graph TD
BB[Install Docker Desktop] -->|reboot needed| BB1
BB1[run Docker Desktop] -->|allow sharing local folders| CC1[which OS]
CC1{Which OS you are running?} -->|MacOS| B1[open: Terminal]
CC1{Which OS you are running?} -->|Windows| C1[check Docker]
B1 --> Z1[navigate to the folder with your PAN-OS XML offline configuration using the CD command]
C1{WSL correctly installed?} -->|yes| F2[open: PowerShell]
C1{WSL correctly installed?} -->|no| C3[goto <a href='https://docs.microsoft.com/en-gb/windows/wsl/install-manual'>Windows WSL support link</a>]
C3 --> C7[follow steps 2-5 on the support page]
C7 --> F2[open: PowerShell]
F2 --> Z1[navigate to the folder with your PAN-OS XML offline configuration using the CD command]
Z1 -->|TERMINAL| K1["docker run --name panosphp --rm -v ${PWD}:/share -it swaschkut/pan-os-php:latest"]
Z1 -->|POWERSHELL| K1["docker run --name panosphp --rm -v ${PWD}:/share -it swaschkut/pan-os-php:latest"]
K1 --> K3[Docker container instance start]
K3 -->|type| R[pan-os-php version]
R --> S[your files should be available in<br />/share<br />folder inside the Container]
["Step 3 - Enable Virtual Machine feature"]
["Step 4 - Download the Linux kernel update package"]
["Step 5 - Set WSL 2 as your default version"]
- Pull last docker image
docker pull swaschkut/pan-os-php:latest- Navigate to offline XML directory
cd [/rootFolder/parentFolder/childFolder]- Share the XML folder with docker and deploy container
docker run --name panosphp --rm -v ${PWD}:/share -it swaschkut/pan-os-php:latest#Additional Information
final production Container:
docker run -d -p 8082:80 swaschkut/pan-os-php-api:latestPAN-OS-PHP UI is available at: (which triggers next PAN-OS-PHP API)
http://localhost:8082/utils/develop/uiPAN-OS-PHP API is also working with PAN-OS XML API, therefor you need to prepare you Docker installation:
API: http://localhost:8082/utils/api/v1/tool.php/key-manager?&add=MGMTIP&user=USERNAME&pw=PASSWORDExamples to run PAN-OS-PHP against PAN-OS FW and Panorama offline configuration files, and manipulate in the same way as on PAN-OS-PHP ClI:
ClI: pan-os-php type=address help
API: http://localhost:8082/utils/api/v1/tool.php/address?helpCLI: pan-os-php type=address listactions
API: http://localhost:8082/utils/api/v1/tool.php/address?listactionsTo get it working on your own PAN-OS Firewall / Panorama config files, please upload your config files via PAN-OS-PHP UI (URL above)
It is also now possible to start using it with the previous uploaded file via PAN-OS-PHP API: http://localhost:8082/utils/api/v1/tool.php/address?in=YOUR_CONFIG_FILE.xml
The PAN-OS-PHP API is right now under development, but please feel free to try it out:
http://localhost:8082/utils/api/v1/tool.phpThe following "RESTAPI" routes are available:
-
/stats
-
/address
-
/service
-
/tag
-
/rule
-
/securityprofile
-
/securityprofilegroup
-
/schedule
-
/application
-
/threat
-
/device
-
/zone
-
/interface
-
/routing
-
/virtualwire
-
/key-manager
-
/address-merger
-
/addressgroup-merger
-
/service-merger
-
/servicegroup-merger
-
/tag-merger
-
/rule-merger
-
/override-finder
-
/diff
-
/upload
-
/xml-issue
-
/appid-enabler
-
/config-size
-
/download-predefined
-
/register-ip-mgr
-
/userid-mgr
-
/xml-op-json
-
/bpa-generator
There are Dockerfiles available with OS: Ubuntu20/22 and CentOS 7
For a quick start please use WIKI docker
-
MacOS : [run on MacOS terminal]
cd [pan-os-php Root folder] docker build -t pan-os-php -f docker/Dockerfile . cd [go to the Folder you like to share with the Container] docker run --name panosphp --rm -v ${PWD}:/share -it pan-os-php
-
WINDOWS : [run on Windows terminal]
cd [pan-os-php Root folder] docker build -t pan-os-php -f docker/Dockerfile . cd [go to the Folder you like to share with the Container] docker run --name panosphp --rm -v "%CD%":/share -it pan-os-php
local Development Container:
docker run -d -p 8082:80 --mount type=bind,source="[absolute_ROOTFOLDER]/pan-os-php",target=/var/www/html -v [absolute_ROOTFOLDER]/pan-os-php/var/docker/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini php:apache