NAME

Device::PaloAlto:Firewall::Return - Return values for Device::PaloAlto::Firewall methods.

VERSION

version 0.09

DESCRIPTION

The Device::PaloAlto::Firewall package has methods which make API calls against the firewall. The return values from these methods are either hash or array references where appropriate.

Apart from some data structure re-organisation and/or simplification, the values returned are verbatim what was receveied from the firewall in the API response.

Both the hash keys and example values are documented for each method to provide more context.

RETURN VALUES

METHODS

PLATFORM

system_info

Note the newline at the end of the 'time' member value.

{
  'wildfire-release-date' => 'unknown',
  'vm-license' => 'VM-100',
  'wildfire-version' => '0',
  'default-gateway' => '10.47.67.126',
  'wf-private-release-date' => 'unknown',
  'ipv6-default-gateway' => {},
  'multi-vsys' => 'off',
  'wf-private-version' => '0',
  'global-protect-datafile-version' => '0',
  'av-release-date' => 'unknown',
  'global-protect-client-package-version' => '0.0.0',
  'netmask' => '255.255.255.192',
  'ipv6-address' => 'unknown',
  'vm-mode' => 'VMWare ESXi',
  'platform-family' => 'vm',
  'global-protect-datafile-release-date' => 'unknown',
  'av-version' => '0',
  'threat-version' => '0',
  'url-db' => 'paloaltonetworks',
  'vpn-disable-mode' => 'off',
  'devicename' => 'PA-VM',
  'model' => 'PA-VM',
  'ip-address' => '10.47.67.69',
  'time' => 'Fri Aug 25 10:32:03 2017\n'
  'mac-address' => '00:50:56:97:e1:bd',
  'family' => 'vm',
  'threat-release-date' => 'unknown',
  'app-release-date' => 'unknown',
  'app-version' => '564-3168',
  'vm-uuid' => '4217C1F1-986E-10E7-375E-664A93CF453A',
  'operational-mode' => 'normal',
  'vm-mac-base' => 'D4:1D:71:D8:8D:00',
  'ipv6-link-local-address' => 'fe80::250:56ff:fe97:e1bd/64',
  'serial' => '007000000025137',
  'is-dhcp' => 'no',
  'sw-version' => '7.1.11',
  'vm-mac-count' => '256',
  'url-filtering-version' => '0000.00.00.000',
  'hostname' => 'PA-VM',
  'uptime' => '34 days, 21:56:18',
  'vm-cpuid' => 'E4060300FFFBAB1F',
  'logdb-version' => '7.0.9'
};

environmentals

If the device is a VM, there are no environmentals an an empty HASHREF is returned.

{
 'fantray' => {
              'Slot1' => [
                         {
                           'min' => '1',
                           'Inserted' => 'True',
                           'description' => 'Fan Tray',
                           'slot' => '1',
                           'alarm' => 'False'
                         }
                       ]
            },
 'power-supply' => {
                   'Slot1' => [
                              {
                                'slot' => '1',
                                'alarm' => 'False',
                                'Inserted' => 'True',
                                'min' => 'True',
                                'description' => 'Power Supply #1 (left)'
                              },
                            ]
                 },
 'thermal' => {
              'Slot1' => [
                         {
                           'min' => '5.0',
                           'description' => 'Temperature @ 10G Phys [U171]',
                           'DegreesC' => '34.5',
                           'max' => '60.0',
                           'slot' => '1',
                           'alarm' => 'False'
                         },
                       ]
            },
 'fan' => {
          'Slot1' => [
                     {
                       'min' => '2500',
                       'description' => 'Fan #1 RPM',
                       'RPMs' => '6136',
                       'slot' => '1',
                       'alarm' => 'False'
                     },
                   ]
        },
 'power' => {
            'Slot1' => [
                       {
                         'description' => '1.0V Power Rail',
                         'min' => '0.9',
                         'max' => '1.1',
                         'slot' => '1',
                         'Volts' => '1.00066666667',
                         'alarm' => 'False'
                       }
                     ]
          }
};

