search

moshekaplan / palo_alto_firewall_analyzer

Python scripts for reviewing Palo Alto Firewall configurations
Creative Commons Zero v1.0 Universal
25 stars 8 forks source link

While iretarting xml file getting error #58

Open desh130 opened 11 months ago

desh130 commented 11 months ago

:\Pan_Cleaner>pan_analyzer --xml 4412.xml palo_alto_firewall_analyzer - INFO - Running validators palo_alto_firewall_analyzer.validators.bad_hostnames - INFO - ****

File "", line 198, in _run_module_as_main File "", line 88, in run_code File "C:\Pan_Cleaner\pan_analyzer.exe_main.py", line 7, in File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\scripts\pan_analyzer.py", line 193, in main problems, total_problems = run_policy_validators(validators, profilepackage, output_fname) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\scripts\pan_analyzer.py", line 66, in run_policy_validators validator_problems = validator_function(profilepackage) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 212, in find_consolidatable_addresses return consolidate_address_like_objects(profilepackage, object_type, object_friendly_type, validator_function) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 203, in consolidate_address_like_objects badentries += replace_policy_contents(policies_needing_replacement, address_to_replacement) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^alo_alto_firewall_analyzer.validators.bad_hostnames - INFO - Checking for non-resolving hostnames p Traceback (most recent call last): File "", line 198, in _run_module_as_main File "", line 88, in run_code File "C:\Pan_Cleaner\pan_analyzer.exe_main.py", line 7, in File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\scripts\pan_analyzer.py", line 193, in main problems, total_problems = run_policy_validators(validators, profilepackage, output_fname) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\scripts\pan_analyzer.py", line 66, in run_policy_validators validator_problems = validator_function(profilepackage) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 212, in find_consolidatable_addresses return consolidate_address_like_objects(profilepackage, object_type, object_friendly_type, validator_function) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 203, in consolidate_address_like_objects badentries += replace_policy_contents(policies_needing_replacement, address_to_replacement) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 172, in replace_policy_contents if object_policy_dict[translation].get('static-ip', {}).get('translated-address', {}).get('member'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ AttributeError: 'str' object has no attribute 'get'^^^^^^^^^^^^^^^^^^^ File "C:\Users\desh1\AppData\Roaming\Python\Python311\site-packages\palo_alto_firewall_analyzer\validators\consolidatable_addresses_and_groups.py", line 172, in replace_policy_contents if object_policy_dict[translation].get('static-ip', {}).get('translated-address', {}).get('member'): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ AttributeError: 'str' object has no attribute 'get'

C:\Pan_Cleaner>

moshekaplan commented 11 months ago

This appears to be the same as #57, that object_policy_dict[translation] is returning a string, instead of a dict. I will try to look into this when I return from vacation next week.

moshekaplan commented 11 months ago

I've created a new release with additional debugging. Could you re-run pan_analyzer with --debug appended and paste the object's information from the bottom of the debug file, after the crash?