AnsweredAssumed Answered

show-access-rulebase along with inline layers

Question asked by Mirko Leschhorn on Feb 13, 2019
Latest reply on Feb 13, 2019 by Mirko Leschhorn

Hello,

 

at the moment I am trying to build a script that checks whether specific source and destination is accepted or dropped.

 

For this I am using the the api call "show-access-rulebase" with filter settings for source, destination and port. (API-Version 1.1)

 

Parsing the JSON works quite well, but as soon as there is a rule in an inline layer, I cannot access the inner rule and find the information about this rule. Is there any possibility to show this information? Using and searching the UIDs linked with the inline layer did not give me any further help how to find the right rules inside the inline layer.

 

As example, here a JSON-Output. Rule 4 is a rule with inner layer, that matches:

 

Request:

{
    "offset": 0,
    "limit": 500,
    "name": "Network",
    "details-level": "full",
    "use-object-dictionary": true,
    "filter": "src:192.168.178.4 AND dst:192.168.178.5 AND svc:80",
    "filter-settings": {
        "search-mode": "packet",
        "packet-search-settings": {
            "match-on-any": "true"
        }
    }
}

 

Response:

 

{
    "uid": "21289aa8-e62d-44ed-a395-bd54007812e2",
    "name": "Network",
    "rulebase": [
        {
            "uid": "0a9ce5cc-80e7-41c4-988c-b1b55dc8e0ef",
            "type": "access-rule",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "rule-number": 2,
            "filter-match-details": [
                {
                    "column": "destination",
                    "objects": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ]
                },
                {
                    "column": "source",
                    "objects": [
                        "55844894-82b1-403c-a195-17f7bd54bf6d"
                    ]
                },
                {
                    "column": "service",
                    "objects": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ]
                }
            ],
            "track": {
                "type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
                "per-session": false,
                "per-connection": false,
                "accounting": false,
                "alert": "none"
            },
            "source": [
                "55844894-82b1-403c-a195-17f7bd54bf6d"
            ],
            "source-negate": false,
            "destination": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "destination-negate": false,
            "service": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "service-negate": false,
            "vpn": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "action": "6c488338-8eec-4103-ad21-cd461ac2c473",
            "action-settings": {},
            "content": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "content-negate": false,
            "content-direction": "any",
            "time": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "custom-fields": {
                "field-1": "",
                "field-2": "",
                "field-3": ""
            },
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1549962172696,
                    "iso-8601": "2019-02-12T10:02+0100"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1549962154806,
                    "iso-8601": "2019-02-12T10:02+0100"
                },
                "creator": "user"
            },
            "comments": "",
            "enabled": true,
            "install-on": [
                "6c488338-8eec-4103-ad21-cd461ac2c476"
            ]
        },
        {
            "uid": "0d1deba9-778f-4688-80cf-cb65ec1f386e",
            "name": "upperRule4",
            "type": "access-rule",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "rule-number": 4,
            "filter-match-details": [
                {
                    "inner-rules": [
                        "3ec644bf-d753-462f-b262-9bfbb20080a3"
                    ]
                },
                {
                    "column": "destination",
                    "objects": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ]
                },
                {
                    "column": "source",
                    "objects": [
                        "55844894-82b1-403c-a195-17f7bd54bf6d"
                    ]
                },
                {
                    "column": "service",
                    "objects": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ]
                }
            ],
            "track": {
                "type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
                "per-session": false,
                "per-connection": false,
                "accounting": false,
                "alert": "none"
            },
            "source": [
                "ad9b7fcd-bfdc-4020-95ac-0261bfd94dd4",
                "55844894-82b1-403c-a195-17f7bd54bf6d"
            ],
            "source-negate": false,
            "destination": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "destination-negate": false,
            "service": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "service-negate": false,
            "vpn": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "action": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
            "action-settings": {},
            "inline-layer": "838ecbc8-08f6-4961-b454-b41012a08874",
            "content": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "content-negate": false,
            "content-direction": "any",
            "time": [
                "97aeb369-9aea-11d5-bd16-0090272ccb30"
            ],
            "custom-fields": {
                "field-1": "",
                "field-2": "",
                "field-3": ""
            },
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1550050786168,
                    "iso-8601": "2019-02-13T10:39+0100"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1533540801600,
                    "iso-8601": "2018-08-06T09:33+0200"
                },
                "creator": "user"
            },
            "comments": "",
            "enabled": true,
            "install-on": [
                "6c488338-8eec-4103-ad21-cd461ac2c476"
            ]
        },
        {
            "uid": "35c290b0-de5b-40f6-81d8-41158b09cbae",
            "name": "Clean up rule",
            "type": "access-section",
            "from": 3,
            "to": 3,
            "rulebase": [
                {
                    "uid": "5d584618-0485-4387-8a9d-5d0b10bf5ab1",
                    "name": "Cleanup rule",
                    "type": "access-rule",
                    "domain": {
                        "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                        "name": "SMC User",
                        "domain-type": "domain"
                    },
                    "rule-number": 10,
                    "filter-match-details": [
                        {
                            "column": "destination",
                            "objects": [
                                "97aeb369-9aea-11d5-bd16-0090272ccb30"
                            ]
                        },
                        {
                            "column": "source",
                            "objects": [
                                "97aeb369-9aea-11d5-bd16-0090272ccb30"
                            ]
                        },
                        {
                            "column": "service",
                            "objects": [
                                "97aeb369-9aea-11d5-bd16-0090272ccb30"
                            ]
                        },
                        {
                            "inner-rules": [
                                "b5060735-9a7f-499c-a99b-96ff292c7850"
                            ]
                        }
                    ],
                    "track": {
                        "type": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
                        "per-session": false,
                        "per-connection": true,
                        "accounting": false,
