This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
martylee
Participant
‎2022-05-18 08:23 AM
Jump to solution

Python script to install access rules on check point R80.40 - add multiple ports

Hi there,

Making use of cpapi, I can write some python scripts to add access rules from an excel file into a check point firewall R80.40

This is the youtube link that I demo the process.

https://www.youtube.com/watch?v=8D4XJ3Bwtrk

One of the limitations of the python scripts is that I can only add a single source IP address, a single destination address and a single port for a given row (or a given single rule number).

But in my work environment, a single rule number most likely contains multiple  source IP addresses, multiple  destination addresses and multiple ports, such as the sample excel that I upload in this post (ADD_RULES_real_world.xlsx).

It would be great if you could shed some light.

(You can see or download my source code from the youtube link as the file .py is not supported here.)

Thank you.

Marty

Preview file
10 KB
Preview file
11 KB
code.zip
0 Kudos
1 Solution

Accepted Solutions
Bob_Zimmerman
MVP Gold
MVP Gold
‎2022-05-18 10:21 AM
Jump to solution

I'm not able to download the code. From the video, it looks like when you're creating the objects, you set obj_src and obj_dst to be equal to a given name, rather than appending the name to a list. Thus, when you use obj_src and obj_dst later to make the API call to create the rule, they only contain one thing each.

View solution in original post

0 Kudos
7 Replies
Bob_Zimmerman
MVP Gold
MVP Gold
‎2022-05-18 10:21 AM
Jump to solution

I'm not able to download the code. From the video, it looks like when you're creating the objects, you set obj_src and obj_dst to be equal to a given name, rather than appending the name to a list. Thus, when you use obj_src and obj_dst later to make the API call to create the rule, they only contain one thing each.

0 Kudos
martylee
Participant
‎2022-05-19 05:06 AM
In response to Bob_Zimmerman
Jump to solution

Hi Bob,

Thank you for giving me some directions. Will try to work on it about using list.

Already fixed the link on youtube and the source code is zipped here. 

0 Kudos
martylee
Participant
‎2022-05-23 10:32 AM
In response to Bob_Zimmerman
Jump to solution

Hi Bob, _Val_ and everyone,

Thanks Bob for providing me a direction on using list. It works like a charm. Another questions are:

1. how to add groups (grouping of different subnets), what is the parameters or keyword I should use in the python script ?

2. how to add port range eg: tcp port 1000-200 ? Again I don't know the parameter of keywords.

0 Kudos
_Val_
Admin
Admin
‎2022-05-19 01:21 AM
Jump to solution

Zip and share python code here please.

0 Kudos
martylee
Participant
‎2022-05-19 05:04 AM
In response to _Val_
Jump to solution

Hi _Val_,

thanks for your reminder. It is shared here. 

code.zip
0 Kudos
martylee
Participant
‎2022-05-29 10:04 AM
In response to martylee
Jump to solution

You may download the source code as below link:

https://www.youtube.com/watch?v=xgh4M6TvlxE

0 Kudos
aheilmaier
Participant
‎2024-01-19 08:05 AM
In response to martylee
Jump to solution

Thanks great demo.

just a question, when I run the script a second time, does it create the objects like host ... again ?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events