Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Iron

create firewall rule for r77.30 from web interface

hi

I want to write a script to call r77.30 to create some firewall rules. and as you may know that there is no api for r77.30. if there is a way to create the rule from the web interface (not from smart dashboard] i can intercept the request and build it in my script.

if you have any other workaround for this situation please share it with me.

 

thanks

0 Kudos
5 Replies
Highlighted

Technically it is possible using dbedit command line tool. But if you are new to CP I would strongly advise to stay away from it, you can easily screw up your management if used incorrectly. There are SK articles if you search for dbedit

0 Kudos
Highlighted

look for fw samp feature alias suspicious activity rules.

0 Kudos
Highlighted
Admin
Admin

Those don't have API support even in R80.x.
You can manage those via the CLI using SSH to the gateway(s).
I assume you could write a web frontend to handle this, but what libraries and framework you'd use is a bit outside my knowledge base.
0 Kudos
Highlighted
Iron

Thanks phoneboy for your answer.

 even if we upgrade to r80.x we won't be able to do it through api ?

0 Kudos
Highlighted
Admin
Admin

Theoretically possible, yes.
A good idea? No.

At a high level, your web interface would have to generate dbedit commands.
In terms of modifying an existing rules or creating/modifying objects, that can be done.
Adding/deleting rules can also be done, but it's far from simple as there is no such operation as "insert."
Not to mention that you'll have to have logic to deal with the fact that, when the dbedit commands are run, an admin might also be connected in read/write mode, causing those commands to not work.
As well as deal with a few other possible concurrency issues that might come up.

Also keep in mind that we have limited documentation available for dbedit.
And, given that R77.x is End of Support, you're basically on your own if you run into any issues.

You're really better off upgrading to R80.x.
If you absolutely must still run gateways on R77.30, at least upgrade the management to R80.x, which will allow you to use the management APIs.
The Management APIs are far simpler and better documented than dbedit ever was.