Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mirko_Leschhorn
Participant

show-access-rulebase along with inline layers

Hello,

at the moment I am trying to build a script that checks whether specific source and destination is accepted or dropped.

For this I am using the the api call "show-access-rulebase" with filter settings for source, destination and port. (API-Version 1.1)

Parsing the JSON works quite well, but as soon as there is a rule in an inline layer, I cannot access the inner rule and find the information about this rule. Is there any possibility to show this information? Using and searching the UIDs linked with the inline layer did not give me any further help how to find the right rules inside the inline layer.

As example, here a JSON-Output. Rule 4 is a rule with inner layer, that matches:

Request:

{
"offset": 0,
"limit": 500,
"name": "Network",
"details-level": "full",
"use-object-dictionary": true,
"filter": "src:192.168.178.4 AND dst:192.168.178.5 AND svc:80",
"filter-settings": {
"search-mode": "packet",
"packet-search-settings": {
"match-on-any": "true"
}
}
}

Response:

{
"uid": "21289aa8-e62d-44ed-a395-bd54007812e2",
"name": "Network",
"rulebase": [
{
"uid": "0a9ce5cc-80e7-41c4-988c-b1b55dc8e0ef",
"type": "access-rule",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"rule-number": 2,
"filter-match-details": [
{
"column": "destination",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
},
{
"column": "source",
"objects": [
"55844894-82b1-403c-a195-17f7bd54bf6d"
]
},
{
"column": "service",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
}
],
"track": {
"type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
"per-session": false,
"per-connection": false,
"accounting": false,
"alert": "none"
},
"source": [
"55844894-82b1-403c-a195-17f7bd54bf6d"
],
"source-negate": false,
"destination": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"destination-negate": false,
"service": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"service-negate": false,
"vpn": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"action": "6c488338-8eec-4103-ad21-cd461ac2c473",
"action-settings": {},
"content": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"content-negate": false,
"content-direction": "any",
"time": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"custom-fields": {
"field-1": "",
"field-2": "",
"field-3": ""
},
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1549962172696,
"iso-8601": "2019-02-12T10:02+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1549962154806,
"iso-8601": "2019-02-12T10:02+0100"
},
"creator": "user"
},
"comments": "",
"enabled": true,
"install-on": [
"6c488338-8eec-4103-ad21-cd461ac2c476"
]
},
{
"uid": "0d1deba9-778f-4688-80cf-cb65ec1f386e",
"name": "upperRule4",
"type": "access-rule",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"rule-number": 4,
"filter-match-details": [
{
"inner-rules": [
"3ec644bf-d753-462f-b262-9bfbb20080a3"
]
},
{
"column": "destination",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
},
{
"column": "source",
"objects": [
"55844894-82b1-403c-a195-17f7bd54bf6d"
]
},
{
"column": "service",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
}
],
"track": {
"type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
"per-session": false,
"per-connection": false,
"accounting": false,
"alert": "none"
},
"source": [
"ad9b7fcd-bfdc-4020-95ac-0261bfd94dd4",
"55844894-82b1-403c-a195-17f7bd54bf6d"
],
"source-negate": false,
"destination": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"destination-negate": false,
"service": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"service-negate": false,
"vpn": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"action": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
"action-settings": {},
"inline-layer": "838ecbc8-08f6-4961-b454-b41012a08874",
"content": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"content-negate": false,
"content-direction": "any",
"time": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"custom-fields": {
"field-1": "",
"field-2": "",
"field-3": ""
},
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1550050786168,
"iso-8601": "2019-02-13T10:39+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1533540801600,
"iso-8601": "2018-08-06T09:33+0200"
},
"creator": "user"
},
"comments": "",
