From bdcc7ea565226ae16284b3f48018a4cffb8d3627 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Mon, 31 Jul 2023 15:20:05 +0200 Subject: [PATCH 01/34] start version 2.1.13 --- CHANGELOG.txt | 10 +++++++++- lib/misc-classes/PH.php | 2 +- lib/network-classes/Certificate.php | 3 +-- lib/network-classes/Zone.php | 3 +-- 4 files changed, 12 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index b88b4eda..27276150 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,6 +1,14 @@ CHANGELOG -2.1.12 +2.1.13 +UTIL: + +BUGFIX: + +GENERAL: + + +2.1.12 (20230731) UTIL: * type=bpa-generator | extend response output if not valid JSON * type=gcp | extend for mqsql usage and bring in mysql pw in type=key-manager diff --git a/lib/misc-classes/PH.php b/lib/misc-classes/PH.php index 8544b613..ca31468a 100644 --- a/lib/misc-classes/PH.php +++ b/lib/misc-classes/PH.php @@ -182,7 +182,7 @@ function __construct($argv, $argc) private static $library_version_major = 2; private static $library_version_sub = 1; - private static $library_version_bugfix = 12; + private static $library_version_bugfix = 13; //BASIC AUTH PAN-OS 7.1 public static $softwareupdate_key = "658d787f293e631196dac9fb29490f1cc1bb3827"; diff --git a/lib/network-classes/Certificate.php b/lib/network-classes/Certificate.php index 47b4ddd2..540b2ce3 100644 --- a/lib/network-classes/Certificate.php +++ b/lib/network-classes/Certificate.php @@ -266,14 +266,13 @@ public function API_setName($newname) $c = findConnectorOrDie($this); $path = $this->getXPath(); + $this->setName($newname); $c->sendRenameRequest($path, $newname); } else { mwarning('this is a temporary object, cannot be renamed from API'); } - - $this->setName($newname); } public function hasPublicKey() diff --git a/lib/network-classes/Zone.php b/lib/network-classes/Zone.php index 0af6864d..3e765a5e 100644 --- a/lib/network-classes/Zone.php +++ b/lib/network-classes/Zone.php @@ -259,14 +259,13 @@ public function API_setName($newname) $c = findConnectorOrDie($this); $path = $this->getXPath(); + $this->setName($newname); $c->sendRenameRequest($path, $newname); } else { mwarning('this is a temporary object, cannot be renamed from API'); } - - $this->setName($newname); } /** From 9129cdda35ee234a0f8b836237d66e82687df9e4 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Mon, 31 Jul 2023 22:17:04 +0200 Subject: [PATCH 02/34] type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname --- CHANGELOG.txt | 3 +- .../AddressRuleContainer.php | 11 +- lib/misc-classes/PanSaseAPIConnector.php | 20 ++ lib/misc-classes/trait/XmlConvertible.php | 10 +- utils/common/actions-address.php | 203 ++++++++++++++++++ 5 files changed, 242 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 27276150..355f173f 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -2,6 +2,7 @@ CHANGELOG 2.1.13 UTIL: +* type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname BUGFIX: @@ -11,7 +12,7 @@ GENERAL: 2.1.12 (20230731) UTIL: * type=bpa-generator | extend response output if not valid JSON -* type=gcp | extend for mqsql usage and bring in mysql pw in type=key-manager +* type=gcp | extend for mysql usage and bring in mysql pw in type=key-manager BUGFIX: * type=XYZ | in=api://{MGMT-IP} actions=name-rename - bugfix for API usage diff --git a/lib/container-classes/AddressRuleContainer.php b/lib/container-classes/AddressRuleContainer.php index c3a8a26a..76dafefd 100644 --- a/lib/container-classes/AddressRuleContainer.php +++ b/lib/container-classes/AddressRuleContainer.php @@ -189,7 +189,7 @@ public function API_remove($Obj, $forceAny = FALSE, $context = null) } - public function API_sync() + public function API_sync( $new = false ) { $con = findConnectorOrDie($this); @@ -210,7 +210,14 @@ public function API_sync() } } elseif( $con->isSaseAPI() ) - $con->sendPUTRequest($this); + { + if( $new ) + $con->sendCreateRequest($this); + else + $con->sendPUTRequest($this); + } + + } public function setAny() diff --git a/lib/misc-classes/PanSaseAPIConnector.php b/lib/misc-classes/PanSaseAPIConnector.php index 22917638..a9bfa69e 100644 --- a/lib/misc-classes/PanSaseAPIConnector.php +++ b/lib/misc-classes/PanSaseAPIConnector.php @@ -902,6 +902,26 @@ public function getDataFromObject( $object ) $bodyArray['folder'] = $object->owner->owner->name(); + return $bodyArray; + } + if( get_class( $object ) == "AddressGroup" ) + { + //Sase-API + + $bodyArray['description'] = $object->description(); + $bodyArray['name'] = $object->name(); + $bodyArray['folder'] = $object->owner->owner->name(); + $memberArray = $object->members(); + if( !$object->isDynamic() ) + { + $bodyArray['static'] = array(); + foreach($memberArray as $member) + $bodyArray['static'][] = $member->name(); + } + else + $bodyArray['dynamic']['filter'] = $object->filter; + + return $bodyArray; } elseif( get_class( $object ) == "Service" ) diff --git a/lib/misc-classes/trait/XmlConvertible.php b/lib/misc-classes/trait/XmlConvertible.php index 7cabae6f..cd26e4f3 100644 --- a/lib/misc-classes/trait/XmlConvertible.php +++ b/lib/misc-classes/trait/XmlConvertible.php @@ -54,7 +54,7 @@ function &getChildXmlText_inline() return DH::domlist_to_xml($this->xmlroot->childNodes, -1, FALSE); } - public function API_sync() + public function API_sync( $new = false) { $xpath = DH::elementToPanXPath($this->xmlroot); $con = findConnectorOrDie($this); @@ -62,7 +62,13 @@ public function API_sync() if( $con->isAPI() ) $con->sendEditRequest($xpath, $this->getXmlText_inline()); elseif( $con->isSaseAPI() ) - $con->sendPUTRequest($this); + { + if( $new ) + $con->sendCreateRequest($this); + else + $con->sendPUTRequest($this); + } + } diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index 2d0e793f..66c92c39 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -3198,4 +3198,207 @@ PH::ACTIONlog( $context, $string ); } } +); + + +AddressCallContext::$supportedActions['upload-Address-2CloudManager'] = array( + 'name' => 'upload-address-2cloudmanager', + 'GlobalInitFunction' => function (AddressCallContext $context) { + //get Panorama config + //possible: XML file / XML API + //including DG + + if( $context->isSaseAPI === False ) + derr( "only Strata Cloud manager is supported for this type=address action", null, False ); + + $filename = $context->arguments['file']; + $DGname = $context->arguments['dg_name']; + $context->objectList = array(); + + ########################################## + + $argv2 = array(); + $argc2 = array(); + PH::$args = array(); + PH::$argv = array(); + $argv2[0] = "test"; + + if( file_exists( $context->arguments['file'] ) ) + $argv2[] = "in=".$filename; + else + derr("cannot open file '{$filename}", null, False); + + //create new UTIL with Panorama config in + $util2 = new UTIL("custom", $argv2, $argc2, "actions=upload-address-2cloudmanager"); + $util2->utilInit(); + $util2->load_config(); + +########################################## +########################################## + + $pan = $util2->pan; + + //check that load config file is Panorama + if( $pan->isPanorama() ) + { + //find DG name + $sub = $pan->findDeviceGroup( $DGname ); + if( $sub === null ) + $util2->locationNotFound($DGname); + } + + else + derr( "only Panorama config file is supported", null, False ); + + ########################################## + + foreach( $sub->addressStore->all( "!(object is.group) and !(object is.tmp)" ) as $obj ) + { + $context->objectList[] = $obj; + #print $obj->name()."\n"; + } + + }, + 'MainFunction' => function (AddressCallContext $context) { + + }, + 'GlobalFinishFunction' => function (AddressCallContext $context) { + + $addressStore = $context->subSystem->addressStore; + + foreach( $context->objectList as $object ) + { + if( $object->isGroup() || $object->isTmpAddr() ) + { + $string = "Address object is Group or TMP - not supported"; + PH::ACTIONstatus( $context, 'skipped', $string); + continue; + } + + $newName = $object->name(); + $value = $object->value(); + $type = $object->type(); + + $string = "upload Address object : '" . $newName . "' - type: ".$type." - value: ".$value; + PH::ACTIONlog( $context, $string ); + + if( $context->isAPI ) + $addressStore->API_newAddress($newName, $type, $value); + else + derr( "only API supported" ); + } + }, + 'args' => array( + 'file' => Array( 'type' => 'string', + 'default' => '*nodefault*' + ), + 'dg_name' => array('type' => 'string', 'default' => '*nodefault*') + ) +); + +AddressCallContext::$supportedActions['upload-AddressGroup-2CloudManager'] = array( + 'name' => 'upload-addressgroup-2cloudmanager', + 'GlobalInitFunction' => function (AddressCallContext $context) { + //get Panorama config + //possible: XML file / XML API + //including DG + + #if( $context->isSaseAPI === False ) + # derr( "only Strata Cloud manager is supported for this type=address action", null, False ); + + $filename = $context->arguments['file']; + $DGname = $context->arguments['dg_name']; + $context->objectList = array(); + + ########################################## + + $argv2 = array(); + $argc2 = array(); + PH::$args = array(); + PH::$argv = array(); + $argv2[0] = "test"; + + if( file_exists( $context->arguments['file'] ) ) + $argv2[] = "in=".$filename; + else + derr("cannot open file '{$filename}", null, False); + + //create new UTIL with Panorama config in + $util2 = new UTIL("custom", $argv2, $argc2, "actions=upload-address-2cloudmanager"); + $util2->utilInit(); + $util2->load_config(); + +########################################## +########################################## + + $pan = $util2->pan; + + //check that load config file is Panorama + if( $pan->isPanorama() ) + { + //find DG name + $sub = $pan->findDeviceGroup( $DGname ); + if( $sub === null ) + $util2->locationNotFound($DGname); + } + + else + derr( "only Panorama config file is supported", null, False ); + + ########################################## + + foreach( $sub->addressStore->all( "(object is.group)" ) as $obj ) + { + #print $obj->name()."\n"; + /** @var $obj AddressGroup */ + $context->objectList[$obj->name()]['obj'] = $obj; + + } + + }, + 'MainFunction' => function (AddressCallContext $context) { + }, + 'GlobalFinishFunction' => function (AddressCallContext $context) { + + $addressStore = $context->subSystem->addressStore; + + foreach( $context->objectList as $object_entry ) + { + $object = $object_entry['obj']; + if( !$object->isGroup() ) + { + $string = "Address object is not Group - not supported"; + PH::ACTIONstatus( $context, 'skipped', $string); + continue; + } + + $newName = $object->name(); + $string = "upload AddressGroup object : '" . $newName; + PH::ACTIONlog( $context, $string ); + + //check that addressgroup and all members are available + //then API sync if possible + + $adrGrp = $addressStore->newAddressGroup( $newName ); + foreach( $object->members() as $member2 ) + { + if( $object->owner === $member2->owner ) + $adrGrp->addMember( $member2 ); + else + { + mwarning( "this objectname: ".$member2->name()." is part of another DG: ".$member2->owner->owner->name() ); + } + } + + + if( $context->isAPI ) + $adrGrp->API_sync( true ); + } + }, + 'args' => array( + 'file' => Array( 'type' => 'string', + 'default' => '*nodefault*' + ), + 'dg_name' => array('type' => 'string', 'default' => '*nodefault*') + ) ); \ No newline at end of file From aae4580d95503030be8246bbf4836249a71ca03f Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 1 Aug 2023 08:58:19 +0200 Subject: [PATCH 03/34] class Region | bugfix - introduce method type() - to handle "type=address actions=" --- CHANGELOG.txt | 1 + lib/misc-classes/PanSaseAPIConnector.php | 1 + lib/object-classes/Region.php | 8 ++++++++ 3 files changed, 10 insertions(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 355f173f..82db2fb7 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -5,6 +5,7 @@ UTIL: * type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname BUGFIX: +* class Region | bugfix - introduce method type() - to handle "type=address actions=" GENERAL: diff --git a/lib/misc-classes/PanSaseAPIConnector.php b/lib/misc-classes/PanSaseAPIConnector.php index a9bfa69e..cc2d7703 100644 --- a/lib/misc-classes/PanSaseAPIConnector.php +++ b/lib/misc-classes/PanSaseAPIConnector.php @@ -640,6 +640,7 @@ function importConfig($sub, $folder, $type, $jsonArray) $tmp_addressgroup->setSaseID( $object['id'] ); } + //elseif( isset($object['dynamic']) ) } } elseif( $type === "services" ) diff --git a/lib/object-classes/Region.php b/lib/object-classes/Region.php index 81be45c3..c94e5b1e 100644 --- a/lib/object-classes/Region.php +++ b/lib/object-classes/Region.php @@ -180,5 +180,13 @@ public function members() return $this->members; } + /** + * @return string ie: 'ip-netmask' 'ip-range' + */ + public function type() + { + return "region"; + } + static protected $templatexml = '
tempvaluechangeme'; } \ No newline at end of file From 79fe0295debadde527f30c5b70195c6aa6f5eb4c Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 1 Aug 2023 11:18:55 +0200 Subject: [PATCH 04/34] type=address actions=move - bugifx/workaround - do not move region objects --- CHANGELOG.txt | 1 + lib/object-classes/Region.php | 17 +++++++++++++++++ utils/common/actions-address.php | 7 +++++++ 3 files changed, 25 insertions(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 82db2fb7..8095d933 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -6,6 +6,7 @@ UTIL: BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" +* type=address actions=move - bugifx/workaround - do not move region objects GENERAL: diff --git a/lib/object-classes/Region.php b/lib/object-classes/Region.php index c94e5b1e..e5d6f87d 100644 --- a/lib/object-classes/Region.php +++ b/lib/object-classes/Region.php @@ -188,5 +188,22 @@ public function type() return "region"; } + /** + * @param $otherObject Region + * @return bool + */ + public function equals($otherObject) + { + if( !$otherObject->isRegion() ) + return FALSE; + + if( $otherObject->name != $this->name ) + return FALSE; + + //Todo: same value of Region objects + #return $this->sameValue($otherObject); + return False; + } + static protected $templatexml = '
tempvaluechangeme'; } \ No newline at end of file diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index 66c92c39..948afed0 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -1424,6 +1424,13 @@ return; } + if( $object->isRegion() ) + { + $string = "this is a Region object - not supported yet"; + PH::ACTIONstatus( $context, "SKIPPED", $string ); + return; + } + $localLocation = 'shared'; if( !$object->owner->owner->isPanorama() && !$object->owner->owner->isFirewall() ) From 342a7d26d77843e5e9cafae470d5459fbc0eeed7 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 1 Aug 2023 15:32:07 +0200 Subject: [PATCH 05/34] type=address actions=upload-address-2cloudmanager | extend validation if object name is already available --- CHANGELOG.txt | 1 + utils/common/actions-address.php | 72 +++++++++++++++++--------------- utils/lib/UTIL.php | 2 +- 3 files changed, 40 insertions(+), 35 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 8095d933..ffbedc94 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -3,6 +3,7 @@ CHANGELOG 2.1.13 UTIL: * type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname +* type=address actions=upload-address-2cloudmanager | extend validation if object name is already available BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index 948afed0..8afc40cb 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -3218,7 +3218,7 @@ if( $context->isSaseAPI === False ) derr( "only Strata Cloud manager is supported for this type=address action", null, False ); - $filename = $context->arguments['file']; + $filename = $context->arguments['panorama_file']; $DGname = $context->arguments['dg_name']; $context->objectList = array(); @@ -3230,7 +3230,7 @@ PH::$argv = array(); $argv2[0] = "test"; - if( file_exists( $context->arguments['file'] ) ) + if( file_exists( $filename ) ) $argv2[] = "in=".$filename; else derr("cannot open file '{$filename}", null, False); @@ -3286,19 +3286,23 @@ $value = $object->value(); $type = $object->type(); - $string = "upload Address object : '" . $newName . "' - type: ".$type." - value: ".$value; - PH::ACTIONlog( $context, $string ); + $tmpAddr = $addressStore->find( $newName ); + if( $tmpAddr === null ) + { + $string = "upload Address object : '" . $newName . "' - type: ".$type." - value: ".$value; + PH::ACTIONlog( $context, $string ); - if( $context->isAPI ) - $addressStore->API_newAddress($newName, $type, $value); + if( $context->isAPI ) + $addressStore->API_newAddress($newName, $type, $value); + else + derr( "only API supported" ); + } else - derr( "only API supported" ); + mwarning( "objectname: ".$newName." is already available", null, false ); } }, 'args' => array( - 'file' => Array( 'type' => 'string', - 'default' => '*nodefault*' - ), + 'panorama_file' => Array( 'type' => 'string', 'default' => '*nodefault*'), 'dg_name' => array('type' => 'string', 'default' => '*nodefault*') ) ); @@ -3310,10 +3314,10 @@ //possible: XML file / XML API //including DG - #if( $context->isSaseAPI === False ) - # derr( "only Strata Cloud manager is supported for this type=address action", null, False ); + if( $context->isSaseAPI === False ) + derr( "only Strata Cloud manager is supported for this type=address action", null, False ); - $filename = $context->arguments['file']; + $filename = $context->arguments['panorama_file']; $DGname = $context->arguments['dg_name']; $context->objectList = array(); @@ -3325,7 +3329,7 @@ PH::$argv = array(); $argv2[0] = "test"; - if( file_exists( $context->arguments['file'] ) ) + if( file_exists( $filename ) ) $argv2[] = "in=".$filename; else derr("cannot open file '{$filename}", null, False); @@ -3348,7 +3352,6 @@ if( $sub === null ) $util2->locationNotFound($DGname); } - else derr( "only Panorama config file is supported", null, False ); @@ -3359,9 +3362,7 @@ #print $obj->name()."\n"; /** @var $obj AddressGroup */ $context->objectList[$obj->name()]['obj'] = $obj; - } - }, 'MainFunction' => function (AddressCallContext $context) { }, @@ -3380,32 +3381,35 @@ } $newName = $object->name(); - $string = "upload AddressGroup object : '" . $newName; - PH::ACTIONlog( $context, $string ); - - //check that addressgroup and all members are available - //then API sync if possible - $adrGrp = $addressStore->newAddressGroup( $newName ); - foreach( $object->members() as $member2 ) + $adrGrp = $addressStore->find( $newName ); + if( $adrGrp === null ) { - if( $object->owner === $member2->owner ) - $adrGrp->addMember( $member2 ); - else + $string = "upload AddressGroup object : '" . $newName; + PH::ACTIONlog( $context, $string ); + + //check that addressgroup and all members are available + //then API sync if possible + + $adrGrp = $addressStore->newAddressGroup( $newName ); + foreach( $object->members() as $member2 ) { - mwarning( "this objectname: ".$member2->name()." is part of another DG: ".$member2->owner->owner->name() ); + if( $object->owner === $member2->owner ) + $adrGrp->addMember( $member2 ); + else + mwarning( "this objectname: ".$member2->name()." is part of another DG: ".$member2->owner->owner->name() ); } - } - if( $context->isAPI ) - $adrGrp->API_sync( true ); + if( $context->isAPI ) + $adrGrp->API_sync( true ); + } + else + mwarning( "objectname: ".$newName." is already available", null, false ); } }, 'args' => array( - 'file' => Array( 'type' => 'string', - 'default' => '*nodefault*' - ), + 'panorama_file' => Array( 'type' => 'string', 'default' => '*nodefault*'), 'dg_name' => array('type' => 'string', 'default' => '*nodefault*') ) ); \ No newline at end of file diff --git a/utils/lib/UTIL.php b/utils/lib/UTIL.php index 1eafde5e..99c7a08f 100644 --- a/utils/lib/UTIL.php +++ b/utils/lib/UTIL.php @@ -1210,7 +1210,7 @@ public function extracting_actions( $utilType = null) elseif( $this->configInput['type'] == 'sase-api' ) { $context->isAPI = TRUE; - #$context->isSaseAPI = TRUE; + $context->isSaseAPI = TRUE; } From 2b36b8f559341669b8e6d6aaed804fc643a07901 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 2 Aug 2023 17:03:02 +0200 Subject: [PATCH 06/34] type=addressgroup-merger | bugfix to check childancestor objects availability --- CHANGELOG.txt | 1 + lib/misc-classes/PanSaseAPIConnector.php | 2 + lib/object-classes/AddressGroup.php | 1 + utils/lib/MERGER.php | 110 ++++++++++++++++++++++- 4 files changed, 113 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index ffbedc94..52026c82 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -8,6 +8,7 @@ UTIL: BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" * type=address actions=move - bugifx/workaround - do not move region objects +* type=addressgroup-merger | bugfix to check childancestor objects availability GENERAL: diff --git a/lib/misc-classes/PanSaseAPIConnector.php b/lib/misc-classes/PanSaseAPIConnector.php index cc2d7703..79230368 100644 --- a/lib/misc-classes/PanSaseAPIConnector.php +++ b/lib/misc-classes/PanSaseAPIConnector.php @@ -41,6 +41,8 @@ class PanSaseAPIConnector public $url_token = "https://auth.apps.paloaltonetworks.com/oauth2/access_token"; public $url_api = "https://api.sase.paloaltonetworks.com"; + #public $url_api = "https://api.stratacloud.paloaltonetworks.com"; //identical to api.sase.paloaltonetworks.com but introduced on 20230801 + static public $folderArray = array( "All", diff --git a/lib/object-classes/AddressGroup.php b/lib/object-classes/AddressGroup.php index 000a6d14..b62221e6 100644 --- a/lib/object-classes/AddressGroup.php +++ b/lib/object-classes/AddressGroup.php @@ -47,6 +47,7 @@ class AddressGroup public $filter; public $ancestor; + public $childancestor; /** * Constructor for AddressGroup. There is little chance that you will ever need that. Look at AddressStore if you want to create an AddressGroup diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index 3f02e995..c6f3a062 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -449,6 +449,19 @@ function findAncestor( $current, $object, $StoreType = "addressStore" ) } } + function findChildAncestor( $childDeviceGroups, $object, $StoreType= "addressStore" ) + { + + foreach( $childDeviceGroups as $deviceGroup ) + { + $findAncestor = $deviceGroup->addressStore->find($object->name(), null, FALSE); + if( $findAncestor !== null ) + return $findAncestor; + } + + return null; + } + function add_supported_arguments() { $this->supportedArguments[] = array('niceName' => 'in', 'shortHelp' => 'input file ie: in=config.xml', 'argDesc' => '[filename]'); @@ -779,6 +792,8 @@ function addressgroup_merging() $hashMap[$value][] = $object; if( $parentStore !== null ) $object->ancestor = self::findAncestor( $parentStore, $object, "addressStore"); + + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore"); } else $upperHashMap[$value][] = $object; @@ -864,6 +879,7 @@ function addressgroup_merging() { PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel"); $skip = TRUE; + break; } } else @@ -928,8 +944,9 @@ function addressgroup_merging() $diff = $memberObject->getValueDiff($memberFound); if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) { - PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve"); + PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel"); $skip = TRUE; + break; } } else @@ -1009,6 +1026,52 @@ function addressgroup_merging() if( $tmp_address === null ) continue; + if( isset( $object->childancestor ) ) + { + $childancestor = $object->childancestor; + + if( $childancestor !== null ) + { + if( !$childancestor->isGroup() ) + { + PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value()); + $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor )); + break; + } + + //Todo check ip4mapping of $childancestor and $object + /* + if( $hashGenerator($object) == $hashGenerator($ancestor) ) + { + print "additional validation needed if same value\n"; + break; + } + else + { + + */ + $this->addressgroupGetValueDiff($ancestor, $object, true); + + if( isset($childancestor->owner) ) + { + $tmp_ancestor_DGname = $childancestor->owner->owner->name(); + if( $tmp_ancestor_DGname === "" ) + $tmp_ancestor_DGname = "shared"; + } + else + $tmp_ancestor_DGname = "shared"; + + + + PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname ); + PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) ); + $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname); + + break; + //} + } + } + if( $this->dupAlg == 'identical' ) if( $object->name() != $tmp_address->name() ) { @@ -1144,6 +1207,51 @@ function addressgroup_merging() } + if( isset( $object->childancestor ) ) + { + $childancestor = $object->childancestor; + + if( $childancestor !== null ) + { + if( !$childancestor->isGroup() ) + { + PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value()); + $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor )); + break; + } + + //Todo check ip4mapping of $childancestor and $object + /* + if( $hashGenerator($object) == $hashGenerator($ancestor) ) + { + print "additional validation needed if same value\n"; + break; + } + else + { + */ + $this->addressgroupGetValueDiff($ancestor, $object, true); + + if( isset($childancestor->owner) ) + { + $tmp_ancestor_DGname = $childancestor->owner->owner->name(); + if( $tmp_ancestor_DGname === "" ) + $tmp_ancestor_DGname = "shared"; + } + else + $tmp_ancestor_DGname = "shared"; + + + + PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname ); + PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) ); + $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname); + + break; + //} + } + } + if( $object === $pickedObject ) { #PH::print_stdout(" - SKIPPED: '{$object->name()}' === '{$pickedObject->name()}': "); From 643ff6e75bf11b0055af9c88ebd706368b58b3c7 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 2 Aug 2023 18:16:47 +0200 Subject: [PATCH 07/34] type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging --- CHANGELOG.txt | 1 + utils/lib/MERGER.php | 52 ++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 51 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 52026c82..c6398e48 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -9,6 +9,7 @@ BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" * type=address actions=move - bugifx/workaround - do not move region objects * type=addressgroup-merger | bugfix to check childancestor objects availability +* type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging GENERAL: diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index c6f3a062..d1d8412b 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -855,6 +855,7 @@ function addressgroup_merging() $skip = false; + //Todo: check all pickedObjects from hash /** @var DeviceGroup $pickedObject_DG */ $pickedObject_DG = $pickedObject->owner->owner; if( $pickedObject_DG->parentDeviceGroup !