changed prefix

TheHive-Project · May 17, 2021 · 309c24a · 309c24a
1 parent d07a6eb
commit 309c24a
Show file tree

Hide file tree

Showing 12 changed files with 54 additions and 54 deletions.
diff --git a/responders/PaloAltoNGFW/block_external_domain.py b/responders/PaloAltoNGFW/block_external_domain.py
@@ -59,21 +59,21 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{ioc}" not in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
-            new_ioc_object = panos.objects.AddressObject(f"the_hive-{ioc}", ioc, description="TheHive Blocked domain",type="fqdn")
+        if f"thehive-{ioc}" not in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
+            new_ioc_object = panos.objects.AddressObject(f"thehive-{ioc}", ioc, description="TheHive Blocked domain",type="fqdn")
             fw.add(new_ioc_object)
             new_ioc_object.create()        
         panos.objects.AddressGroup.refreshall(fw)
         block_list = fw.find("TheHive Block list external domain", panos.objects.AddressGroup)
         if block_list != None:
             ioc_list = block_list.about().get('static_value')
-            if f"the_hive-{ioc}" not in ioc_list:
-                ioc_list.append(f"the_hive-{ioc}")
+            if f"thehive-{ioc}" not in ioc_list:
+                ioc_list.append(f"thehive-{ioc}")
                 temp1 = panos.objects.AddressGroup("TheHive Block list external domain", static_value=ioc_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.AddressGroup("TheHive Block list external domain", static_value=f"the_hive-{ioc}")
+            temp1 = panos.objects.AddressGroup("TheHive Block list external domain", static_value=f"thehive-{ioc}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/block_external_ip.py b/responders/PaloAltoNGFW/block_external_ip.py
@@ -59,21 +59,21 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{ioc}" not in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
-            new_ioc_object = panos.objects.AddressObject(f"the_hive-{ioc}", ioc, description="TheHive Blocked ip address")
+        if f"thehive-{ioc}" not in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
+            new_ioc_object = panos.objects.AddressObject(f"thehive-{ioc}", ioc, description="TheHive Blocked ip address")
             fw.add(new_ioc_object)
             new_ioc_object.create()        
         panos.objects.AddressGroup.refreshall(fw)
         block_list = fw.find("TheHive Block list external IP address", panos.objects.AddressGroup)
         if block_list != None:
             ioc_list = block_list.about().get('static_value')
-            if f"the_hive-{ioc}" not in ioc_list:
-                ioc_list.append(f"the_hive-{ioc}")
+            if f"thehive-{ioc}" not in ioc_list:
+                ioc_list.append(f"thehive-{ioc}")
                 temp1 = panos.objects.AddressGroup("TheHive Block list external IP address", static_value=ioc_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.AddressGroup("TheHive Block list external IP address", static_value=f"the_hive-{ioc}")
+            temp1 = panos.objects.AddressGroup("TheHive Block list external IP address", static_value=f"thehive-{ioc}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/block_internal_domain.py b/responders/PaloAltoNGFW/block_internal_domain.py
@@ -59,21 +59,21 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{ioc}" not in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
-            new_ioc_object = panos.objects.AddressObject(f"the_hive-{ioc}", ioc, description="TheHive Blocked domain",type="fqdn")
+        if f"thehive-{ioc}" not in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
+            new_ioc_object = panos.objects.AddressObject(f"thehive-{ioc}", ioc, description="TheHive Blocked domain",type="fqdn")
             fw.add(new_ioc_object)
             new_ioc_object.create()        
         panos.objects.AddressGroup.refreshall(fw)
         block_list = fw.find("TheHive Block list internal domain", panos.objects.AddressGroup)
         if block_list != None:
             ioc_list = block_list.about().get('static_value')
-            if f"the_hive-{ioc}" not in ioc_list:
-                ioc_list.append(f"the_hive-{ioc}")
+            if f"thehive-{ioc}" not in ioc_list:
+                ioc_list.append(f"thehive-{ioc}")
                 temp1 = panos.objects.AddressGroup("TheHive Block list internal domain", static_value=ioc_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.AddressGroup("TheHive Block list internal domain", static_value=f"the_hive-{ioc}")
+            temp1 = panos.objects.AddressGroup("TheHive Block list internal domain", static_value=f"thehive-{ioc}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/block_internal_ip.py b/responders/PaloAltoNGFW/block_internal_ip.py
@@ -59,21 +59,21 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{ioc}" not in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
-            new_ioc_object = panos.objects.AddressObject(f"the_hive-{ioc}", ioc, description="TheHive Blocked ip address")
+        if f"thehive-{ioc}" not in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
+            new_ioc_object = panos.objects.AddressObject(f"thehive-{ioc}", ioc, description="TheHive Blocked ip address")
             fw.add(new_ioc_object)
             new_ioc_object.create()        
         panos.objects.AddressGroup.refreshall(fw)
         block_list = fw.find("TheHive Block list internal IP address", panos.objects.AddressGroup)
         if block_list != None:
             ioc_list = block_list.about().get('static_value')
-            if f"the_hive-{ioc}" not in ioc_list:
-                ioc_list.append(f"the_hive-{ioc}")
+            if f"thehive-{ioc}" not in ioc_list:
+                ioc_list.append(f"thehive-{ioc}")
                 temp1 = panos.objects.AddressGroup("TheHive Block list internal IP address", static_value=ioc_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.AddressGroup("TheHive Block list internal IP address", static_value=f"the_hive-{ioc}")
+            temp1 = panos.objects.AddressGroup("TheHive Block list internal IP address", static_value=f"thehive-{ioc}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/block_port_for_external_communication.py b/responders/PaloAltoNGFW/block_port_for_external_communication.py
@@ -67,8 +67,8 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{port}-{protocol}" not in str(fw.find(f"the_hive-{port}-{protocol}", panos.objects.ServiceObject)):
-            new_port_object = panos.objects.ServiceObject(f"the_hive-{port}-{protocol}", protocol, description="TheHive Blocked port",destination_port=port)
+        if f"thehive-{port}-{protocol}" not in str(fw.find(f"thehive-{port}-{protocol}", panos.objects.ServiceObject)):
+            new_port_object = panos.objects.ServiceObject(f"thehive-{port}-{protocol}", protocol, description="TheHive Blocked port",destination_port=port)
             fw.add(new_port_object)
             new_port_object.create()    
 