"enabled": true,
"install-on": [
"6c488338-8eec-4103-ad21-cd461ac2c476"
]
},
{
"uid": "35c290b0-de5b-40f6-81d8-41158b09cbae",
"name": "Clean up rule",
"type": "access-section",
"from": 3,
"to": 3,
"rulebase": [
{
"uid": "5d584618-0485-4387-8a9d-5d0b10bf5ab1",
"name": "Cleanup rule",
"type": "access-rule",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"rule-number": 10,
"filter-match-details": [
{
"column": "destination",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
},
{
"column": "source",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
},
{
"column": "service",
"objects": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
]
},
{
"inner-rules": [
"b5060735-9a7f-499c-a99b-96ff292c7850"
]
}
],
"track": {
"type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
"per-session": false,
"per-connection": true,
"accounting": false,
"alert": "none"
},
"source": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"source-negate": false,
"destination": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"destination-negate": false,
"service": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"service-negate": false,
"vpn": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"action": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
"action-settings": {},
"inline-layer": "5f98c707-d31c-43ec-95d6-306bf73fea91",
"content": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"content-negate": false,
"content-direction": "any",
"time": [
"97aeb369-9aea-11d5-bd16-0090272ccb30"
],
"custom-fields": {
"field-1": "",
"field-2": "",
"field-3": "7021752, 07017507"
},
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1549982111120,
"iso-8601": "2019-02-12T15:35+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1501597428551,
"iso-8601": "2017-08-01T16:23+0200"
},
"creator": "System"
},
"comments": "",
"enabled": true,
"install-on": [
"6c488338-8eec-4103-ad21-cd461ac2c476"
]
}
]
}
],
"objects-dictionary": [
{
"uid": "97aeb369-9aea-11d5-bd16-0090272ccb30",
"name": "Any",
"type": "CpmiAnyObject",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "black",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597250871,
"iso-8601": "2017-08-01T16:20+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597250871,
"iso-8601": "2017-08-01T16:20+0200"
},
"creator": "System"
},
"tags": [],
"icon": "General/globalsAny",
"comments": null,
"display-name": "",
"customFields": null
},
{
"uid": "ad9b7fcd-bfdc-4020-95ac-0261bfd94dd4",
"name": "host1",
"type": "host",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"ipv4-address": "192.168.178.6",
"interfaces": [],
"nat-settings": {
"auto-rule": false
},
"groups": [],
"comments": "Object created automatically by wizard.",
"color": "black",
"icon": "Objects/host",
"tags": [],
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1533631014227,
"iso-8601": "2018-08-07T10:36+0200"
},
"last-modifier": "user",
"creation-time": {
"posix": 1533631014227,
"iso-8601": "2018-08-07T10:36+0200"
},
"creator": "user"
},
"read-only": false
},
{
"uid": "6c488338-8eec-4103-ad21-cd461ac2c473",
"name": "Drop",
"type": "RulebaseAction",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "none",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597269121,
"iso-8601": "2017-08-01T16:21+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597269121,
"iso-8601": "2017-08-01T16:21+0200"
},
"creator": "System"
},
"tags": [],
"icon": "Actions/actionsDrop",
"comments": "Drop",
"display-name": "Drop",
"customFields": null
},
{
"uid": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
"name": "Inner Layer",
"type": "Global",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "none",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597269287,
"iso-8601": "2017-08-01T16:21+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597269287,
"iso-8601": "2017-08-01T16:21+0200"
},
"creator": "System"
},
"tags": [],
"icon": "ApplicationFirewall/Rulebase",
"comments": "Apply inline layer in case of rule match",
"customFields": null
},
{
"uid": "598ead32-aa42-4615-90ed-f51a5928d41d",
"name": "Log",
"type": "Track",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "none",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597268981,
"iso-8601": "2017-08-01T16:21+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597268981,
"iso-8601": "2017-08-01T16:21+0200"
},