== null ) @@ -877,7 +878,7 @@ function addressgroup_merging() $diff = $pickedObject->getValueDiff($nextFindObject); if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) { - PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel"); + PH::print_stdout(" * SKIPPED : this group has different membership compare to upperlevel"); $skip = TRUE; break; } @@ -958,6 +959,14 @@ function addressgroup_merging() } } + $break = $this->checkParentPickObject( $hash ); + if( $break ) + { + print "this object can not be created\n"; + continue; + } + + if( $skip ) continue; @@ -1015,7 +1024,6 @@ function addressgroup_merging() $this->skippedObject( $index, $pickedObject, $tmp_address, $stringSkippedReason); continue; } - } } @@ -2018,6 +2026,46 @@ function PickObject(&$hash) return $pickedObject; } + function checkParentPickObject( $hash ) + { + $break = False; + foreach( $hash as $pickedObject ) + { + /** @var DeviceGroup $pickedObject_DG */ + $pickedObject_DG = $pickedObject->owner->owner; + if( $pickedObject_DG->parentDeviceGroup !== null ) + { + $nextFindObject = $pickedObject_DG->parentDeviceGroup->addressStore->find( $pickedObject->name(), null, True ); + if( $nextFindObject !== null ) + { + /** @var Address|AddressGroup $memberFound */ + if( $pickedObject->isAddress() && $nextFindObject->isAddress() ) + { + if( $pickedObject->value() !== $nextFindObject->value() ) + { + PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value"); + $break = TRUE; + } + } + elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() ) + { + $diff = $pickedObject->getValueDiff($nextFindObject); + if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) + { + PH::print_stdout(" * SKIPPED : this group has different membership compare to upperlevel"); + $break = TRUE; + } + } + else + { + PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type"); + $break = TRUE; + } + } + } + } + return $break; + } function servicegroup_merging() { From 4b8da51fe7db69393c5a341ea450d38475d34b3d Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 09:09:16 +0200 Subject: [PATCH 08/34] class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary' --- lib/object-classes/AddressGroup.php | 6 +++--- utils/lib/MERGER.php | 16 ++++++++-------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/object-classes/AddressGroup.php b/lib/object-classes/AddressGroup.php index b62221e6..5975deb4 100644 --- a/lib/object-classes/AddressGroup.php +++ b/lib/object-classes/AddressGroup.php @@ -865,10 +865,10 @@ public function & expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleRef } /** @var AddressGroup $object */ - $tmpList = $object->expand( $keepGroupsInList, $grpArray ); + $tmpList = $object->expand( $keepGroupsInList, $grpArray, $RuleReferenceLocation ); - //$ret = array_merge($ret, $tmpList); - $ret = $ret + $tmpList; + $ret = array_merge($ret, $tmpList); + #$ret = $ret + $tmpList; unset($tmpList); if( $keepGroupsInList ) diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index d1d8412b..f964762e 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -856,14 +856,13 @@ function addressgroup_merging() $skip = false; //Todo: check all pickedObjects from hash - /** @var DeviceGroup $pickedObject_DG */ + /* $pickedObject_DG = $pickedObject->owner->owner; if( $pickedObject_DG->parentDeviceGroup !== null ) { $nextFindObject = $pickedObject_DG->parentDeviceGroup->addressStore->find( $pickedObject->name(), null, True ); if( $nextFindObject !== null ) { - /** @var Address|AddressGroup $memberFound */ if( $pickedObject->isAddress() && $nextFindObject->isAddress() ) { if( $pickedObject->value() !== $nextFindObject->value() ) @@ -891,6 +890,13 @@ function addressgroup_merging() } } } + */ + $break = $this->checkParentPickObject( $hash ); + if( $break ) + { + PH::print_stdout(" this object can not be created" ); + continue; + } foreach( $pickedObject->members() as $memberObject ) { @@ -959,12 +965,6 @@ function addressgroup_merging() } } - $break = $this->checkParentPickObject( $hash ); - if( $break ) - { - print "this object can not be created\n"; - continue; - } if( $skip ) From 4728c76e025f859ae554f1ae3c07b293a7e62c35 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 10:28:29 +0200 Subject: [PATCH 09/34] Update CHANGELOG.txt --- CHANGELOG.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index c6398e48..4a71851e 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -10,6 +10,7 @@ BUGFIX: * type=address actions=move - bugifx/workaround - do not move region objects * type=addressgroup-merger | bugfix to check childancestor objects availability * type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging +* class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary' GENERAL: From c28718fdc74d4d4618df4d6ed8b1123a93c9b223 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 11:12:22 +0200 Subject: [PATCH 10/34] type=servicegroup-merger | introduce validation extension for childDG merger --- CHANGELOG.txt | 1 + utils/lib/MERGER.php | 80 ++++++++++++++++++++++++++------------------ 2 files changed, 49 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 4a71851e..333e304d 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -152,6 +152,7 @@ UTIL: * type=rule-merger | argument additionalmatch - change supported argument from 'logprof' to 'logsetting' * type=address 'filter=(object is.region)' - extend display with custom region value information * type=rule-compare | introduce new utility - to compare rule SRC/DST/SRV of two files +* type=servicegroup-merger | introduce validation extension for childDG merger BUGFIX: * type=address | bugfix for filter=(value string.XYZ ) if Object of type Region is hit diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index f964762e..f3f1c5a9 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -2067,6 +2067,48 @@ function checkParentPickObject( $hash ) return $break; } + function checkParentServicePickObject($hash) + { + $break = False; + foreach( $hash as $pickedObject ) + { + /** @var DeviceGroup $pickedObject_DG */ + $pickedObject_DG = $pickedObject->owner->owner; + if( $pickedObject_DG->parentDeviceGroup !== null ) + { + $nextFindObject = $pickedObject_DG->parentDeviceGroup->serviceStore->find( $pickedObject->name(), null, True ); + if( $nextFindObject !== null ) + { + /** @var Service|ServiceGroup $memberFound */ + if( $pickedObject->isService() && $nextFindObject->isService() ) + { + if( $pickedObject->getDestPort() !== $nextFindObject->getDestPort() || $pickedObject->getSourcePort() !== $nextFindObject->getSourcePort() || $pickedObject->protocol() !== $nextFindObject->protocol() ) + { + PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value or protocol"); + $break = TRUE; + } + } + elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() ) + { + //todo 20230518 check deeper if this group group part must be validate more + $diff = $pickedObject->getValueDiff($nextFindObject); + if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) + { + PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel"); + $break = TRUE; + } + } + else + { + PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type"); + $break = TRUE; + } + } + } + } + return $break; + } + function servicegroup_merging() { foreach( $this->location_array as $tmp_location ) @@ -2260,38 +2302,12 @@ function servicegroup_merging() $skip = FALSE; - /** @var DeviceGroup $pickedObject_DG */ - $pickedObject_DG = $pickedObject->owner->owner; - if( $pickedObject_DG->parentDeviceGroup !== null ) + + $break = $this->checkParentServicePickObject( $hash ); + if( $break ) { - $nextFindObject = $pickedObject_DG->parentDeviceGroup->serviceStore->find( $pickedObject->name(), null, True ); - if( $nextFindObject !== null ) - { - /** @var Service|ServiceGroup $memberFound */ - if( $pickedObject->isService() && $nextFindObject->isService() ) - { - if( $pickedObject->getDestPort() !== $nextFindObject->getDestPort() || $pickedObject->getSourcePort() !== $nextFindObject->getSourcePort() || $pickedObject->protocol() !== $nextFindObject->protocol() ) - { - PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different value or protocol"); - $skip = TRUE; - } - } - elseif( $pickedObject->isGroup() && $nextFindObject->isGroup() ) - { - //todo 20230518 check deeper if this group group part must be validate more - $diff = $pickedObject->getValueDiff($nextFindObject); - if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) - { - PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve"); - $skip = TRUE; - } - } - else - { - PH::print_stdout(" * SKIPPED : this group has an object named '{$pickedObject->name()} that does exist in target location '{$tmp_DG_name}' with different object type"); - $skip = TRUE; - } - } + PH::print_stdout(" this object can not be created" ); + continue; } foreach( $pickedObject->members() as $memberObject ) @@ -2320,7 +2336,7 @@ function servicegroup_merging() $diff = $memberObject->getValueDiff($memberFound); if( count($diff['minus']) != 0 || count($diff['plus']) != 0 ) { - PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperleve"); + PH::print_stdout(" * SKIPPED : this group has different member ship compare to upperlevel"); $skip = TRUE; } } From dfe97ea18b60a2e82f5fa3ad9e9241be5eb87c1f Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 11:14:16 +0200 Subject: [PATCH 11/34] Update CHANGELOG.txt --- CHANGELOG.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 333e304d..119efd30 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -4,6 +4,7 @@ CHANGELOG UTIL: * type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname * type=address actions=upload-address-2cloudmanager | extend validation if object name is already available +* type=servicegroup-merger | introduce validation extension for childDG merger BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" @@ -152,7 +153,6 @@ UTIL: * type=rule-merger | argument additionalmatch - change supported argument from 'logprof' to 'logsetting' * type=address 'filter=(object is.region)' - extend display with custom region value information * type=rule-compare | introduce new utility - to compare rule SRC/DST/SRV of two files -* type=servicegroup-merger | introduce validation extension for childDG merger BUGFIX: * type=address | bugfix for filter=(value string.XYZ ) if Object of type Region is hit From d03ad5892d6d09ab89459cfac373740a5e9a109c Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 11:41:27 +0200 Subject: [PATCH 12/34] type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1' --- CHANGELOG.txt | 1 + utils/lib/RULE_COMPARE.php | 57 ++++++++++++++++++++++++++------------ 2 files changed, 41 insertions(+), 17 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 119efd30..b3db4cd5 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -5,6 +5,7 @@ UTIL: * type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname * type=address actions=upload-address-2cloudmanager | extend validation if object name is already available * type=servicegroup-merger | introduce validation extension for childDG merger +* type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1' BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/lib/RULE_COMPARE.php b/utils/lib/RULE_COMPARE.php index d0b66a42..62693b2e 100644 --- a/utils/lib/RULE_COMPARE.php +++ b/utils/lib/RULE_COMPARE.php @@ -36,8 +36,10 @@ public function utilStart() $this->supportedArguments['file1'] = array('niceName' => 'File1', 'shortHelp' => 'original PAN-OS XML configuration file'); $this->supportedArguments['file2'] = array('niceName' => 'File2', 'shortHelp' => 'manipulate/optimised former orginal PAN-OS XML configuration file'); + $this->supportedArguments['keepjsonfile1'] = array('niceName' => 'KeepJsonFile1', 'shortHelp' => 'do not delete JsonFile1 at end of script run'); + $this->supportedArguments['reusejsonfile1'] = array('niceName' => 'ReuseJsonFile1', 'shortHelp' => 'try to reuse an existing JsonFile1 which was not delete by a previous script run'); - $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " in=api:://[MGMT-IP] argument1 [optional_argument2]"; + $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " file1=original.xml file2=change_config.xml [keepJSONfile1] [reuseJSONfile1]"; @@ -51,6 +53,11 @@ public function main() PH::print_stdout(); PH::print_stdout(); + if( isset(PH::$args['help'] ) ) + { + PH::print_stdout( $this->usageMsg ); + exit(); + } $ruleDiff = FALSE; @@ -58,6 +65,13 @@ public function main() $type = 'resolved'; #$type = 'unresolved'; + $keepjsonfile1 = false; + if( isset(PH::$args['keepjsonfile1'] ) ) + $keepjsonfile1 = true; + $reusejsonfile1 = false; + if( isset(PH::$args['reusejsonfile1'] ) ) + $reusejsonfile1 = true; + $file1_name = PH::$args['file1']; $file2_name = PH::$args['file2']; @@ -76,24 +90,28 @@ public function main() derr("cannot read configuration file '{$file2_name}''", null, FALSE); ############################################################ - $shadow_json = "shadow-json"; - $cli1 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file1_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file1_name; - PH::print_stdout(" - run command: '" . $cli1 . "'"); - PH::print_stdout(); - PH::print_stdout(" running this command will take some time"); - $retValue = null; - exec($cli1, $output, $retValue); - foreach( $output as $line ) + if( !$reusejsonfile1 ) { - $string = ' ## '; - $string .= $line; - #PH::print_stdout( $string ); - } + $shadow_json = "shadow-json"; + $cli1 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file1_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file1_name; + PH::print_stdout(" - run command: '" . $cli1 . "'"); + PH::print_stdout(); + PH::print_stdout(" running this command will take some time"); + $retValue = null; + exec($cli1, $output, $retValue); + foreach( $output as $line ) + { + $string = ' ## '; + $string .= $line; + #PH::print_stdout( $string ); + } - if( $retValue != 0 ) - derr("CLI exit with error code '{$retValue}'"); + if( $retValue != 0 ) + derr("CLI exit with error code '{$retValue}'"); + + PH::print_stdout(); + } - PH::print_stdout(); ############################################################ $shadow_json = "shadow-json"; @@ -120,6 +138,9 @@ public function main() #$file1 = file_get_contents($file1_name); #$file2 = file_get_contents($file2_name); + if( !file_exists($json_file1_name) ) + derr("cannot read JSON filename1 '{$json_file1_name}''", null, FALSE); + PH::print_stdout("compare JSON filename1: " . $json_file1_name); PH::print_stdout("with JSON filename2: " . $json_file2_name); @@ -255,7 +276,9 @@ public function main() PH::$JSON_OUT['rule-compare'] = $finalArray; //cleanup - unlink($json_file1_name); + if( !$keepjsonfile1 ) + unlink($json_file1_name); + unlink($json_file2_name); unset($file1); unset($file2); From ff333e447969494b57ac74e3dbefd331c2864bac Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 13:28:15 +0200 Subject: [PATCH 13/34] type=rule-compare | introduce argument 'generateRuleHtmlFile' --- CHANGELOG.txt | 1 + utils/lib/RULE_COMPARE.php | 95 ++++++++++++++++++++++---------------- 2 files changed, 57 insertions(+), 39 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index b3db4cd5..07895ec2 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -6,6 +6,7 @@ UTIL: * type=address actions=upload-address-2cloudmanager | extend validation if object name is already available * type=servicegroup-merger | introduce validation extension for childDG merger * type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1' +* type=rule-compare | introduce argument 'generateRuleHtmlFile' BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/lib/RULE_COMPARE.php b/utils/lib/RULE_COMPARE.php index 62693b2e..3ffe41c1 100644 --- a/utils/lib/RULE_COMPARE.php +++ b/utils/lib/RULE_COMPARE.php @@ -39,7 +39,7 @@ public function utilStart() $this->supportedArguments['keepjsonfile1'] = array('niceName' => 'KeepJsonFile1', 'shortHelp' => 'do not delete JsonFile1 at end of script run'); $this->supportedArguments['reusejsonfile1'] = array('niceName' => 'ReuseJsonFile1', 'shortHelp' => 'try to reuse an existing JsonFile1 which was not delete by a previous script run'); - $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " file1=original.xml file2=change_config.xml [keepJSONfile1] [reuseJSONfile1]"; + $this->usageMsg = PH::boldText('USAGE: ') . "php " . basename(__FILE__) . " file1=original.xml file2=change_config.xml [keepJSONfile1] [reuseJSONfile1] [generateRuleHTMLFile]"; @@ -71,6 +71,9 @@ public function main() $reusejsonfile1 = false; if( isset(PH::$args['reusejsonfile1'] ) ) $reusejsonfile1 = true; + $generateRuleHTMLfile = false; + if( isset(PH::$args['generaterulehtmlfile'] ) ) + $generateRuleHTMLfile = true; $file1_name = PH::$args['file1']; $file2_name = PH::$args['file2']; @@ -92,53 +95,20 @@ public function main() ############################################################ if( !$reusejsonfile1 ) { - $shadow_json = "shadow-json"; - $cli1 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file1_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file1_name; - PH::print_stdout(" - run command: '" . $cli1 . "'"); - PH::print_stdout(); - PH::print_stdout(" running this command will take some time"); - $retValue = null; - exec($cli1, $output, $retValue); - foreach( $output as $line ) - { - $string = ' ## '; - $string .= $line; - #PH::print_stdout( $string ); - } - - if( $retValue != 0 ) - derr("CLI exit with error code '{$retValue}'"); - - PH::print_stdout(); + $this->createJson( $file1_name, $json_file1_name); } + else + PH::print_stdout( "JSON file1 will be reuse" ); ############################################################ - $shadow_json = "shadow-json"; - $cli2 = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file2_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file2_name; - PH::print_stdout(" - run command: '" . $cli2 . "'"); - PH::print_stdout(); - PH::print_stdout(" running this command will take some time"); - $retValue = null; - exec($cli2, $output, $retValue); - foreach( $output as $line ) - { - $string = ' ## '; - $string .= $line; - - #PH::print_stdout( $string ); - } - - if( $retValue != 0 ) - derr("CLI exit with error code '{$retValue}'"); - - PH::print_stdout(); + $this->createJson( $file2_name, $json_file2_name); ############################################################ #$file1 = file_get_contents($file1_name); #$file2 = file_get_contents($file2_name); - if( !file_exists($json_file1_name) ) + if( !file_exists($json_file1_name) || filesize($json_file1_name) === 0 ) derr("cannot read JSON filename1 '{$json_file1_name}''", null, FALSE); PH::print_stdout("compare JSON filename1: " . $json_file1_name); @@ -223,6 +193,7 @@ public function main() PH::print_stdout("--------------------------------------------------"); PH::print_stdout("SUB: '" . $subName . "' | Rule diff found: '" . PH::boldText($key)."'"); + $finalArray[$subName][$key] = array(); if( !empty($diff_src) ) { @@ -250,6 +221,13 @@ public function main() $this->printArray($srv1, $srv2, $compareArray); $finalArray[$subName][$key][$keyword] = $compareArray; } + + if( $generateRuleHTMLfile ) + { + PH::print_stdout( "create HTML file"); + $this->generateRuleHTMLfile( $file1_name, $subName, $key ); + $this->generateRuleHTMLfile( $file2_name, $subName, $key ); + } } } } @@ -371,4 +349,43 @@ function printArray($array1, $array2, &$compareArray) $compareArray['file2'] = array(); } } + + function createJson( $file_name, $json_file_name) + { + $shadow_json = "shadow-json"; + $cli = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=display:ResolveAddressSummary|ResolveServiceSummary' location=any in=" . $file_name . " " . $shadow_json . " shadow-ignoreinvalidaddressobjects | tee " . $json_file_name; + + $this->executeCommand( $cli ); + + PH::print_stdout(); + } + + function generateRuleHTMLfile( $file_name, $subName, $key ) + { + $shadow_json = ""; + $spreadsheetFiletype = "html"; + $cli = "php " . dirname(__FILE__) . "/../../utils/pan-os-php.php type=rule 'actions=exporttoexcel:".$file_name."_".$subName."_".$key.".".$spreadsheetFiletype.",ResolveAddressSummary|ResolveServiceSummary' 'location=".$subName."' in=" . $file_name . " 'filter=(name eq ".$key.")'" . $shadow_json . " shadow-ignoreinvalidaddressobjects"; + + $this->executeCommand( $cli ); + + PH::print_stdout(); + } + + function executeCommand( $cli ) + { + PH::print_stdout(" - run command: '" . $cli . "'"); + PH::print_stdout(); + PH::print_stdout(" running this command will take some time"); + $retValue = null; + exec($cli, $output, $retValue); + foreach( $output as $line ) + { + $string = ' ## '; + $string .= $line; + #PH::print_stdout( $string ); + } + + if( $retValue != 0 ) + derr("CLI exit with error code '{$retValue}'"); + } } \ No newline at end of file From ed11fdd38bbefbc771f59714dabfe91d88de8ba8 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 13:28:57 +0200 Subject: [PATCH 14/34] type=servicegroup-merger | extend with childancestor validation --- CHANGELOG.txt | 1 + utils/lib/MERGER.php | 47 +++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 07895ec2..5484aef6 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -7,6 +7,7 @@ UTIL: * type=servicegroup-merger | introduce validation extension for childDG merger * type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1' * type=rule-compare | introduce argument 'generateRuleHtmlFile' +* type=servicegroup-merger | extend with childancestor validation BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index f3f1c5a9..9c35478b 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -1238,7 +1238,7 @@ function addressgroup_merging() else { */ - $this->addressgroupGetValueDiff($ancestor, $object, true); + $this->addressgroupGetValueDiff($childancestor, $object, true); if( isset($childancestor->owner) ) { @@ -2243,6 +2243,7 @@ function servicegroup_merging() $hashMap[$value][] = $object; if( $parentStore !== null ) $object->ancestor = self::findAncestor( $parentStore, $object, "serviceStore"); + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore"); } else $upperHashMap[$value][] = $object; @@ -2538,6 +2539,50 @@ function servicegroup_merging() continue; } + if( isset( $object->childancestor ) ) + { + $childancestor = $object->childancestor; + + if( $childancestor !== null ) + { + if( !$childancestor->isGroup() ) + { + PH::print_stdout(" - SKIP: object name '{$object->_PANC_shortName()}' as one ancestor is of type: ". get_class( $childancestor )." '{$childancestor->_PANC_shortName()}' value: ".$childancestor->value()); + $this->skippedObject( $index, $object, $childancestor, 'childancestor of type: '.get_class( $childancestor )); + break; + } + + //Todo check ip4mapping of $childancestor and $object + /* + if( $hashGenerator($object) == $hashGenerator($ancestor) ) + { + print "additional validation needed if same value\n"; + break; + } + else + { + */ + $this->servicegroupGetValueDiff($childancestor, $object, true); + + if( isset($childancestor->owner) ) + { + $tmp_ancestor_DGname = $childancestor->owner->owner->name(); + if( $tmp_ancestor_DGname === "" ) + $tmp_ancestor_DGname = "shared"; + } + else + $tmp_ancestor_DGname = "shared"; + + + + PH::print_stdout(" - group '{$object->name()}' cannot be merged because it has an ancestor at DG: ".$tmp_ancestor_DGname ); + PH::print_stdout( " - ancestor type: ".get_class( $childancestor ) ); + $this->skippedObject( $index, $object, $childancestor, 'childancestor at DG: '.$tmp_ancestor_DGname); + + break; + //} + } + } if( $object === $pickedObject ) { #PH::print_stdout(" - SKIPPED: '{$object->name()}' === '{$pickedObject->name()}': "); From 7fba37b428ae9dc371ffab3108f212e4e4918137 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 21:46:13 +0200 Subject: [PATCH 15/34] type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers --- CHANGELOG.txt | 1 + lib/object-classes/AddressGroup.php | 2 +- lib/object-classes/ServiceGroup.php | 16 +++- lib/object-classes/ServiceStore.php | 2 + utils/common/actions-service.php | 116 +++++++++++++++++++++------- 5 files changed, 104 insertions(+), 33 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 5484aef6..9abab214 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -8,6 +8,7 @@ UTIL: * type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1' * type=rule-compare | introduce argument 'generateRuleHtmlFile' * type=servicegroup-merger | extend with childancestor validation +* type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/lib/object-classes/AddressGroup.php b/lib/object-classes/AddressGroup.php index 5975deb4..543c3954 100644 --- a/lib/object-classes/AddressGroup.php +++ b/lib/object-classes/AddressGroup.php @@ -848,7 +848,7 @@ public function & expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleRef if( array_key_exists($serial, $grpArray) ) { #mwarning("addressgroup with name: " . $object->name() . " is added as subgroup to addressgroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false, false); - return $ret; + #return $ret; } else { diff --git a/lib/object-classes/ServiceGroup.php b/lib/object-classes/ServiceGroup.php index 09846ce2..0710c9ba 100644 --- a/lib/object-classes/ServiceGroup.php +++ b/lib/object-classes/ServiceGroup.php @@ -657,10 +657,18 @@ public function xml_convert_to_v6() * @param bool $keepGroupsInList * @return Service[]|ServiceGroup[] list of all member objects, if some of them are groups, they are exploded and their members inserted */ - public function &expand($keepGroupsInList = FALSE, &$grpArray=array()) + public function &expand($keepGroupsInList = FALSE, &$grpArray=array(), $RuleReferenceLocation = null ) { $ret = array(); + $grpArray[$this->name()] = $this; + + if( $RuleReferenceLocation !