@@ -77,13 +77,13 @@ def run(self):
         block_list = fw.find("TheHive Block list for external port communication", panos.objects.ServiceGroup)
         if block_list != None:
             port_list = block_list.about().get('value')
-            if f"the_hive-{port}-{protocol}" not in port_list:
-                port_list.append(f"the_hive-{port}-{protocol}")
+            if f"thehive-{port}-{protocol}" not in port_list:
+                port_list.append(f"thehive-{port}-{protocol}")
                 temp1 = panos.objects.ServiceGroup("TheHive Block list for external port communication", value=port_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.ServiceGroup("TheHive Block list for external port communication", value=f"the_hive-{port}-{protocol}")
+            temp1 = panos.objects.ServiceGroup("TheHive Block list for external port communication", value=f"thehive-{port}-{protocol}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/block_port_for_internal_communication.py b/responders/PaloAltoNGFW/block_port_for_internal_communication.py
@@ -67,8 +67,8 @@ def run(self):
         rulebase = panos.policies.Rulebase()
         fw.add(rulebase)
         current_security_rules =panos.policies.SecurityRule.refreshall(rulebase)
-        if f"the_hive-{port}-{protocol}" not in str(fw.find(f"the_hive-{port}-{protocol}", panos.objects.ServiceObject)):
-            new_port_object = panos.objects.ServiceObject(f"the_hive-{port}-{protocol}", protocol, description="TheHive Blocked port",destination_port=port)
+        if f"thehive-{port}-{protocol}" not in str(fw.find(f"thehive-{port}-{protocol}", panos.objects.ServiceObject)):
+            new_port_object = panos.objects.ServiceObject(f"thehive-{port}-{protocol}", protocol, description="TheHive Blocked port",destination_port=port)
             fw.add(new_port_object)
             new_port_object.create()    
 
