Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Oded_Ratzon
Explorer

Replacing FW object in policy with API

Hi,

I new to all this API stuff and be glad for help and directions.

I have R80.30 and the SMS is managing 2 sepereted Gateways (FW-1 & FW-2) on the same package.

Each line on policy have diffrent gateway at the "Installed on" colum.

I want to create (manually) a cluster object (Cluster-1), and put this object instead of FW-1 at rule base.

I want to do it with mgmt_cli (is it even possible?)

I thought to filter the rule number from the "mgmt_cli show access-rulebase name Rulebase" command, where the FW-1 appering.

I didnt success. it look like I dont have all the rules & I couldn't get the rule number 😞

How can I  do it ?

 

Oded.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

When working with the rulebase in the API, the actual rule number isn't very relevant, the rule UID is, which is unique to the rule itself.
You should be able to do something like mgmt_cli show access-rulebase name Rulebase filter "FW-1 AND FW-2" to get all the rules that mention both.
From there, you iterate over each rule uid and set the install-on target to the new cluster object.
If this doesn't work, please show precisely what you tried with the exact results.

0 Kudos