== null ) + { + foreach( $this->members as $key => $member ) + $this->members[$key] = $RuleReferenceLocation->serviceStore->find($member->name()); + } + foreach( $this->members as $object ) { #$serial = spl_object_hash($object); @@ -669,8 +677,8 @@ public function &expand($keepGroupsInList = FALSE, &$grpArray=array()) { if( array_key_exists($serial, $grpArray) ) { - mwarning("servicegroup with name: " . $object->name() . " is added as subgroup to servicegroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false); - return $ret; + #mwarning("servicegroup with name: " . $object->name() . " is added as subgroup to servicegroup: " . $this->name() . ", you should review your XML config file", $object->xmlroot, false); + #return $ret; } else $grpArray[$serial] = $serial; @@ -682,7 +690,7 @@ public function &expand($keepGroupsInList = FALSE, &$grpArray=array()) } /** @var ServiceGroup $object */ - $tmpList = $object->expand( $keepGroupsInList, $grpArray); + $tmpList = $object->expand( $keepGroupsInList, $grpArray, $RuleReferenceLocation); $ret = array_merge($ret, $tmpList); unset($tmpList); diff --git a/lib/object-classes/ServiceStore.php b/lib/object-classes/ServiceStore.php index 75beec56..ae0e9166 100644 --- a/lib/object-classes/ServiceStore.php +++ b/lib/object-classes/ServiceStore.php @@ -202,6 +202,7 @@ public function serviceGroups($sortByDependencies = FALSE) unset($tmpGroupDeps[$groupName]); } } + /* elseif( count($groupDependencies) == 1 ) { unset($sortingArray[$groupName]); @@ -218,6 +219,7 @@ public function serviceGroups($sortByDependencies = FALSE) unset($tmpGroupDeps[$groupName]); } } + */ } $loopCount++; diff --git a/utils/common/actions-service.php b/utils/common/actions-service.php index c291db4a..7c38832d 100644 --- a/utils/common/actions-service.php +++ b/utils/common/actions-service.php @@ -238,6 +238,47 @@ if( isset( $_SERVER['REQUEST_METHOD'] ) ) $filename = "project/html/".$filename; + $addWhereUsed = FALSE; + $addUsedInLocation = FALSE; + $addResolveGroupSRVCoverage = FALSE; + $addNestedMembers = FALSE; + $addResolveSRVNestedMembers = FALSE; + $addNestedMembersCount = FALSE; + + $optionalFields = &$context->arguments['additionalFields']; + + if( isset($optionalFields['WhereUsed']) ) + $addWhereUsed = TRUE; + + if( isset($optionalFields['UsedInLocation']) ) + $addUsedInLocation = TRUE; + + if( isset($optionalFields['ResolveSRV']) ) + $addResolveGroupSRVCoverage = TRUE; + + if( isset($optionalFields['NestedMembers']) ) + { + $addNestedMembers = TRUE; + $addResolveSRVNestedMembers = TRUE; + $addNestedMembersCount = TRUE; + } + + $headers = 'IDlocationnametypedportsporttimeoutmembersmembers countdescriptiontags'; + + $headers .= 'port.countport.tcp.countport.udp.count'; + if( $addWhereUsed ) + $headers .= 'where used'; + if( $addUsedInLocation ) + $headers .= 'location used'; + if( $addResolveGroupSRVCoverage ) + $headers .= 'srv resolution'; + if( $addNestedMembers ) + $headers .= 'nested members'; + if( $addResolveSRVNestedMembers ) + $headers .= 'nested members srv resolution'; + if( $addNestedMembersCount ) + $headers .= 'nested members count'; + $lines = ''; $encloseFunction = function ($value, $nowrap = TRUE) { if( is_string($value) ) @@ -257,8 +298,10 @@ if( is_string($subValue) ) $output .= htmlspecialchars($subValue); - else + elseif( is_object($subValue) ) $output .= htmlspecialchars($subValue->name()); + else + $output .= htmlspecialchars("-null-"); } } else @@ -270,32 +313,6 @@ return '' . $output . ''; }; - - $addWhereUsed = FALSE; - $addUsedInLocation = FALSE; - $addResolveGroupSRVCoverage = FALSE; - - $optionalFields = &$context->arguments['additionalFields']; - - if( isset($optionalFields['WhereUsed']) ) - $addWhereUsed = TRUE; - - if( isset($optionalFields['UsedInLocation']) ) - $addUsedInLocation = TRUE; - - if( isset($optionalFields['ResolveSRV']) ) - $addResolveGroupSRVCoverage = TRUE; - - $headers = 'IDlocationnametypedportsporttimeoutmembersdescriptiontags'; - - $headers .= 'port.countport.tcp.countport.udp.count'; - if( $addWhereUsed ) - $headers .= 'where used'; - if( $addUsedInLocation ) - $headers .= 'location used'; - if( $addResolveGroupSRVCoverage ) - $headers .= 'srv resolution'; - $count = 0; if( isset($context->objectList) ) { @@ -322,6 +339,7 @@ $lines .= $encloseFunction(''); $lines .= $encloseFunction(''); $lines .= $encloseFunction($object->members()); + $lines .= $encloseFunction( (string)count( $object->members() )); $lines .= $encloseFunction(''); $lines .= $encloseFunction($object->tags->tags()); } @@ -333,6 +351,7 @@ $lines .= $encloseFunction(''); $lines .= $encloseFunction(''); $lines .= $encloseFunction(''); + $lines .= $encloseFunction( '---' ); $lines .= $encloseFunction(''); $lines .= $encloseFunction(''); } @@ -347,6 +366,7 @@ $lines .= $encloseFunction($object->getSourcePort()); $lines .= $encloseFunction($object->getTimeout()); $lines .= $encloseFunction(''); + $lines .= $encloseFunction( '---' ); $lines .= $encloseFunction($object->description(), FALSE); $lines .= $encloseFunction($object->tags->tags()); } @@ -435,6 +455,45 @@ $lines .= $encloseFunction($port_mapping_text); } + if( $addNestedMembers ) + { + if( $object->isGroup() ) + { + $members = $object->expand(FALSE); + $lines .= $encloseFunction($members); + } + else + $lines .= $encloseFunction(''); + } + if( $addResolveSRVNestedMembers ) + { + if( $object->isGroup() ) + { $resolve = array(); + $members = $object->expand(FALSE); + foreach( $members as $member ) + { + $srcport = ""; + if( $member->getSourcePort() !== "" ) + $srcport = "srcp:".$member->getSourcePort(); + $resolve[] = $member->protocol()."/".$member->getDestPort().$srcport; + } + + $lines .= $encloseFunction($resolve); + } + else + $lines .= $encloseFunction(''); + } + if( $addNestedMembersCount ) + { + if( $object->isGroup() ) + { $resolve = array(); + $members = $object->expand(FALSE); + $lines .= $encloseFunction( (string)count($members) ); + } + else + $lines .= $encloseFunction(''); + } + $lines .= "\n"; } } @@ -458,11 +517,12 @@ array('type' => 'pipeSeparatedList', 'subtype' => 'string', 'default' => '*NONE*', - 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveSRV'), + 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveSRV', 'NestedMembers'), 'help' => "pipe(|) separated list of additional field to include in the report. The following is available:\n" . " - WhereUsed : list places where object is used (rules, groups ...)\n" . " - UsedInLocation : list locations (vsys,dg,shared) where object is used\n". + " - NestedMembers: lists all members, even the ones that may be included in nested groups\n" . " - ResolveSRV\n" ) From d23e61899a0ace80b7b6e9d27227dea19182e0a7 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 23:56:02 +0200 Subject: [PATCH 16/34] type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content --- CHANGELOG.txt | 1 + utils/common/CallContext.php | 32 +++++ utils/common/DHCPCallContext.php | 2 +- utils/common/actions-address.php | 100 ++++++---------- utils/common/actions-device.php | 99 +++------------- utils/common/actions-rule.php | 32 +---- utils/common/actions-securityprofile.php | 60 +++------- utils/common/actions-securityprofilegroup.php | 72 +++-------- utils/common/actions-service.php | 112 +++++++----------- utils/common/actions-tag.php | 48 ++------ utils/common/actions-threat.php | 51 ++------ utils/common/actions-zone.php | 68 +++-------- 12 files changed, 196 insertions(+), 481 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 9abab214..b462cddf 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -9,6 +9,7 @@ UTIL: * type=rule-compare | introduce argument 'generateRuleHtmlFile' * type=servicegroup-merger | extend with childancestor validation * type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers +* type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/CallContext.php b/utils/common/CallContext.php index 88083be6..5b75d9f1 100644 --- a/utils/common/CallContext.php +++ b/utils/common/CallContext.php @@ -278,4 +278,36 @@ public function toString() return $ret; } + + public function encloseFunction( $value, $nowrap = TRUE ) + { + if( is_string($value) ) + $output = htmlspecialchars($value); + elseif( is_array($value) ) + { + $output = ''; + $first = TRUE; + foreach( $value as $subValue ) + { + if( !$first ) + { + $output .= '
'; + } + else + $first = FALSE; + + if( is_string($subValue) ) + $output .= htmlspecialchars($subValue); + else + $output .= htmlspecialchars($subValue->name()); + } + } + else + derr('unsupported'); + + if( $nowrap ) + return '' . $output . ''; + + return '' . $output . ''; + } } diff --git a/utils/common/DHCPCallContext.php b/utils/common/DHCPCallContext.php index 8c14e914..9c5859c8 100644 --- a/utils/common/DHCPCallContext.php +++ b/utils/common/DHCPCallContext.php @@ -23,7 +23,7 @@ class DHCPCallContext extends CallContext { /** @var DHCP */ public $object; - + public $objectList; public static $commonActionFunctions = Array(); diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index 8afc40cb..a578088a 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -794,38 +794,6 @@ $headers .= 'nested members count'; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - elseif( is_object($subValue) ) - $output .= htmlspecialchars($subValue->name()); - else - $output .= htmlspecialchars("-null-"); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $count = 0; if( isset($context->objectList) ) @@ -840,60 +808,60 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); if( $object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() ) - $lines .= $encloseFunction('shared'); + $lines .= $context->encloseFunction('shared'); else - $lines .= $encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); if( $object->isGroup() ) { if( $object->isDynamic() ) { - $lines .= $encloseFunction('group-dynamic'); - #$lines .= $encloseFunction(''); - $lines .= $encloseFunction($object->members()); + $lines .= $context->encloseFunction('group-dynamic'); + #$lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction($object->members()); } else { - $lines .= $encloseFunction('group-static'); - $lines .= $encloseFunction($object->members()); + $lines .= $context->encloseFunction('group-static'); + $lines .= $context->encloseFunction($object->members()); } - $lines .= $encloseFunction($object->description(), FALSE); + $lines .= $context->encloseFunction($object->description(), FALSE); if( $object->isGroup() ) - $lines .= $encloseFunction( (string)count( $object->members() )); + $lines .= $context->encloseFunction( (string)count( $object->members() )); else - $lines .= $encloseFunction( '---' ); + $lines .= $context->encloseFunction( '---' ); $counter = 0; $members = $object->expand(FALSE); foreach( $members as $member ) $counter += $member->getIPcount(); - $lines .= $encloseFunction((string)$counter); + $lines .= $context->encloseFunction((string)$counter); - $lines .= $encloseFunction($object->tags->tags()); + $lines .= $context->encloseFunction($object->tags->tags()); } elseif( $object->isAddress() ) { if( $object->isTmpAddr() ) { - $lines .= $encloseFunction('unknown'); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction('unknown'); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); } else { - $lines .= $encloseFunction($object->type()); - $lines .= $encloseFunction($object->value()); - $lines .= $encloseFunction($object->description(), FALSE); - $lines .= $encloseFunction( '---' ); - $lines .= $encloseFunction( (string)$object->getIPcount() ); - $lines .= $encloseFunction($object->tags->tags()); + $lines .= $context->encloseFunction($object->type()); + $lines .= $context->encloseFunction($object->value()); + $lines .= $context->encloseFunction($object->description(), FALSE); + $lines .= $context->encloseFunction( '---' ); + $lines .= $context->encloseFunction( (string)$object->getIPcount() ); + $lines .= $context->encloseFunction($object->tags->tags()); } } elseif( $object->isRegion() ) @@ -908,7 +876,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -919,7 +887,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addResolveGroupIPCoverage ) { @@ -929,17 +897,17 @@ foreach( array_keys($mapping->unresolved) as $unresolved ) $strMapping[] = $unresolved; - $lines .= $encloseFunction($strMapping); + $lines .= $context->encloseFunction($strMapping); } if( $addNestedMembers ) { if( $object->isGroup() ) { $members = $object->expand(FALSE); - $lines .= $encloseFunction($members); + $lines .= $context->encloseFunction($members); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } if( $addResolveIPNestedMembers ) { @@ -948,20 +916,20 @@ $members = $object->expand(FALSE); foreach( $members as $member ) $resolve[] = $member->value(); - $lines .= $encloseFunction($resolve); + $lines .= $context->encloseFunction($resolve); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } if( $addNestedMembersCount ) { if( $object->isGroup() ) { $resolve = array(); $members = $object->expand(FALSE); - $lines .= $encloseFunction( (string)count($members) ); + $lines .= $context->encloseFunction( (string)count($members) ); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } $lines .= "\n"; diff --git a/utils/common/actions-device.php b/utils/common/actions-device.php index 7d23ecfb..aef3426c 100644 --- a/utils/common/actions-device.php +++ b/utils/common/actions-device.php @@ -730,36 +730,6 @@ $filename = "project/html/".$filename; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $addWhereUsed = FALSE; @@ -795,15 +765,15 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); - #$lines .= $encloseFunction(PH::getLocationString($object)); + #$lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); if( get_class($object) == "TemplateStack" ) { - $lines .= $encloseFunction( array_reverse($object->templates) ); + $lines .= $context->encloseFunction( array_reverse($object->templates) ); } if( $addWhereUsed ) @@ -812,7 +782,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -823,7 +793,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } $lines .= "\n"; @@ -1497,41 +1467,6 @@ $filename = "project/html/".$filename; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - { - #derr('unsupported'); - $output = 'unsupported value/type'; - } - - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; - $headers = 'subruletype'; foreach( $context->fields as $fieldName => $fieldID ) @@ -1553,10 +1488,10 @@ else $lines .= ""; - #$lines .= $encloseFunction(PH::getLocationString($object)); + #$lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction( strval($subtype) ); - $lines .= $encloseFunction( strval($keyruletype) ) ; + $lines .= $context->encloseFunction( strval($subtype) ); + $lines .= $context->encloseFunction( strval($keyruletype) ) ; if( is_object( $rule['rule'] ) ) @@ -1564,13 +1499,13 @@ $line = ""; foreach( $context->fields as $fieldName => $fieldID ) $line .= $context->ruleContext->ruleFieldHtmlExport($rule['rule'], $fieldID); - #$lines .= $encloseFunction( $line ); + #$lines .= $context->encloseFunction( $line ); $lines .= $line; - #$lines .= $encloseFunction( $rule['rule']->name() ); + #$lines .= $context->encloseFunction( $rule['rule']->name() ); } else - $lines .= $encloseFunction( $rule['rule'] ); + $lines .= $context->encloseFunction( $rule['rule'] ); $lines .= "\n"; @@ -1582,8 +1517,8 @@ else $lines .= ""; - $lines .= $encloseFunction( "---" ); - $lines .= $encloseFunction( "shadowed" ) ; + $lines .= $context->encloseFunction( "---" ); + $lines .= $context->encloseFunction( "shadowed" ) ; @@ -1592,14 +1527,14 @@ $line = ""; foreach( $context->fields as $fieldName => $fieldID ) $line .= $context->ruleContext->ruleFieldHtmlExport($ruleItem, $fieldID); - #$lines .= $encloseFunction( $line ); + #$lines .= $context->encloseFunction( $line ); $lines .= $line; - #$lines .= $encloseFunction( $ruleItem->name() ); + #$lines .= $context->encloseFunction( $ruleItem->name() ); } else - $lines .= $encloseFunction( strval($ruleItem) ); + $lines .= $context->encloseFunction( strval($ruleItem) ); $lines .= "\n"; } diff --git a/utils/common/actions-rule.php b/utils/common/actions-rule.php index 5f1166b3..ffb76ebc 100644 --- a/utils/common/actions-rule.php +++ b/utils/common/actions-rule.php @@ -4300,36 +4300,6 @@ if( isset( $_SERVER['REQUEST_METHOD'] ) ) $filename = "project/html/".$filename; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $addResolvedAddressSummary = FALSE; $addResolvedServiceSummary = FALSE; @@ -4430,7 +4400,7 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); foreach( $fields as $fieldName => $fieldID ) { diff --git a/utils/common/actions-securityprofile.php b/utils/common/actions-securityprofile.php index 7ffd0c7a..010773ed 100644 --- a/utils/common/actions-securityprofile.php +++ b/utils/common/actions-securityprofile.php @@ -469,36 +469,6 @@ $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $count = 0; if( isset($context->objectList) ) @@ -513,32 +483,32 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); if( $object->owner->owner === null ) { - $lines .= $encloseFunction('predefined'); + $lines .= $context->encloseFunction('predefined'); } else { if( $object->owner->owner !== null && ( $object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() ) ) - $lines .= $encloseFunction('shared'); + $lines .= $context->encloseFunction('shared'); else - $lines .= $encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); } - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); - $lines .= $encloseFunction( $object->owner->name() ); + $lines .= $context->encloseFunction( $object->owner->name() ); if( isset($object->secprof_type) ) - $lines .= $encloseFunction($object->secprof_type); + $lines .= $context->encloseFunction($object->secprof_type); else - $lines .= $encloseFunction(get_class($object) ); + $lines .= $context->encloseFunction(get_class($object) ); - #$lines .= $encloseFunction($object->value()); + #$lines .= $context->encloseFunction($object->value()); if( !empty( $object->threatException ) ) { $tmp_array = array(); @@ -546,10 +516,10 @@ $tmp_array[] = $threatname; $string = implode( ",", $tmp_array); - $lines .= $encloseFunction( $string ); + $lines .= $context->encloseFunction( $string ); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); if( get_class($object) == "customURLProfile" ) { @@ -561,11 +531,11 @@ $tmp_array[] = $member; $string = implode( ",", $tmp_array); - $lines .= $encloseFunction( $tmp_array ); + $lines .= $context->encloseFunction( $tmp_array ); } else { - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } if( $addWhereUsed ) @@ -574,7 +544,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -585,7 +555,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } $lines .= "\n"; diff --git a/utils/common/actions-securityprofilegroup.php b/utils/common/actions-securityprofilegroup.php index 05fa1b8a..24973b6c 100644 --- a/utils/common/actions-securityprofilegroup.php +++ b/utils/common/actions-securityprofilegroup.php @@ -228,44 +228,6 @@ $filename = "project/html/".$filename; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - elseif( is_object($value) ) - $output = htmlspecialchars($value->name()); - elseif( $value == null ) - $output = "---"; - else - { - derr('unsupported'); - } - - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; - $addWhereUsed = FALSE; $addUsedInLocation = FALSE; @@ -299,11 +261,11 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); - $lines .= $encloseFunction(PH::getLocationString($object)); + $lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); $counter_array = array(); @@ -311,17 +273,17 @@ if( count( $refLoc ) == 0 ) { $refLoc = "---"; - $lines .= $encloseFunction($refLoc); + $lines .= $context->encloseFunction($refLoc); } else { - $lines .= $encloseFunction($refLoc); + $lines .= $context->encloseFunction($refLoc); } if( count( $counter_array ) == 0 ) { $refLoc = "---"; - $lines .= $encloseFunction($refLoc); + $lines .= $context->encloseFunction($refLoc); } else { @@ -330,7 +292,7 @@ $tmparray[$key] = (string)$counter_array[$key]; $counter_array = $tmparray; - $lines .= $encloseFunction($counter_array); + $lines .= $context->encloseFunction($counter_array); } $refCount = $object->countReferences(); @@ -338,23 +300,23 @@ $refCount = "---"; else $refCount = (string)$refCount ; - $lines .= $encloseFunction( $refCount ); + $lines .= $context->encloseFunction( $refCount ); //private $secprof_array = array('virus', 'spyware', 'vulnerability', 'file-blocking', 'wildfire-analysis', 'url-filtering', 'data-filtering'); - $lines .= $encloseFunction($object->secprofiles['virus']); + $lines .= $context->encloseFunction($object->secprofiles['virus']); - $lines .= $encloseFunction($object->secprofiles['spyware']); + $lines .= $context->encloseFunction($object->secprofiles['spyware']); - $lines .= $encloseFunction($object->secprofiles['vulnerability']); + $lines .= $context->encloseFunction($object->secprofiles['vulnerability']); - $lines .= $encloseFunction($object->secprofiles['url-filtering']); + $lines .= $context->encloseFunction($object->secprofiles['url-filtering']); - $lines .= $encloseFunction($object->secprofiles['file-blocking']); + $lines .= $context->encloseFunction($object->secprofiles['file-blocking']); - $lines .= $encloseFunction($object->secprofiles['data-filtering']); + $lines .= $context->encloseFunction($object->secprofiles['data-filtering']); - $lines .= $encloseFunction($object->secprofiles['wildfire-analysis']); + $lines .= $context->encloseFunction($object->secprofiles['wildfire-analysis']); if( $addWhereUsed ) { @@ -362,7 +324,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -373,7 +335,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } $lines .= "\n"; diff --git a/utils/common/actions-service.php b/utils/common/actions-service.php index 7c38832d..ce760223 100644 --- a/utils/common/actions-service.php +++ b/utils/common/actions-service.php @@ -280,38 +280,6 @@ $headers .= 'nested members count'; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - elseif( is_object($subValue) ) - $output .= htmlspecialchars($subValue->name()); - else - $output .= htmlspecialchars("-null-"); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $count = 0; if( isset($context->objectList) ) @@ -326,60 +294,60 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); - $lines .= $encloseFunction(PH::getLocationString($object)); + $lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); if( $object->isGroup() ) { - $lines .= $encloseFunction('group'); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction($object->members()); - $lines .= $encloseFunction( (string)count( $object->members() )); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction($object->tags->tags()); + $lines .= $context->encloseFunction('group'); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction($object->members()); + $lines .= $context->encloseFunction( (string)count( $object->members() )); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction($object->tags->tags()); } elseif( $object->isService() ) { if( $object->isTmpSrv() ) { - $lines .= $encloseFunction('unknown'); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction( '---' ); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction('unknown'); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction( '---' ); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); } else { if( $object->isTcp() ) - $lines .= $encloseFunction('service-tcp'); + $lines .= $context->encloseFunction('service-tcp'); else - $lines .= $encloseFunction('service-udp'); - - $lines .= $encloseFunction($object->getDestPort()); - $lines .= $encloseFunction($object->getSourcePort()); - $lines .= $encloseFunction($object->getTimeout()); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction( '---' ); - $lines .= $encloseFunction($object->description(), FALSE); - $lines .= $encloseFunction($object->tags->tags()); + $lines .= $context->encloseFunction('service-udp'); + + $lines .= $context->encloseFunction($object->getDestPort()); + $lines .= $context->encloseFunction($object->getSourcePort()); + $lines .= $context->encloseFunction($object->getTimeout()); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction( '---' ); + $lines .= $context->encloseFunction($object->description(), FALSE); + $lines .= $context->encloseFunction($object->tags->tags()); } } $calculatedCounter = $context->ServiceCount( $object, "both" ); - $lines .= $encloseFunction((string)$calculatedCounter); + $lines .= $context->encloseFunction((string)$calculatedCounter); $calculatedCounter = $context->ServiceCount( $object, "tcp" ); - $lines .= $encloseFunction((string)$calculatedCounter); + $lines .= $context->encloseFunction((string)$calculatedCounter); $calculatedCounter = $context->ServiceCount( $object, "udp" ); - $lines .= $encloseFunction((string)$calculatedCounter); + $lines .= $context->encloseFunction((string)$calculatedCounter); if( $addWhereUsed ) @@ -388,7 +356,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -399,7 +367,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addResolveGroupSRVCoverage ) { @@ -452,7 +420,7 @@ } } - $lines .= $encloseFunction($port_mapping_text); + $lines .= $context->encloseFunction($port_mapping_text); } if( $addNestedMembers ) @@ -460,10 +428,10 @@ if( $object->isGroup() ) { $members = $object->expand(FALSE); - $lines .= $encloseFunction($members); + $lines .= $context->encloseFunction($members); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } if( $addResolveSRVNestedMembers ) { @@ -478,20 +446,20 @@ $resolve[] = $member->protocol()."/".$member->getDestPort().$srcport; } - $lines .= $encloseFunction($resolve); + $lines .= $context->encloseFunction($resolve); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } if( $addNestedMembersCount ) { if( $object->isGroup() ) { $resolve = array(); $members = $object->expand(FALSE); - $lines .= $encloseFunction( (string)count($members) ); + $lines .= $context->encloseFunction( (string)count($members) ); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } $lines .= "\n"; diff --git a/utils/common/actions-tag.php b/utils/common/actions-tag.php index 9d5b5f28..dbab38ba 100644 --- a/utils/common/actions-tag.php +++ b/utils/common/actions-tag.php @@ -581,36 +581,6 @@ $filename = "project/html/".$filename; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $addWhereUsed = FALSE; @@ -645,24 +615,24 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); - $lines .= $encloseFunction(PH::getLocationString($object)); + $lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); if( $object->isTag() ) { if( $object->isTmp() ) { - $lines .= $encloseFunction('unknown'); - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction('unknown'); + $lines .= $context->encloseFunction(''); } else { - $lines .= $encloseFunction($object->color); - $lines .= $encloseFunction($object->getComments()); + $lines .= $context->encloseFunction($object->color); + $lines .= $context->encloseFunction($object->getComments()); } } @@ -672,7 +642,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -683,7 +653,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } $lines .= "\n"; diff --git a/utils/common/actions-threat.php b/utils/common/actions-threat.php index 9f40b999..ca7d07d5 100644 --- a/utils/common/actions-threat.php +++ b/utils/common/actions-threat.php @@ -82,37 +82,6 @@ $filename = "project/html/".$filename; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; - $addWhereUsed = FALSE; $addUsedInLocation = FALSE; @@ -146,21 +115,21 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); - $lines .= $encloseFunction(PH::getLocationString($object)); + $lines .= $context->encloseFunction(PH::getLocationString($object)); - $lines .= $encloseFunction(get_class($object)); + $lines .= $context->encloseFunction(get_class($object)); - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); - $lines .= $encloseFunction($object->threatname()); + $lines .= $context->encloseFunction($object->threatname()); - $lines .= $encloseFunction($object->category()); + $lines .= $context->encloseFunction($object->category()); - $lines .= $encloseFunction($object->severity()); + $lines .= $context->encloseFunction($object->severity()); - $lines .= $encloseFunction($object->defaultAction()); + $lines .= $context->encloseFunction($object->defaultAction()); if( $addWhereUsed ) { @@ -168,7 +137,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -179,7 +148,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } $lines .= "\n"; diff --git a/utils/common/actions-zone.php b/utils/common/actions-zone.php index 1903afa9..2d6a37af 100644 --- a/utils/common/actions-zone.php +++ b/utils/common/actions-zone.php @@ -680,36 +680,6 @@ $headers .= 'nested members'; $lines = ''; - $encloseFunction = function ($value, $nowrap = TRUE) { - if( is_string($value) ) - $output = htmlspecialchars($value); - elseif( is_array($value) ) - { - $output = ''; - $first = TRUE; - foreach( $value as $subValue ) - { - if( !$first ) - { - $output .= '
