Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix1037_paloalto_panos_show_running_nat-policy #1040

Merged
merged 2 commits into from
Dec 19, 2022
Merged

fix1037_paloalto_panos_show_running_nat-policy #1040

merged 2 commits into from
Dec 19, 2022

Conversation

diepes
Copy link
Contributor

@diepes diepes commented Dec 13, 2021

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT

ntc_templates/templates/paloalto_panos_show_running_nat-policy.textfsm

SUMMARY

SOURCE changed form single IP to list
add -> Error

Fixes #1037

New raw template.

alihyder-s
alihyder-s reviewed Dec 13, 2021
View reviewed changes
Copy link

@alihyder-s alihyder-s left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have modified the code for DESTINATION as well. But Still it cant able to process data if there is list in the fields.

Destination : List of Subnets or List of IPs
Source: List of Subnets or List of IPs
From: List
To: List

@alihyder-s
Copy link

alihyder-s commented Dec 13, 2021
edited
Loading

"Rule 4 Nat-ID 4; index: 8" {
nat-type ipv4;
from [ Mgmt Data TRUSTED UNTRUSTED ];
source [ 10.0.0.0/8 172.0.0.0/16 ];
to [ UNTRUSTED DMZ ];
to-interface ethernet1/5;
destination [ 1.1.1.1 2.2.2.2 ];
service 0:any/any/any;
translate-to "src: 3.3.3.3 (dynamic-ip-and-port) (pool idx: 24)";
terminal no;

source can be below:

  • can be a list of IP Subnets: source [ 10.1.16.0/20 10.1.0.0/20 ];
  • Can be single IP: source 10.189.188.49;
  • Can be single subnet: source 10.0.0.0/8;

"Rule 4 Nat-ID 4; index: 8" {
nat-type ipv4;
from [ Mgmt Data TRUSTED UNTRUSTED ];
source 10.0.0.0/8 ;
to [ UNTRUSTED DMZ ];
to-interface ethernet1/5;
destination [ 1.1.1.1 2.2.2.2 ];
service 0:any/any/any;
translate-to "src: 3.3.3.3 (dynamic-ip-and-port) (pool idx: 24)";
terminal no;

@diepes diepes marked this pull request as draft December 13, 2021 22:51
@diepes
Copy link
Contributor Author

diepes commented Dec 13, 2021
edited
Loading

@alihyder-s ok so you are saying here is another example where the destination is a list.

For now we just capture the lists as a string, to keep it backwards compatible, also seems PaloAlto invented there own list format with no commas.

I will add another test for source and destination lists.

"Rule 4 Nat-ID 4; index: 8" {
nat-type ipv4;
from [ Mgmt Data TRUSTED UNTRUSTED ];
source [ 10.0.0.0/8 172.0.0.0/16 ];
to [ UNTRUSTED DMZ ];
to-interface ethernet1/5;
destination [ 1.1.1.1 2.2.2.2 ];
service 0:any/any/any;
translate-to "src: 3.3.3.3 (dynamic-ip-and-port) (pool idx: 24)";
terminal no;
}

@diepes diepes force-pushed the fix1037_paloalto_panos_show_running_nat-policy branch from ebd7c48 to 0490777 Compare December 13, 2021 23:48
@diepes
Copy link
Contributor Author

diepes commented Dec 13, 2021

@alihyder-s please check updated PR - added new example and test.

@diepes
Copy link
Contributor Author

diepes commented Dec 14, 2021

Flaky pipeline ? Failed only in Python 3.8
• Updating six (1.16.0 -> 1.15.0): Failed

@diepes diepes force-pushed the fix1037_paloalto_panos_show_running_nat-policy branch from 0490777 to 45d3018 Compare December 14, 2021 10:19
@diepes diepes marked this pull request as ready for review December 14, 2021 10:26
@itdependsnetworks itdependsnetworks mentioned this pull request Dec 3, 2022
Closed
@jmcgill298 jmcgill298 merged commit afea43d into networktocode:master Dec 19, 2022
guillaume-mbali pushed a commit to unyc-io/ntc-templates that referenced this pull request Apr 12, 2023
@diepes @jmcgill298
fix1037_paloalto_panos_show_running_nat-policy (networktocode#1040)
45610b3 
* fix1037_paloalto_panos_show_running_nat-policy
- add 2 more raw examples

* Update ntc_templates/templates/paloalto_panos_show_running_nat-policy.textfsm

Co-authored-by: Pieter E Smit <[email protected]>
Co-authored-by: Jacob McGill <[email protected]>
cppmonkey pushed a commit to cppmonkey/ntc-templates that referenced this pull request Oct 25, 2023
@diepes @jmcgill298 @cppmonkey
fix1037_paloalto_panos_show_running_nat-policy (networktocode#1040)
76b4ba0 
* fix1037_paloalto_panos_show_running_nat-policy
- add 2 more raw examples

* Update ntc_templates/templates/paloalto_panos_show_running_nat-policy.textfsm

Co-authored-by: Pieter E Smit <[email protected]>
Co-authored-by: Jacob McGill <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alihyder-s alihyder-s alihyder-s left review comments

@jmcgill298 jmcgill298 jmcgill298 requested changes

@FragmentedPacket FragmentedPacket Awaiting requested review from FragmentedPacket

@itdependsnetworks itdependsnetworks Awaiting requested review from itdependsnetworks itdependsnetworks is a code owner

@jvanderaa jvanderaa Awaiting requested review from jvanderaa jvanderaa is a code owner

Assignees
No one assigned
Labels
jacob-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

PaloAlto Show running nat-policy - Source field doesnt read a list of source IP
4 participants
@diepes @alihyder-s @jmcgill298 @itdependsnetworks