v2.1.20

UTIL:

• type=xpath | introduce "actions=set-text:NODETEXT"
• type=rule | new 'filter=(app has.seen.fast-api unknow-tcp)' - to filter for device traffic log if specific app-id was seen
• type=rule actions=exporttoexcel | extend with column 'url-category'
• type=bpa-generator | introduction to support offline XML config file
• type=bpa-generator | improve offline config handling
• type=tsf | in addition to extract XML config, also extract /tmp/cli/techsupport_*.txt
• type=bpa-generator | introduce support to reach techsupport.txt from TSF /tmp/cli/techsupport_*.txt
• type=bpa-generator | introduce support to handle TSF file from 11.1
• type=certificate | introduce actions=exporttoexcel:CERT_file.html | 'filter=(expired < 90days)' | 'filter=(expired < today)'
• type=certificate actions=exporttoexcel:file.html | extend with column subject and issuer

BUGFIX:

• type=gcp actions=download | bugfix to handle command order correctly
• type=rule actions=stats-XYZ-FastAPI | bugfix to read argument correctly

GENERAL:

• GENERAL: Device App-ID update to version: 8763-8333
• class Zone.php | extend validation for new PAN-OS features 'net-inspection' 'prenat-identification'

v2.1.19

UTIL:

• different classes | improve usage of flag 'XML_PARSE_BIG_LINES' in method loadXML
• class PANConf / Panoramaconfg | implement method ChildDeviceGroups() for 'location=shared:excludemaindg'
• type=gcp | introduce argument 'namespace=XYZ' to specify and better filter for get pods
• type=device | introduce actions=virtualSystem-delete/sharedgateway-delete/sharedgateway-migrate-to-vsys
• type=static-route | introduction of new type= | with 'filter=(nexthop-ip is.set)' / (nexthop-vr is.set) / nexthop-interface is.set) / (destination ip4.includes-full 172.33.10.0/23)
• type=static-route actions=delete | introduce new action
• type=rule | introduce actions=from-/to-remove-from-file:FILE.txt
• type=XYZ | introduce new arguments: shadow-loadreduce - to not update TAG object related address-groups | debugloadtime - display load time for specific XML sections
• develop | introduce config_validation.php
• type=appid-toolbox | improvements for further. new features - example rule address/service report generator
• type=rule actions=name-replace-character | set default value for replace to ''
• type=rule | introduce new actions=stats-appid-fastapi:-90days/stats-service-fastapi:/stats-address-source-fastapi/stats-address-destination-fastapi/stats-address-fastapi/stats-traffic-fastapi
• type=routing | introduce actions=exporttoexcel:file.html
• type=routing | introduce 'filter=(protocol.bgp is.enabled)'
• type=gcp | introdruce $namespace | improve handling for tenant like togglesvc
• type=xpath | introduce actions=remove | introduce 'filter-text=NODETEXT'

BUGFIX:

• class PANConf|VirtualSystem | bugfix to support SharedGateway also for Tag objects correctly
• type=xml-issue | bugfix to display read-only DeviceGroup duplicate address-group fixes correctly in summary
• type=address-merger | bugfix - do not merger address objects if tag count of planned merged object exceeds PAN-OS limit of 64 tag members
• type=address-merger | bugfix for removing tag objects from upper level, if adr merged objects are using them and tag is also available at address level
• bugfix for argument 'location=shared:excludemaindg' on FW config file
• type=schedule | bugfix actions=replacewithobject:OBJECTNAME

GENERAL:

• Class VirtualSystem/SharedGatewayStore | better handling of version variable
• update actions/filter JSON file
• APP-ID update to Device App-ID version: 8762-8327

v2.1.18

BUGFIX:

• type=address/service 'actions=move:shared,skipIfConflict' | bugfix as variable $findSubSystem was not declared for targetlocation 'shared'

v2.1.17

UTIL:

• type=certificate | extend to TemplateStack
• introduce class SharedGatewayStore | extend different classes to support SharedGateway
• type=zone | extend with SharedGateway
• type=rule | extend with SharedGateway
• type=service | improvement for SharedGateway - class VirtualSystem
• develop script "shared_gateway.php" | introduction
• type=address in=api://192.168.55.129 'actions=combine-addressgroups:{NEW_GROUP_NAME},true' 'filter=(name regex /{FILTER}/)'
• type=gcp actions=validation | introduction of new action
• type=gcp actions=image-validation | introduction of new action
• type=device | extend to display for FW config, per default also all sharedgateways in additional to vsys

BUGFIX:

• type=ssh-connector in=admin@MGMT-IP setcommand-file=set-commands.txt | bugfix to correctly send set commands

GENERAL:

• update App-ID version to: 8756-8298

v2.1.16

UTIL:

• type=address | new 'filter=(name same.as.region.predefined)'
• class UTIL | extend if API mode - with App-id/AV/WF/Threat version info
• type=address | introduce 'filter=(tag is.set)'
• type=xml-issue | extend with rule tag object validation for twice set the same tag object
• introduce GroupTagRuleContainer to all Rule classes

BUGFIX:

• class Sub | bugfix for default-securiy-rules | if partial config is already available
• type=address-merger | bugfix to not delete TAG object from upperlevel if TAG object with same name exist at childDG
• type=address/service actions=move | bugfix if group with same name already exist - correctly skip movement
• class PANConf | fix for PHP 8.2
• type=address/service actions=move:shared location=any - bugfix for Firewall config
• type=rule-merger | bugfix to not add description twice, which exceeds description length to >1024
• type=tag actions=delete 'filter=(object is.unused) | bugfix for group-tag used in Rules, reference missing
• introduce GroupTagRulecontainer - to fix type=tag-merger issue if group-tag is used
• class PANConf - bugfix for type=stats on FW config for tmp/ghost object count on 'shared'
• type=XYZ outputformatset=setcommand.txt | bugfix to always have correct xPath availalble for set commands
• bugfix - related to TAG objects where name include character '(' and/or ')' - final fix for tag-merger including method createTag()
• bugfix for argument outputformatset - no multi-vsys device - remove vsys1 to fit set commands

GENERAL:

• develop pan-os-php-api | per default enable shadow-json checkbox - with shadow-nojson, output has a bug and filter are not working correctly - fixing later

v2.1.15

BUGFIX:

• type=address/service 'filter=(object is.unused/is.unused.recursive) | overwritten objects used at higher DG level are now also used
• bugfix to create correct XML file Increament for prettyXML - so that it is identical to Panorama / Firewall created config
• README.md - fix broken links

v2.1.14

UTIL:
type=rule actions=display | introduction of argument actions=display:hitcount,ApplicationSeen

BUGFIX:

• type=vendor-migration | general bugfix to use correct baseconfig file if no argument in= is defined
• class AddressGroup | bugfix for missing function type() - related to type=address actions=move
• type=rule location=DG1 'actions=move:DG2,pre' - no rulename change
• class AddressCommon | bugfix if rule is already deleted - AddressRuleContainer is NULL => type=rule actions=removeWhereUsed
• type=rule | bugfix for actions=exporttoexcel - to correctly display columns

GENERAL:

• update to App-ID version: 8748-8241

v2.1.13

UTIL:

• type=address | introduction of actions=upload-address-2cloudmanager:panorama.xml,DGname && actions=upload-addressgroup-2cloudmanager:panorama.xml,DGname
• type=address actions=upload-address-2cloudmanager | extend validation if object name is already available
• type=servicegroup-merger | introduce validation extension for childDG merger
• type=rule-compare | exend with argument 'keepJSONfile1' and 'reuseJSONfile1'
• type=rule-compare | introduce argument 'generateRuleHtmlFile'
• type=servicegroup-merger | extend with childancestor validation
• type=service actions=exporttoexcel:file.html | introduce additional arguments nestedmembers
• type=XYZ actions=exporttoexcel:file.html | use single function to create spreadsheet content
• type=dhcp | introduce actions=exporttoexcel:file.html
• type=dhcp | improvement for actions=exporttoexcel
• type=dhcp actions=display/exporttoexcel | extend with additional DHCP information
• type=rule 'actions=exporttoexcel:file.html,resovleservicesummary' | extend with column service_resolve_nested/_name/_value/_location
• type=service actions=exporttoexcel:file.html | correct predefined service-http/-https output
• type=address/server actions=exporttoexcel:file.html,nestedmembers | extend with column nested members location
• class Address - use $RuleReferenceLocation
• type=zone | introduce 'filter=(interface is.set)'

BUGFIX:

• class Region | bugfix - introduce method type() - to handle "type=address actions="
• type=address actions=move - bugifx/workaround - do not move region objects
• type=addressgroup-merger | bugfix to check childancestor objects availability
• type=addressgroup-merger | bugfix if multiple childDG has same objectgroup incl. value, but one differ; stop merging
• class AddressGroup | bugfix for method expand() - to correctly extract all submembers and their value for type=rule 'actions=exporttoexcel:file.html,resolveaddresssummary'
• type=address actions=exporttoexcel:file.html | bugfix to crash for tmp objects
• type=dhcp actions=exporttoexcel | bugfix to add correct template
• class PH - workaround for none working API mode connector - discard setType()
• class RULEUTIL - defaultSecurityRules not available in Fawkes Snippet
• type=rule - actions=display/exporttoexcel:resolveaddresssummary | add new src/dst_resovled_sum - for better nested calculation

GENERAL:

• PAN-OS dynamic content update to version 8741-8213

v2.1.12

UTIL:

• type=bpa-generator | extend response output if not valid JSON
• type=gcp | extend for mqsql usage and bring in mysql pw in type=key-manager

BUGFIX:

• type=XYZ | in=api://{MGMT-IP} actions=name-rename - bugfix for API usage

v2.1.11

2.1.11
UTIL:

• type=rule | introduce new 'filter=(timestamp-rule-creation <>=! -30 days)' | timestamp-rule-modification
• type=address | introduce 'filter=(value ip4.included-in RFC1918)'
• type=device | introduce actions=xml-extract
  type=bpa-generator | extend output if task_id was not correctly available in response

BUGFIX:

• type=rule actions=exporttoexcel | bugfix for field 'ID' to not add additional data column
• type=rule actions=exporttoexcel:file.html,resolveAddresssummary | bugfix to display IP value summary for ip-wildmask objects
• class Addresscommon | bugfix for type=address-merger

GENERAL:

• general - update dynamic content to version: 8729-8157
• • class EthernetInterface - adding/removing address object instead of IP address - extend with stopping e.g. for type=address actions=name-rename if object is used on ethernet interface