'; - } - else - $first = FALSE; - - if( is_string($subValue) ) - $output .= htmlspecialchars($subValue); - else - $output .= htmlspecialchars($subValue->name()); - } - } - else - derr('unsupported'); - - if( $nowrap ) - return '' . $output . ''; - - return '' . $output . ''; - }; $count = 0; if( isset($context->objectList) ) @@ -724,45 +694,45 @@ else $lines .= ""; - $lines .= $encloseFunction( (string)$count ); + $lines .= $context->encloseFunction( (string)$count ); if( $object->owner->owner->owner->owner !== null && get_class( $object->owner->owner->owner->owner ) == "Template" ) { - $lines .= $encloseFunction($object->owner->owner->owner->owner->name()); - $lines .= $encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); } else { - $lines .= $encloseFunction( "" ); - $lines .= $encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction( "" ); + $lines .= $context->encloseFunction($object->owner->owner->name()); } - $lines .= $encloseFunction($object->name()); + $lines .= $context->encloseFunction($object->name()); if( $object->isTmp() ) { - $lines .= $encloseFunction('unknown'); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction('unknown'); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); + $lines .= $context->encloseFunction(''); } else { - $lines .= $encloseFunction($object->type()); - $lines .= $encloseFunction( $object->attachedInterfaces->getAll() ); + $lines .= $context->encloseFunction($object->type()); + $lines .= $context->encloseFunction( $object->attachedInterfaces->getAll() ); if( $object->logsetting == null ) $tmpLogprof = ""; else $tmpLogprof = $object->logsetting; - $lines .= $encloseFunction( $tmpLogprof ); + $lines .= $context->encloseFunction( $tmpLogprof ); if( $object->zoneProtectionProfile == null ) $tmpZPP = ""; else $tmpZPP = $object->zoneProtectionProfile; - $lines .= $encloseFunction( $tmpZPP ); + $lines .= $context->encloseFunction( $tmpZPP ); } if( $addWhereUsed ) @@ -771,7 +741,7 @@ foreach( $object->getReferences() as $ref ) $refTextArray[] = $ref->_PANC_shortName(); - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addUsedInLocation ) { @@ -782,7 +752,7 @@ $refTextArray[$location] = $location; } - $lines .= $encloseFunction($refTextArray); + $lines .= $context->encloseFunction($refTextArray); } if( $addResolveGroupIPCoverage ) { @@ -792,17 +762,17 @@ foreach( array_keys($mapping->unresolved) as $unresolved ) $strMapping[] = $unresolved; - $lines .= $encloseFunction($strMapping); + $lines .= $context->encloseFunction($strMapping); } if( $addNestedMembers ) { if( $object->isGroup() ) { $members = $object->expand(TRUE); - $lines .= $encloseFunction($members); + $lines .= $context->encloseFunction($members); } else - $lines .= $encloseFunction(''); + $lines .= $context->encloseFunction(''); } $lines .= "\n"; From 6b017a170c0ec331a12742f691246f61f0a5541c Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 3 Aug 2023 23:56:32 +0200 Subject: [PATCH 17/34] type=dhcp | introduce actions=exporttoexcel:file.html --- CHANGELOG.txt | 1 + utils/common/actions-dhcp.php | 140 ++++++++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index b462cddf..d5dea962 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -10,6 +10,7 @@ UTIL: * type=servicegroup-merger | extend with childancestor validation * type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers * type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content +* type=dhcp | introduce actions=exporttoexcel:file.html BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php index a530cd80..c06b125a 100644 --- a/utils/common/actions-dhcp.php +++ b/utils/common/actions-dhcp.php @@ -89,3 +89,143 @@ 'mac' => array('type' => 'string', 'default' => 'false'), ), ); + +DHCPCallContext::$supportedActions['exportToExcel'] = array( + 'name' => 'exportToExcel', + 'MainFunction' => function (DHCPCallContext $context) { + $object = $context->object; + $context->objectList[] = $object; + }, + 'GlobalInitFunction' => function (DHCPCallContext $context) { + $context->objectList = array(); + }, + 'GlobalFinishFunction' => function (DHCPCallContext $context) { + $args = &$context->arguments; + $filename = $args['filename']; + + if( isset( $_SERVER['REQUEST_METHOD'] ) ) + $filename = "project/html/".$filename; + + $addWhereUsed = FALSE; + $addUsedInLocation = FALSE; + + $optionalFields = &$context->arguments['additionalFields']; + + if( isset($optionalFields['WhereUsed']) ) + $addWhereUsed = TRUE; + + if( isset($optionalFields['UsedInLocation']) ) + $addUsedInLocation = TRUE; + + $headers = 'IDtemplatelocationname'; + $headers .= 'Reservation'; + + if( $addWhereUsed ) + $headers .= 'where used'; + if( $addUsedInLocation ) + $headers .= 'location used'; + + + $lines = ''; + + $count = 0; + if( isset($context->objectList) ) + { + foreach( $context->objectList as $object ) + { + $count++; + + /** @var DHCP $object */ + if( $count % 2 == 1 ) + $lines .= "\n"; + else + $lines .= ""; + + $lines .= $context->encloseFunction((string)$count); + + if( $context->subSystem->isPanorama() ) + { + if( $object->owner->owner->owner->owner !== null && get_class($object->owner->owner->owner->owner) == "Template" ) + { + $lines .= $context->encloseFunction($object->owner->owner->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); + } + else + { + $lines .= $context->encloseFunction(""); + $lines .= $context->encloseFunction($object->owner->owner->name()); + } + } + else + { + $lines .= $context->encloseFunction(""); + $lines .= $context->encloseFunction($object->owner->owner->name()); + } + + + $lines .= $context->encloseFunction($object->name()); + + $tmpString = ""; + foreach( $object->server_leases as $lease ) + $tmpString .= $lease['ip']." | ".$lease['mac']; + $lines .= $context->encloseFunction($tmpString); + + if( $addWhereUsed ) + { + $refTextArray = array(); + foreach( $object->getReferences() as $ref ) + $refTextArray[] = $ref->_PANC_shortName(); + + $lines .= $context->encloseFunction($refTextArray); + } + if( $addUsedInLocation ) + { + $refTextArray = array(); + foreach( $object->getReferences() as $ref ) + { + $location = PH::getLocationString($object->owner); + $refTextArray[$location] = $location; + } + + $lines .= $context->encloseFunction($refTextArray); + } + + + $lines .= "\n"; + + } + } + + $content = file_get_contents(dirname(__FILE__) . '/html/export-template.html'); + $content = str_replace('%TableHeaders%', $headers, $content); + + $content = str_replace('%lines%', $lines, $content); + + $jscontent = file_get_contents(dirname(__FILE__) . '/html/jquery.min.js'); + $jscontent .= "\n"; + $jscontent .= file_get_contents(dirname(__FILE__) . '/html/jquery.stickytableheaders.min.js'); + $jscontent .= "\n\$('table').stickyTableHeaders();\n"; + + $content = str_replace('%JSCONTENT%', $jscontent, $content); + + file_put_contents($filename, $content); + + + file_put_contents($filename, $content); + }, + 'args' => array('filename' => array('type' => 'string', 'default' => '*nodefault*'), + 'additionalFields' => + array('type' => 'pipeSeparatedList', + 'subtype' => 'string', + 'default' => '*NONE*', + 'choices' => array('WhereUsed', 'UsedInLocation', 'ResolveIP', 'NestedMembers'), + 'help' => + "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n" . + " - NestedMembers: lists all members, even the ones that may be included in nested groups\n" . + " - ResolveIP\n" . + " - UsedInLocation : list locations (vsys,dg,shared) where object is used\n" . + " - WhereUsed : list places where object is used (rules, groups ...)\n" + ) + ) + +); \ No newline at end of file From ac7bdcd573aef3618b2b228e3d26254aa2f24045 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Fri, 4 Aug 2023 10:12:54 +0200 Subject: [PATCH 18/34] type=dhcp | improvement for actions=exporttoexcel --- CHANGELOG.txt | 1 + utils/common/actions-dhcp.php | 17 ++++++----------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index d5dea962..ecd0e61d 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -11,6 +11,7 @@ UTIL: * type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers * type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content * type=dhcp | introduce actions=exporttoexcel:file.html +* type=dhcp | improvement for actions=exporttoexcel BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php index c06b125a..af5d6f73 100644 --- a/utils/common/actions-dhcp.php +++ b/utils/common/actions-dhcp.php @@ -143,24 +143,19 @@ $lines .= $context->encloseFunction((string)$count); - if( $context->subSystem->isPanorama() ) + if( get_class($context->subSystem) == "PANConf" ) { - if( $object->owner->owner->owner->owner !== null && get_class($object->owner->owner->owner->owner) == "Template" ) + if( isset($context->subSystem->owner) && $context->subSystem->owner !== null && (get_class($context->subSystem->owner) == "Template" || get_class($context->subSystem->owner) == "TemplateStack" ) ) { - $lines .= $context->encloseFunction($object->owner->owner->owner->owner->name()); - $lines .= $context->encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction($context->subSystem->owner->name()); + $lines .= $context->encloseFunction($context->subSystem->name()); } else { - $lines .= $context->encloseFunction(""); - $lines .= $context->encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction("---"); + $lines .= $context->encloseFunction($context->subSystem->name()); } } - else - { - $lines .= $context->encloseFunction(""); - $lines .= $context->encloseFunction($object->owner->owner->name()); - } $lines .= $context->encloseFunction($object->name()); From 4cc2f536582529768af614ef640740f59d6b5112 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Fri, 4 Aug 2023 12:25:45 +0200 Subject: [PATCH 19/34] type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects --- CHANGELOG.txt | 1 + lib/network-classes/DHCP.php | 35 ++++++++++++++++++++++++++++++++ utils/common/actions-address.php | 12 ++++++++--- 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index ecd0e61d..a3921fe8 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -19,6 +19,7 @@ BUGFIX: * type=addressgroup-merger | bugfix to check childancestor objects availability * type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging * class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary' +* type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects GENERAL: diff --git a/lib/network-classes/DHCP.php b/lib/network-classes/DHCP.php index b021189e..99c2d777 100644 --- a/lib/network-classes/DHCP.php +++ b/lib/network-classes/DHCP.php @@ -81,7 +81,42 @@ public function load_from_domxml($xml) } } + + #DH::DEBUGprintDOMDocument($tmp_server); + + /* + + + 192.168.10.127/28 + + auto + */ + + } + $tmp_relay = DH::findFirstElement("relay", $xml); + if( $tmp_relay !== false ) + { + #DH::DEBUGprintDOMDocument($tmp_relay); + /* + + + + 1.2.3.4 + + yes + + + no + + + */ + } + } /** diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index a578088a..c010e163 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -810,10 +810,16 @@ $lines .= $context->encloseFunction( (string)$count ); - if( $object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() ) - $lines .= $context->encloseFunction('shared'); + if( isset($object->owner) && isset($object->owner->owner) ) + { + if($object->owner->owner->isPanorama() || $object->owner->owner->isFirewall() ) + $lines .= $context->encloseFunction('shared'); + else + $lines .= $context->encloseFunction($object->owner->owner->name()); + } else - $lines .= $context->encloseFunction($object->owner->owner->name()); + $lines .= $context->encloseFunction("---"); + $lines .= $context->encloseFunction($object->name()); From 9a80872f1809dcfaa289282bc74d27a432ef0e9e Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Fri, 4 Aug 2023 14:16:20 +0200 Subject: [PATCH 20/34] type=dhcp actions=display/exporttoexcel | extend with additional DHCP information --- CHANGELOG.txt | 1 + lib/network-classes/DHCP.php | 76 +++++++++++++++++++--------- utils/common/actions-dhcp.php | 93 ++++++++++++++++++++++++++++++----- 3 files changed, 134 insertions(+), 36 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index a3921fe8..001cb0e3 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -12,6 +12,7 @@ UTIL: * type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content * type=dhcp | introduce actions=exporttoexcel:file.html * type=dhcp | improvement for actions=exporttoexcel +* type=dhcp actions=display/exporttoexcel | extend with additional DHCP information BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/lib/network-classes/DHCP.php b/lib/network-classes/DHCP.php index 99c2d777..4631817e 100644 --- a/lib/network-classes/DHCP.php +++ b/lib/network-classes/DHCP.php @@ -27,6 +27,11 @@ class DHCP /** @var DHCPStore */ public $owner; public $server_leases = array(); + public $server_ip_pool = array(); + public $relay_ipv4 = array(); + public $relay_ipv6 = array(); + public $relay_ipv4_status = false; + public $relay_ipv6_status = false; /** * @param $name string @@ -76,47 +81,72 @@ public function load_from_domxml($xml) $tmp_mac = $tmp_mac_xml->textContent; $this->server_leases[] = array( 'ip' => $tmp_IP, 'mac' => $tmp_mac ); - #PH::print_stdout(" * "."IP: ".$tmp_IP." | mac: ".$tmp_mac); } - } } - #DH::DEBUGprintDOMDocument($tmp_server); + $tmp_ip_pool = DH::findFirstElement("ip-pool", $tmp_server); + if( $tmp_ip_pool !== false ) + { + foreach( $tmp_ip_pool->childNodes as $entry ) + { + if( $entry->nodeType != XML_ELEMENT_NODE ) + continue; + $this->server_ip_pool[] = $entry->textContent; + } + } /* - - 192.168.10.127/28 - auto */ - - } $tmp_relay = DH::findFirstElement("relay", $xml); if( $tmp_relay !== false ) { - #DH::DEBUGprintDOMDocument($tmp_relay); - /* - - - - 1.2.3.4 - - yes - - - no - - - */ - } + $tmp_relay_ipv4 = DH::findFirstElement("ip", $tmp_relay); + if( $tmp_relay_ipv4 !== false ) + { + $tmp_enabled = DH::findFirstElement("enabled", $tmp_relay_ipv4); + if( $tmp_enabled->textContent == "yes" ) + $this->relay_ipv4_status = true; + $tmp_server = DH::findFirstElement("server", $tmp_relay_ipv4); + if( $tmp_server !== false ) + { + foreach( $tmp_server->childNodes as $entry ) + { + if( $entry->nodeType != XML_ELEMENT_NODE ) + continue; + + $this->relay_ipv4[] = $entry->textContent; + } + } + } + $tmp_relay_ipv6 = DH::findFirstElement("ipv6", $tmp_relay); + if( $tmp_relay_ipv6 !== false ) + { + $tmp_enabled = DH::findFirstElement("enabled", $tmp_relay_ipv6); + if( $tmp_enabled->textContent == "yes" ) + $this->relay_ipv6_status = true; + + $tmp_server = DH::findFirstElement("server", $tmp_relay_ipv6); + if( $tmp_server !== false ) + { + foreach( $tmp_server->childNodes as $entry ) + { + if( $entry->nodeType != XML_ELEMENT_NODE ) + continue; + + $this->relay_ipv6[] = $entry->textContent; + } + } + } + } } /** diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php index af5d6f73..cf867206 100644 --- a/utils/common/actions-dhcp.php +++ b/utils/common/actions-dhcp.php @@ -22,24 +22,62 @@ DHCPCallContext::$supportedActions['display'] = Array( 'name' => 'display', - 'MainFunction' => function ( DHCPCallContext $context ) - { + 'MainFunction' => function ( DHCPCallContext $context ) { $object = $context->object; - PH::print_stdout(" * ".get_class($object)." '{$object->name()}'" ); + PH::print_stdout(" * " . get_class($object) . " '{$object->name()}'"); PH::$JSON_TMP['sub']['object'][$object->name()]['name'] = $object->name(); PH::$JSON_TMP['sub']['object'][$object->name()]['type'] = get_class($object); - PH::print_stdout(" RESERVATION:" ); + if( count($object->server_leases) > 0 ) + { + PH::print_stdout(" SERVER reservation:"); - foreach( $object->server_leases as $lease ) + foreach( $object->server_leases as $lease ) + { + #PH::print_stdout(" - "."IP: ".$lease['ip']." | mac: ".$lease['mac']); + PH::print_stdout(" - " . "" . $lease['ip'] . " | " . $lease['mac']); + PH::$JSON_TMP['sub']['object'][$object->name()]['server']['reserved'][] = $lease; + } + } + if( count($object->server_ip_pool) > 0 ) { - #PH::print_stdout(" - "."IP: ".$lease['ip']." | mac: ".$lease['mac']); - PH::print_stdout(" - "."".$lease['ip']." | ".$lease['mac']); - PH::$JSON_TMP['sub']['object'][$object->name()]['server']['reserved'][] = $lease; + PH::print_stdout(" SERVER ip-pool:"); + + foreach( $object->server_ip_pool as $ip_pool ) + { + PH::print_stdout(" - " . "" . $ip_pool); + PH::$JSON_TMP['sub']['object'][$object->name()]['server']['ip-pool'][] = $ip_pool; + } } + + if( count($object->relay_ipv4) > 0 ) + { + if( $object->relay_ipv4_status ) + PH::print_stdout(" RELAY IPV4 [enabled]:" ); + else + PH::print_stdout(" RELAY IPV4 [disabled]:" ); + foreach( $object->relay_ipv4 as $server ) + { + PH::print_stdout(" - "."".$server); + PH::$JSON_TMP['sub']['object'][$object->name()]['relay']['ipv4'][] = $server; + } + } + + if( count($object->relay_ipv6) > 0 ) + { + if( $object->relay_ipv6_status ) + PH::print_stdout(" RELAY IPV6 [enabled]:" ); + else + PH::print_stdout(" RELAY IPV6 [disabled]:" ); + foreach( $object->relay_ipv6 as $server ) + { + PH::print_stdout(" - "."".$server); + PH::$JSON_TMP['sub']['object'][$object->name()]['relay']['ipv6'][] = $server; + } + } + }, - //Todo: display routes to zone / Interface IP ); DHCPCallContext::$supportedActions['dhcp-server-reservation-create'] = Array( @@ -118,7 +156,7 @@ $addUsedInLocation = TRUE; $headers = 'IDtemplatelocationname'; - $headers .= 'Reservation'; + $headers .= 'SERVER reservationSERVER ip-poolRELAY IPv4RELAY IPv6'; if( $addWhereUsed ) $headers .= 'where used'; @@ -160,10 +198,39 @@ $lines .= $context->encloseFunction($object->name()); - $tmpString = ""; + $tmpArray = array(); foreach( $object->server_leases as $lease ) - $tmpString .= $lease['ip']." | ".$lease['mac']; - $lines .= $context->encloseFunction($tmpString); + $tmpArray[] = $lease['ip']." | ".$lease['mac']; + $lines .= $context->encloseFunction($tmpArray); + + $tmpString = ""; + #foreach( $object->server_ip_pool as $server ) + # $tmpString .= $server; + $lines .= $context->encloseFunction($object->server_ip_pool); + + $tmpArray = array(); + if( count($object->relay_ipv4) > 0 ) + { + if( $object->relay_ipv4_status ) + $tmpArray[] = "[enabled]"; + else + $tmpArray[] = "[disabled]"; + foreach( $object->relay_ipv4 as $server ) + $tmpArray[] = $server; + } + $lines .= $context->encloseFunction($tmpArray); + + $tmpArray = array(); + if( count($object->relay_ipv6) > 0 ) + { + if( $object->relay_ipv6_status ) + $tmpArray[] = "[enabled]"; + else + $tmpArray[] = "[disabled]"; + foreach( $object->relay_ipv6 as $server ) + $tmpArray[] = $server; + } + $lines .= $context->encloseFunction($tmpArray); if( $addWhereUsed ) { From d11f068b196ebeaa1c9ff968472e4fe688907961 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Fri, 4 Aug 2023 15:49:27 +0200 Subject: [PATCH 21/34] type=dhcp actions=exporttoexcel | bugfix to add correct template --- CHANGELOG.txt | 1 + utils/common/actions-dhcp.php | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 001cb0e3..aa0b46b5 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -21,6 +21,7 @@ BUGFIX: * type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging * class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary' * type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects +* type=dhcp actions=exporttoexcel | bugfix to add correct template GENERAL: diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php index cf867206..0c4a1d44 100644 --- a/utils/common/actions-dhcp.php +++ b/utils/common/actions-dhcp.php @@ -181,17 +181,17 @@ $lines .= $context->encloseFunction((string)$count); - if( get_class($context->subSystem) == "PANConf" ) + if( get_class($object->owner->owner) == "PANConf" ) { - if( isset($context->subSystem->owner) && $context->subSystem->owner !== null && (get_class($context->subSystem->owner) == "Template" || get_class($context->subSystem->owner) == "TemplateStack" ) ) + if( isset($object->owner->owner->owner) && $object->owner->owner->owner !== null && (get_class($object->owner->owner->owner) == "Template" || get_class($context->subSystem->owner) == "TemplateStack" ) ) { - $lines .= $context->encloseFunction($context->subSystem->owner->name()); - $lines .= $context->encloseFunction($context->subSystem->name()); + $lines .= $context->encloseFunction($object->owner->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); } else { $lines .= $context->encloseFunction("---"); - $lines .= $context->encloseFunction($context->subSystem->name()); + $lines .