NAME

pa_policy_verify

VERSION

version 0.0.1

SYNOPSIS

Usage: pa_policy_verify [options]

Palo Alto arguments

--uri <fw uri>

--username <username>

--password <password>

--insecure

--vr <vr name>

--vsys <vsys number>

Logfile Arguments

--logfile <path>

--sepchar <character>

--fields <sip,dip,sport,dport,proto>

DESCRIPTION

pa_policy_verify will do something.

NAME

pa_policy_verify - verify a Palo Alto firewall ruleset using logs.

OPTIONS

-c|--uri

The URI for the Palo Alto firewall (e.g. https://pa.localdomain). Accepts either http or https. The module uses the Device::Firewall::PaloAlto module under the hood which will use the PA_FW_URI environment variable if no URI is specified.

-u|--username

A username to authenticate to the firewall. If no username is specified, uses the PA_FW_USERNAME environment variable. If no environment variable is present, defaults to 'admin'.

-p|--password

A password to authenticate to the firewall. If not password is specified, uses the PA_FW_PASSWORD environment variable. If no environment variable is present, defaults to 'admin'.

-i|--insecure

Ignore the validity of the certificate presented by the Palo Alto firewall. By default the script checks whether a valid certificate is presented.

-r|--vr

The script needs to determine the ingress and egress zones that the source and destination IPs would come from/go to. This argument specifies the virtual router which will be used to determine the zones. If not provided the 'default' virtual router will be used.

-v|--vsys

The virtual system ID on which the policy that is to be tested exists. If not provided a value of 1 (i.e. vsys1) will be used.

-l|--logfile

A path to a file containing logs you wish to run against the firewall's rulebase. This is the only mandatory field and has no default value.

-s|--sepchar

The character which separates the fields in the logfile. If not provided a comma (',') will be used. Remember to escape any characters which may be first interpreted by the shell. For example if the logfile is separated by semicolons, you will need to use --sepchar \; on the command line.

-f|--fields

The columns of the logfile where the pertinent fields are, indexed at 0. The pertinent fields are source IP, destination IP, source port, destination port, protocol. The fields are specified as comma separated values.

As an example, if the source IP, destination IP, source port and destination port are at columns 3, 4, 5, 6, but the protocol is at column 11, you would use the following command line:

    pa_policy_verify --fields 3,4,5,6,11

If not specified, '0,1,2,3,4' is used.

AUTHOR

Greg Foletta <greg@foletta.org>

COPYRIGHT AND LICENSE

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install App::PaloAlto::PolicyVerify, copy and paste the appropriate command in to your terminal.

cpanm

cpanm App::PaloAlto::PolicyVerify

CPAN shell

perl -MCPAN -e shell
install App::PaloAlto::PolicyVerify

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

VERSION

SYNOPSIS

Palo Alto arguments

Logfile Arguments

DESCRIPTION

NAME

OPTIONS

AUTHOR

COPYRIGHT AND LICENSE

Module Install Instructions