A lightweight PanOS (Palo Alto Networks) Firewall Management utility.
Project description
EZPanOS
lightweight PAN-OS utility library focused on practical operational tasks.
Installation
pip install ezpanos
Quick Start
from ezpanos import EzPanOS
endpoint = "10.0.0.1"
fw = EzPanOS(endpoint=endpoint, username="admin")
print(fw.execute("show system info"))
If password is omitted, you are securely prompted. Credentials entered once can be reused in-memory for subsequent connections in the same run.
Config Profiles
You can use a config.json file for endpoint/profile organization and optional usernames/passwords.
Conceptually, an estate is the firewalls you intend to manage. Because the utility works on many PanOS Configuration types: Panorama, Firewall, or Log Collector: each can be assimilated into this framework.
Example config.json:
{
"profiles": {
"estate": {
"username": "svc_firewall",
"endpoints": [
{"endpoint": "firewall-1.inside.example.com"},
{"endpoint": "firewall-2.inside.example.com"}
]
}
}
}
Build instances:
from ezpanos import EzPanOS
instances = EzPanOS.instances_from_config_profile(
config_path="config.json",
config_profile="estate",
)
Note that the name of the config_profile is estate, this is configurable if you intend to logically separate the management of different such estates. This is useful for environments with multiple Panorama Instances.
If passwords are not present in config, you will be prompted and values are reused from in-memory cache where possible.
Rule Management
from ezpanos import EzPanOS
fw = EzPanOS(endpoint="10.0.0.1", username="admin")
result = fw.create_security_rule(
rule_name="example-rule",
from_zones=["trust"],
to_zones=["untrust"],
sources=["any"],
destinations=["any"],
applications=["web-browsing"],
services=["application-default"],
action="allow",
)
print(result)
Delete rule and commit:
delete_result = fw.delete_security_rule("example-rule", ignore_missing=True)
print(delete_result)
commit_result = fw.commit(wait_for_job=True)
print(commit_result)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ezpanos-1.0.1.tar.gz.
File metadata
- Download URL: ezpanos-1.0.1.tar.gz
- Upload date:
- Size: 32.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e87fd9e2fce46034b152c92725b827bbba53770391f78d637df5ae8a4eb55583
|
|
| MD5 |
597f60878e326f3d8bfeeeb7a29685a6
|
|
| BLAKE2b-256 |
a135f49738c70623a8b9b870279e61538dc81f73e2d4e0a3aa03c8c3a56d86f2
|
File details
Details for the file ezpanos-1.0.1-py3-none-any.whl.
File metadata
- Download URL: ezpanos-1.0.1-py3-none-any.whl
- Upload date:
- Size: 29.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
aa0f28b7dc5c3339c559a0636b714eacd1eb61c4820693c33a6bcdabad120c0e
|
|
| MD5 |
e3809ee605c9f2d2c21251fbd1cd0377
|
|
| BLAKE2b-256 |
074d82bd67c7d5253d5c404d58eb240caeaf40eee5b513872d842bf2417b412c
|