@@ -77,13 +77,13 @@ def run(self):
         block_list = fw.find("TheHive Block list for internal port communication", panos.objects.ServiceGroup)
         if block_list != None:
             port_list = block_list.about().get('value')
-            if f"the_hive-{port}-{protocol}" not in port_list:
-                port_list.append(f"the_hive-{port}-{protocol}")
+            if f"thehive-{port}-{protocol}" not in port_list:
+                port_list.append(f"thehive-{port}-{protocol}")
                 temp1 = panos.objects.ServiceGroup("TheHive Block list for internal port communication", value=port_list)
                 fw.add(temp1)
                 temp1.apply()
         elif block_list == None:
-            temp1 = panos.objects.ServiceGroup("TheHive Block list for internal port communication", value=f"the_hive-{port}-{protocol}")
+            temp1 = panos.objects.ServiceGroup("TheHive Block list for internal port communication", value=f"thehive-{port}-{protocol}")
             fw.add(temp1)
             temp1.apply()
         desired_rule_params = None

diff --git a/responders/PaloAltoNGFW/unblock_external_domain.py b/responders/PaloAltoNGFW/unblock_external_domain.py
@@ -59,21 +59,21 @@ def run(self):
 
         block_list = fw.find(self.name_external_Address_Group_for_domain, panos.objects.AddressGroup)
         ioc_list = block_list.about().get('static_value')
-        if f"the_hive-{ioc}" in ioc_list:
-            ioc_list.remove(f"the_hive-{ioc}")
+        if f"thehive-{ioc}" in ioc_list:
+            ioc_list.remove(f"thehive-{ioc}")
             temp1 = panos.objects.AddressGroup(self.name_external_Address_Group_for_domain, static_value=ioc_list)
             fw.add(temp1)
             temp1.apply()
 
         panos.objects.AddressObject.refreshall(fw)
-        if f"the_hive-{ioc}" in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
+        if f"thehive-{ioc}" in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
             try:
-                deleted_ioc = fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)
+                deleted_ioc = fw.find(f"thehive-{ioc}", panos.objects.AddressObject)
                 deleted_ioc.delete()
             except:
                 self.report({'message': 'Responder did not comlite. Warning in AddressObject'})
 
-        self.report({'message': 'Responder successfully deleted %s from %s' % (f"the_hive-{ioc}",self.name_external_Address_Group_for_domain)})
+        self.report({'message': 'Responder successfully deleted %s from %s' % (f"thehive-{ioc}",self.name_external_Address_Group_for_domain)})
         fw.commit()
 
 if __name__ == '__main__':

diff --git a/responders/PaloAltoNGFW/unblock_external_ip.py b/responders/PaloAltoNGFW/unblock_external_ip.py
@@ -57,21 +57,21 @@ def run(self):
         panos.objects.AddressGroup.refreshall(fw)            
         block_list = fw.find(self.name_external_Address_Group, panos.objects.AddressGroup)
         ioc_list = block_list.about().get('static_value')
-        if f"the_hive-{ioc}" in ioc_list:
-            ioc_list.remove(f"the_hive-{ioc}")
+        if f"thehive-{ioc}" in ioc_list:
+            ioc_list.remove(f"thehive-{ioc}")
             temp1 = panos.objects.AddressGroup(self.name_external_Address_Group, static_value=ioc_list)
             fw.add(temp1)
             temp1.apply()
 
         panos.objects.AddressObject.refreshall(fw)
-        if f"the_hive-{ioc}" in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
+        if f"thehive-{ioc}" in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
             try:
-                deleted_ioc = fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)
+                deleted_ioc = fw.find(f"thehive-{ioc}", panos.objects.AddressObject)
                 deleted_ioc.delete()
             except:
                 self.report({'message': 'Responder did not comlite. Warning in AddressObject'})
 
-        self.report({'message': 'Responder successfully deleted %s from %s' % (f"the_hive-{ioc}",self.name_external_Address_Group)})
+        self.report({'message': 'Responder successfully deleted %s from %s' % (f"thehive-{ioc}",self.name_external_Address_Group)})
         fw.commit()
 if __name__ == '__main__':
     Unblock_ip().run()
diff --git a/responders/PaloAltoNGFW/unblock_internal_domain.py b/responders/PaloAltoNGFW/unblock_internal_domain.py
@@ -59,16 +59,16 @@ def run(self):
 
         block_list = fw.find(self.name_internal_Address_Group_for_domain, panos.objects.AddressGroup)
         ioc_list = block_list.about().get('static_value')
-        if f"the_hive-{ioc}" in ioc_list:
-            ioc_list.remove(f"the_hive-{ioc}")
+        if f"thehive-{ioc}" in ioc_list:
+            ioc_list.remove(f"thehive-{ioc}")
             temp1 = panos.objects.AddressGroup(self.name_internal_Address_Group_for_domain, static_value=ioc_list)
             fw.add(temp1)
             temp1.apply()
 
