-
Notifications
You must be signed in to change notification settings - Fork 0
/
ApiBlockPaloAltoNetworks.py
77 lines (44 loc) · 1.46 KB
/
ApiBlockPaloAltoNetworks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/env python
import pandevice
import pandevice.firewall
import pandevice.policies
# Login info
Hostname = raw_input("Please type the device IP address: ")
Username = raw_input("Please type the username: ")
Password = raw_input("Please type the password: ")
# Create the firewall object
fw = pandevice.firewall.Firewall(Hostname, Username, Password)
print("\nSystem Info\n")
print fw.op("show system info", xml=True)
# Create the Address Object to be Blocked
SrcIP = raw_input("Please type the Source IP you want to block: ")
DstIP = raw_input("Please type the Destination IP you want to block: ")
aoSrc = pandevice.objects.AddressObject("BlockedSrcIP", SrcIP)
aoDst = pandevice.objects.AddressObject("BlockedDstIP", DstIP)
fw.add(aoSrc)
fw.add(aoDst)
aoSrc.create()
aoDst.create()
# Define security rule paramaters
HTTP = ["service-http"]
blocking_rule_params = {
'name': 'BlockMaliciousTraffic',
'description': 'Prevent endpoint infection',
'fromzone': 'Trust',
'tozone': 'Untrust',
'source': aoSrc,
'destination': aoDst,
'service': HTTP,
'action': 'deny',
'log_end': True,
}
# Create the security rule
rulebase = pandevice.policies.Rulebase()
fw.add(rulebase)
blockingRule = pandevice.policies.SecurityRule(**blocking_rule_params)
rulebase.add(blockingRule)
print('Creating rule...')
blockingRule.create()
print('Done!')
# Commit the changes
fw.commit(sync=True)