high_availability

{
  'group' => {
               'mode' => 'Active-Passive',
               'peer-info' => {
                                'mode' => 'Active-Passive',
                                'mgmt-ip' => '10.175.32.17/24',
                                'platform-model' => 'PA-VM',
                                'conn-ha1' => {
                                                'conn-desc' => 'heartbeat status',
                                                'conn-primary' => 'yes',
                                                'conn-status' => 'up'
                                              },
                                'url-version' => '0000.00.00.000',
                                'conn-status' => 'up',
                                'state-duration' => '5270418',
                                'build-rel' => '8.0.3',
                                'vpnclient-version' => 'Not Installed',
                                'last-error-state' => 'suspended',
                                'priority' => '128',
                                'gpclient-version' => 'Not Installed',
                                'last-error-reason' => 'User requested',
                                'state' => 'passive',
                                'app-version' => '712-4114',
                                'mgmt-ipv6' => {},
                                'ha1-macaddr' => '00:50:56:9b:c5:de',
                                'av-version' => '0',
                                'vm-license' => 'VM-300',
                                'version' => '1',
                                'preemptive' => 'yes',
                                'threat-version' => '712-4114',
                                'ha1-ipaddr' => '169.254.0.2'
                              },
               'path-monitoring' => {
                                      'vrouter' => {},
                                      'enabled' => 'yes',
                                      'fail-cond' => 'any',
                                      'vlan' => {},
                                      'vwire' => {}
                                    },
               'link-monitoring' => {
                                      'enabled' => 'yes',
                                      'fail-cond' => 'any',
                                      'groups' => {}
                                    },
               'running-sync' => 'synchronized',
               'local-info' => {
                                 'max-flaps' => '3',
                                 'app-version' => '712-4114',
                                 'ha1-link-mon-intv' => '3000',
                                 'state' => 'active',
                                 'state-sync' => 'User-disabled',
                                 'version' => '1',
                                 'preemptive' => 'yes',
                                 'ha1-ipaddr' => '169.254.0.1/30',
                                 'threat-version' => '712-4114',
                                 'ha1-macaddr' => '00:50:56:9b:48:4f',
                                 'monitor-fail-holdup' => '0',
                                 'build-compat' => 'Match',
                                 'mgmt-ipv6' => {},
                                 'url-compat' => 'Match',
                                 'promotion-hold' => '2000',
                                 'av-version' => '0',
                                 'vpnclient-compat' => 'Match',
                                 'addon-master-holdup' => '500',
                                 'mode' => 'Active-Passive',
                                 'mgmt-ip' => '10.175.32.16/24',
                                 'ha1-encrypt-enable' => 'no',
                                 'platform-model' => 'PA-VM',
                                 'vpnclient-version' => 'Not Installed',
                                 'av-compat' => 'Match',
                                 'hello-interval' => '8000',
                                 'build-rel' => '8.0.3',
                                 'app-compat' => 'Match',
                                 'gpclient-compat' => 'Match',
                                 'vm-license' => 'VM-300',
                                 'url-version' => '0000.00.00.000',
                                 'preempt-hold' => '1',
                                 'nonfunc-flap-cnt' => '0',
                                 'last-error-reason' => 'User requested',
                                 'heartbeat-interval' => '2000',
                                 'preempt-flap-cnt' => '0',
                                 'gpclient-version' => 'Not Installed',
                                 'priority' => '64',
                                 'last-error-state' => 'suspended',
                                 'active-passive' => {
                                                       'passive-link-state' => 'shutdown',
                                                       'monitor-fail-holddown' => '1'
                                                     },
                                 'ha1-encrypt-imported' => 'no',
                                 'threat-compat' => 'Match',
                                 'ha1-port' => 'ethernet1/7',
                                 'state-duration' => '5270423'
                               },
               'running-sync-enabled' => 'yes'
             },
  'enabled' => 'yes'
};

software_check

[
  {
    'current' => 'no',
    'downloaded' => 'no',
    'filename' => 'PanOS_vm-8.0.4',
    'latest' => 'yes',
    'version' => '8.0.4',
    'size' => '378',
    'release-notes' => 'https://downloads.paloaltonetworks.com/software/PAN-OS-8.0.4-RN.pdf?__gda__=1505263707_ef8a89c4a93427db012ce6614bc44d03',
    'uploaded' => 'no',
    'released-on' => '2017/07/26  14:29:20',
    'size-kb' => '387602'
  }
];

