must not use colons in PAN-OS object names

hknutzen · Jun 30, 2023 · c15c2f0 · c15c2f0
1 parent e4464dc
commit c15c2f0
Show file tree

Hide file tree

Showing 4 changed files with 113 additions and 108 deletions.
diff --git a/go/pkg/pass2/pan-os.go b/go/pkg/pass2/pan-os.go
@@ -76,9 +76,9 @@ func printPanOSRules(fd *os.File, vsys string, rData *routerData) {
 		}
 		var name string
 		if n.IsSingleIP() {
-			name = "IP_" + n.Addr().String()
+			name = "IP_" + strings.ReplaceAll(n.Addr().String(), ":", "_")
 		} else {
-			name = "NET_" + strings.Replace(n.String(), "/", "_", 1)
+			name = "NET_" + strings.ReplaceAll(strings.Replace(n.String(), "/", "_", 1), ":", "_")
 		}
 		if !addrSeen[name] {
 			ip2addr[n] = name

diff --git a/go/testdata/ipv6/convert.pl b/go/testdata/ipv6/convert.pl
@@ -169,6 +169,11 @@ sub adjust_testfile {
 
         $line =~ s/any4/any6/g;
 
+        # Convert IP and Net object names for PAN-OS
+        if ($line =~ m/(NET_|IP_)($IPv6_re)/) {
+            $line =~ s/:(?=.*<ip-netmask>|.*<\/member>)/_/g;
+        }
+
         my $ipv6 = qr/(?:$IPv6_re|::)/;
 
         # Convert mask to prefix in in routes.