Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Herschel_Liang
Collaborator
Jump to solution

Can "Firewall Policy Query" via R81.10 API?

Is there any way run a query the on the Firewall Policy Rule Base to show only selected rules in the Rule Base, according to your criteria via R81.10 API? Can it come true on R81.10 API? The client want to achieve taget very like "Firewall Policy Query" on Smartdashboard, but he want to used via API. Criteria Values Examples: source:192.168.10.1 action:(drop) You can enter one text string, such as an object's name or IP address without delimiters. In this case, SmartDashboard shows records that contain the given criteria in all relevant fields, e.g. an IP address will be searched in Source, Destination and Install On fields of rules. One string examples: CP_default_Office_Mode_addresses_pool 192.168.10.1 http IP Addresses You can enter IPv4 address using dotted decimal or CIDR notation. Examples: 192.0.2.32 192.0.2.0/24 Off course, it do not need the same feature. Simple firewall policy query is OK. Such as we can search source and destination IP and show us match policy via API is OK. THX!
0 Kudos
1 Solution

Accepted Solutions
JozkoMrkvicka
Mentor
Mentor

As was mentioned, you can achieve this only using some script.

But there is something which might be helpful for you. There is command "fw up_execute" available which can check if desired communication is matched (accept or drop).

Kind regards,
Jozko Mrkvicka

View solution in original post

0 Kudos
4 Replies
_Val_
Admin
Admin

Not with a single API call, but pretty achievable.

Look into "show access-rulebase" and "show access-rule" calls. You can get the policy package and then filter JSON output by additional criteria, such as source, destination, action, etc.

0 Kudos
Herschel_Liang
Collaborator

Are there any examples for the requirement? I am not a programmer .......

0 Kudos
_Val_
Admin
Admin

For the mentioned API calls, look here: https://sc1.checkpoint.com/documents/latest/APIs/#cli/show-access-rulebase~v1.8%20

Then you will have to acquire an understanding of JSON and some scripting skills, I am afraid.

0 Kudos
JozkoMrkvicka
Mentor
Mentor

As was mentioned, you can achieve this only using some script.

But there is something which might be helpful for you. There is command "fw up_execute" available which can check if desired communication is matched (accept or drop).

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events