Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tai_Bui
Participant

Create rule below Inline-layer via mgmt_cli

Hi all,

I am practicing lab how to use CLI in checkpoint for R80.40 (v1.6). I want to create rule below my Inline-layer. I tried to follow the CheckPoint API Guide, but I don't see it is available.  Does anyone try it do that before? 

 
 

Screenshot 2021-05-23 123206.png

Here is my API  line:

mgmt_cli -r true add access-rule layer 'External-GW Network' position. below ' Allow mgmt outbound' name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'

mgmt_cli -r true add access-rule layer 'External-GW Network' position.above 'Cleanup rule' name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'

mgmt_cli -r true add access-rule layer 'External-GW Network' position 1.1 name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'

 

The first one seems created new rule #2 but did not create rule 1.1 that I wanted. 

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

An inline layer is itself a unique layer.
They way you manipulate it via the API is to reference that layer specifically, which I assume will be called Outbound-mgmt (as shown in Rule 1).
Any positional arguments will be in terms of that specific layer only.

0 Kudos