= $context->encloseFunction($context->owner->owner->name()); } } From cd3c624b7f07038adf7b297d38d4e1f8d3bd10a3 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Mon, 7 Aug 2023 15:03:15 +0200 Subject: [PATCH 22/34] dynamic update version 8739-8206 --- lib/object-classes/predefined.xml | 4729 ++++++++++++++++++++++++++++- 1 file changed, 4625 insertions(+), 104 deletions(-) diff --git a/lib/object-classes/predefined.xml b/lib/object-classes/predefined.xml index 2cea9d1f..95284e29 100644 --- a/lib/object-classes/predefined.xml +++ b/lib/object-classes/predefined.xml @@ -1,6 +1,6 @@ - 8729-8157 + 8739-8206 @@ -1988,6 +1988,12 @@ 8212 + + + ssl, web-browsing + 8732 + + ssl,web-browsing,websocket @@ -2252,6 +2258,24 @@ 667 + + + ssl, web-browsing + 8732 + + + + + web-browsing + 8732 + + + + + web-browsing + 8732 + + ssl, web-browsing @@ -2870,6 +2894,12 @@ 8322 + + + unknown-tcp, unknown-udp + 8732 + + ssl, web-browsing @@ -3014,6 +3044,24 @@ 573 + + + grpc, ssl, web-browsing + 8732 + + + + + ssl, web-browsing + 8732 + + + + + ssl, web-browsing + 8732 + + websocket,web-browsing @@ -4094,6 +4142,12 @@ 541 + + + google-base, ssl, web-browsing, websocket + 8732 + + ssl, web-browsing, websocket @@ -5624,6 +5678,12 @@ 592 + + + web-browsing + 8732 + + rtcp, rtp, ssl, stun, web-browsing, websocket @@ -5672,6 +5732,12 @@ 704 + + + unknown-tcp, unknown-udp + 8732 + + ssl, web-browsing @@ -6698,6 +6764,12 @@ 8681 + + + web-browsing + 8732 + + ssl @@ -7202,6 +7274,12 @@ 8298 + + + google-analytics, google-base, ssl, web-browsing, websocket + 8732 + + ssl, web-browsing @@ -7400,6 +7478,12 @@ 8462 + + + ssl, web-browsing, unknown-tcp, unknown-udp + 8732 + + ssl, web-browsing @@ -7868,6 +7952,12 @@ 8408 + + + unknown-tcp, unknown-udp + 8732 + + websocket,web-browsing @@ -7880,6 +7970,228 @@ 8356 + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + + + + mitsubishi-melsec + 8732 + + unknown-tcp @@ -8678,6 +8990,12 @@ 8356 + + + ssl, web-browsing, websocket + 8732 + + ssl, web-browsing @@ -10268,6 +10586,12 @@ 8508 + + + net.tcp + 8732 + + unknown-udp @@ -10850,6 +11174,12 @@ 8298 + + + google-cloud-storage-download, google-cloud-storage-upload, ssl, web-browsing, websocket + 8732 + + ssl,web-browsing @@ -11156,6 +11486,12 @@ 8724 + + + soap + 8732 + + unknown-tcp @@ -12340,6 +12676,12 @@ 8008 + + + ssl, web-browsing + 8732 + + unknown-tcp @@ -12412,6 +12754,12 @@ 490 + + + ssl, web-browsing + 8732 + + jabber, ssl @@ -12430,6 +12778,12 @@ 603 + + + unknown-tcp + 8732 + + ssl, stun, web-browsing @@ -12496,6 +12850,12 @@ 507 + + + unknown-tcp + 8732 + + unknown-tcp @@ -13012,6 +13372,12 @@ 509 + + + ssl, web-browsing + 8732 + + unknown-udp, open-vpn, ike, ipsec-esp-udp @@ -14161,6 +14527,19 @@ Autodesk, Inc. is an American multinational software corporation that makes soft carbonite-uploading + + Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. + + + https://en.wikipedia.org/wiki/Character.ai + + + + character-ai-base + character-ai-posting + character-ai-uploading + + CheckMarket is a cloud-based survey tool. @@ -14437,6 +14816,19 @@ Autodesk, Inc. is an American multinational software corporation that makes soft dcinside-posting + + DeepL is a deep learning company that develops artificial intelligence systems for languages. + + + https://www.deepl.com/ + + + + deepl-base + deepl-translator + deepl-write + + DF-1 / DF1 protocol is an asynchronous byte-oriented protocol that is used to communicate with Allen Bradley PLCs. @@ -16466,6 +16858,54 @@ Kaixin001's success can be partly credited to the Great Firewall of China. Due t mercurial-uploading + + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC communication traffic running over Ethernet. + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + mitsubishi-melsec-base + mitsubishi-melsec-batch-blk-rd + mitsubishi-melsec-batch-blk-rw + mitsubishi-melsec-batch-read + mitsubishi-melsec-batch-write + mitsubishi-melsec-clear-error + mitsubishi-melsec-close-file + mitsubishi-melsec-copy-file + mitsubishi-melsec-create-file + mitsubishi-melsec-delete-file + mitsubishi-melsec-entry-mon-dev + mitsubishi-melsec-intel-func-rd + mitsubishi-melsec-intel-func-wr + mitsubishi-melsec-latch-clear + mitsubishi-melsec-lbl-array-rd + mitsubishi-melsec-lbl-array-wr + mitsubishi-melsec-lbl-random-rd + mitsubishi-melsec-lbl-random-wr + mitsubishi-melsec-lock-passwd + mitsubishi-melsec-loopback-test + mitsubishi-melsec-mem-batch-rd + mitsubishi-melsec-mem-batch-wr + mitsubishi-melsec-mod-file-attr + mitsubishi-melsec-mod-file-date + mitsubishi-melsec-open-file + mitsubishi-melsec-random-read + mitsubishi-melsec-random-write + mitsubishi-melsec-rd-file-list + mitsubishi-melsec-read-file + mitsubishi-melsec-read-model + mitsubishi-melsec-read-mon-dev + mitsubishi-melsec-remote-passwd + mitsubishi-melsec-remote-pause + mitsubishi-melsec-remote-reset + mitsubishi-melsec-remote-run + mitsubishi-melsec-remote-stop + mitsubishi-melsec-search-file + mitsubishi-melsec-write-file + + mixi, Inc. is one of several SNS (social networking service) sites in Japan. As of May 2008, mixi had over 10 million users and an 80% share of the social networking market in Japan. Founded by Kenji Kasahara, under E-Mercury, Inc. (Actually Mixi, Inc.). @@ -40786,7 +41226,6 @@ bet365's site is available in 14 different languages and supports a wide variety drop-reset no yes - yes web20_parrent_app @@ -42088,6 +42527,53 @@ and ensure your investments align to real business requirements. 2 bluejeans + + business-systems + general-business + client-server + BlueXP is a unified control plane that delivers global visibility and operational simplicity of storage and data services across on-premises and cloud environments. This App-ID covers the traffic for BlueXP application. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://www.netapp.com/bluexp/ + + + + + tcp/80,443 + + + + ssl + web-browsing + + 1 + business-systems management @@ -44032,7 +44518,6 @@ BrightTALK Webcasts provide individual and customized webcasts delivered through drop-reset no yes - yes https://www.cadwell.com/cadlink/ @@ -45834,6 +46319,160 @@ Channel 4 was established with, and continues to hold, a remit of public service 16 + + character-ai + saas + artificial-intelligence + browser-based + Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. Users can create characters, craft their personalities, set specific parameters, and then publish them to the community for others to chat with. This App-ID covers the traffic of Character.AI. + yes + yes + no + no + no + no + yes + no + no + yes + no + drop-reset + no + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://en.wikipedia.org/wiki/Character.ai + + + + + tcp/80,443 + + + + discord + facebook-base + google-base + + + character-ai-posting + character-ai-uploading + + 2 + character-ai + + + saas + artificial-intelligence + browser-based + Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. This App-ID covers the posting traffic of Character.AI. + yes + yes + no + no + no + no + yes + no + no + yes + no + drop-reset + no + yes + yes + character-ai-base + yes + + no + no + no + no + + + [Posting] + [Web App] + + + + https://en.wikipedia.org/wiki/Character.ai + + + + + tcp/80,443 + + + + character-ai-base + + 2 + character-ai + + + saas + artificial-intelligence + browser-based + Character.AI is a neural language model chatbot web application that can generate human-like text responses and participate in contextual conversation. This App-ID covers the uploading traffic of Character.AI. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + yes + no + drop-reset + yes + no + yes + yes + yes + character-ai-base + yes + + no + no + no + no + + + [Uploading] + [Web App] + + + + https://en.wikipedia.org/wiki/Character.ai + + + + + tcp/80,443 + + + + character-ai-base + + 3 + character-ai + business-systems management @@ -48058,7 +48697,7 @@ Channel 4 was established with, and continues to hold, a remit of public service business-systems management client-server - Citrix Director is a monitoring and troubleshooting console for Citrix Virtual Apps and Desktops. This App-ID will cover traffic for Citrix Director. + Citrix Director is a monitoring and troubleshooting console for Citrix Virtual Apps and Desktops. On the other hand, Citrix Studio is a management console for configuring Citrix Virtual Apps and Desktops. They both display information from Citrix Delivery Controllers. This App-ID covers traffic for both Citrix Director and Citrix Studio. yes no no @@ -48075,7 +48714,7 @@ Channel 4 was established with, and continues to hold, a remit of public service web20_parrent_app - https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/director.html + https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/technical-overview.html @@ -50609,7 +51248,6 @@ Drag your files into Drop Zone or paste them from Clipboard and you are ready to scada drop-reset no - yes https://www.codesys.com/products/codesys-runtime.html @@ -52812,6 +53450,39 @@ To access a website through the Coral cache (and thus reduce the load on the sit 1 + + media + photo-video + client-server + Crestron CIP (Crestron Control Interface Protocol) is a proprietary communication protocol used to monitor and control Crestron devices, including audiovisual equipment, lighting systems, HVAC and other building automation components. This App-ID covers the Crestron Control Interface Protocol. + yes + yes + no + no + no + no + yes + no + no + no + no + iot + drop-reset + no + yes + + + https://www.crestron.com/getmedia/4292ddca-5063-4b79-8d61-9b29fbb425eb/mg_sr_ip-guidelines-for-the-it-professional + + + + + tcp/41794 + udp/41794 + + + 1 + networking remote-access @@ -55431,6 +56102,165 @@ To access a website through the Coral cache (and thus reduce the load on the sit + + deepl + saas + artificial-intelligence + browser-based + DeepL is a deep learning company that develops artificial intelligence systems for languages. This App-ID covers the traffic of DeepL. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + yes + no + yes + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://www.deepl.com/ + + + + + tcp/80,443 + + + + ssl + web-browsing + + + deepl-translator + deepl-write + + + ssl + web-browsing + + 2 + deepl + + + saas + artificial-intelligence + browser-based + DeepL Translator is a machine translation service that produces translations of unprecedented quality. This App-ID covers the traffic of DeepL Translator. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + yes + no + yes + yes + yes + deepl-base + yes + + no + no + no + no + + + [Web App] + + + + https://www.deepl.com/translator + + + + + tcp/80,443 + + + + deepl-base + + 2 + deepl + + + saas + artificial-intelligence + browser-based + DeepL Write is an AI writing tool that can improve your written communication with just one click. It will help you with your writing by checking the grammar, punctuation, and style as well as providing suggestions and alternative phrasing. This App-ID covers the traffic of DeepL Write. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + deepl-base + yes + + no + no + no + no + + + [Web App] + + + + https://www.deepl.com/write + + + + + tcp/80,443 + + + + deepl-translator + + 1 + deepl + general-internet internet-utility @@ -63516,12 +64346,11 @@ For large businesses and publications, DivShare offers powerful and flexible ent 2 docusign - + business-systems management client-server Docuware is a document management software that allows users to electronically manage, store and share documents, regardless of format. It can automatically process any type of document regardless of its source, with internal control procedures that help meet audit and compliance requirements. Industries using this technology include health care, education, financial services, local government, transportation and manufacturing. DocuWare is available in 16 languages. - no yes no no @@ -63533,7 +64362,6 @@ For large businesses and publications, DivShare offers powerful and flexible ent no no drop-reset - no no @@ -63542,9 +64370,16 @@ For large businesses and publications, DivShare offers powerful and flexible ent - tcp/9000,9001 + tcp/80,443,9000,9001 + + ssl + web-browsing + + + web-browsing + 1 @@ -65153,6 +65988,52 @@ What separates DroidVPN from other VPN Applications is it can tunnel the traffic 1 + + collaboration + instant-messaging + client-server + DUST is a suite of digital safety tools for private communication, web search and identity theft protection. This App-ID covers the traffic of DUST. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + no + yes + yes + yes + web20_parrent_app + + + https://usedust.com/ + + + + + tcp/80,443 + + + + google-base + ssl + web-browsing + websocket + + + ssl + web-browsing + + 2 + networking remote-access @@ -80759,6 +81640,42 @@ The Flumotion Streaming Platform is a CDN that supports leading formats like Win 5 + + business-systems + ics-protocols + client-server + Franklin Electric TSA (Tank Sentinel AnyWare) allows a remote connection to the Franklin Electric fuel management system console via a web browser interface. The TSA web interface enables users to view fuel management and compliance data, generate reports and access control functions for starting tank and line tests and dealing with alarms. This App-ID covers communication to the fuel management system from the Franklin Electric Tank Sentinel AnyWare web browser. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + + + https://www.franklinfueling.com/ + + + + + tcp/80,443 + + + + web-browsing + + 1 + free-conference collaboration @@ -81687,6 +82604,40 @@ It protects users from hackers and harmful apps, stop trackers, and can set the 4 + + networking + proxy + client-server + FRP is a fast reverse proxy that allows users to expose a local server located behind a NAT or firewall to the Internet. This App-ID covers the traffic of frp proxy. + yes + yes + no + no + no + no + no + yes + no + no + drop-reset + no + yes + + [Proxy Avoidance] + + + + https://gofrp.org/en/ + + + + + tcp/7000 + udp/7000 + + + 2 + general-internet file-sharing @@ -88747,6 +89698,7 @@ Google Cloud Storage allows world-wide storing and retrieval of any amount of da avaya-spaces + retune vimeo-uploading @@ -95024,7 +95976,6 @@ It used to be that setting up a VPN tunnel was extremely difficult, however with iot drop-reset no - yes https://us.hikvision.com/en @@ -95966,6 +96917,42 @@ It used to be that setting up a VPN tunnel was extremely difficult, however with 20 + + business-systems + ics-protocols + client-server + HMS Anybus-S EtherNet/IP/Modbus TCP Interface includes a built-in web server that enables web pages to carry dynamic content such as I/O data, configuration settings, or even application specific data passed to the Anybus module. Anybus-S web server allows users to seamlessly inter-connect/extend PLC control systems and their connected devices on a Modbus TCP network. This App-ID covers HMS Anybus-S web server traffic. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + + + https://www.anybus.com/products/gateway-index/anybus-xgateway/modbus-tcp-detail/anybus-s-ethernet-ip-modbus-tcp-inteface + + + + + tcp/80,443 + + + + web-browsing + + 1 + networking encrypted-tunnel @@ -105474,6 +106461,62 @@ Jango's music discovery engine recommends and plays additional songs based on th 5 + + saas + artificial-intelligence + browser-based + Jasper is an AI writer and AI art generator for teams. It helps user to create blog posts, marketing copy, and AI-generated images. This App-ID covers the traffic of Jasper AI. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + no + yes + yes + yes + websocket + yes + + no + no + no + no + + + [Web App] + + + + https://www.jasper.ai/ + + + + + tcp/80,443 + + + + google-analytics + google-base + ssl + web-browsing + websocket + + + ssl + + 2 + business-systems management @@ -108670,6 +109713,46 @@ Kaixin001's success can be partly credited to the Great Firewall of China. Due t 1 + + networking + remote-access + client-server + KhelpDesk is a remote access desktop application that provides remotely controllable desktops along with a helpdesk that allows managing multiple monitors, customizable modules, mobility management, and etc. This App-ID covers the remote access traffic of KhelpDesk. + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + no + yes + web20_parrent_app + + [Web App] + + + + https://www.khelpdesk.com/ + + + + + tcp/dynamic + udp/dynamic + + + + ssl + web-browsing + + 2 + kaixin collaboration @@ -118246,8 +119329,8 @@ Several SCOM servers can be aggregated together to monitor multiple networks acr 2 - business-systems - ics-protocols + media + photo-video client-server XProtect by Milestone is a video management software (VMS) platform. This App-ID covers the traffic of Xprotect. yes @@ -118610,6 +119693,37 @@ A major benefit of the MIMACS system is that all components of system are modula 1 + + business-systems + medical + client-server + Mindray's BeneVision Telemetry aids in early detection of an ambulatory patient's changing condition. This App-ID covers the communication from a Mindray Telemetry Monitor. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://www.mindraynorthamerica.com/patient-monitoring-systems/telemetry-and-central-stations/ + + + + + tcp/9999 + udp/6678 + + + 1 + media gaming @@ -118816,11 +119930,767 @@ A major benefit of the MIMACS system is that all components of system are modula 1 - + + mitsubishi-melsec business-systems ics-protocols network-protocol - MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC communication traffic running over Ethernet. + Mitsubishi MELSEC communication protocol is a communication protocol for Mitsubishi MELSEC programmable controllers which is used when accessing programmable controllers from an external device. This App-ID covers Mitsubishi MELSEC communication traffic running over Ethernet. + yes + yes + no + no + no + no + no + no + no + no + no + scada + drop-reset + no + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch block read command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch block write command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch read command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device batch write command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC error clear command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC close file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC copy file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC create new file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC delete file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC entering of monitor device command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read from the buffer memory of an intelligent function module operation command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write to the buffer memory of an intelligent function module command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote latch clear command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read data from a label or array command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write data to a label of array command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC label random read command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC label random write command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote password lock command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC loopback test command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC memory batch read command carried in 3E and 4E frame types. yes no no @@ -118833,6 +120703,7 @@ A major benefit of the MIMACS system is that all components of system are modula no drop-reset no + yes https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf @@ -118844,7 +120715,660 @@ A major benefit of the MIMACS system is that all components of system are modula udp/dynamic + + mitsubishi-melsec-base + + + ctd-dummy + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC memory batch write command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC modify file attribute command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC modify file date command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC open file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device random read command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC device random write command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC file list read command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read cpu command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC read monitored device command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote password command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote pause module command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote reset command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote run module command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC remote stop module command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC search file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec + + + business-systems + ics-protocols + network-protocol + MELSEC communication protocol is a communication protocol for MELSEC programmable controller used when accessing programmable controller from an external device. This App-ID covers MELSEC write file command carried in 3E and 4E frame types. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://dl.mitsubishielectric.com/dl/fa/document/manual/plc/sh080008/sh080008z.pdf + + + + + tcp/dynamic + udp/dynamic + + + + mitsubishi-melsec-base + + + ctd-dummy + + 1 + mitsubishi-melsec business-systems @@ -127124,7 +129648,6 @@ The ms-onedrive-uploading application identifies file uploading activity of user database client-server Microsoft SQL Server Analysis Services (SSAS) delivers online analytical processing (OLAP) and data mining functionality for business intelligence applications. Analysis Services supports OLAP by letting you design, create, and manage multidimensional structures that contain data aggregated from other data sources, such as relational databases. For data mining applications, Analysis Services lets you design, create, and visualize data mining models that are constructed from other data sources by using a wide variety of industry-standard data mining algorithms. - no yes no no @@ -127136,7 +129659,6 @@ The ms-onedrive-uploading application identifies file uploading activity of user yes no drop-reset - no no @@ -127145,7 +129667,7 @@ The ms-onedrive-uploading application identifies file uploading activity of user - tcp/2383 + tcp/2382-2383 1 @@ -127864,6 +130386,47 @@ The ms-onedrive-uploading application identifies file uploading activity of user 2 + + business-systems + software-development + browser-based + The Visual Studio Code Remote Tunnels extension lets users connect to a remote machine, like a desktop PC or virtual machine (VM), via a secure tunnel. Users can connect to that machine from a VS Code client anywhere, without the requirement of SSH. This App-ID covers the traffic of Visual Studio Code Remote Tunnels. + yes + yes + no + no + no + no + yes + no + no + yes + no + drop-reset + no + yes + yes + websocket + + [Web App] + + + + https://code.visualstudio.com/docs/remote/tunnels + + + + + tcp/80,443 + + + + github-base + ssl + web-browsing + + 2 + ms-visual-studio-tfs business-systems @@ -135059,7 +137622,7 @@ Office Live Workspace is a free service for storing and sharing documents online business-systems - medical + ics-protocols client-server FINS, Factory Interface Network Service, is a network protocol used by Omron PLCs, over different physical networks like Ethernet, Controller Link, DeviceNet and RS-232C. This App-ID covers the FINS command access right acquire. yes @@ -135074,7 +137637,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135113,7 +137675,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135152,7 +137713,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135191,7 +137751,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135230,7 +137789,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135269,7 +137827,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135308,7 +137865,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135347,7 +137903,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135386,7 +137941,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135425,7 +137979,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135464,7 +138017,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135503,7 +138055,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135542,7 +138093,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135581,7 +138131,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135620,7 +138169,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135659,7 +138207,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135698,7 +138245,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135737,7 +138283,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135776,7 +138321,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135815,7 +138359,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135854,7 +138397,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135893,7 +138435,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135932,7 +138473,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -135971,7 +138511,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136010,7 +138549,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136034,7 +138572,7 @@ Office Live Workspace is a free service for storing and sharing documents online business-systems - medical + ics-protocols client-server FINS, Factory Interface Network Service, is a network protocol used by Omron PLCs, over different physical networks like Ethernet, Controller Link, DeviceNet and RS-232C. This App-ID covers the FINS command memory card format. yes @@ -136049,7 +138587,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136088,7 +138625,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136127,7 +138663,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136166,7 +138701,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136205,7 +138739,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136244,7 +138777,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136283,7 +138815,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136322,7 +138853,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136361,7 +138891,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136400,7 +138929,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136439,7 +138967,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136478,7 +139005,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136517,7 +139043,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136556,7 +139081,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136595,7 +139119,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136634,7 +139157,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136673,7 +139195,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136712,7 +139233,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -136751,7 +139271,6 @@ Office Live Workspace is a free service for storing and sharing documents online no drop-reset no - yes omron-fins-base @@ -147010,7 +149529,6 @@ PBwiki's investors include Mohr Davidow Ventures and the Seraph Group, as well a no drop-reset no - yes https://pevco.com/ @@ -147185,6 +149703,37 @@ PBwiki's investors include Mohr Davidow Ventures and the Seraph Group, as well a 1 + + business-systems + medical + client-server + Philips Patient Information Center (PIC iX) facilitates visibility into a patient's condition, assisting caregivers with the early identification of potential for deterioration while enhancing clinical workflow. This App-ID covers the traffic of Philips Patient Information Center. + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + + + https://www.usa.philips.com/healthcare/product/HCNOCTN171/patient-information-center-ix-pic-ix + + + + + tcp/8050 + + + 1 + business-systems medical @@ -157051,6 +159600,58 @@ infrastructure. 