publish version 2.1.27

[swaschkut]

UTIL:

• type=address | introduce actions=replaceByMembers:{tag/description} | to be flexible to keep addressgroup
• type=service | introduce actions=replaceByMembers | to be flexible to keep servicegroup
• type=interface | introduce actions=exporttoexcel:interface.html
• type=diff | change of default-behavour for FILTER variable | due too bash pid you need to use now {{name}}
• type=diff | extend argument filter with name1 / name2 for API mode
• type=address | extend actions=name-rename:$$tag$$ - to possible rename address object to first attached tag object name
• type=securityprofile | 'filter=(refstore is.only XYZ)'
• type=appid-toolbox | extend testing scripts
• type=rule | new 'filter=(src/dst has.edl)'
• type=rule location={{DGNAME}} | introduce argument 'shadow-loaddghierarchy' to get full rule hierarchy from shared pre/parentDG pre-rule to childDG post-rule and shared post-rule
• type=rule-merger | introduce argument 'shadow-loaddghierarchy' to find all possible rules to be merged in the full stack
• type=vendor-migration vendor=sophos | adjustment to use framework PH::print_stdout
• class Rule | introduce addressCalculationByZones
• type=rule | new actions=src-caluclate-by-zones/dst-calculate-by-zones
• type=interface | introduce 'filter=(ipv4 includes 1.1.1.1/28)' | brought in for internal usage on watchguard migration
• develop migration watchguard | extend with interface/routing to calculate src/dst based on from/to zones
• class AntiVirusProfile | optimisation for different methods used by filter
• develop watchguard migration | import IPsec related remote-addr as static route into v-router
• type=interface | introduce 'filter=(name regex /XYZ/)'
• type=rule | actions=display/exporttoexcel - extend description
• type=application | introduce 'filter=(ip-protocol is.set) or (ip-protocol eq 2)'
• type=static-route | extend object with metric and DISCARD
• type=zone | introduce 'filter=(type is XYZ)'
• class Zone - introduce new methods to get/set zone objects of type 'external'
• develop - shared_gateway.php | migrate sg to vsys and create missing SecurityPolicy; change existing zones of type external to newly created vsys
• type=device actions=zpp-create-alert-only-bp:TRUE/FALSE | introcude new argument for this actions to validate if already another ZPP is available
• develop - shared_gateway.php | extend sg migration to vsys with visible-vsys XML information
• type=device | introduce actions=template-create-vsys:TEMPLATE_name,VSYS-NAME
• type=upload | extend validation for API and offline mode - if fromxpath is from NGFW and toxpath is to Panorama DeviceGroup or Template
• type=upload | argument injectuseradmin2 - extend with admin2 user
• type=playbook | improvement to handle argument in= and out= if defined in JSON file
• different device classes - rename to URLPredefinedStore
• class AntiVirusProfile - extend if decoder http2 / mica OOXML/MachO is missing
• class AntiVirusProfile | fix improvements
• class AntiSpyware | extend for PAN-OS >=10.0.0 and add XMLnode if not available
• type=securityprofile actions=virus.best-practice-set | improve to adjust XMLnode
• type=securityprofile securityprofiletype=virus actions=virus.best-practice-set | extend with mica engine
• type=securityprofile securityprofiletype=spyware | introduce actions=spyware.best-practice-set
• type=securityprofile securityprofiletype=vulnerability | introduce actions=vulnerability.best-practice-set
• type=securityprofile securityprofiletype=virus/spyware/vulnerability | introduce actions=virus.alert-only-set/spyware.alert-only-set/vulnerability.alert-only-set
• type=securityprofile | introduce actions=url.alert-only-set
• type=securityprofile securityprofiletype=spyware/vulnerability actions=spyware/vulnerability.alert-only-set | improve to also set policy rules and default-action to alert if needed
• type=securityprofile securityprofiletype=spyware/vulnerability actions=spyware/vulnerability.best-practice-set | improve to also set policy rules and default-action to reset-both if needed
• type=securityprofile actions=spyware.alert-only-set/spyware.best-practice-set:{hasDNSLicense} | introduce additional argument if DNSLicense is available - to adjust correct dns-categories settings
• class NatRule - extend with "persistent-dynamic-ip-and-port"
• type=securityprofle actions=spyware/vulnerability.best-practice-set | set packet-capture to single-packet
• type=gratuitous-arp | improve validation
• class PanAPIConnector | improve API key request to use POST

BUGFIX:

• type=diff file1=diff.xml "filter=/config/devices/entry[@name='localhost.localdomain']/device-group/entry[@name='{{name}}']/pre-rulebase" name1=DG1 name2=DG2 | correction of pregmatch
• type=edl | improvement to add rule references for src/dst
• type=securityprofile securityprofiletype=spyware 'filter=(dns-list is.best-practice)' | bugfix
• develop watchguard migration | improve to cover also multiple objects in rules
• type=vendormigration vendor=ciscoasa | bugfix for call RULEMERGER()
• type=address 'filter=(name regex /XYZ/)' | bugfix for isType_TMP validation to avoid check against RegionObject
• bugfix for type=securityprofile | to set correct XMLnode

GENERAL:

• class ServiceGroup | introduce variable $childancestor
• update Device App-ID version: 8892-8959
• docker file | include ping traceroute vim
• update Device App-ID version: 8902-9003