This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
dirBow
Explorer
‎2024-06-10 09:12 PM
Jump to solution

Create a firewall rule within specific access section

Hi team,


I am currently developing a playbook to automate rule creation on checkpoint. But for now the rule is made at the very bottom/top of the list of rules and I want to make the rule on the specific access section. i'm using new module from ansible

here is my code:

- name: create access-rule if not present
check_point.mgmt.cp_mgmt_access_rule:
  layer: "{{ cp_layer }}"
  name: "{{ cp_access_rule_name }}"
  service:
     - "{{ cp_service_tcp_name }}"
  action: "{{ cp_access_rule_action }}"
  comments: create automatic by ansible
  source:
     - "{{ cp_access_rule_source }}"
  destination:
     - "{{ cp_access_rule_destination }}"
  enabled: true
  search_entire_rulebase: true
  track:
     type: log
  position: bottom
  state: present
  register: create_access_rule
ignore_errors: true

 

Is there any insight i can achieve to create rule on specific access section?

 
thanks in advance
regards
0 Kudos
1 Solution

Accepted Solutions
Erik_Lagzdins
Employee Employee
Employee
‎2024-06-11 10:49 AM
Jump to solution

If you want to add a new access rule under a specific section title, you need to use the 'relative_position' parameter.

Here is an example if you want to create a rule at the top of the section named "Automated Rules".

    - name: "Demo - Add Standard Access Rule at top of section title"
      check_point.mgmt.cp_mgmt_access_rule:
        layer: "Access Rules Network"
        name: Test_Rule1
        state: present
        relative_position:
          top: "Automated Rules"
        service: SMTP
        source: Any
        action: Accept
        auto_publish_session: true

  

 

View solution in original post

2 Replies
Erik_Lagzdins
Employee Employee
Employee
‎2024-06-11 10:49 AM
Jump to solution

If you want to add a new access rule under a specific section title, you need to use the 'relative_position' parameter.

Here is an example if you want to create a rule at the top of the section named "Automated Rules".

    - name: "Demo - Add Standard Access Rule at top of section title"
      check_point.mgmt.cp_mgmt_access_rule:
        layer: "Access Rules Network"
        name: Test_Rule1
        state: present
        relative_position:
          top: "Automated Rules"
        service: SMTP
        source: Any
        action: Accept
        auto_publish_session: true

  

 

dirBow
Explorer
‎2024-06-16 12:19 PM
In response to Erik_Lagzdins
Jump to solution

hi erik,

sorry for the late reply.

i have tested relative_position and it works. thanks for your help

Upcoming Events

    Sort by:
    CheckMates Events