2 + + saas + artificial-intelligence + browser-based + re:tune is a tool for creating fine-tuned models using GPT-3. Users can train and customize their own AI models, and generate API to integrate them into apps. This App-ID covers the traffic of re:tune. + yes + yes + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + yes + no + yes + yes + yes + google-cloud-storage-upload + yes + + no + no + no + no + + + [Web App] + + + + https://twitter.com/retune_so + + + + + tcp/80,443 + + + + google-base + ssl + web-browsing + + 2 + business-systems general-business @@ -157934,7 +160535,6 @@ infrastructure. drop-reset no yes - yes web20_parrent_app [Web App] @@ -161413,7 +164013,6 @@ What began as just a startpage with widgets has morphed into a personalized laun scada drop-reset no - yes https://www.se.com/ww/en/faqs/FA375309/ @@ -161432,6 +164031,44 @@ What began as just a startpage with widgets has morphed into a personalized laun 1 + + business-systems + ics-protocols + client-server + The Schneider EcoStruxure Panel Server supports Devices Profile for Web Services (DPWS) protocol for IP network discovery. This App-ID covers the DPWS traffic of Schneider EcoStruxure Panel Server. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + + [Web App] + + + + https://www.productinfo.schneider-electric.com/ecostruxurepanelserverguide/doca0172-ecostruxure-panel-server-user-guide/English/DOCA0172EN-07.pdf + + + + + tcp/5357 + + + + soap + + 1 + business-systems ics-protocols @@ -178726,6 +181363,57 @@ This app-id covers uploading workbooks from tableau desktop to tableau online.2 tableau + + saas + artificial-intelligence + browser-based + Tabnine is an AI code assistant that uses generative AI technology to predict and suggests your next lines of code based on context & syntax. This App-ID covers the traffic for tabnine application. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://www.tabnine.com + + + + + tcp/80,443 + + + + ssl + web-browsing + + + ssl + web-browsing + + 1 + business-systems auth-service @@ -180208,6 +182896,57 @@ TalesRunner is very popular in Korea and it is gaining increasing support in oth 1 + + saas + security + browser-based + Tenable Vulnerability Management (formerly Tenable.io) provides vulnerability coverage with real-time continuous assessment of the organization. This App-ID covers the traffic for tenable.io application. + yes + yes + no + no + no + no + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://www.tenable.com/products/tenable-io + + + + + tcp/80,443 + + + + ssl + web-browsing + + + ssl + web-browsing + + 1 + collaboration internet-conferencing @@ -180336,6 +183075,38 @@ TalesRunner is very popular in Korea and it is gaining increasing support in oth 2 + + business-systems + medical + client-server + TeraRecon Intuition Thin Client is a client viewer software with 2D/3D/4D image processing and advanced visualization capabilities to assist physicians review medical images. This App-ID covers communication from the TeraRecon Thin Client to the TeraRecon image processing Intuition Server. + yes + yes + no + no + no + no + no + no + no + no + no + medical + drop-reset + no + yes + + + https://www.terarecon.com/ + + + + + tcp/1200 + + + 1 + networking routing @@ -181721,6 +184492,36 @@ In addition to the remote control features (screen-sharing), Timbuktu also allow 56 + + business-systems + ics-protocols + client-server + TOCNET-G4 by SCI(TM) Technology is both a command post and vehicle intercommunication system in a single package. This App-ID covers the Soft CAU connection on the TOCNET system. + yes + no + no + no + no + no + no + no + no + no + drop-reset + no + yes + + + https://www.sci.com/tocnet-g4/ + + + + + tcp/1200 + + + 1 + saas voip-video @@ -190360,6 +193161,57 @@ Voddler's concept is similar to those of Amazon Video on Demand, Vudu, Headweb, 1 + + saas + general-business + browser-based + VSCO is a photo & video editing app and sharing platform that combines premium quality filters and tools. This App-ID covers the traffic for VSCO application. + yes + yes + no + no + no + yes + yes + no + no + no + no + drop-reset + no + yes + yes + web20_parrent_app + yes + + no + no + no + no + + + [Web App] + + + + https://www.vsco.co/ + + + + + tcp/80,443 + + + + ssl + web-browsing + + + ssl + web-browsing + + 2 + collaboration voip-video @@ -192814,6 +195666,7 @@ WebQQ is the online service where you can do the QQ chat online without installi glip globalmeet-base imgur-base + jasper-ai jiomeet-base jumpshare-base kanbanize @@ -192823,6 +195676,7 @@ WebQQ is the online service where you can do the QQ chat online without installi mailchimp moxtra mqtt-base + ms-visual-studio-remote-tunnel netlog ocpp openmeetings @@ -230325,6 +233179,148 @@ Zwiki supports a number of wiki markup styles out of the box, including MoinMoin + + + + + + + + + + + web-browsing + dahua-p2p + + + + + + + ssl, web-browsing + docuware + + + + + + + + unknown-tcp + ecmwf-mars + + + + + + + + + + + + unknown-tcp + ms-sql-analysis-service + + + + + + + + + + + + + + + + + + icloud-base + pages-uploading + + + + + + + panorama + paloalto-logging-service + + + + + + + unknown-tcp + perforce + + + + + + + unknown-tcp + sap + + + + + + + unknown-udp + sip + + + + + + + ssl, unknown-tcp + tanium + + + + + + + unknown-tcp + telegram-base + + + + + + + t.120 + vmware-view + + + + + + + web-browsing + unknown-tcp + + + + + + + + + + + dns-base + ntp-base + + + + + @@ -235053,7 +238049,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n This tag groups all App-IDs for Microsoft Office 365 including Outlook, Teams, SharePoint, OneNote, Word, Excel, OneDrive, Forms, Planner, Yammer and more. - 8729-8157 + 8739-8206 @@ -274554,6 +277550,13 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Unruy Downloader Traffic Detection + downloader + medium + + reset-both + Upatre Downloader Traffic Detection downloader @@ -274645,6 +277648,83 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + medium + + alert + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Gh0st RAT Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + RelevantKnowledge Adware Traffic Detection + spyware + medium + + alert + EmailSpyPro adware @@ -285677,6 +288757,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Generic PHP Webshell File Detection + webshell + high + + reset-both + + + China Chopper Webshell File Detection + webshell + high + + reset-both + Viking Command and Control Traffic Detected spyware @@ -288535,7 +291629,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert - TrickBot TLS Fingerprint Detection + Malicious TLS Fingerprint Detection tls-fingerprint low @@ -295638,12 +298732,11 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both - PoshC2 Command and Control Traffic Detection + Potential PoshC2 Command and Control Traffic Detected spyware - critical + informational - yes - reset-both + alert AZORult Command and Control Traffic Detection @@ -297165,6 +300258,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Mythic Agent Thanatos Command and Control Traffic Detection + hacktool + critical + + reset-both + + + Mythic Agent Medusa Command and Control Traffic Detection + hacktool + critical + + reset-both + Hoaxshell Command and Control Traffic Detection hacktool @@ -297193,6 +300300,69 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Alchimist Command and Control Traffic Detection + command-and-control + critical + + reset-both + + + Cobalt Strike Beacon Command and Control Traffic Detection + hacktool + critical + + reset-both + + + Possible Malicious SSL Certificate Traffic Detection + spyware + low + + alert + + + Storm-0978 Malicious Office Document Detection + downloader + critical + + reset-both + + + Storm-0978 Malicious Traffic Detection + spyware + critical + + reset-both + + + Storm-0978 Malicious ASP File Detection + spyware + critical + + reset-both + + + Hoaxshell Command and Control Traffic Detection + hacktool + critical + + reset-both + + + Cobalt Strike Beacon Command and Control Traffic Detection + hacktool + critical + + reset-both + + + NodeStealer Malware Download Traffic Detection + downloader + critical + + reset-both + Backdoor.BO.Rootme backdoor @@ -298935,7 +302105,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert 10 - 100 + 50 source-and-destination @@ -316212,7 +319382,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n code-execution critical - + yes @@ -318321,6 +321491,45 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Solarwinds Insecure Deserialization Vulnerability + + CVE-2022-47503 + + code-execution + high + + + yes + + reset-server + + + Solarwinds Insecure Deserialization Vulnerability + + CVE-2022-47504 + + code-execution + high + + + yes + + alert + + + Redis Buffer Overflow Vulnerability + + CVE-2022-24834 + + overflow + high + + + yes + + reset-server + Palo Alto Networks PAN-OS Denial-of-Service Vulnerability @@ -357038,7 +360247,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n LAquis SCADA Software Directory Traversal Vulnerability - 2017-6020 + CVE-2017-6020 info-leak medium @@ -398315,9 +401524,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n Nmap Active Directory Enumeration Via NTLM - - - - hacktool low @@ -399165,9 +402371,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n HTTP Cross Site Scripting Vulnerability - - - - code-execution medium @@ -399919,9 +403122,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n H3C IMC Intelligent Management Center Remote Code Execution Vulnerability - - - - code-execution medium @@ -400258,9 +403458,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n HTTP SQL Injection Attempt - - - - sql-injection medium @@ -404384,7 +407581,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n Generic Router Remote Command Execution Vulnerability code-execution - medium + high yes @@ -405639,6 +408836,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + PostgreSQL pgadmin Command Injection Vulnerability + + CVE-2022-4223 + + code-execution + high + + + yes + + reset-server + TP-Link Router AX50 Remote Code Execution Vulnerability @@ -407387,7 +410597,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both - Microsoft Office Suspicious UNC Path Detection + Microsoft Office Suspicious File Detection CVE-2023-23397 @@ -408376,6 +411586,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Microsoft Windows Eot Font Engine Remote Code Execution Vulnerability + + CVE-2018-1013 + + code-execution + high + + + yes + + reset-both + Google Chrome Use-After-Free Vulnerability @@ -409265,6 +412488,16 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Sielco Analog FM Transmitter Unauthorized Access Vulnerability + code-execution + medium + + + yes + + alert + Google Chrome Buffer Overflow Vulnerability @@ -409421,6 +412654,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + WordPress Paid Memberships Pro Plugin SQL Injection Vulnerability + + CVE-2023-0631 + + sql-injection + high + + + yes + + reset-server + Generic HTTP Command Injection Vulnerability code-execution @@ -409851,7 +413097,6 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n Siemens APOGEE PXC and TALON TC BACnet Automation Controller Information Disclosure Vulnerability CVE-2017-9946 - CVE-2017-9947 info-leak informational @@ -410251,6 +413496,16 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Bwapp Cross-Site Scripting Vulnerability + code-execution + medium + + + yes + + alert + Oracle WebLogic Server Side Request Forgery Vulnerability @@ -410950,6 +414205,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Openfire Directory Traversal Vulnerability + + CVE-2023-32315 + + info-leak + high + + + yes + + reset-server + Mozilla Firefox Use-After-Free Vulnerability @@ -411106,6 +414374,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Hitachi Vantara Pentaho Information Disclosure Vulnerability + + CVE-2021-31601 + + info-leak + medium + + + yes + + alert + + + Dell EMC Isilon Cross-Site Scripting Vulnerability + + CVE-2018-1188 + + code-execution + medium + + + yes + + alert + Beijing Grandview Century eHR Software SQL Injection vulnerability sql-injection @@ -411116,6 +414410,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Microsoft Internet Explorer saveHistory Memory Corruption Vulnerability + + CVE-2013-0088 + + + MS13-021 + + code-execution + critical + + + yes + + reset-both + Microsoft Internet Explorer Memory Corruption Vulnerability @@ -411132,6 +414442,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + Cisco WebEx Player ATAS32.DLL Remote Code Execution Vulnerability + + CVE-2011-4004 + + code-execution + high + + + yes + + reset-both + WordPress Steveas WP Live Chat Shoutbox Plugin SQL Injection Vulnerability @@ -411145,6 +414468,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Tablet Input Band Use-After-Free Vulnerability + + CVE-2015-2548 + + + MS15-109 + + code-execution + high + + + yes + + reset-both + Adiscon LogAnalyzer SQL Injection Vulnerability @@ -411158,6 +414497,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Windows Remote Code Execution Vulnerability + + CVE-2018-8475 + + code-execution + high + + + yes + + reset-both + Microsoft Outlook Remote Code Execution Vulnerability @@ -411171,6 +414523,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + MiniDLNA ReadyMedia Buffer Overflow Vulnerability + + CVE-2023-33476 + + overflow + critical + + + yes + + reset-server + + + Microsoft SharePoint Server Elevation Of Privilege Vulnerability + + CVE-2023-29357 + + code-execution + critical + + + yes + + reset-server + Gentoo Soko SQL Injection Vulnerability @@ -411184,13 +414562,39 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + AdminStudio LaunchHelp.dll ActiveX Control Code Execution Vulnerability + + CVE-2011-2657 + + code-execution + high + + + yes + + reset-both + + + Next.js Directory Traversal Vulnerability + + CVE-2020-5284 + + info-leak + medium + + + yes + + alert + - WordPress Gift Cards Plugin SQL Injection Vulnerability + WordPress Popup Banners Plugin SQL Injection Vulnerability - CVE-2023-28662 + CVE-2023-28661 sql-injection - critical + high yes @@ -411198,9 +414602,17 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server - WordPress Random Text Plugin SQL Injection Vulnerability + WordPress Multiple Plugins SQL Injection Vulnerability CVE-2023-0388 + CVE-2023-0262 + CVE-2023-0260 + CVE-2023-0259 + CVE-2023-0220 + CVE-2023-0261 + CVE-2023-0263 + CVE-2023-0381 + CVE-2023-0630 sql-injection high @@ -411223,6 +414635,32 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Internet Explorer Memory Corruption Vulnerability + + CVE-2015-2499 + + + MS15-094 + + code-execution + high + + + yes + + reset-both + + + Nginx WebUI Command Execution Vulnerability + code-execution + critical + + + yes + + reset-server + Microsoft SharePoint Remote Code Execution Vulnerability @@ -411236,6 +414674,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both + + SAP Knowledge Warehouse Cross-Site Scripting Vulnerability + + CVE-2021-42063 + + code-execution + medium + + + yes + + alert + WordPress File Manager Advanced Shortcode Plugin File Upload Vulnerability @@ -411300,6 +414751,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n yes + + Microsoft Internet Explorer Memory Corruption Vulnerability + + CVE-2013-3114 + + + MS13-047 + + dos + medium + + + yes + + alert + Adobe CodeFusion Unrestricted Endpoint Acceess Detection @@ -411316,6 +414783,120 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Generic Cross-Site Scripting Vulnerability + code-execution + medium + + + yes + + alert + + + WordPress Fastest Cache Plugin Server-Side Request Forgery Vulnerability + + CVE-2023-1938 + + info-leak + high + + + yes + + reset-server + + + WordPress Ultimate Member Plugin Privilege Escalation Vulnerability + + CVE-2023-3460 + + code-execution + high + + + yes + + reset-server + + + WordPress Customizer Export-Import Plugin Deserialization Vulnerability + + CVE-2023-1347 + + code-execution + high + + + yes + + reset-server + + + WordPress Avirato Hotels Online Booking Plugin SQL Injection Vulnerability + + CVE-2023-0768 + + sql-injection + high + + + yes + + reset-server + + + Xwiki Remote Code Execution Vulnerability + + CVE-2023-29509 + + code-execution + high + + + yes + + reset-server + + + WordPress Ad Inserter Plugin Deserialization Vulnerability + + CVE-2023-1549 + + code-execution + high + + + yes + + reset-server + + + Progress MOVEit Transfer UserProcessPassChangeRequest SQL Injection Vulnerability + + CVE-2023-36934 + + sql-injection + critical + + + yes + + reset-server + + + Contec CONPROSYS HMI System SQL Injection Vulnerability + + CVE-2023-29154 + + sql-injection + high + + + yes + + reset-server + Adobe ColdFusion Remote Code Execution Vulnerability @@ -411332,6 +414913,789 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + WordPress Quiz And Survey Master Plugin Cross-Site Request Forgery Vulnerability + + CVE-2023-0292 + + info-leak + high + + + yes + + reset-both + + + WordPress BuddyForms Plugin Deserialization Vulnerability + + CVE-2023-26326 + + code-execution + critical + + + yes + + reset-server + + + Weintek EasyBuilder Pro cMT Series Project File Directory Traversal Vulnerability + + CVE-2023-0104 + + code-execution + high + + + yes + + reset-both + + + mySCADA myPRO Command Injection Vulnerability + + CVE-2023-28400 + + code-execution + high + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-33192 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-33195 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-33204 + CVE-2022-33205 + CVE-2022-33206 + CVE-2022-33207 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-29520 + + code-execution + critical + + + yes + + reset-server + + + VideoLAN VLC Media Player PNG Code Execution Vulnerability + + CVE-2012-5470 + + code-execution + medium + + + yes + + alert + + + WordPress WC Fields Factory Plugin SQL Injection Vulnerability + + CVE-2023-0277 + + sql-injection + high + + + yes + + reset-server + + + WordPress Video List Manager Plugin SQL Injection Vulnerability + + CVE-2023-1408 + + sql-injection + high + + + yes + + reset-server + + + WordPress Otter Plugin Deserialization Vulnerability + + CVE-2023-2288 + + code-execution + high + + + yes + + reset-server + + + Schneider Electric IGSS Insecure Deserialization Vulnerability + + CVE-2023-3001 + + code-execution + high + + + yes + + reset-both + + + Abode Systems Memory Corruption Vulnerability + + CVE-2022-35244 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-32773 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Memory Corruption Vulnerability + + CVE-2022-35876 + CVE-2022-35877 + CVE-2022-35875 + + code-execution + critical + + + yes + + reset-server + + + Contec CONPROSYS HMI System Stored Cross-Site Scripting Vulnerability + + CVE-2023-28651 + + code-execution + medium + + + yes + + alert + + + WordPress SEOPress Plugin Deserialization Vulnerability + + CVE-2023-1669 + + code-execution + high + + + yes + + reset-server + + + WordPress My Sticky Elements Plugin SQL Injection Vulnerability + + CVE-2023-0487 + + sql-injection + high + + + yes + + reset-server + + + WordPress TranslatePress Multilinugal Plugin SQL Injection Vulnerability + + CVE-2022-3141 + + sql-injection + high + + + yes + + reset-server + + + Hikvision Hybrid SAN Products SQL Injection Vulnerability + + CVE-2022-28171 + + sql-injection + critical + + + yes + + reset-server + + + WordPress Betheme Plugin Deserialization Vulnerability + + CVE-2022-3861 + + code-execution + high + + + yes + + reset-server + + + Ghost Foundation Information Disclosure Vulnerability + + CVE-2023-31133 + + info-leak + high + + + yes + + reset-server + + + WordPress Simple URLs Plugin SQL Injection Vulnerability + + CVE-2023-0098 + + sql-injection + high + + + yes + + reset-server + + + WordPress WPBakery Page Builder Plugin Local File Inclusion Vulnerability + + CVE-2023-0159 + + info-leak + high + + + yes + + reset-server + + + WordPress SiteGround Security Plugin SQL Injection Vulnerability + + CVE-2023-0234 + + sql-injection + high + + + yes + + reset-server + + + Git Git Source Code Management apply reject Arbitrary File Write Vulnerability + + CVE-2023-25652 + + code-execution + high + + + yes + + reset-both + + + Abode Systems Command Injection Vulnerability + + CVE-2022-27804 + + code-execution + critical + + + yes + + reset-server + + + WordPress Enable Media Replace Plugin File Upload Vulnerability + + CVE-2023-0255 + + code-execution + high + + + yes + + reset-server + + + Generic Malicious XML File Detection + code-execution + medium + + + yes + + alert + + + Delta Electronics InfraSuite Security Feature Bypass Vulnerability + + CVE-2023-30765 + + code-execution + critical + + + yes + + reset-server + + + Adobe ColdFusion Remote Code Execution Vulnerability + + CVE-2023-38203 + CVE-2023-38204 + + code-execution + critical + + + yes + + reset-server + + + Artifex Ghostscript Code Execution Vulnerability + + CVE-2023-36664 + + code-execution + high + + + yes + + reset-both + + + Cisco SPA112 Remote Code Execution Vulnerability + + CVE-2023-20126 + + code-execution + critical + + + yes + + reset-both + + + Citrix ADC and NetScaler Gateway Remote Code Execution Vulnerability + + CVE-2023-3519 + + code-execution + critical + + + yes + + reset-server + + + CloudPanel Remote Code Execution Vulnerability + + CVE-2023-35885 + + code-execution + critical + + + yes + + reset-server + + + WordPress ReviewX Plugin SQL Injection Vulnerability + + CVE-2023-26325 + + sql-injection + high + + + yes + + reset-server + + + ASUS RT-AX56U and RT-AC86U Routers Format String Vulnerability + + CVE-2023-35086 + + code-execution + critical + + + yes + + reset-server + + + Abode Systems Command Injection Vulnerability + + CVE-2022-33189 + + code-execution + critical + + + yes + + reset-server + + + Progress MOVEit Transfer FolderListRecursive SQL Injection Vulnerability + + CVE-2023-36932 + + sql-injection + high + + + yes + + reset-server + + + Progress MOVEit Transfer MOVEitISAPI X-siLock-FileID SQL Injection Vulnerability + + CVE-2023-36932 + + sql-injection + high + + + yes + + reset-server + + + WordPress WP Statistics Plugin SQL Injection Vulnerability + + CVE-2023-0955 + + sql-injection + high + + + yes + + reset-server + + + WordPress WP Meta SEO Plugin SQL Injection Vulnerability + + CVE-2023-0875 + + sql-injection + high + + + yes + + reset-server + + + WordPress Correos Oficial Plugin File Download Vulnerability + + CVE-2023-0331 + + info-leak + high + + + yes + + reset-server + + + Citrix ShareFile Storage Zones Controller Directory Traversal Vulnerability + + CVE-2023-24489 + + code-execution + critical + + + yes + + reset-server + + + WordPress Shopping Cart and eCommerce Store Plugin File Inclusion Vulnerability + + CVE-2023-1124 + + info-leak + high + + + yes + + reset-server + + + WordPress JetEngine Plugin Code Execution Vulnerability + + CVE-2023-1406 + + code-execution + high + + + yes + + reset-server + + + WordPress ANGradeBook Plugin SQL Injection Vulnerability + + CVE-2023-2636 + + sql-injection + high + + + yes + + reset-server + + + Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability + + CVE-2023-35078 + + info-leak + critical + + + yes + + reset-server + + + Google Chrome Type Confusion Vulnerability + + CVE-2023-2033 + + code-execution + high + + + yes + + reset-both + + + Metabase Remote Code Execution Vulnerability + + CVE-2023-38646 + + code-execution + critical + + + yes + + reset-server + + + WordPress Formidable PRO2PDF Plugin SQL Injection Vulnerability + + CVE-2023-28663 + + sql-injection + high + + + yes + + reset-server + + + WordPress Events Made Easy Plugin SQL Injection Vulnerability + + CVE-2023-28660 + + sql-injection + high + + + yes + + reset-server + + + Google Chrome Out-Of-Bounds Read Vulnerability + + CVE-2023-2134 + + code-execution + high + + + yes + + reset-both + + + Google Chrome Out-Of-Bounds Read Vulnerability + + CVE-2023-2133 + + code-execution + high + + + yes + + reset-both + + + Google Chrome Out-Of-Bounds Write Vulnerability + + CVE-2023-2929 + + code-execution + high + + + yes + + reset-both + + + WordPress One-click Countdowns Plugin SQL Injection Vulnerability + + CVE-2023-28659 + + sql-injection + high + + + yes + + reset-server + + + WordPress Gift Cards Plugin SQL Injection Vulnerability + + CVE-2023-28662 + + sql-injection + critical + + + yes + + reset-server + + + Google Chrome Security Check Bypass Vulnerability + + CVE-2022-4906 + + code-execution + high + + + yes + + reset-both + + + Apache Airflow SQL Injection Vulnerability + + CVE-2023-22884 + + sql-injection + critical + + + yes + + reset-server + Mozilla Firefox Browser Engine Multiple Unspecified Vulnerabilities @@ -433665,7 +438029,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n overflow high - + yes @@ -441355,10 +445719,11 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n CVE-2016-4350 CVE-2018-12464 CVE-2019-17357 + CVE-2022-23305 sql-injection medium - + yes @@ -441902,9 +446267,9 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n Various Evasion Techniques code-execution medium - + - yes + yes alert @@ -456321,7 +460686,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-both - Malware XOR Obfuscation Detection + PE File XOR Obfuscation Detection code-execution medium @@ -485020,7 +489385,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n code-execution high - + yes @@ -516823,7 +521188,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n code-execution high - + yes @@ -528790,10 +533155,25 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + IKE Protocol Extensions Remote Code Execution Vulnerability + + CVE-2022-34720 + CVE-2022-34721 + + code-execution + critical + + + yes + + reset-server + Microsoft Windows Internet Key Exchange Extension Denial-of-Service Vulnerability CVE-2023-21758 + CVE-2023-21547 dos high @@ -533575,6 +537955,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Windows Server Message Block Buffer Overflow Vulnerability + + CVE-2017-0145 + + code-execution + high + + + yes + + reset-server + Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability @@ -541146,6 +545539,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Apache RocketMQ Command Injection Vulnerability + + CVE-2023-33246 + + code-execution + critical + + + yes + + reset-server + Cisco Secure ACS EAP-TLS Authentication Bypass Vulnerability @@ -541341,6 +545747,22 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Microsoft Windows Network Policy Server RADIUS Implementation Denial-of-Service Vulnerability + + CVE-2015-0015 + + + MS15-007 + + dos + high + + + yes + + alert + Sun Solaris SAdmin Client Credentials Remote Command Execution Vulnerability @@ -548251,7 +552673,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n yes - reset-both + alert OpenSSL TLS Heartbleed Vulnerability @@ -549642,6 +554064,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + OpenSSL Invalid PSS Parameters Denial-of-Service Vulnerability + + CVE-2015-0208 + + dos + high + + + yes + + alert + RSA PKCS1 Cryptographic Vulnerability info-leak @@ -556967,6 +561402,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Ivanti Avalanche EnterpriseServer GetSettings Authentication Bypass Vulnerability + + CVE-2023-28126 + + info-leak + medium + + + yes + + alert + MariaDB Denial-of-Service Vulnerability @@ -556993,6 +561441,20 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Message Queuing Denial-of-Service Vulnerability + + CVE-2023-21769 + CVE-2023-28302 + + dos + high + + + yes + + reset-server + Realtek Jungle SDK Buffer Overflow Vulnerability @@ -557378,6 +561840,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n scan medium + + scan + medium + @@ -559532,6 +563998,17 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n + + + + + + + + + + + @@ -562921,6 +567398,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n modbus-req-subreq-data + modbus-req-outputs-value + modbus-req-registers-value + modbus-req-write-registers-value + modbus-req-mei-data cotp-req-s7-header @@ -562990,6 +567471,10 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n rtsp-rsp-www-authenticate rtsp-rsp-rtp-info + + generic-req-nettcp-host + generic-req-nettcp-path + @@ -569805,6 +574290,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + @@ -570251,6 +574741,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + @@ -570283,6 +574778,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + @@ -570987,6 +575483,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + @@ -571054,6 +575551,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + @@ -571134,6 +575636,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + @@ -571405,7 +575908,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= - + @@ -571720,6 +576223,8 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + @@ -572477,6 +576982,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + @@ -572872,6 +577382,7 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + @@ -573045,6 +577556,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + @@ -573099,6 +577615,11 @@ dGVjdDwvaDE+CgoJCjwvQk9EWT4KPC9IVE1MPgo= + + + + + From cc34648becd0749e8b523045d9f1bbca652d3d30 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Mon, 7 Aug 2023 15:08:04 +0200 Subject: [PATCH 23/34] Update CHANGELOG.txt --- CHANGELOG.