moshekaplan palo_alto_firewall_analyzer issues

moshekaplan / palo_alto_firewall_analyzer

Python scripts for reviewing Palo Alto Firewall configurations

Creative Commons Zero v1.0 Universal

26 stars 8 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

New validator: Detect Threat profile with all actions set to allow

#39 moshekaplan opened 1 year ago
0
New validator: Detect rules without a security profile group assigned

#38 moshekaplan closed 1 year ago
1
Make --no-api the default

#37 moshekaplan closed 1 year ago
0
Support CSV output

#36 moshekaplan opened 2 years ago
0
Redundant Addresses: Detect IP contained in a subnet

#35 moshekaplan opened 2 years ago
0
New Analyzer: Empty AddressGroup and ServiceGroup

#34 moshekaplan closed 2 years ago
1
Fixer: ExtraZones should create new rule above the old with the correct zones

#33 moshekaplan opened 2 years ago
0
New Fixer: Remove use of invalid hostnames from BadHostnameUsage

#32 moshekaplan opened 2 years ago
0
Review IRS Safeguards for possible additions

#31 moshekaplan opened 2 years ago
0
Support running on local XML config, without an API key

#30 moshekaplan closed 2 years ago
0
new CLI option - rule pattern - only run on rules that match a pattern (for testing)

#29 moshekaplan opened 3 years ago
0
Review and add Springbok detections

#28 moshekaplan opened 3 years ago
0
find_shadowing_objects should be per namespace, like address and address groups

#27 moshekaplan opened 3 years ago
0
BadEntry object should use a consistent format

#26 moshekaplan opened 3 years ago
0
Extend UnusedServices to also detect unused service groups

#25 moshekaplan closed 2 years ago
1
Implement check for routing loops

#24 moshekaplan closed 9 months ago
1
Dupe addresses - detect 127.0.0.1/32 as a dupe of 127.0.0.1

#23 moshekaplan closed 2 years ago
0
Detect SSL decryption rules without log forwarding

#22 moshekaplan closed 1 year ago
1
shadowing_addresses_and_groups.py should also detect regions with the same name, since they share the same namespace

#21 moshekaplan opened 3 years ago
0
Detect application=any when the destination ports are all well-known ports

#20 moshekaplan closed 1 year ago
1
Support multiple validators

#19 moshekaplan closed 2 years ago
0
Support entries as literal IPs and hostnames

#18 moshekaplan closed 2 years ago
1
Upgrade to GitHub-native Dependabot

#17 dependabot-preview[bot] closed 3 years ago
0
Support bulk modifications in the fixer with the XML API's "edit"

#16 moshekaplan closed 2 years ago
2
Use "show config" to extract the version instead of putting it in the config

#15 moshekaplan closed 2 years ago
1
New Workflow: Test coverage

#14 moshekaplan closed 1 year ago
1
Comment out optional config values

#13 moshekaplan closed 3 years ago
0
New Validator: Implement detection of unused virtual routers on a FW

#12 moshekaplan opened 3 years ago
0
New Validator: Implement detection of unused Zones on a FW

#11 moshekaplan opened 3 years ago
0
Implement Zone determination offline

#10 moshekaplan opened 3 years ago
3
Add new validator: Superseding rules

#9 moshekaplan closed 3 years ago
0
Attempt 2 at adding badge

#8 moshekaplan closed 3 years ago
0
Add Build badge

#7 moshekaplan closed 3 years ago
0
Delete __init__.py

#6 moshekaplan closed 3 years ago
0
Create semgrep.yml

#5 moshekaplan closed 3 years ago
1
Add workflow for python-package

#4 moshekaplan closed 3 years ago
0
Control console output, instead of using print

#3 moshekaplan closed 2 years ago
1
By default, load config file and API key from home directory

#2 moshekaplan closed 2 years ago
1
Turn into Python package

#1 moshekaplan closed 1 year ago
1