The following script was created by o5e and since it addresses an issue encountered by many I thought I'd share it here (with permission of course!)
Hopefully you'll find it as useful as I did, in which case feel free to leave a shoutout to o5e in the comments
Hey all, I thought I'd share a little script I made that automates firewall upgrades. There are of course bigger/better ways of doing this, but I figured mine fills a bit of a niche...
it's 100% written in bash
it works without Internet or a fw license (the image files are taken from your pc)
it uses XML API / HTTPS exclusively, no SCP required
it runs the full upgrade path automatically
it has a batch mode to upgrade multiple "factory new" firewalls connected to the same L2 switch, no IP config required, using IPv6 link-local
the batch mode has a simple Python GUI you can use with a touchscreen to make your very own "upgrade machine"
Let me know if anyone needs help getting it to work. I've been using it pretty consistently for over a year now and it's saved me quite a bit of time. Here's the link: https://github.com/o5edaxi/paloversion(Obvious disclaimer) I'm just a firewall guy, not a coder, so expect bugs... and DONT use in production
GitHub GitHub - o5edaxi/paloversion: Fully-offline unattended upgrade script for Palo Alto firewalls over HTTPS Fully-offline unattended upgrade script for Palo Alto firewalls over HTTPS - GitHub - o5edaxi/paloversion: Fully-offline unattended upgrade script for Palo Alto firewalls over HTTPS (52 kB) https://github.com/o5edaxi/paloversion
Comments