         panos.objects.AddressObject.refreshall(fw)
-        if f"the_hive-{ioc}" in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
+        if f"thehive-{ioc}" in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
             try:
-                deleted_ioc = fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)
+                deleted_ioc = fw.find(f"thehive-{ioc}", panos.objects.AddressObject)
                 deleted_ioc.delete()
             except:
                 self.report({'message': 'Responder did not comlite. Warning in AddressObject'})

diff --git a/responders/PaloAltoNGFW/unblock_internal_ip.py b/responders/PaloAltoNGFW/unblock_internal_ip.py
@@ -57,21 +57,21 @@ def run(self):
         panos.objects.AddressGroup.refreshall(fw)
         block_list = fw.find(self.name_internal_Address_Group, panos.objects.AddressGroup)
         ioc_list = block_list.about().get('static_value')
-        if f"the_hive-{ioc}" in ioc_list:
-            ioc_list.remove(f"the_hive-{ioc}")
+        if f"thehive-{ioc}" in ioc_list:
+            ioc_list.remove(f"thehive-{ioc}")
             temp1 = panos.objects.AddressGroup(self.name_internal_Address_Group, static_value=ioc_list)
             fw.add(temp1)
             temp1.apply()
 
         panos.objects.AddressObject.refreshall(fw)
-        if f"the_hive-{ioc}" in str(fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)):
+        if f"thehive-{ioc}" in str(fw.find(f"thehive-{ioc}", panos.objects.AddressObject)):
             try:
-                deleted_ioc = fw.find(f"the_hive-{ioc}", panos.objects.AddressObject)
+                deleted_ioc = fw.find(f"thehive-{ioc}", panos.objects.AddressObject)
                 deleted_ioc.delete()
             except:
                 self.report({'message': 'Responder did not comlite. Warning in AddressObject'})
 
-        self.report({'message': 'Responder successfully deleted %s from %s' % (f"the_hive-{ioc}",self.name_internal_Address_Group)})
+        self.report({'message': 'Responder successfully deleted %s from %s' % (f"thehive-{ioc}",self.name_internal_Address_Group)})
         fw.commit()
 
 if __name__ == '__main__':

diff --git a/responders/PaloAltoNGFW/unblock_port_for_external_communication.py b/responders/PaloAltoNGFW/unblock_port_for_external_communication.py
@@ -65,15 +65,15 @@ def run(self):
         panos.objects.ServiceGroup.refreshall(fw)
         block_list = fw.find(self.name_external_Service_Group, panos.objects.ServiceGroup)
         port_list = block_list.about().get('value')    
-        if f"the_hive-{port}-{protocol}" in port_list:
-            port_list.remove(f"the_hive-{port}-{protocol}")
+        if f"thehive-{port}-{protocol}" in port_list:
+            port_list.remove(f"thehive-{port}-{protocol}")
             temp1 = panos.objects.ServiceGroup(self.name_external_Service_Group, value=port_list)
             fw.add(temp1)
             temp1.apply()
 
         panos.objects.ServiceObject.refreshall(fw)
 
-        self.report({'message': 'Responder successfully deleted %s from %s' % (f"the_hive-{port}-{protocol}",self.name_external_Service_Group)})
+        self.report({'message': 'Responder successfully deleted %s from %s' % (f"thehive-{port}-{protocol}",self.name_external_Service_Group)})
         fw.commit()
 
 if __name__ == '__main__':

diff --git a/responders/PaloAltoNGFW/unblock_port_for_internal_communication.py b/responders/PaloAltoNGFW/unblock_port_for_internal_communication.py
@@ -65,8 +65,8 @@ def run(self):
         panos.objects.ServiceGroup.refreshall(fw)
         block_list = fw.find(self.name_internal_Service_Group, panos.objects.ServiceGroup)
         port_list = block_list.about().get('value')    
-        if f"the_hive-{port}-{protocol}" in port_list:
-            port_list.remove(f"the_hive-{port}-{protocol}")
+        if f"thehive-{port}-{protocol}" in port_list:
+            port_list.remove(f"thehive-{port}-{protocol}")
             temp1 = panos.objects.ServiceGroup(self.name_internal_Service_Group, value=port_list)
             fw.add(temp1)
             temp1.apply()