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index aa0b46b5..b8cceac1 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -24,6 +24,7 @@ BUGFIX: * type=dhcp actions=exporttoexcel | bugfix to add correct template GENERAL: +* dynamic update version 8739-8206 2.1.12 (20230731) From 7a7be046f6c3149cd8fefc658139d4bb7ac18b78 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Mon, 7 Aug 2023 15:51:56 +0200 Subject: [PATCH 24/34] class PH - workaround for none working API mode connector - discard setType() --- CHANGELOG.txt | 1 + lib/misc-classes/PH.php | 3 ++- utils/common/actions-dhcp.php | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index b8cceac1..747b13b4 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -22,6 +22,7 @@ BUGFIX: * class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary' * type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects * type=dhcp actions=exporttoexcel | bugfix to add correct template +* class PH - workaround for none working API mode connector - discard setType() GENERAL: * dynamic update version 8739-8206 diff --git a/lib/misc-classes/PH.php b/lib/misc-classes/PH.php index ca31468a..e38f0202 100644 --- a/lib/misc-classes/PH.php +++ b/lib/misc-classes/PH.php @@ -471,7 +471,8 @@ public static function &processIOMethod($str, $checkFileExists) $host = $fileExplode[0]; } $connector = PanAPIConnector::findOrCreateConnectorFromHost($host); - $connector->setType($connector->info_deviceType); + #swaschkut: not working 20230807 + #$connector->setType($connector->info_deviceType); } else { diff --git a/utils/common/actions-dhcp.php b/utils/common/actions-dhcp.php index 0c4a1d44..bd293200 100644 --- a/utils/common/actions-dhcp.php +++ b/utils/common/actions-dhcp.php @@ -191,7 +191,7 @@ else { $lines .= $context->encloseFunction("---"); - $lines .= $context->encloseFunction($context->owner->owner->name()); + $lines .= $context->encloseFunction($object->owner->owner->name()); } } From de52f9311eba0645e90d56a4c2d2abcd4fae85cc Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 8 Aug 2023 10:57:49 +0200 Subject: [PATCH 25/34] type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location --- CHANGELOG.txt | 1 + lib/rule-classes/Rule.php | 8 +- utils/common/RuleCallContext.php | 144 ++++++++++++++++++++++++++++++- utils/common/actions-rule.php | 13 ++- 4 files changed, 162 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 747b13b4..8b22f2b6 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -13,6 +13,7 @@ UTIL: * type=dhcp | introduce actions=exporttoexcel:file.html * type=dhcp | improvement for actions=exporttoexcel * type=dhcp actions=display/exporttoexcel | extend with additional DHCP information +* type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/lib/rule-classes/Rule.php b/lib/rule-classes/Rule.php index a57934a6..3f06864a 100644 --- a/lib/rule-classes/Rule.php +++ b/lib/rule-classes/Rule.php @@ -1799,7 +1799,7 @@ function ruleUsage81( &$sub, $vsys, $rule_base, $connector, $hitType, $unused_fl } } - public function ServiceResolveSummary() + public function ServiceResolveSummary( $RuleReferenceLocation = null ) { $port_mapping_text = array(); @@ -1844,6 +1844,12 @@ public function ServiceResolveSummary() $objects = $this->services->getAll(); + if( $RuleReferenceLocation !== null ) + { + foreach( $objects as $key => $member ) + $objects[$key] = $RuleReferenceLocation->serviceStore->find($member->name()); + } + $array = array(); foreach( $objects as $object ) { diff --git a/utils/common/RuleCallContext.php b/utils/common/RuleCallContext.php index 92025282..6c434c46 100644 --- a/utils/common/RuleCallContext.php +++ b/utils/common/RuleCallContext.php @@ -390,10 +390,26 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco if( $fieldName == 'service_resolved_sum' ) { - $port_mapping_text = $rule->ServiceResolveSummary( ); + $port_mapping_text = $rule->ServiceResolveSummary( $rule->owner->owner ); return self::enclose($port_mapping_text); } + if( $fieldName == 'service_resolved_nested_name' ) + { + $strMapping = $this->ServiceResolveNameNestedSummary( $rule ); + return self::enclose($strMapping); + } + if( $fieldName == 'service_resolved_nested_value' ) + { + $strMapping = $this->ServiceResolveValueNestedSummary( $rule ); + return self::enclose($strMapping); + } + if( $fieldName == 'service_resolved_nested_location' ) + { + $strMapping = $this->ServiceResolveLocationNestedSummary( $rule ); + return self::enclose($strMapping); + } + if( $fieldName == 'service_appdefault_resolved_sum' ) { $port_mapping_text = $rule->ServiceAppDefaultResolveSummary( ); @@ -950,6 +966,132 @@ public function ServiceCount( $rule, $type = "both" ) return $calculatedCounter; } + public function ServiceResolveValueNestedSummary( $rule ) + { + if( $rule->services->isAny() ) + return array( '0.0.0.0/0', '::0-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff'); + + $allMembers = $rule->services->getAll(); + $strMapping = array(); + foreach($allMembers as $member) + { + if( $member->isGroup() ) + { + $tmp_array = array(); + $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + foreach( $members as $member ) + { + $tmp_member = $rule->owner->owner->serviceStore->find($member->name()); + + $port_mapping = $tmp_member->dstPortMapping( array(), $rule->owner->owner ); + $mapping_texts = $port_mapping->mappingToText(); + + //TODO: handle predefined service objects in a different way + if( $tmp_member->name() == 'service-http' ) + $mapping_texts = 'tcp/80'; + if( $tmp_member->name() == 'service-https' ) + $mapping_texts = 'tcp/443'; + + $strMapping[] = $mapping_texts; + #$strMapping[] = "group"; + } + } + + else + { + $tmp_member = $rule->owner->owner->serviceStore->find($member->name()); + + $port_mapping = $tmp_member->dstPortMapping( array(), $rule->owner->owner ); + $mapping_texts = $port_mapping->mappingToText(); + + //TODO: handle predefined service objects in a different way + if( $tmp_member->name() == 'service-http' ) + $mapping_texts = 'tcp/80'; + if( $tmp_member->name() == 'service-https' ) + $mapping_texts = 'tcp/443'; + + $strMapping[] = $mapping_texts; + + } + + } + + + if( count( $strMapping) === 1 && empty( $strMapping[0] ) ) + $strMapping = array(); + + return $strMapping; + } + public function ServiceResolveNameNestedSummary( $rule ) + { + /** @var SecurityRule $rule */ + if( $rule->services->isAny() ) + return array('tcp/0-65535', 'udp/0-65535'); + + $allMembers = $rule->services->getAll(); + $strMapping = array(); + foreach($allMembers as $member1) + { + if( $member1->isGroup() ) + { + $tmp_array = array(); + $members = $member1->expand(FALSE, $tmp_array, $rule->owner->owner); + foreach( $members as $member2 ) + { + $strMapping[] = $member2->name(); + } + } + + else + $strMapping[] = $member1->name(); + } + + + if( count( $strMapping) === 1 && empty( $strMapping[0] ) ) + $strMapping = array(); + + return $strMapping; + } + + public function ServiceResolveLocationNestedSummary( $rule ) + { + if( $rule->services->isAny() ) + return array('tcp/0-65535', 'udp/0-65535'); + + $allMembers = $rule->services->getAll(); + $strMapping = array(); + foreach($allMembers as $member) + { + if( $member->isGroup() ) + { + $tmp_array = array(); + $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + foreach( $members as $member ) + { + $tmp_name = $member->owner->owner->name(); + if( empty($tmp_name) ) + $tmp_name = "shared"; + + $strMapping[] = $tmp_name; + } + } + else + { + $tmp_name = $member->owner->owner->name(); + if( empty($tmp_name) ) + $tmp_name = "shared"; + + $strMapping[] = $tmp_name; + } + } + + + if( count( $strMapping) === 1 && empty( $strMapping[0] ) ) + $strMapping = array(); + + return $strMapping; + } + public function ApplicationResolveSummary( $rule, $returnString = false ) { $app_mapping = array(); diff --git a/utils/common/actions-rule.php b/utils/common/actions-rule.php index ffb76ebc..4264c778 100644 --- a/utils/common/actions-rule.php +++ b/utils/common/actions-rule.php @@ -3844,7 +3844,12 @@ } if( $addResolvedServiceSummary ) - PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_sum'] = $rule->ServiceResolveSummary(); + { + PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_sum'] = $rule->ServiceResolveSummary($rule->owner->owner); + PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_nested_name'] = $context->ServiceResolveNameNestedSummary( $rule ); + PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_resolved_nested_value'] = $context->ServiceResolveValueNestedSummary( $rule ); + } + if( $addResolvedServiceAppDefaultSummary ) PH::$JSON_TMP['sub']['object'][$rule->name()]['srv_appdefault_resolved_sum'] = $rule->ServiceAppDefaultResolveSummary(); @@ -4352,6 +4357,9 @@ 'dst_resolved_nested_location' => 'dst_resolved_nested_location', 'service' => 'service', 'service_resolved_sum' => 'service_resolved_sum', + 'service_resolved_nested_name' => 'service_resolved_nested_name', + 'service_resolved_nested_value' => 'service_resolved_nested_value', + 'service_resolved_nested_location' => 'service_resolved_nested_location', 'service_appdefault_resolved_sum' => 'service_appdefault_resolved_sum', 'service_count' => 'service_count', 'service_count_tcp' => 'service_count_tcp', @@ -4413,10 +4421,11 @@ $fieldName == 'snat_address_resolved_sum') && !$addResolvedAddressSummary) || (($fieldName == 'service_resolved_sum' || + $fieldName == 'service_resolved_nested_name' || $fieldName == 'service_resolved_nested_value' || $fieldName == 'service_resolved_nested_location' || $fieldName == 'service_count' || $fieldName == 'service_count_tcp' || $fieldName == 'service_count_udp') && !$addResolvedServiceSummary) || (($fieldName == 'service_appdefault_resolved_sum') && !$addResolvedServiceAppDefaultSummary) || (($fieldName == 'application_resolved_sum') && !$addResolvedApplicationSummary) || - (($fieldName == 'schedule_resolved_sum') && !$addResolvedScheduleSummary) || + (($fieldName == 'schedule_resolved_sum' ) && !$addResolvedScheduleSummary) || (($fieldName == 'application_seen') && (!$addAppSeenSummary || !$context->isAPI) ) || (($fieldName == 'first-hit' || $fieldName == 'last-hit' || $fieldName == 'hit-count') && (!$addHitCountSummary || !$context->isAPI) ) || (($fieldName == 'nat_rule_type' || $fieldName == 'snat_type' || $fieldName == 'snat_address' || From 388402fd7ad0b65c2fd750ab2174b2d3948ff2f7 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 8 Aug 2023 11:14:34 +0200 Subject: [PATCH 26/34] type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output --- CHANGELOG.txt | 1 + utils/common/actions-service.php | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 8b22f2b6..2202ee74 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -14,6 +14,7 @@ UTIL: * type=dhcp | improvement for actions=exporttoexcel * type=dhcp actions=display/exporttoexcel | extend with additional DHCP information * type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location +* type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/actions-service.php b/utils/common/actions-service.php index ce760223..257cee9d 100644 --- a/utils/common/actions-service.php +++ b/utils/common/actions-service.php @@ -315,7 +315,23 @@ { if( $object->isTmpSrv() ) { - $lines .= $context->encloseFunction('unknown'); + if( $object->name() == "service-http" ) + { + $lines .= $context->encloseFunction('service-tcp'); + $lines .= $context->encloseFunction('40'); + } + elseif( $object->name() == "service-https" ) + { + $lines .= $context->encloseFunction('service-tcp'); + $lines .= $context->encloseFunction('443'); + } + else + { + $lines .= $context->encloseFunction('unknown'); + $lines .= $context->encloseFunction(''); + } + + $lines .= $context->encloseFunction(''); $lines .= $context->encloseFunction(''); $lines .= $context->encloseFunction(''); From a5e69757e8327f9826a0d86e97170b2ee31b6559 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Tue, 8 Aug 2023 13:53:14 +0200 Subject: [PATCH 27/34] type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location --- CHANGELOG.txt | 1 + utils/common/AddressCallContext.php | 2 -- utils/common/ApplicationCallContext.php | 1 - utils/common/CallContext.php | 1 + utils/common/actions-address.php | 37 +++++++++++++++++++++---- utils/common/actions-service.php | 35 ++++++++++++++++++++--- utils/lib/MERGER.php | 12 +++++--- 7 files changed, 73 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 2202ee74..d262aac0 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -15,6 +15,7 @@ UTIL: * type=dhcp actions=display/exporttoexcel | extend with additional DHCP information * type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location * type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output +* type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/utils/common/AddressCallContext.php b/utils/common/AddressCallContext.php index ad568131..4e849a70 100644 --- a/utils/common/AddressCallContext.php +++ b/utils/common/AddressCallContext.php @@ -21,8 +21,6 @@ class AddressCallContext extends CallContext { /** @var Address|AddressGroup */ - public $object; - public $objectList; public static $commonActionFunctions = array(); public static $supportedActions = array(); diff --git a/utils/common/ApplicationCallContext.php b/utils/common/ApplicationCallContext.php index 64ce318b..acf53d8e 100644 --- a/utils/common/ApplicationCallContext.php +++ b/utils/common/ApplicationCallContext.php @@ -21,7 +21,6 @@ class ApplicationCallContext extends CallContext { /** @var App */ - public $object; public $counter_containers; public $tmpcounter; diff --git a/utils/common/CallContext.php b/utils/common/CallContext.php index 5b75d9f1..ff4cef0b 100644 --- a/utils/common/CallContext.php +++ b/utils/common/CallContext.php @@ -26,6 +26,7 @@ class CallContext /** @var Rule|SecurityRule|NatRule|DecryptionRule|AppOverrideRule|CaptivePortalRule|PbfRule|QoSRule|DoSRule $object */ public $object; + public $objectList; public $actionRef; diff --git a/utils/common/actions-address.php b/utils/common/actions-address.php index c010e163..0a068470 100644 --- a/utils/common/actions-address.php +++ b/utils/common/actions-address.php @@ -697,7 +697,8 @@ } /** @var AddressGroup $object */ - $members = $object->expand(); + $tmp_array = array(); + $members = $object->expand(FALSE,$tmp_array, $object->owner->owner); $mapping = new IP4Map(); $listOfNotConvertibleObjects = array(); @@ -757,6 +758,7 @@ $addResolveGroupIPCoverage = FALSE; $addNestedMembers = FALSE; $addResolveIPNestedMembers = FALSE; + $addResolveLocationNestedMembers = FALSE; $addNestedMembersCount = FALSE; $optionalFields = &$context->arguments['additionalFields']; @@ -774,6 +776,7 @@ { $addNestedMembers = TRUE; $addResolveIPNestedMembers = TRUE; + $addResolveLocationNestedMembers = TRUE; $addNestedMembersCount = TRUE; } @@ -790,6 +793,8 @@ $headers .= 'nested members'; if( $addResolveIPNestedMembers ) $headers .= 'nested members ip resolution'; + if( $addResolveLocationNestedMembers ) + $headers .= 'nested members location resolution'; if( $addNestedMembersCount ) $headers .= 'nested members count'; @@ -843,7 +848,7 @@ $lines .= $context->encloseFunction( '---' ); $counter = 0; - $members = $object->expand(FALSE); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); foreach( $members as $member ) $counter += $member->getIPcount(); $lines .= $context->encloseFunction((string)$counter); @@ -909,7 +914,8 @@ { if( $object->isGroup() ) { - $members = $object->expand(FALSE); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); $lines .= $context->encloseFunction($members); } else @@ -919,7 +925,8 @@ { if( $object->isGroup() ) { $resolve = array(); - $members = $object->expand(FALSE); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); foreach( $members as $member ) $resolve[] = $member->value(); $lines .= $context->encloseFunction($resolve); @@ -927,11 +934,31 @@ else $lines .= $context->encloseFunction(''); } + if( $addResolveLocationNestedMembers ) + { + if( $object->isGroup() ) + { $resolve = array(); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); + foreach( $members as $member ) + { + $tmp_name = $member->owner->owner->name(); + if( empty($tmp_name) ) + $tmp_name = "shared"; + $resolve[] = $tmp_name; + } + + $lines .= $context->encloseFunction($resolve); + } + else + $lines .= $context->encloseFunction(''); + } if( $addNestedMembersCount ) { if( $object->isGroup() ) { $resolve = array(); - $members = $object->expand(FALSE); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); $lines .= $context->encloseFunction( (string)count($members) ); } else diff --git a/utils/common/actions-service.php b/utils/common/actions-service.php index 257cee9d..71a50049 100644 --- a/utils/common/actions-service.php +++ b/utils/common/actions-service.php @@ -243,6 +243,7 @@ $addResolveGroupSRVCoverage = FALSE; $addNestedMembers = FALSE; $addResolveSRVNestedMembers = FALSE; + $addResolveLocationNestedMembers = FALSE; $addNestedMembersCount = FALSE; $optionalFields = &$context->arguments['additionalFields']; @@ -260,6 +261,7 @@ { $addNestedMembers = TRUE; $addResolveSRVNestedMembers = TRUE; + $addResolveLocationNestedMembers = TRUE; $addNestedMembersCount = TRUE; } @@ -276,6 +278,9 @@ $headers .= 'nested members'; if( $addResolveSRVNestedMembers ) $headers .= 'nested members srv resolution'; + if( $addResolveLocationNestedMembers ) + $headers .= 'nested members location resolution'; + if( $addNestedMembersCount ) $headers .= 'nested members count'; @@ -443,7 +448,8 @@ { if( $object->isGroup() ) { - $members = $object->expand(FALSE); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); $lines .= $context->encloseFunction($members); } else @@ -452,8 +458,10 @@ if( $addResolveSRVNestedMembers ) { if( $object->isGroup() ) - { $resolve = array(); - $members = $object->expand(FALSE); + { + $resolve = array(); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); foreach( $members as $member ) { $srcport = ""; @@ -467,11 +475,30 @@ else $lines .= $context->encloseFunction(''); } + if( $addResolveLocationNestedMembers ) + { + if( $object->isGroup() ) + { $resolve = array(); + $tmp_array = array(); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); + foreach( $members as $member ) + { + $tmp_name = $member->owner->owner->name(); + if( empty($tmp_name) ) + $tmp_name = "shared"; + $resolve[] = $tmp_name; + } + + $lines .= $context->encloseFunction($resolve); + } + else + $lines .= $context->encloseFunction(''); + } if( $addNestedMembersCount ) { if( $object->isGroup() ) { $resolve = array(); - $members = $object->expand(FALSE); + $members = $object->expand(FALSE, $tmp_array, $object->owner->owner); $lines .= $context->encloseFunction( (string)count($members) ); } else diff --git a/utils/lib/MERGER.php b/utils/lib/MERGER.php index 9c35478b..ad0c1953 100644 --- a/utils/lib/MERGER.php +++ b/utils/lib/MERGER.php @@ -1493,9 +1493,9 @@ function address_merging() { $hashMap[$value][] = $object; if( $parentStore !== null ) - { $object->ancestor = self::findAncestor( $parentStore, $object, "addressStore" ); - } + + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore"); } else $upperHashMap[$value][] = $object; @@ -1521,9 +1521,9 @@ function address_merging() { $hashMap[$value][] = $object; if( $parentStore !== null ) - { $object->ancestor = self::findAncestor( $parentStore, $object, "addressStore" ); - } + + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "addressStore"); } else $upperHashMap[$value][] = $object; @@ -2243,6 +2243,7 @@ function servicegroup_merging() $hashMap[$value][] = $object; if( $parentStore !== null ) $object->ancestor = self::findAncestor( $parentStore, $object, "serviceStore"); + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore"); } else @@ -2790,6 +2791,8 @@ function service_merging() $hashMap[$value][] = $object; if( $parentStore !== null ) $object->ancestor = self::findAncestor($parentStore, $object, "serviceStore"); + + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore"); } else $upperHashMap[$value][] = $object; @@ -2817,6 +2820,7 @@ function service_merging() $hashMap[$value][] = $object; if( $parentStore !== null ) $object->ancestor = self::findAncestor($parentStore, $object, "serviceStore"); + $object->childancestor = self::findChildAncestor( $childDeviceGroups, $object, "serviceStore"); } else $upperHashMap[$value][] = $object; From c6697bf46761f0628d9ade281c94eec71aad8b77 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 9 Aug 2023 10:26:17 +0200 Subject: [PATCH 28/34] class RULEUTIL - defaultSecurityRules not available in Fawkes Snippet --- CHANGELOG.txt | 1 + utils/lib/RULEUTIL.php | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index d262aac0..fd7cd27e 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -26,6 +26,7 @@ BUGFIX: * type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects * type=dhcp actions=exporttoexcel | bugfix to add correct template * class PH - workaround for none working API mode connector - discard setType() +* class RULEUTIL - defaultSecurityRules not available in Fawkes Snippet GENERAL: * dynamic update version 8739-8206 diff --git a/utils/lib/RULEUTIL.php b/utils/lib/RULEUTIL.php index 8dbc9b67..831013df 100644 --- a/utils/lib/RULEUTIL.php +++ b/utils/lib/RULEUTIL.php @@ -323,7 +323,8 @@ public function location_filter_object() } if( array_search('any', $this->ruleTypes) !== FALSE || array_search('defaultsecurity', $this->ruleTypes) !== FALSE ) { - $this->objectsToProcess[] = array('store' => $sub->defaultSecurityRules, 'rules' => $sub->defaultSecurityRules->rules()); + if( get_class( $sub) !== "Snippet" ) + $this->objectsToProcess[] = array('store' => $sub->defaultSecurityRules, 'rules' => $sub->defaultSecurityRules->rules()); } if( array_search('any', $this->ruleTypes) !== FALSE || array_search('networkpacketbroker', $this->ruleTypes) !== FALSE ) { From 77f1bd3cbc17d33b63769f120c28f3caef122b76 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 9 Aug 2023 19:17:24 +0200 Subject: [PATCH 29/34] type=gcp - extend output for onboarding --- utils/lib/GCP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/lib/GCP.php b/utils/lib/GCP.php index b8ae105e..a288e9aa 100644 --- a/utils/lib/GCP.php +++ b/utils/lib/GCP.php @@ -300,7 +300,7 @@ public function main() $this->execCLIWithOutput( $get_auth ); $mgmtsvc_tenantID = $this->grepAllPods( "mgmtsvc" ); - #PH::print_stdout( "mgmtsvc tenantID: '".$mgmtsvc_tenantID[0]."'"); + PH::print_stdout( "mgmtsvc tenantID: '".$mgmtsvc_tenantID[0]."'"); $mgmtsvc = "kubectl exec -it ".$mgmtsvc_tenantID[0]." -c mgmtsvc --insecure-skip-tls-verify=true -- "; From c8d3df09494aba6d56722996d2494ad91dd28971 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 9 Aug 2023 19:17:47 +0200 Subject: [PATCH 30/34] class Region - add $RuleReferenceLocation = Null --- lib/object-classes/Region.