-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpan_local_users.py
123 lines (79 loc) · 2.81 KB
/
pan_local_users.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/usr/bin/python3
"""
pan-os_api v2.2 [20230717]
Scripts to generate PA/Panorama config
by Terence LEE <[email protected]>
Details at https://github.com/telee0/pan-os_api.py.git
"""
import requests
import xml.etree.ElementTree as xml
import timeit
from pan_data import init_data, write_data
verbose, debug = True, False
def pan_local_users_phash(access, user_pass):
data = init_data('phash')
url = access['URL']
req_data = {
'type': "op",
'key': access['KEY'],
'cmd': "<request><password-hash><password>{0}</password></password-hash></request>".format(user_pass),
}
for key, value in req_data.items():
data['xml'].append("{0}={1}".format(key, value))
try:
response = requests.post(url, data=req_data, verify=False)
if debug:
print("pan_local_users_phash: response:", response.text)
except Exception as e:
if verbose:
print("pan_local_users_phash:", e)
return None
data['out'].append(response.text)
result = xml.fromstring(response.content)
phash = result.find('result/phash')
write_data(data)
return phash.text if phash is not None else None
def pan_local_users():
key = 'N_USERS'
if key not in cf or cf[key] <= 0:
return
n = cf[key]
print("\nDevice > Users ({0})".format(n), end=" ", flush=True)
t0 = timeit.default_timer()
ti = t0
pre = 'user'
data = init_data(pre)
data['dump'].append("<shared><local-user-database><user>")
xpath = "{0}/config/shared/local-user-database/user".format(cf['XPATH_TPL'])
data['xml'][0] = data['xml'][0] % xpath
data['clean_xml'][0] = data['clean_xml'][0] % xpath
# static variables in the loop
#
s = n // 10 # increment per slice: 10%, 20%, etc..
phash = pan_local_users_phash(cf['PA1'], cf['USER_PASS'])
for i in range(1, n + 1):
user_name = cf['USER_NAME'] % i
element = "<entry name='{0}'><phash>{1}</phash></entry>".format(user_name, phash)
clean_element = "@name='{0}' or ".format(user_name)
data['xml'].append(element)
data['clean_xml'].append(clean_element)
data['dump'].append(element)
time_elapsed = timeit.default_timer() - ti
if time_elapsed > 1:
print('.', end="", flush=True)
ti = timeit.default_timer()
if n > cf['LARGE_N'] and i % s == 0:
print("{:.0%}".format(i / n), end="", flush=True)
data['clean_xml'].append("@name='_z']")
data['dump'].append("</user></local-user-database></shared>")
write_data(data)
print(cf['_msgs']['ok'] % (timeit.default_timer() - t0), end="")
def go():
pan_local_users()
if __name__ == '__main__':
cf = {}
go()
else:
from __main__ import cf
verbose = cf['VERBOSE']
debug = cf['DEBUG']