- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
I done the following with mgmt_cli:
set access-rule rule-number 1 layer "Test Network" source.add "Test_Host1"
set access-rule rule-number 1 layer "Test Network" source.add "Test_Host2"
set access-rule rule-number 1 layer "Test Network" source.add "Test_Host3"
set access-rule rule-number 1 layer "Test Network" source.add "Test_Host4"
set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host1"
set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host2"
set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host3"
set access-rule rule-number 1 layer "Test Network" destination.remove "Test_Host4"
How can I do the same with curl?
source.add as well destination.remove gets the error
"code" : "generic_err_invalid_syntax",
"message" : "Payload is not a valid JSON"
For the source/destination/service fields we can use the add/remove functions of the set-access-rule api call.
Here is an example in JSON of adding hosts as a source to a rule. This will add the three hosts to the source of the rule without having to specify all of the sources that are there already.
{
"name" : "Test Rule",
"layer" : "Network",
"source" : { "add" : ["host1", "host2", "host3"]
}
}
Hope this helps.
Hi PhoneBoy
As you can see I added Test_Host1 to Test_Host4 into the source column of the existing Rule 1 in Policy Package Test, as well removing Test_Host1 to Test_Host4 from the destination column in the same Rule and Policy. I did that successful within the mgmt_cli tool, but would like to do the same with curl or curl_cli.
The problem is the syntax in the curly brackets of curl ...set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source.add" : "Test_Host5"}'
Hi PhoneBoy
In the meantime I found a workarround for the problem.
Simply list all sources or destinations in the rule and then add or remove selectiv.
- add Test_Host1 to Test_Host4 into source column
set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source" : ["Test_Host1","Test_Host2","Test_Host3","Test_Host4"]}
- remove Test_Host1 from source column
set-access-rule -d '{"rule-number" : "1", "layer" : "Test Network", "source" : ["Test_Host2","Test_Host3","Test_Host4"]}
The same for destionation.
I think there should be a simpler solution for that.
For the source/destination/service fields we can use the add/remove functions of the set-access-rule api call.
Here is an example in JSON of adding hosts as a source to a rule. This will add the three hosts to the source of the rule without having to specify all of the sources that are there already.
{
"name" : "Test Rule",
"layer" : "Network",
"source" : { "add" : ["host1", "host2", "host3"]
}
}
Hope this helps.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY