Skip to content
This repository has been archived by the owner on Jun 14, 2023. It is now read-only.

Commit

Permalink
Merge pull request #374 from PaloAltoNetworks/develop
Browse files Browse the repository at this point in the history 
Update to 2.1.2
  • Loading branch information
@shinmog
shinmog authored May 24, 2019
2 parents 92f6a41 + 4780a61 commit d74a2c0
Show file tree
Hide file tree
Showing 11 changed files with 225 additions and 14 deletions.
17 changes: 17 additions & 0 deletions docs/history.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,23 @@
Release History
===============

V2.1.2
------

- *Released*: 2019-05-24

Enhancements:

* `panos_registered_ip_facts` can now filter on IP addresses (in addition to tags)
* All modules: Panorama commits can now still push to a device group even if a Panorama
commit is unnecessary
* `panos_nat_rule`: Changed the default location to unspecified instead of bottom

Bug fixes:

* `panos_bgp`: Added the "state" param to this module
* `panos_facts`: Corrected virtual router output name to use underscores

V2.1.1
------

Expand Down
110 changes: 109 additions & 1 deletion docs/modules/panos_facts_module.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ Parameters
<b>Default:</b><br/><div style="color: blue">[&#39;!config&#39;]</div>
</td>
<td>
<div>Scopes what information is gathered from the device. Possible values for this argument include all, system, session, interfaces, ha, vr, vsys and config. You can specify a list of values to include a larger subset. Values can also be used with an initial ! to specify that a specific subset should not be collected. Certain subsets might be supported by Panorama.</div>
<div>Scopes what information is gathered from the device. Possible values for this argument include all, system, session, interfaces, ha, routing, vr, vsys and config. You can specify a list of values to include a larger subset. Values can also be used with an initial ! to specify that a specific subset should not be collected. Certain subsets might be supported by Panorama.</div>
</td>
</tr>
<tr>
Expand Down Expand Up @@ -489,6 +489,114 @@ Common return values are `documented here <https://docs.ansible.com/ansible/late
</tr>
<tr>
<td colspan="2">
<b>ansible_net_routing_table</b>
<div style="font-size: small; color: purple">complex</div>
</td>
<td>When <code>routing</code> is specified in <code>gather_subset</code>.</td>
<td>
<div>Routing Table information.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>age</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Age of the route entry in the routing table.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>destination</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>IP prefix of the destination.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>flags</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Flags for the route entry in the routing table.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>interface</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Egress interface the router will use to reach the next hop.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>metric</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Metric for the route.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>nexthop</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Address of the device at the next hop toward the destination network.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>route_table</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Unicast or multicast route table.</div>
<br/>
</td>
</tr>
<tr>
<td class="elbow-placeholder">&nbsp;</td>
<td colspan="1">
<b>virtual_router</b>
<div style="font-size: small; color: purple">string</div>
</td>
<td></td>
<td>
<div>Virtual router the route belongs to.</div>
<br/>
</td>
</tr>

<tr>
<td colspan="2">
<b>ansible_net_serial</b>
<div style="font-size: small; color: purple">string</div>
</td>
Expand Down
2 changes: 1 addition & 1 deletion docs/modules/panos_nat_rule_module.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,7 +217,7 @@ Parameters
</ul>
</td>
<td>
<div>Position to place the created rule in the rule base. Supported values are <em>top</em>/<em>bottom</em>/<em>before</em>/<em>after</em>.</div>
<div>Position to place the created rule in the rule base.</div>
</td>
</tr>
<tr>
Expand Down
19 changes: 19 additions & 0 deletions docs/modules/panos_registered_ip_facts_module.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,19 @@ Parameters
<div><hr/></div>
<div>The IP address or hostname of the PAN-OS device being configured.</div>
</td>
</tr>
<tr>
<td colspan="2">
<b>ips</b>
<div style="font-size: small">
<span style="color: purple">-</span>
</div>
</td>
<td>
</td>
<td>
<div>List of IP addresses to retrieve facts for. If not specified, retrieve all addresses.</div>
</td>
</tr>
<tr>
<td colspan="2">
Expand Down Expand Up @@ -279,6 +292,12 @@ Examples
tags: ['First_Tag']
register: first_tag_registered_ip_facts

- name: Get facts for a specific IP address
panos_registered_ip_facts:
provider: '{{ provider }}'
ips: ['192.168.1.1']
register: ipaddress_registered_ip_facts




Expand Down
10 changes: 9 additions & 1 deletion examples/fw_registered_ip_facts.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,12 @@
username: '{{ fw_username }}'
password: '{{ fw_password }}'
tags: ['First_Tag']
register: first_tag_registered_ip_facts
register: first_tag_registered_ip_facts

