- CheckMates
- :
- Products
- :
- Developers
- :
- API / CLI Discussion
- :
- Create rule below Inline-layer via mgmt_cli
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Create rule below Inline-layer via mgmt_cli
Hi all,
I am practicing lab how to use CLI in checkpoint for R80.40 (v1.6). I want to create rule below my Inline-layer. I tried to follow the CheckPoint API Guide, but I don't see it is available. Does anyone try it do that before?
Here is my API line:
mgmt_cli -r true add access-rule layer 'External-GW Network' position. below ' Allow mgmt outbound' name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'
mgmt_cli -r true add access-rule layer 'External-GW Network' position.above 'Cleanup rule' name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'
mgmt_cli -r true add access-rule layer 'External-GW Network' position 1.1 name 'mgmt to internet' action- 'Accept' source 'Site-MGMT' destination.1 'Site2' destination.2 'Site3' track.type 'log'
The first one seems created new rule #2 but did not create rule 1.1 that I wanted.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
An inline layer is itself a unique layer.
They way you manipulate it via the API is to reference that layer specifically, which I assume will be called Outbound-mgmt (as shown in Rule 1).
Any positional arguments will be in terms of that specific layer only.