content_check

[
  {
    'release-notes' => 'https://downloads.paloaltonetworks.com/content/content-730-4195.html?__gda__=1505264450_4bf3585276733c1dd4fd8902286b222a',
    'current' => 'no',
    'previous' => 'no',
    'released-on' => '2017/08/30 16:54:52 PDT',
    'update-type' => 'Full',
    'downloaded' => 'no',
    'version' => '730-4195',
    'feature-desc' => 'Unknown',
    'app-version' => '730-4195',
    'features' => 'Apps, Threats',
    'size-kb' => '32940',
    'filename' => 'panupv2-all-contents-730-4195',
    'size' => '32',
    'installing' => 'no'
  },
];

antivirus_check

[
  {
    'filename' => 'panup-all-antivirus-2358-2850',
    'release-notes' => 'https://downloads.paloaltonetworks.com/virus/AntiVirusExternal-2358.html?__gda__=1505264830_d290e01664cb68c51d3e1f24202e0cfa',
    'downloaded' => 'no',
    'features' => 'Virus',
    'version' => '2358-2850',
    'current' => 'no',
    'size-kb' => '79446',
    'update-type' => 'Full',
    'size' => '77',
    'released-on' => '2017/09/05 04:00:27 PDT',
    'previous' => 'no',
    'app-version' => '2358-2850',
    'feature-desc' => 'Unknown',
    'installing' => 'no'
  }
];

gp_client_check

[
  {
    'latest' => 'no',
    'release-notes' => 'https://downloads.paloaltonetworks.com/software/GlobalProtect-Agent-4.0.3-RNs.pdf?__gda__=1505265092_f74a714ded048dbf4031a9cf2308279b',
    'released-on' => '2017/09/01  15:47:38',
    'filename' => 'PanGP-4.0.3',
    'uploaded' => 'no',
    'downloaded' => 'no',
    'size' => '39',
    'size-kb' => '40823',
    'version' => '4.0.3',
    'current' => 'no'
  }
];

licenses

[
  {
    'authcode' => {},
    'serial' => '1234567890',
    'expires' => 'June 30, 2020',
    'expired' => 'no',
    'description' => 'WildFire signature feed, integrated WildFire logs, WildFire API',
    'issued' => 'July 06, 2017',
    'feature' => 'WildFire License',
    'base-license-name' => 'PA-VM'
  }
];

NETWORK

interfaces

{
  'ifnet' => {
               'entry' => [
                            {
                              'vsys' => '1',
                              'dyn-addr' => {},
                              'name' => 'ethernet1/1',
                              'zone' => 'Untrust',
                              'id' => '16',
                              'addr' => {},
                              'fwd' => 'vr:default',
                              'ip' => '203.44.17.6/29',
                              'addr6' => {},
                              'tag' => '0'
                            },
                          ]
             },
  'hw' => {
            'entry' => [
                         {
                           'speed' => '10000',
                           'st' => '10000/full/up',
                           'type' => '0',
                           'state' => 'up',
                           'mac' => '00:50:56:9b:5a:25',
                           'name' => 'ethernet1/1',
                           'mode' => '(autoneg)',
                           'duplex' => 'full',
                           'id' => '16'
                         },
                       ]
          }
};

interface_counters_logical

[
  {
    'teardrop' => '0',
    'l2_decap' => '0',
    'noneigh' => '0',
    'neighpend' => '0',
    'ipspoof' => '0',
    'other_conn' => '0',
    'zonechange' => '0',
    'noroute' => '0',
    'ifwderrors' => '0',
    'pod' => '0',
    'noarp' => '1',
    'l2_encap' => '0',
    'idrops' => '172',
    'opackets' => '493642',
    'name' => 'ethernet1/1',
    'obytes' => '158503950',
    'udp_conn' => '0',
    'land' => '0',
    'nomac' => '0',
    'icmp_frag' => '0',
    'ibytes' => '547451868',
    'macspoof' => '0',
    'tcp_conn' => '0',
    'ipackets' => '1789916',
    'ierrors' => '0',
    'flowstate' => '10928'
  },
];

routing_table

[
  {
    'destination' => '0.0.0.0/0',
    'nexthop' => '203.44.17.1',
    'flags' => 'A S   ',
    'virtual-router' => 'default',
    'interface' => 'ethernet1/1',
    'metric' => '10',
    'age' => {},
    'route-table' => 'unicast'
  },
  {
    'age' => {},
    'route-table' => 'unicast',
    'destination' => '10.175.34.0/24',
    'nexthop' => '10.175.34.1',
    'flags' => 'A C   ',
    'interface' => 'ethernet1/5',
    'virtual-router' => 'default',
    'metric' => '0'
  },
];

