v2.0.75

UTIL:

• type=securityprofilegroup | introduce 'filter=(secprof is XYZ)' - inspecific to search all securityprofilegroups for secprof which are set to 'default'/'strict'
• type=diff | extend help information about usage
• type=device | introduce 'filter=(template has-multi-vsys)'
• type=rule | extend with actions=group-tag-remove | group-tag-set:GROUPTAGNAME
• type=rule | introduce 'filter=(group-tag is.set)'
• type=gcp | introduction of GCP helper tools
• type=config-size - extend for snippet
• class Interfacecontainer - extend warning with XML object information - relevant for CloudManagement object-variable validation
• type=device | introduce 'filter=(devicegroup has.vsys XYZ)' - extend output for actions=display
• type=rule | introduce 'actions=display-app-seen'
• type=gcp | improve actions=upload/download
• type=rule actions=exporttoexcel:file.html,RuleHit | exporttoexcel:file.html,ApplicationSeen
• type=securityprofile 'filter=(object is.unused)' - skip predefined objects

BUGFIX:

• type=rule ruletype=decryption | introduce category reading
• class SecurityRule | bugfix to correctly cleanup XML node 'profile-setting', if no SecurityProfile/SecurityProfileGroup is set
• type=rule | bugfix for API_showRuleHitCount
• type=rule | bugfix for actions=rule-hit-count-show / -clear
• type=securityprofile securityprofiletype=custom-url-category 'filter=(object is.unused)' - bugfix to add reference

GENERAL:

• cleanup alias.sh - remove deprecated util scripts which are directly supported with alias "pan-os-php type=XYZ"
• general update dynamic content version to 8690-7941

v2.0.74

UTIL:

• type=securityprofile 'actions=custom-url-category-add-ending-token:/' - add support for token '/
• type=securityprofile | introduce actions=custom-url-category-remove-ending-token - 'custom-url-category-remove-ending-token:' - '' can only be added if '/' is last char
• type=rule actions=display shadow-json - improve output if source/destination isAny()
• type=custom-report | introduce new utility
• type=device | introduce 'filter=(name is.child.of DGNAME)'
• type=UTIL_merger scripts | extend with argument listfilters
• type=securityprofile actions=url-filtering-action-set:alert,CUSTOMURL - support customURL and not only predefined URL

BUGFIX:

• type=zone | actions=display bugfix
• type=securityprofile securityprofiletype=custom-url-category 'actions=custom-url-category-add-ending-token:' - fix for token '' to not skip

GENERAL:

• bugfixes for PHP version 8.2 - 'PHP Deprecated: Creation of dynamic property'
• class AppFilter / CallContext - improvement for PHP 8.2
• remove deprecated utilities scripts
• update util actions/filter files
• class TAG - improve PHPdoc - methods/variable declaration
• general - use 'XML_PARSE_BIG_LINES' on all classes where XMLfile is load
• update predefined to 8685-7918

v2.0.73

UTIL:

• type=ssh-connector | introduction of new utility script
• type=address | introduce new 'filter=(reflocationtype is.template/is.only.template/is.devicegroup/is.only.devicegroup )'

BUGFIX:

• type=certificate | bugfix for reading hash for ec certificates

GENERAL:

• introduce PHP version validation - PHP 8.2 is NOT yet supported

v2.0.72

UTIL:

• type=upload | improvement if in=api:// is used but no out= is defined
• type=device | actions=display-shadowrule:file.html - improvement to store full rule informtaion into html
• type=certificate | introduce 'filter=(publickey-algorithm is.rsa/is.ec) - publickey-hash is.sha1/is.sha256/is.sha384/is.sha512 - publickey-length <>!= VALUE
• type=certificate | introduce 'filter=(publickey-hash < sha256)'

BUGFIX:

• type=device | bugfix actions=display-shadowrule:file.html - to export correctly for all DG/vsys
• type=rule ruletype=defaultsecurity | bugfix to read predefined default-security-rules also if xpath post-rulebase is not set
• type=device actions=display-shadowrule | bugfix for multi-vsys
• type=device | actions=display-shadowrule devicetype=manageddevice - bugfix for html export to display correct serial/DG

GENERAL

• class Rule | improvement for type=rule 'filter=(hit-count.fast, timestamp-last-hit.fast and timestamp-first-hit.fast

v2.0.71

UTIL:

• type=certificate | introduction of new utility script
• type=certificate | extend actions=display
• type=device | actions=display-shadowrule - extend with argument exportToexcel | actions=display-shadowrule:filename.html

BUGFIX:

• type=playbook | bugfix for missing validation of available array_key
• type=ironskilled-update | bugfix as ironskillet zpp has nothing for Alert_Only_Zone_Protection
• type=address-merger | bugfix class Address.php - not handled null validation

GENERAL

• general - update UTIL actions/filter
• update Dockerfiles | split correctly between amd/arm

2.0.70

UTIL:

• type=diff | redesign filter JSON "combinedruleordercheck" feature

BUGFIX:

• type=diff - JSON filter file - regression bug for "empty"
• type=diff | bugfix for filter=jsonfile.json | not handling xpath split correctly
• type=diff | bugfix filter JSON file "EMPTY" part
• type=diff | JSON filter file - fix ruleorder display for "combinedruleordercheck"

GENERAL

• update dockerfiles to adjust for github actions
• pan-os-php version shadow-json | remove second duplicate output

v2.0.69

UTIL:

• type=device | code improvements for actions=sp_spg-create-alert-only-bp/sp_spg-create-bp - reduce duplicate code
• type=rule | improve filters for ruletype=defaultsecurity
• type=overridefinder | improvement of usage message
• type=rule | extend validation for different rule actions and filters
• type=addressgroup-merger allowaddingmissingobjects allowmergingwithupperlevel | improve functionality to add / move missing objects
• type=diff filter=jsonfile.json | improved if combinedruleordercheck is set in JSON
• type=diff | filter=jsonfile.json - for exclude - introduce wildcard

BUGFIX:

• type=ironskillet-update | bugfix to download and store correct default iron-skillet snippets
• type=rule ruletype=defaultsecurity | bugfix to also import defaultSecurityRules, if only one was overwritten
• type=rule | bugfix for 'filter=(hit-count.fast <>!= XYZ)' via Panorama on multiple DG - but different content from FW
• type=diff filter=jsonfile.json | bugfix if include/exclude is not available at file to compare
• type=address-merger | bugfix if object from upperlevel value has /32 but DG object has only IP

GENERAL

• update default iron-skillet snippets
• docker introduce arm container

v2.0.68

UTIL:

• type=diff | JSON filter - add also support for "/PATH/entry[@name='*']"
• type=diff | JSON filter file - support now combination of '*' and [text()[contains(.,'TEXT')]]

BUGFIX:

• type=diff | JSON filter file - additional rule order check did not import post rules correctly
• type=device | code improvements for actions=sp_spg-create-alert-only-bp/sp_spg-create-bp - reduce duplicate code
• type=diff | bugfix - JSON filter file check not only * | check '*'
• type=ironskillet-update | bugfix to download and store correct default iron-skillet snippets
• type=rule | ruletype=defaultsecurity | bugfix to display rules | enable more actions related to defaultsecurityRules
• type=html-merger | bugfix for using argument 'adddefaulthtml' if no filename is specified

v2.0.67

UTIL:

• type=playbook shadow-json | improved output
• type=application | introduce actions=delete and actions=delete-force
• type=html-merger | adjust helping information
• type=playbook | support reading argument projectfolder from JSON playbook file
• type=zone | actions=exporttoexcel - extend information with ZoneProtectionProfile
• type=rule actions=exporttoexcel:file.html - rename column 'security' to 'security-profile'
• type=html-merger | introduce argument 'adddefaulthtml' - to give the possibility to add a Excel TAB with descriptions
• type=diff | JSON filter file - allow * as wildcard

BUGFIX:

• type=securityprofile | bugfix to delete also customURLProfile objects
• type=device | bugfix panos >100 - for all actions=-create--bp to use coorect iron-skillet snippet

GENERAL

• update Dockerfiles related to ironskillet yaml usage
• set sleeping time for deprecated scripts to 600sec

v2.0.66

UTIL:

• type=address/service | introduce 'filter=(reflocationcount ><=! NUMBER)'
• type=diff | introduce more options for 'filter=file.json' - 'added'/'deleted'/'moved' to not display xPath diff, if already accepted and known
• type=xpath | newly introduced utility to search for XML xpath value by using node-filter / xpath-filter / nameattribute-filter | additional output display-xmlnode, display-nameattribute
• type=diff | only avoid display of whitespaces in DIFF for xpath */certificate/ if flag is set
• type=rule-merger | improvements if DENY rules are found between possible rule for merging
• type=diff | introduce more options for 'filter=file.json' - 'combinedruleordercheck'
• type=diff | improve FinalResult output
• type=diff | filter JSON file with "combinedruleordercheck" - use Rule name and no longer UUID as unique key
• type=diff | if filter JSON file is using 'added'/'deleted' - ignore DIFF output
• type=diff | if filter JSON file is using 'empty' - ignore DIFF output of empty rules XMLnodes in DIFF output
• type=ironskillet-update | download yaml file
• type=ironskillet-update | introduce new iron-skillet yaml download and create XML snippets
• type=device | introduce 'actions=zpp-create-alert-only-bp' / 'actions=zpp-create-bp'
• type=diff | filter=jsonfile.json - introduction of ignoring diff output based on textnode for 'added'/'deleted'

BUGFIX:

• type=rule-merger | bugfix if argument exportcsv=xyz projectfolder=xyz and rules are skipped - to create skipped output file correctly
• class ReferenceableObject | bugfix for - type=rule 'filter=(reflocation is.only DGNAME)'
• type=address | bugfix for 'filter=(reflocation is DGNAME)' if multiple reflocation are used
• class RULE.php method load_common_from_domxml() | bugfix to NOT set reference for group-tag - fix problems with tag-merger
• class SecurityRule | bugfix for qos -> marking
• type=playbook | bugfix for new php version - missing variable declaration
• dockerfile add missing folder iron-skillet | fix for all iron-skillet relevant type=device action=....-create-bp parts
• type=diff | filter JSON file 'added'/'deleted' - bugfix to get for each entry the correct diff output
• type=html-merger | bugfix for missing projectfolder argument / introduce try and catch if pyhon is not installed
• type=device 'actions=manageddevice-delete' | bugfix for offline config

GENERAL

• update js and json file for bash_completion
• type=rule | update filter description for 'filter=(timestamp-first-hit.fast/timestamp-last-hit.fast <,>,= VALUE)' as of a PHP v7 handling problem
• update license info | introduce new migration scripts for different vendors, under tag develop
• develop | migration pulse - introduce rule-merging functionality only for pulse migration - should be general available
• develop migrate bluecoat | introduce new argument 'loadxmlfromfile'
• general - update dynamic to version 8668-7812