Add Panorama Support

[freimer]

Unless I'm missing something, it does not appear that Panorama Device Groups or Templates are supported. In each section of the package, such as objs/addr, it appears the XPATH is "hard coded" in the xpath function:

func (c *Addr) xpath(vsys string, vals []string) []string {
    if vsys == "" {
        vsys = "vsys1"
    }

    return []string {
        "config",
        "devices",
        util.AsEntryXpath([]string{"localhost.localdomain"}),
        "vsys",
        util.AsEntryXpath([]string{vsys}),
        "address",
        util.AsEntryXpath(vals),
    }
}

This needs to be modified to optionally include the device-group/entry[@name='dg_name']/ portion if it is a Panorama device, rather than a Firewall. Since vsys is not present in the path for Panorama device-groups, perhaps we can use it to determine whether this is a Panorama as opposed to a Firewall. Probably not the best idea, but possibly the easiest / best solution without refactoring the whole package. Something like:

func (c *Addr) xpath(vsys string, vals []string) []string {
    if vsys == "" {
        vsys = "vsys1"
    }

    pathComponent := "device-group"
    if strings.HasPrefix(vsys, "vsys") {
        pathComponent = "vsys"
    }
    return []string {
        "config",
        "devices",
        util.AsEntryXpath([]string{"localhost.localdomain"}),
        pathComponent,
        util.AsEntryXpath([]string{vsys}),
        "address",
        util.AsEntryXpath(vals),
    }
}

This would restrict vsys names to those starting with "vsys" and assume anything not starting with vsys was a device group. Not ideal, but this is a hack work-around for the package not supporting Panorama configuration fully.

OR, if this is too kludgy, perhaps add a variable to Client (c.con, which is a Firewall or Panorama that implements XapiClient), and if a Panorama, what the device-group and/or template is. This would be a hack and work-around also, but likely cleaner than using vsys to indicate the device-group / template.

func (c *Addr) xpath(vsys string, vals []string) []string {
    if vsys == "" {
        vsys = "vsys1"
    }

    switch t := c.con.(type) {
    case Firewall:
        pathComponent := "vsys"
        entryComponent := util.AsEntryXpath([]string{vsys})
    case Panorama:
        pathComponent := "device-group"
        entryComponent := util.AsEntryXpath(c.con.device_group)
    }
    return []string {
        "config",
        "devices",
        util.AsEntryXpath([]string{"localhost.localdomain"}),
        pathComponent,
        entryComponent,
        "address",
        util.AsEntryXpath(vals),
    }
}

Thoughts?

[shinmog]

I started adding plumbing to support Panorama, but I have been focused entirely on firewall support so far. This is why those namespaces, such as address objects and what not, do not appear in the pango.Panorama struct, only in pango.Firewall.

Panorama support will eventually be added, I'm just not there yet. So this issue may be better categorized as "add panorama support," perhaps?

[freimer]

Agreed, I changed the title.

[mirekum]

I also wait for the Panorama Support.

[shinmog]

Ok, first phase of basic support is done. Once I get the NAT and security policies done, I'll close this issue out. I'll open another issue for template support, so this one will be focused on Device Group Panorama support.