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/object-classes/Region.php b/lib/object-classes/Region.php index e5d6f87d..eb2e5610 100644 --- a/lib/object-classes/Region.php +++ b/lib/object-classes/Region.php @@ -156,7 +156,7 @@ public function API_setName($newName) * Return an array['start']= startip and ['end']= endip * @return IP4Map */ - public function getIP4Mapping() + public function getIP4Mapping( $RuleReferenceLocation = null) { if( isset($this->_ip4Map) ) { From 5f1e20f44ce2253738ab9db0248f71273b0a8c05 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 9 Aug 2023 19:18:52 +0200 Subject: [PATCH 31/34] class Address - use $RuleReferenceLocation --- CHANGELOG.txt | 1 + .../AddressRuleContainer.php | 4 +- lib/object-classes/Address.php | 51 ++++++++++--------- 3 files changed, 31 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index fd7cd27e..b1afa31c 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -16,6 +16,7 @@ UTIL: * type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location * type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output * type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location +* class Address - use $RuleReferenceLocation BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/lib/container-classes/AddressRuleContainer.php b/lib/container-classes/AddressRuleContainer.php index 76dafefd..1da07a29 100644 --- a/lib/container-classes/AddressRuleContainer.php +++ b/lib/container-classes/AddressRuleContainer.php @@ -623,7 +623,7 @@ public function getIP4Mapping( $RuleReferenceLocation = null ) elseif( $member->isAddress() ) { /** @var Address $member */ - $localMap = $member->getIP4Mapping(); + $localMap = $member->getIP4Mapping( $RuleReferenceLocation ); $mapObject->addMap($localMap, TRUE); } elseif( $member->isGroup() ) @@ -640,7 +640,7 @@ public function getIP4Mapping( $RuleReferenceLocation = null ) elseif( $member->isRegion() ) { /** @var Region $member */ - $localMap = $member->getIP4Mapping(); + $localMap = $member->getIP4Mapping( $RuleReferenceLocation ); $mapObject->addMap($localMap, TRUE); } else diff --git a/lib/object-classes/Address.php b/lib/object-classes/Address.php index 63522ff6..bf12ba71 100644 --- a/lib/object-classes/Address.php +++ b/lib/object-classes/Address.php @@ -452,34 +452,39 @@ public function sameValue(Address $otherObject) * Return an array['start']= startip and ['end']= endip * @return IP4Map */ - public function getIP4Mapping() + public function getIP4Mapping( $RuleReferenceLocation = null ) { - if( isset($this->_ip4Map) ) + if( $RuleReferenceLocation !== null ) + $object = $RuleReferenceLocation->addressStore->find($this->name()); + else + $object = $this; + + if( isset($object->_ip4Map) ) { - return $this->_ip4Map; + return $object->_ip4Map; } - if( $this->isTmpAddr() ) + if( $object->isTmpAddr() ) { - if( !$this->nameIsValidRuleIPEntry() ) + if( !$object->nameIsValidRuleIPEntry() ) { // if this object is temporary/unsupported, we send an empty mapping - $this->_ip4Map = new IP4Map(); - $this->_ip4Map->unresolved[$this->name] = $this; + $object->_ip4Map = new IP4Map(); + $object->_ip4Map->unresolved[$object->name] = $object; } else - $this->_ip4Map = IP4Map::mapFromText($this->name); + $object->_ip4Map = IP4Map::mapFromText($object->name); } - elseif( $this->type != self::TypeIpRange && $this->type != self::TypeIpNetmask && $this->type != self::TypeIpWildcard ) + elseif( $object->type != self::TypeIpRange && $object->type != self::TypeIpNetmask && $object->type != self::TypeIpWildcard ) { - $this->_ip4Map = new IP4Map(); - $this->_ip4Map->unresolved[$this->name] = $this; + $object->_ip4Map = new IP4Map(); + $object->_ip4Map->unresolved[$object->name] = $object; } - elseif( $this->type == self::TypeIpNetmask || $this->type == self::TypeIpRange || $this->type == self::TypeIpWildcard ) + elseif( $object->type == self::TypeIpNetmask || $object->type == self::TypeIpRange || $object->type == self::TypeIpWildcard ) { - if( $this->type == self::TypeIpWildcard ) + if( $object->type == self::TypeIpWildcard ) { - $array = explode( "/", $this->value() ); + $array = explode( "/", $object->value() ); $address = $array[0]; $wildcardmask = $array[1]; @@ -499,29 +504,29 @@ public function getIP4Mapping() { $tmp_value = $address."/".$cidr; - $this->_ip4Map = IP4Map::mapFromText($tmp_value); - if( $this->_ip4Map->count() == 0 ) - $this->_ip4Map->unresolved[$this->name] = $this->value(); + $object->_ip4Map = IP4Map::mapFromText($tmp_value); + if( $object->_ip4Map->count() == 0 ) + $object->_ip4Map->unresolved[$object->name] = $object->value(); } else { - $this->_ip4Map->unresolved[$this->name] = $this->value(); + $object->_ip4Map->unresolved[$object->name] = $object->value(); } } else { - $this->_ip4Map = IP4Map::mapFromText($this->value); - if( $this->_ip4Map->count() == 0 ) - $this->_ip4Map->unresolved[$this->name] = $this; + $object->_ip4Map = IP4Map::mapFromText($object->value); + if( $object->_ip4Map->count() == 0 ) + $object->_ip4Map->unresolved[$object->name] = $object; } } else { - derr("unexpected type: ".$this->type() ); + derr("unexpected type: ".$object->type() ); } - return $this->_ip4Map; + return $object->_ip4Map; } From bde9e27d0335f2f03144174a98b4444d2baca57d Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Wed, 9 Aug 2023 19:19:51 +0200 Subject: [PATCH 32/34] type=rule - actions=display/exporttoexcel:resolveaddresssummary | add new src/dst_resovled_sum - for better nested calculation --- CHANGELOG.txt | 1 + utils/common/RuleCallContext.php | 88 +++++++++++++++++++++++++++++++- utils/common/actions-rule.php | 10 ++-- 3 files changed, 93 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index b1afa31c..a6c0926c 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -28,6 +28,7 @@ BUGFIX: * type=dhcp actions=exporttoexcel | bugfix to add correct template * class PH - workaround for none working API mode connector - discard setType() * class RULEUTIL - defaultSecurityRules not available in Fawkes Snippet +* type=rule - actions=display/exporttoexcel:resolveaddresssummary | add new src/dst_resovled_sum - for better nested calculation GENERAL: * dynamic update version 8739-8206 diff --git a/utils/common/RuleCallContext.php b/utils/common/RuleCallContext.php index 6c434c46..2a4fea31 100644 --- a/utils/common/RuleCallContext.php +++ b/utils/common/RuleCallContext.php @@ -353,6 +353,15 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco if( $rule->source->isAny() ) return self::enclose('any'); return self::enclose($rule->source->getAll(), $wrap); + /* + $members = $rule->source->getAll(); + $string_array = array(); + foreach( $members as $member ) + { + $string_array[] = $member->name()." [".$member->owner->owner->name()."]"; + } + return self::enclose($string_array); + */ } if( $fieldName == 'destination' ) @@ -608,13 +617,20 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco return self::enclose($resolve); } - if( $fieldName == 'src_resolved_sum' ) + if( $fieldName == 'src_resolved_sumOLD' ) { $unresolvedArray = array(); $strMapping = $this->AddressResolveSummary( $rule, "source", $unresolvedArray ); $strMapping = array_merge( $strMapping, $unresolvedArray ); return self::enclose($strMapping); } + if( $fieldName == 'src_resolved_sum' ) + { + $unresolvedArray = array(); + $strMapping = $this->AddressResolveSummaryNEW( $rule, "source", $unresolvedArray ); + $strMapping = array_merge( $strMapping, $unresolvedArray ); + return self::enclose($strMapping); + } if( $fieldName == 'src_resolved_nested_name' ) { $unresolvedArray = array(); @@ -649,13 +665,20 @@ public function ruleFieldHtmlExport($rule, $fieldName, $wrap = TRUE, $rule_hitco return self::enclose($resolve); } - if( $fieldName == 'dst_resolved_sum' ) + if( $fieldName == 'dst_resolved_sumOLD' ) { $unresolvedArray = array(); $strMapping = $this->AddressResolveSummary( $rule, "destination", $unresolvedArray ); $strMapping = array_merge( $strMapping, $unresolvedArray ); return self::enclose($strMapping); } + if( $fieldName == 'dst_resolved_sum' ) + { + $unresolvedArray = array(); + $strMapping = $this->AddressResolveSummaryNEW( $rule, "destination", $unresolvedArray ); + $strMapping = array_merge( $strMapping, $unresolvedArray ); + return self::enclose($strMapping); + } if( $fieldName == 'dst_resolved_nested_name' ) { $unresolvedArray = array(); @@ -797,8 +820,11 @@ public function AddressResolveValueNestedSummary( $rule, $typeSrcDst, &$unresolv { if( $member->isGroup() ) { + /** @var AddressGroup $member */ $tmp_array = array(); $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + #foreach($tmp_array as $groups) + # $strMapping[] = ""; foreach( $members as $member ) { $tmp_member = $rule->owner->owner->addressStore->find($member->name()); @@ -821,6 +847,53 @@ public function AddressResolveValueNestedSummary( $rule, $typeSrcDst, &$unresolv return $strMapping; } + + public function AddressResolveSummaryNEW( $rule, $typeSrcDst, &$unresolvedArray = array() ) + { + $mapObject = new IP4Map(); + if( $rule->$typeSrcDst->isAny() ) + { + $localMap = IP4Map::mapFromText('0.0.0.0-255.255.255.255'); + $mapObject->addMap($localMap, TRUE); + #$localMap = IP4Map::mapFromText('::0-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff'); + #$mapObject->addMap($localMap, TRUE); + } + + $allMembers = $rule->$typeSrcDst->getAll(); + $strMapping = array(); + foreach($allMembers as $member) + { + if( $member->isGroup() ) + { + /** @var AddressGroup $member */ + $tmp_array = array(); + $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + foreach( $members as $member ) + { + $tmp_member = $rule->owner->owner->addressStore->find($member->name()); + $localMap = $tmp_member->getIP4Mapping(); + $mapObject->addMap($localMap, TRUE); + } + } + + else + { + $tmp_member = $rule->owner->owner->addressStore->find($member->name()); + $localMap = $tmp_member->getIP4Mapping(); + $mapObject->addMap($localMap, TRUE); + } + + } + + $mapObject->sortAndRecalculate(); + $strMapping = explode(',', $mapObject->dumpToString()); + + if( count( $strMapping) === 1 && empty( $strMapping[0] ) ) + $strMapping = array(); + + return $strMapping; + } + public function AddressResolveNameNestedSummary( $rule, $typeSrcDst, &$unresolvedArray = array() ) { if( $rule->$typeSrcDst->isAny() ) @@ -834,6 +907,8 @@ public function AddressResolveNameNestedSummary( $rule, $typeSrcDst, &$unresolve { $tmp_array = array(); $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + #foreach($tmp_array as $groups) + # $strMapping[] = $groups->name(); foreach( $members as $member ) { $strMapping[] = $member->name(); @@ -864,6 +939,15 @@ public function AddressResolveLocationNestedSummary( $rule, $typeSrcDst, &$unres { $tmp_array = array(); $members = $member->expand(FALSE, $tmp_array, $rule->owner->owner); + /* + foreach($tmp_array as $groups) + { + $tmp_name = $groups->owner->owner->name(); + if( empty($tmp_name) ) + $tmp_name = "shared"; + + $strMapping[] = $tmp_name; + }*/ foreach( $members as $member ) { $tmp_name = $member->owner->owner->name(); diff --git a/utils/common/actions-rule.php b/utils/common/actions-rule.php index 4264c778..04bb051b 100644 --- a/utils/common/actions-rule.php +++ b/utils/common/actions-rule.php @@ -3823,7 +3823,7 @@ if( $addResolvedAddressSummary ) { $unresolvedArray = array(); - PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['resolved'] = $context->AddressResolveSummary( $rule, "source", $unresolvedArray ); + PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['resolved'] = $context->AddressResolveSummaryNEW( $rule, "source", $unresolvedArray ); PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_sum']['unresolved'] = $unresolvedArray; $unresolvedArray = array(); PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_value'] = $context->AddressResolveValueSummary( $rule, "source", $unresolvedArray ); @@ -3833,7 +3833,7 @@ PH::$JSON_TMP['sub']['object'][$rule->name()]['src_resolved_nested_value'] = $context->AddressResolveValueNestedSummary( $rule, "source", $unresolvedArray ); $unresolvedArray = array(); - PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['resolved'] = $context->AddressResolveSummary( $rule, "destination", $unresolvedArray ); + PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['resolved'] = $context->AddressResolveSummaryNEW( $rule, "destination", $unresolvedArray ); PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_sum']['unresolved'] = $unresolvedArray; $unresolvedArray = array(); PH::$JSON_TMP['sub']['object'][$rule->name()]['dst_resolved_value'] = $context->AddressResolveValueSummary( $rule, "destination", $unresolvedArray ); @@ -4344,6 +4344,7 @@ 'src' => 'source', 'src_resolved_value' => 'src_resolved_value', 'src_resolved_sum' => 'src_resolved_sum', + 'src_resolved_sumOLD' => 'src_resolved_sumOLD', 'src_resolved_nested_name' => 'src_resolved_nested_name', 'src_resolved_nested_value' => 'src_resolved_nested_value', 'src_resolved_nested_location' => 'src_resolved_nested_location', @@ -4352,6 +4353,7 @@ 'dst_interface' => 'dst_interface', 'dst_resolved_value' => 'dst_resolved_value', 'dst_resolved_sum' => 'dst_resolved_sum', + 'dst_resolved_sumOLD' => 'dst_resolved_sumOLD', 'dst_resolved_nested_name' => 'dst_resolved_nested_name', 'dst_resolved_nested_value' => 'dst_resolved_nested_value', 'dst_resolved_nested_location' => 'dst_resolved_nested_location', @@ -4413,9 +4415,9 @@ foreach( $fields as $fieldName => $fieldID ) { if( (( - $fieldName == 'src_resolved_sum' || $fieldName == 'src_resolved_value' || + $fieldName == 'src_resolved_sum' || $fieldName == 'src_resolved_sumOLD' || $fieldName == 'src_resolved_value' || $fieldName == 'src_resolved_nested_name' || $fieldName == 'src_resolved_nested_value' || $fieldName == 'src_resolved_nested_location' || - $fieldName == 'dst_resolved_sum' || $fieldName == 'dst_resolved_value' || + $fieldName == 'dst_resolved_sum' || $fieldName == 'dst_resolved_sumOLD' || $fieldName == 'dst_resolved_value' || $fieldName == 'dst_resolved_nested_name' || $fieldName == 'dst_resolved_nested_value' || $fieldName == 'dst_resolved_nested_location' || $fieldName == 'dnat_host_resolved_sum' || $fieldName == 'snat_address_resolved_sum') From 488c8b508771c6f3154c146d893100fc7413fa05 Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 10 Aug 2023 15:49:32 +0200 Subject: [PATCH 33/34] type=zone | introduce 'filter=(interface is.set)' --- CHANGELOG.txt | 1 + lib/misc-classes/filters/filters-Zone.php | 15 +++++ utils/develop/ui/json_array.js | 75 ++++++++++++++++++++++- utils/lib/util_action_filter.json | 75 ++++++++++++++++++++++- 4 files changed, 162 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index a6c0926c..3579d1c0 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -17,6 +17,7 @@ UTIL: * type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output * type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location * class Address - use $RuleReferenceLocation +* type=zone | introduce 'filter=(interface is.set)' BUGFIX: * class Region | bugfix - introduce method type() - to handle "type=address actions=" diff --git a/lib/misc-classes/filters/filters-Zone.php b/lib/misc-classes/filters/filters-Zone.php index 595b8064..cc8f2040 100644 --- a/lib/misc-classes/filters/filters-Zone.php +++ b/lib/misc-classes/filters/filters-Zone.php @@ -471,4 +471,19 @@ 'input' => 'input/panorama-8.0.xml' ) ); + +RQuery::$defaultFilters['zone']['interface']['operators']['is.set'] = array( + 'Function' => function (ZoneRQueryContext $context) { + $object = $context->object; + + $interfaces = $object->attachedInterfaces->getAll(); + if( count($interfaces) > 0) + return TRUE; + else + return FALSE; + + return null; + }, + 'arg' => FALSE +); // \ No newline at end of file diff --git a/utils/develop/ui/json_array.js b/utils/develop/ui/json_array.js index 4f503232..c63ca4a2 100644 --- a/utils/develop/ui/json_array.js +++ b/utils/develop/ui/json_array.js @@ -384,6 +384,38 @@ var subjectObject = } } }, + "upload-address-2cloudmanager": { + "name": "upload-address-2cloudmanager", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "panorama_file": { + "type": "string", + "default": "*nodefault*" + }, + "dg_name": { + "type": "string", + "default": "*nodefault*" + } + } + }, + "upload-addressgroup-2cloudmanager": { + "name": "upload-addressgroup-2cloudmanager", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "panorama_file": { + "type": "string", + "default": "*nodefault*" + }, + "dg_name": { + "type": "string", + "default": "*nodefault*" + } + } + }, "value-host-object-add-netmask-m32": { "name": "value-host-object-add-netmask-m32", "MainFunction": {} @@ -1803,6 +1835,12 @@ var subjectObject = "name": "template-delete", "MainFunction": {} }, + "xml-extract": { + "name": "xml-extract", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {} + }, "zoneprotectionprofile-create-bp": { "name": "zoneprotectionprofile-create-bp", "GlobalInitFunction": {}, @@ -1931,6 +1969,30 @@ var subjectObject = "display": { "name": "display", "MainFunction": {} + }, + "exporttoexcel": { + "name": "exportToExcel", + "MainFunction": {}, + "GlobalInitFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "filename": { + "type": "string", + "default": "*nodefault*" + }, + "additionalFields": { + "type": "pipeSeparatedList", + "subtype": "string", + "default": "*NONE*", + "choices": [ + "WhereUsed", + "UsedInLocation", + "ResolveIP", + "NestedMembers" + ], + "help": "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveIP\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - WhereUsed : list places where object is used (rules, groups ...)\n" + } + } } }, "filter": { @@ -6153,9 +6215,10 @@ var subjectObject = "choices": [ "WhereUsed", "UsedInLocation", - "ResolveSRV" + "ResolveSRV", + "NestedMembers" ], - "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - ResolveSRV\n" + "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveSRV\n" } } }, @@ -7652,6 +7715,14 @@ var subjectObject = } }, "filter": { + "interface": { + "operators": { + "is.set": { + "Function": {}, + "arg": false + } + } + }, "location": { "operators": { "is": { diff --git a/utils/lib/util_action_filter.json b/utils/lib/util_action_filter.json index 04d4b701..3ba08c78 100644 --- a/utils/lib/util_action_filter.json +++ b/utils/lib/util_action_filter.json @@ -383,6 +383,38 @@ } } }, + "upload-address-2cloudmanager": { + "name": "upload-address-2cloudmanager", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "panorama_file": { + "type": "string", + "default": "*nodefault*" + }, + "dg_name": { + "type": "string", + "default": "*nodefault*" + } + } + }, + "upload-addressgroup-2cloudmanager": { + "name": "upload-addressgroup-2cloudmanager", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "panorama_file": { + "type": "string", + "default": "*nodefault*" + }, + "dg_name": { + "type": "string", + "default": "*nodefault*" + } + } + }, "value-host-object-add-netmask-m32": { "name": "value-host-object-add-netmask-m32", "MainFunction": {} @@ -1802,6 +1834,12 @@ "name": "template-delete", "MainFunction": {} }, + "xml-extract": { + "name": "xml-extract", + "GlobalInitFunction": {}, + "MainFunction": {}, + "GlobalFinishFunction": {} + }, "zoneprotectionprofile-create-bp": { "name": "zoneprotectionprofile-create-bp", "GlobalInitFunction": {}, @@ -1930,6 +1968,30 @@ "display": { "name": "display", "MainFunction": {} + }, + "exporttoexcel": { + "name": "exportToExcel", + "MainFunction": {}, + "GlobalInitFunction": {}, + "GlobalFinishFunction": {}, + "args": { + "filename": { + "type": "string", + "default": "*nodefault*" + }, + "additionalFields": { + "type": "pipeSeparatedList", + "subtype": "string", + "default": "*NONE*", + "choices": [ + "WhereUsed", + "UsedInLocation", + "ResolveIP", + "NestedMembers" + ], + "help": "pipe(|) separated list of additional fields (ie: Arg1|Arg2|Arg3...) to include in the report. The following is available:\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveIP\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - WhereUsed : list places where object is used (rules, groups ...)\n" + } + } } }, "filter": { @@ -6152,9 +6214,10 @@ "choices": [ "WhereUsed", "UsedInLocation", - "ResolveSRV" + "ResolveSRV", + "NestedMembers" ], - "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - ResolveSRV\n" + "help": "pipe(|) separated list of additional field to include in the report. The following is available:\n - WhereUsed : list places where object is used (rules, groups ...)\n - UsedInLocation : list locations (vsys,dg,shared) where object is used\n - NestedMembers: lists all members, even the ones that may be included in nested groups\n - ResolveSRV\n" } } }, @@ -7651,6 +7714,14 @@ } }, "filter": { + "interface": { + "operators": { + "is.set": { + "Function": {}, + "arg": false + } + } + }, "location": { "operators": { "is": { From 042fa5b453d3e7304e715c56757689775341c6fa Mon Sep 17 00:00:00 2001 From: Sven Waschkut Date: Thu, 10 Aug 2023 16:08:02 +0200 Subject: [PATCH 34/34] PAN-OS dynamic content update to version 8741-8213 --- CHANGELOG.txt | 2 +- lib/object-classes/predefined.xml | 573 +++++++++++++++++++++++++++++- 2 files changed, 572 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 3579d1c0..c3c76b1c 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -32,7 +32,7 @@ BUGFIX: * type=rule - actions=display/exporttoexcel:resolveaddresssummary | add new src/dst_resovled_sum - for better nested calculation GENERAL: -* dynamic update version 8739-8206 +* PAN-OS dynamic content update to version 8741-8213 2.1.12 (20230731) diff --git a/lib/object-classes/predefined.xml b/lib/object-classes/predefined.xml index 95284e29..c34c1aa8 100644 --- a/lib/object-classes/predefined.xml +++ b/lib/object-classes/predefined.xml @@ -1,6 +1,6 @@ - 8739-8206 + 8741-8213 @@ -238049,7 +238049,7 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n This tag groups all App-IDs for Microsoft Office 365 including Outlook, Teams, SharePoint, OneNote, Word, Excel, OneDrive, Forms, Planner, Yammer and more. - 8739-8206 + 8741-8213 @@ -414793,6 +414793,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n alert + + Multiple Products XML External Entity Injection Vulnerability + + CVE-2020-11991 + + info-leak + high + + + yes + + reset-both + WordPress Fastest Cache Plugin Server-Side Request Forgery Vulnerability @@ -415462,6 +415475,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Weaver e-cology XXE Vulnerability + + CVE-2023-2806 + + code-execution + high + + + yes + + reset-server + WordPress WP Meta SEO Plugin SQL Injection Vulnerability @@ -415488,6 +415514,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Windows Common Log File System Driver Elevation Of Privilege Vulnerability + + CVE-2023-36900 + + code-execution + high + + + yes + + reset-both + Citrix ShareFile Storage Zones Controller Directory Traversal Vulnerability @@ -415527,6 +415566,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Xstream Java XML Deserialization Command Execution Vulnerability + + CVE-2013-7285 + + code-execution + critical + + + yes + + reset-server + WordPress ANGradeBook Plugin SQL Injection Vulnerability @@ -415696,6 +415748,510 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Adobe Reader Memory Corruption Vulnerability + + CVE-2023-38246 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38236 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38233 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38237 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38234 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38230 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38227 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38239 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38229 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38244 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38225 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38222 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-29303 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38240 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38238 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38231 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38242 + CVE-2023-38243 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38226 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38235 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38232 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38223 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38224 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38241 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38248 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Adobe Reader Installer Corruption Vulnerability + + CVE-2023-29299 + + + APSB23-30 + + dos + high + + + yes + + reset-both + + + WordPress Advanced Uploader Plugin File Upload Vulnerability + + CVE-2022-1103 + + code-execution + high + + + yes + + reset-server + + + Acrobat Reader Memory Corruption Vulnerability + + CVE-2023-38228 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Adobe Reader Memory Corruption Vulnerability + + CVE-2023-38245 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Adobe Reader Restrictions Bypass Vulnerability + + CVE-2023-29320 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + Adobe Reader Memory Corruption Vulnerability + + CVE-2023-38247 + + + APSB23-30 + + code-execution + high + + + yes + + reset-both + + + WordPress Meta SEO Plugin Deserialization Vulnerability + + CVE-2023-1381 + + code-execution + high + + + yes + + reset-server + + + Google Chrome Type Confusion Vulnerability + + CVE-2022-3723 + + code-execution + high + + + yes + + reset-both + Mozilla Firefox Browser Engine Multiple Unspecified Vulnerabilities @@ -537955,6 +538511,19 @@ Refer to this article for details - https://live.paloaltonetworks.com/t5/blogs/n reset-server + + Microsoft Windows Server Service Tampering Vulnerability + + CVE-2022-30216 + + code-execution + high + + + yes + + reset-server + Microsoft Windows Server Message Block Buffer Overflow Vulnerability