This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Vikas_Kakkar
Explorer
‎2022-01-26 10:43 PM

Ansible Playbook/Postman API queries of Rulebase prints Hex Format instead of ip addr/port/app/site

Hi Folks,

Need your help with couple of queries.

1. I am trying to print the rulebase (with/without filters) through Ansible playbook (access_rule_facts module of checkpoint collection), but, it prints the result in Hex format (not readable), not the way how it populates the value in smart console rules. How can I print it in normal ip addr/port number/application/site format? tried doing it through postman and result was same. Postman Output:

            "rule-number"1,
            "track": {
                "type""78566494-7e96-4513-ada9-ded83f4ee9ea",
                "per-session"true,
                "per-connection"false,
                "accounting"false,
                "enable-firewall-session"false,
                "alert""none"
            },
            "source": [
                "1f315bb4-9874-42a3-bcfd-5f7ced870804"
            ],
            "source-negate"false,
            "destination": [
                "f99b1488-7510-11e2-8668-87656188709b"
            ],
            "destination-negate"false,
            "service": [
                "b290c409-da67-4bb0-9a46-6e104953f149"
            ],
 
Ansible Playbook: 
        
---
- name: AccessRules_Information_playbook
hosts: check_point
connection: httpapi
gather_facts: false
vars:
ansible_checkpoint_domain: "My DMS Name"
tasks:
- name: Show URL Filtering Policy
check_point.mgmt.cp_mgmt_access_rule_facts:
details_level: standard
limit: 10
offset: 0
name: FW_Policy Application
use_object_dictionary: true
register: result
ignore_errors: True
- name: Rules information
debug:
msg: "{{ result.ansible_facts['access-rulebase'] }}"
 

=============

2. Is it possible to filter the output by source, destination, port and action? I assume if we choose to filter, then we need loop to print the same for all the rules. Is it possible within Ansible Playbook?

Any help here would be appreciated.

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2022-01-27 04:54 AM

You might try the regular REST API for the second question: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-access-rulebase~v1.8%20
Possible this is also doable with Ansible

For the first question, you might need to use use_object_dictionary: false to get results that aren’t uuids.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events