Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Participant

API set-access-rule Adding / removing Source or destination

Jump to solution

I done the following with mgmt_cli:

set access-rule rule-number 1 layer "Test Network" source.add "Test_Host1"

set access-rule rule-number 1 layer "Test Network" source.add "Test_Host2"

set access-rule rule-number 1 layer "Test Network" source.add "Test_Host3"

set access-rule rule-number 1 layer "Test Network" source.add "Test_Host4"

set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host1"

set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host2"

set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host3"

set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host4"

 

How can I do the same with curl?

source.add as well destination.remove gets the error

"code" : "generic_err_invalid_syntax",
"message" : "Payload is not a valid JSON"

 

 

 

1 Solution

Accepted Solutions
Employee
Employee

For the source/destination/service fields we can use the add/remove functions of the set-access-rule api call.

Here is an example in JSON of adding hosts as a source to a rule.  This will add the three hosts to the source of the rule without having to specify all of the sources that are there already.

{
"name" : "Test Rule",
"layer" : "Network",
"source" : { "add" : ["host1", "host2", "host3"]
   }
}

 

Hope this helps.

View solution in original post

5 Replies
Admin
Admin
What precisely did you try?
0 Kudos
Reply
Participant

Hi PhoneBoy

As you can see I added Test_Host1 to Test_Host4 into the source column of the existing Rule 1 in Policy Package Test, as well removing Test_Host1 to Test_Host4 from the destination column in the same Rule and Policy. I did that successful within the mgmt_cli tool, but would like to do the same with curl or curl_cli.

The problem is the syntax in the curly brackets of curl  ...set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source.add" : "Test_Host5"}'

 

0 Kudos
Reply
Participant

Hi PhoneBoy

In the meantime I found a workarround for the problem.
Simply list all sources or destinations in the rule and then add or remove selectiv.

- add Test_Host1 to Test_Host4 into source column
set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source" : ["Test_Host1","Test_Host2","Test_Host3","Test_Host4"]}

- remove Test_Host1 from source column
set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source" : ["Test_Host2","Test_Host3","Test_Host4"]}

The same for destionation.

I think there should be a simpler solution for that.

0 Kudos
Reply
Employee
Employee

For the source/destination/service fields we can use the add/remove functions of the set-access-rule api call.

Here is an example in JSON of adding hosts as a source to a rule.  This will add the three hosts to the source of the rule without having to specify all of the sources that are there already.

{
"name" : "Test Rule",
"layer" : "Network",
"source" : { "add" : ["host1", "host2", "host3"]
   }
}

 

Hope this helps.

View solution in original post

Participant
Many thanks, much easier than my workarround
0 Kudos
Reply