"creator": "System"
},
"tags": [],
"icon": "Track/tracksLog",
"comments": "Tracks network information and rule matches.",
"customFields": null
},
{
"uid": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
"name": "None",
"type": "Track",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "none",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597268971,
"iso-8601": "2017-08-01T16:21+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597268971,
"iso-8601": "2017-08-01T16:21+0200"
},
"creator": "System"
},
"tags": [],
"icon": "General/globalsNone",
"comments": "No tracking.",
"customFields": null
},
{
"uid": "6c488338-8eec-4103-ad21-cd461ac2c476",
"name": "Policy Targets",
"type": "Global",
"domain": {
"uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name": "Check Point Data",
"domain-type": "data domain"
},
"color": "none",
"meta-info": {
"validation-state": "ok",
"last-modify-time": {
"posix": 1501597268910,
"iso-8601": "2017-08-01T16:21+0200"
},
"last-modifier": "System",
"creation-time": {
"posix": 1501597268910,
"iso-8601": "2017-08-01T16:21+0200"
},
"creator": "System"
},
"tags": [],
"icon": "General/globalsAny",
"comments": "The policy target gateways",
"customFields": null
},
{
"uid": "5f98c707-d31c-43ec-95d6-306bf73fea91",
"name": "test2",
"type": "access-layer",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"shared": false,
"applications-and-url-filtering": false,
"content-awareness": false,
"mobile-access": false,
"firewall": true,
"comments": "",
"color": "black",
"icon": "ApplicationFirewall/rulebase",
"tags": [],
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1549982182614,
"iso-8601": "2019-02-12T15:36+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1549982110592,
"iso-8601": "2019-02-12T15:35+0100"
},
"creator": "user"
},
"read-only": false
},
{
"uid": "838ecbc8-08f6-4961-b454-b41012a08874",
"name": "Testlayer",
"type": "access-layer",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"shared": false,
"applications-and-url-filtering": false,
"content-awareness": false,
"mobile-access": false,
"firewall": true,
"comments": "",
"color": "black",
"icon": "ApplicationFirewall/rulebase",
"tags": [],
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1549985586177,
"iso-8601": "2019-02-12T16:33+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1549982302871,
"iso-8601": "2019-02-12T15:38+0100"
},
"creator": "user"
},
"read-only": false
},
{
"uid": "55844894-82b1-403c-a195-17f7bd54bf6d",
"name": "testnetwork",
"type": "network",
"domain": {
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name": "SMC User",
"domain-type": "domain"
},
"broadcast": "allow",
"subnet4": "192.168.178.0",
"mask-length4": 24,
"subnet-mask": "255.255.255.0",
"nat-settings": {
"auto-rule": false
},
"groups": [],
"comments": "",
"color": "black",
"icon": "NetworkObjects/network",
"tags": [],
"meta-info": {
"lock": "unlocked",
"validation-state": "ok",
"last-modify-time": {
"posix": 1549962149585,
"iso-8601": "2019-02-12T10:02+0100"
},
"last-modifier": "user",
"creation-time": {
"posix": 1549962149585,
"iso-8601": "2019-02-12T10:02+0100"
},
"creator": "user"
},
"read-only": false
}
],
"from": 1,
"to": 3,
"total": 3
}

Thanks and BR!

Mirko

4 Replies
Joshua_Hatter
Employee
Employee

So in your output here. The action for rule 4 is UID ea28da66-c5ed-11e2-bc66-aa5c6188709b, and in the object dictionary you can see the type is 'inline layer'. You should take this UID and use it to run show access rulebase against it to get that layers rules.

Mirko_Leschhorn
Participant

Hi,

thanks for your answer! I tried this but only get back all rules that does use any inline layer. Again not along with any information about the inner rule.

BR
Mirko

PhoneBoy
Admin
Admin

There is a parameter for each rule called inline-layer.

For example, in like 151 of your output, you will notice:

            "inline-layer": "838ecbc8-08f6-4961-b454-b41012a08874",

This is the UID of the actual inline layer, which can be shown using show-access-rulebase.

If the rule doesn't have an inline layer, the inline-layer parameter will be null.

Mirko_Leschhorn
Participant

Thank you guys, I first misunderstood you two. I entered the UID in the "filter", not in the "name".

Now with using the UID in the "name"-Parameter this works. 

BR

Mirko

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events