bgp_peers

[
  {
    'ORF-entry-received' => '0',
    'msg-total-in' => '45',
    'local-address' => '192.168.122.19:179',
    'passive' => 'no',
    'msg-total-out' => '47',
    'status-duration' => '1021',
    'connect-retry-interval' => '120',
    'holdtime' => '90',
    'peer-router-id' => '1.1.1.20',
    'peer-group' => 'Cisco',
    'prefix-limit' => '5000',
    'last-error' => {},
    'keepalive' => '30',
    'status-flap-counts' => '2',
    'prefix-counter' => {
                          'entry' => [
                                       {
                                         'incoming-accepted' => '2',
                                         'outgoing-total' => '1',
                                         'incoming-total' => '2',
                                         'afi-safi' => 'bgpAfiIpv4-unicast',
                                         'outgoing-advertised' => '1',
                                         'incoming-rejected' => '0'
                                       }
                                     ]
                        },
    'peer-address' => '192.168.122.30:52236',
    'multi-hop-ttl' => '2',
    'idle-hold' => '15',
    'msg-update-out' => '5',
    'remote-as' => '65001',
    'config' => {
                  'remove-private-as' => 'yes'
                },
    'open-delay' => '0',
    'last-update-age' => '16',
    'password-set' => 'no',
    'nexthop-thirdparty' => 'yes',
    'peer' => 'c1000v.local',
    'aggregate-confed-as' => 'yes',
    'msg-update-in' => '7',
    'peering-type' => 'Unspecified',
    'vr' => 'default',
    'nexthop-peer' => 'no',
    'same-confederation' => 'no',
    'established-counts' => '1',
    'holdtime-config' => '90',
    'reflector-client' => 'not-client',
    'keepalive-config' => '30',
    'peer-capability' => {
                           'list' => [
                                       {
                                         'capability' => 'Multiprotocol Extensions(1)'
                                       },
                                       {
                                         'capability' => 'Route Refresh(2)'
                                       },
                                       {
                                         'capability' => '32-Bit AS Number(65)'
                                       },
                                       {
                                         'capability' => 'unknown(70)'
                                       },
                                       {
                                         'capability' => 'Route Refresh (Cisco)(128)'
                                       }
                                     ]
                         },
    'nexthop-self' => 'no',
    'status' => 'Established'
  },
]

bgp_rib

[
 {
   'nexthop' => '192.168.122.30',
   'received-from' => 'c1000v.local',
   'as-path' => '65001',
   'prefix' => '9.9.9.0/24',
   'flag' => '*',
   'flap-stat' => {
                  'flap-count' => '0'
                },
   'attr' => {
             'local-preference' => '100',
             'med' => '0',
             'origin' => 'IGP',
             'originator-id' => '0.0.0.0',
             'weight' => '0'
           }
 },
];

ospf_neighbours

[
  {
    'area-id' => '0.0.0.0',
    'hello-suppressed' => 'no',
    'neighbor-router-id' => '1.1.1.2',
    'neighbor-address' => '192.168.122.30',
    'options' => '0x52: O EA E ',
    'status' => 'full',
    'local-address-binding' => '0.0.0.0',
    'lsa-request-pending' => '0',
    'restart-helper-status' => 'not helping',
    'restart-helper-time-remaining' => '0',
    'type' => 'dynamic',
    'messages-pending' => '0',
    'virtual-router' => 'default',
    'neighbor-priority' => '1',
    'restart-helper-exit-reason' => 'none',
    'lifetime-remain' => '38'
  },
];

pim_neighbours

[
 {
   'Address' => '192.168.122.30',
   'IfIndex' => 'ethernet1/1',
   'DRPriority' => '1',
   'sec' => {},
   'ExpiryTime' => '94.06',
   'UpTime' => '44.97',
   'GenerationIDPresent' => 'yes',
   'GenerationIDValue' => '1410841443'
 }
]

bfd_peers

[
  {
    'neighbor-ip-address' => '192.168.198.30',
    'local-ip-address' => '192.168.198.29',
    'protocol' => 'BGP ',
    'session-id' => '2',
    'discriminator-remote' => '0x4bb50013',
    'state-local' => 'up',
    'up-time' => '-1244382476d 16h 53m 38s 940ms ',
    'discriminator-local' => '0x48e0002',
    'errors' => '0',
    'interface' => 'ethernet1/23 '
  },
]