- name: Get facts for specific IP address
panos_registered_ip_facts:
ip_address: '{{ fw_ip_address }}'
username: '{{ fw_username }}'
password: '{{ fw_password }}'
ips: [ '192.168.1.1' ]
register: ipaddress_registered_ip_facts
1 change: 1 addition & 0 deletions library/panos_bgp.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,7 @@ def main():
helper = get_connection(
template=True,
template_stack=True,
with_state=True,
with_classic_provider_spec=True,
argument_spec=setup_args(),
)
Expand Down
53 changes: 48 additions & 5 deletions library/panos_facts.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@
description:
- Scopes what information is gathered from the device.
Possible values for this argument include all, system, session,
interfaces, ha, vr, vsys and config. You can specify a list of
values to include a larger subset. Values can also be used with
an initial ! to specify that a specific subset should not be
interfaces, ha, routing, vr, vsys and config. You can specify a
list of values to include a larger subset. Values can also be used
with an initial ! to specify that a specific subset should not be
collected. Certain subsets might be supported by Panorama.
required: false
default: ['!config']
Expand Down Expand Up @@ -200,6 +200,35 @@
vsys_zonelist:
description: List of security zones attached to the VSYS.
type: list
ansible_net_routing_table:
description: Routing Table information.
returned: When C(routing) is specified in C(gather_subset).
type: complex
contains:
age:
description: Age of the route entry in the routing table.
type: str
destination:
description: IP prefix of the destination.
type: str
flags:
description: Flags for the route entry in the routing table.
type: str
interface:
description: Egress interface the router will use to reach the next hop.
type: str
metric:
description: Metric for the route.
type: str
nexthop:
description: Address of the device at the next hop toward the destination network.
type: str
route_table:
description: Unicast or multicast route table.
type: str
virtual_router:
description: Virtual router the route belongs to.
type: str
'''

from ansible.module_utils.basic import AnsibleModule
Expand Down Expand Up @@ -284,6 +313,19 @@ def populate_facts(self):
})


class Routing(Factbase):
def populate_facts(self):
entries = self.parent.op('show routing route').findall('./result/entry')
routing_table = [
{route.tag.replace('-', '_'): route.text for route in entry}
for entry in entries
]

self.facts.update({
'routing_table': routing_table
})


class Interfaces(Factbase):
def populate_facts(self):
interfaces = []
Expand Down Expand Up @@ -360,7 +402,7 @@ def populate_facts(self):
virtual_routers.append(info)

self.facts.update({
'virtual-routers': virtual_routers
'virtual_routers': virtual_routers
})


Expand Down Expand Up @@ -415,7 +457,8 @@ def populate_facts(self):
ha=Ha,
vr=Vr,
vsys=VsysFacts,
config=Config
config=Config,
routing=Routing,
)

VALID_SUBSETS = frozenset(FACT_SUBSETS.keys())
Expand Down
5 changes: 2 additions & 3 deletions library/panos_nat_rule.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,8 +152,7 @@
- dnat translated port
location:
description:
- Position to place the created rule in the rule base. Supported values are
I(top)/I(bottom)/I(before)/I(after).
- Position to place the created rule in the rule base.
choices:
- top
- bottom
Expand Down Expand Up @@ -297,7 +296,7 @@ def main():
dnat_port=dict(),
tag=dict(type='list'),
state=dict(default='present', choices=['present', 'absent', 'enable', 'disable']),
location=dict(default='bottom', choices=['top', 'bottom', 'before', 'after']),
location=dict(choices=['top', 'bottom', 'before', 'after']),
existing_rule=dict(),
commit=dict(type='bool', default=True),

Expand Down
15 changes: 13 additions & 2 deletions library/panos_registered_ip_facts.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,9 @@
tags:
description:
- List of tags to retrieve facts for. If not specified, retrieve all tags.
ips:
description:
- List of IP addresses to retrieve facts for. If not specified, retrieve all addresses.
'''

EXAMPLES = '''
Expand All @@ -54,6 +57,12 @@
provider: '{{ provider }}'
tags: ['First_Tag']
register: first_tag_registered_ip_facts
- name: Get facts for a specific IP address
panos_registered_ip_facts:
provider: '{{ provider }}'
ips: ['192.168.1.1']
register: ipaddress_registered_ip_facts
'''

RETURN = '''
Expand All @@ -79,7 +88,8 @@ def main():
with_classic_provider_spec=True,
panorama_error='Panorama is not supported for this module.',
argument_spec=dict(
tags=dict(type='list')
tags=dict(type='list'),
ips=dict(type='list')
)
)

Expand All @@ -89,11 +99,12 @@ def main():
)

tags = module.params['tags']
ips = module.params['ips']

device = helper.get_pandevice_parent(module)

try:
registered_ips = device.userid.get_registered_ip(tags=tags)
registered_ips = device.userid.get_registered_ip(tags=tags, ip=ips)

except PanDeviceError as e:
module.fail_json(msg='Failed get_registered_ip: {0}'.format(e))
Expand Down
5 changes: 5 additions & 0 deletions module_utils/network/panos/panos.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
from pandevice.policies import PreRulebase, PostRulebase, Rulebase
from pandevice.device import Vsys
from pandevice.errors import PanDeviceError
from pandevice.errors import PanCommitNotNeeded
except ImportError:
HAS_PANDEVICE = False

Expand Down Expand Up @@ -437,6 +438,8 @@ def commit(self, module, include_template=False):

try:
self.device.commit(sync=True, exception=True)
except PanCommitNotNeeded:
pass
except PanDeviceError as e:
module.fail_json(msg='Failed commit: {0}'.format(e))

Expand All @@ -462,6 +465,8 @@ def commit(self, module, include_template=False):
include_template=include_template,
exception=True,
)
except PanCommitNotNeeded:
pass
except PanDeviceError as e:
module.fail_json(msg='Failed commit-all: {0}'.format(e))

Expand Down
Loading

0 comments on commit d74a2c0

Please # to comment.