This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
NickT
Explorer
‎2020-11-02 02:27 AM

Python Import Error

I am getting the following error when trying to importing access rules via the API using the Python script

 

Failed to import access-rule with name [Cleanup rule]. Error: message: Missing parameter: [layer]

 

python import_export_package.py -op import -sid "xxxxx" -m 1.1.1.1 -n TEST -f importing/policy.tar.gz

 

I have tried referencing the layer by name and UID, to no avail

action,layer,action-settings.enable-identity-captive-portal,comments,content-direction,content-negate,content.0,custom-fields.field-1,custom-fields.field-2,custom-fields.field-3,destination-negate,enabled,install-on.0,name,position,service-negate,source-negate,time.0,track.accounting,track.alert,track.per-connection,track.per-session,track.type,vpn.0,destination.0,service.0,source.0,source.1
Drop,77da8da0-9bd6-49ec-89a1-9fe3de97f7d1,,,any,false,Any,,,,false,true,Policy Targets,Cleanup rule,3,false,false,Any,false,none,false,false,None,Any,Any,,,Any,,Any,

 

Any help would be much appreciated

Thanks

Nick

0 Kudos
5 Replies
Sigbjorn
Advisor
Advisor
‎2020-11-02 04:28 AM

Make sure you don't confuse policy package with layer.

You can do a "show-packages" / "show-package name "xxx"" to see which layers are added to it.

0 Kudos
NickT
Explorer
‎2020-11-02 07:15 AM
In response to Sigbjorn

Hey

This is the output from show package name XXXX

There is only one layer, which is referenced in the import CSV posted above. 
I get the same behaviour when trying to import access sections

 

[Expert@iedub-cpmgmt01:0]# mgmt_cli -s id.txt show packages
packages:
- uid: "60540955-9cd5-4dab-b5e9-8c3622694f29"
name: "REMOTE-OFFICE"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

- uid: "55cc9342-d886-4cfd-bf5e-d438bb5e698e"
name: "REMOTE-OFFICES"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

 



mgmt_cli -s id.txt show package name REMOTE-OFFICES
uid: "55cc9342-d886-4cfd-bf5e-d438bb5e698e"
name: "REMOTE-OFFICES"
type: "package"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"
access: true
access-layers:
- uid: "77da8da0-9bd6-49ec-89a1-9fe3de97f7d1"
name: "Network"
type: "access-layer"
domain:
uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
name: "SMC User"
domain-type: "domain"

0 Kudos
Sigbjorn
Advisor
Advisor
‎2020-11-02 08:46 AM
In response to NickT

Looks like the layer is just named "Network" which is the default.

So if you try the following command, does it fail? ;

mgmt_cli -s id.txt add access-section layer Network name FirstSection position top

0 Kudos
NickT
Explorer
‎2020-11-02 01:18 PM
In response to Sigbjorn

Hi

That command works with no errors. This command is what I had to revert to manually importing the rules. 

It is weird, as I created a new policy with one access rule, exported it via the Python script, tried to import it. Fails straight away.

0 Kudos
Sigbjorn
Advisor
Advisor
‎2020-11-02 10:57 PM
In response to NickT

Sounds like something the authors should look into.

@Inbar_Moskovich @Robert_Decker 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events