value-host-object-add-netmask-m32",
"MainFunction": {}
@@ -1802,6 +1834,12 @@
"name": "template-delete",
"MainFunction": {}
},
+ "xml-extract": {
+ "name": "xml-extract",
+ "GlobalInitFunction": {},
+ "MainFunction": {},
+ "GlobalFinishFunction": {}
+ },
"zoneprotectionprofile-create-bp": {
"name": "zoneprotectionprofile-create-bp",
"GlobalInitFunction": {},
@@ -1930,6 +1968,30 @@
"display": {
"name": "display",
"MainFunction": {}
+ },
+ "exporttoexcel": {
+ "name": "exportToExcel",
+ "MainFunction": {},
+ "GlobalInitFunction": {},
+ "GlobalFinishFunction": {},
+ "args": {
+ "filename": {
+ "type": "string",
+ "default": "*nodefault*"
+ },
+ "additionalFields": {
+ "type": "pipeSeparatedList",
+ "subtype": "string",
+ "default": "*NONE*",
+ "choices": [
+ "WhereUsed",
+ "UsedInLocation",
+ "ResolveIP",
+ "NestedMembers"
+ ],
+ "help": "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveIP\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - WhereUsed : list places where object is used (rules, groups ...)\n"
+ }
+ }
}
},
"filter": {
@@ -6152,9 +6214,10 @@
"choices": [
"WhereUsed",
"UsedInLocation",
- "ResolveSRV"
+ "ResolveSRV",
+ "NestedMembers"
],
- "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - ResolveSRV\n"
+ "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveSRV\n"
}
}
},
@@ -7651,6 +7714,14 @@
}
},
"filter": {
+ "interface": {
+ "operators": {
+ "is.set": {
+ "Function": {},
+ "arg": false
+ }
+ }
+ },
"location": {
"operators": {
"is": {