MANAGEMENT

ntp

{
  'synched' => 'LOCAL'
};


{
  'ntp-server-2' => {
                      'reachable' => 'yes',
                      'status' => 'synched',
                      'name' => '203.122.222.149',
                      'authentication-type' => 'none'
                    },
  'ntp-server-1' => {
                      'authentication-type' => 'none',
                      'name' => '202.122.222.150',
                      'status' => 'rejected',
                      'reachable' => 'no'
                    },
  'synched' => '203.122.222.149'
};

panorama_status

[
 {
   'ip' => '1.1.1.1',
   'ha_state' => 'disconnected',
   'connected' => 'no',
   'id' => '1'
 },
 {
   'ha_state' => 'disconnected',
   'id' => '2',
   'connected' => 'no',
   'ip' => '1.1.1.2'
 }
];

SECURITY

ip_user_mapping

[
  {
    'timeout' => '413',
    'domain' => 'domain',
    'ip' => '192.9.202.79',
    'vsys' => 'vsys1',
    'type' => 'AD',
    'user' => 'user1',
    'idle_timeout' => '413'
  },
  {
    'user' => 'user2',
    'idle_timeout' => '2644',
    'type' => 'AD',
    'ip' => '192.9.200.64',
    'vsys' => 'vsys1',
    'domain' => 'domain',
    'timeout' => '2644'
  },
]

userid_server_monitor

[
  {
    'connected' => 'Connected',
    'vsys' => 'vsys1',
    'name' => 'ad03.domain.int'
  },
  {
    'name' => 'ad06.domain.int',
    'connected' => 'Connection timeout',
    'vsys' => 'vsys1'
  },
]

ike_peers

[
  {
    'mode' => 'Main',
    'name' => 'c1000v',
    'expires' => 'Aug.29 02:02:49',
    'created' => 'Aug.28 18:02:49',
    'algo' => 'PSK/ DH5/ AES/SHA512',
    'gwid' => '1',
    'role' => 'Resp'
  }
];

ipsec_peers

[
  {
    'i_spi' => '-6187583',
    'o_spi' => '-623460235',
    'life' => '2847',
    'proto' => 'ESP',
    'tid' => '1',
    'remote' => '192.168.122.30        ',
    'hash' => 'MD5',
    'enc' => '3DES',
    'kb' => '4608000',
    'name' => 'c1000v(c1000v)',
    'gwid' => '1'
  }
];

vpn_tunnels

[
  {
    'natt' => 'False',
    'pkt-decap' => '5',
    'sid' => '208',
    'pkt-replay' => '0',
    'type' => 'IPSec',
    'anti-replay' => 'False',
    'state' => 'active',
    'proto' => 'ESP',
    'auth' => 'md5',
    'monitor' => {
                 'pkt-seen' => '0',
                 'threshold' => '0',
                 'on' => 'False',
                 'pkt-reply' => '0',
                 'status' => 'False',
                 'interval' => '0',
                 'pkt-recv' => '0',
                 'pkt-sent' => '0'
               },
    'pkt-lifesize' => '0',
    'inner-if' => 'tunnel.1',
    'remain' => '2568',
    'id' => '1',
    'natt-lp' => '0',
    'auth-err' => '0',
    'context' => '4',
    'copy-tos' => 'False',
    'owner' => '1',
    'dec-err' => '0',
    'byte-encap' => '600',
    'acquire' => '0',
    'owner-state' => '0',
    'timestamp' => '2531',
    'remote-spi' => 'DAD6C075',
    'byte-decap' => '600',
    'gwid' => '1',
    'pkt-lifetime' => '0',
    'name' => 'c1000v',
    'local-spi' => 'FFA195C1',
    'natt-rp' => '0',
    'seq-recv' => '0',
    'mtu' => '1436',
    'subtype' => 'None',
    'peerip' => '192.168.122.30',
    'keytype' => 'auto key',
    'last-rekey' => '1032',
    'pkt-encap' => '5',
    'seq-send' => '5',
    'start' => '2531',
    'inner-warn' => '0',
    'outer-if' => 'ethernet1/1',
    'owner-cpuid' => '0',
    'localip' => '192.168.122.19',
    'enc' => '3des'
  }
];