search

moshekaplan / palo_alto_firewall_analyzer

Python scripts for reviewing Palo Alto Firewall configurations
Creative Commons Zero v1.0 Universal
24 stars 7 forks source link

consolidatable_addresses_and_groups: Error when examining NAT rules #57

Open desh130 opened 9 months ago

desh130 commented 9 months ago

:\Pan_Cleaner>pan_analyzer --xml 4412.xml palo_alto_firewall_analyzer - INFO - Running validators palo_alto_firewall_analyzer.validators.bad_hostnames - INFO - ****

              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 172, in replace_policy_contents if object_policy_dict[translation].get('static-ip', {}).get('translated-address', {}).get('member'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ AttributeError: 'str' object has no attribute 'get'

C:\Pan_Cleaner>

moshekaplan commented 9 months ago

It appears that object_policy_dict[translation] is returning a string, instead of a dict. I will try to look into this when I return from vacation next week.

moshekaplan commented 9 months ago

I've created a new release with additional debugging. Could you re-run pan_analyzer with --debug appended and paste the object's information from the bottom of the debug file, after the crash?