                        "alert": "none"
                    },
                    "source": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "source-negate": false,
                    "destination": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "destination-negate": false,
                    "service": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "service-negate": false,
                    "vpn": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "action": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
                    "action-settings": {},
                    "inline-layer": "5f98c707-d31c-43ec-95d6-306bf73fea91",
                    "content": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "content-negate": false,
                    "content-direction": "any",
                    "time": [
                        "97aeb369-9aea-11d5-bd16-0090272ccb30"
                    ],
                    "custom-fields": {
                        "field-1": "",
                        "field-2": "",
                        "field-3": "7021752, 07017507"
                    },
                    "meta-info": {
                        "lock": "unlocked",
                        "validation-state": "ok",
                        "last-modify-time": {
                            "posix": 1549982111120,
                            "iso-8601": "2019-02-12T15:35+0100"
                        },
                        "last-modifier": "user",
                        "creation-time": {
                            "posix": 1501597428551,
                            "iso-8601": "2017-08-01T16:23+0200"
                        },
                        "creator": "System"
                    },
                    "comments": "",
                    "enabled": true,
                    "install-on": [
                        "6c488338-8eec-4103-ad21-cd461ac2c476"
                    ]
                }
            ]
        }
    ],
    "objects-dictionary": [
        {
            "uid": "97aeb369-9aea-11d5-bd16-0090272ccb30",
            "name": "Any",
            "type": "CpmiAnyObject",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "black",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597250871,
                    "iso-8601": "2017-08-01T16:20+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597250871,
                    "iso-8601": "2017-08-01T16:20+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "General/globalsAny",
            "comments": null,
            "display-name": "",
            "customFields": null
        },
        {
            "uid": "ad9b7fcd-bfdc-4020-95ac-0261bfd94dd4",
            "name": "host1",
            "type": "host",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "ipv4-address": "192.168.178.6",
            "interfaces": [],
            "nat-settings": {
                "auto-rule": false
            },
            "groups": [],
            "comments": "Object created automatically by wizard.",
            "color": "black",
            "icon": "Objects/host",
            "tags": [],
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1533631014227,
                    "iso-8601": "2018-08-07T10:36+0200"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1533631014227,
                    "iso-8601": "2018-08-07T10:36+0200"
                },
                "creator": "user"
            },
            "read-only": false
        },
        {
            "uid": "6c488338-8eec-4103-ad21-cd461ac2c473",
            "name": "Drop",
            "type": "RulebaseAction",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "none",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597269121,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597269121,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "Actions/actionsDrop",
            "comments": "Drop",
            "display-name": "Drop",
            "customFields": null
        },
        {
            "uid": "ea28da66-c5ed-11e2-bc66-aa5c6188709b",
            "name": "Inner Layer",
            "type": "Global",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "none",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597269287,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597269287,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "ApplicationFirewall/Rulebase",
            "comments": "Apply inline layer in case of rule match",
            "customFields": null
        },
        {
            "uid": "598ead32-aa42-4615-90ed-f51a5928d41d",
            "name": "Log",
            "type": "Track",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "none",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597268981,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597268981,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "Track/tracksLog",
            "comments": "Tracks network information and rule matches.",
            "customFields": null
        },
        {
            "uid": "29e53e3d-23bf-48fe-b6b1-d59bd88036f9",
            "name": "None",
            "type": "Track",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "none",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597268971,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597268971,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "General/globalsNone",
            "comments": "No tracking.",
            "customFields": null
        },
        {
            "uid": "6c488338-8eec-4103-ad21-cd461ac2c476",
            "name": "Policy Targets",
            "type": "Global",
            "domain": {
                "uid": "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
                "name": "Check Point Data",
                "domain-type": "data domain"
            },
            "color": "none",
            "meta-info": {
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1501597268910,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "last-modifier": "System",
                "creation-time": {
                    "posix": 1501597268910,
                    "iso-8601": "2017-08-01T16:21+0200"
                },
                "creator": "System"
            },
            "tags": [],
            "icon": "General/globalsAny",
            "comments": "The policy target gateways",
            "customFields": null
        },
        {
            "uid": "5f98c707-d31c-43ec-95d6-306bf73fea91",
            "name": "test2",
            "type": "access-layer",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "shared": false,
            "applications-and-url-filtering": false,
            "content-awareness": false,
            "mobile-access": false,
            "firewall": true,
            "comments": "",
            "color": "black",
            "icon": "ApplicationFirewall/rulebase",
            "tags": [],
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1549982182614,
                    "iso-8601": "2019-02-12T15:36+0100"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1549982110592,
                    "iso-8601": "2019-02-12T15:35+0100"
                },
                "creator": "user"
            },
            "read-only": false
        },
        {
            "uid": "838ecbc8-08f6-4961-b454-b41012a08874",
            "name": "Testlayer",
            "type": "access-layer",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "shared": false,
            "applications-and-url-filtering": false,
            "content-awareness": false,
            "mobile-access": false,
            "firewall": true,
            "comments": "",
            "color": "black",
            "icon": "ApplicationFirewall/rulebase",
            "tags": [],
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1549985586177,
                    "iso-8601": "2019-02-12T16:33+0100"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1549982302871,
                    "iso-8601": "2019-02-12T15:38+0100"
                },
                "creator": "user"
            },
            "read-only": false
        },
        {
            "uid": "55844894-82b1-403c-a195-17f7bd54bf6d",
            "name": "testnetwork",
            "type": "network",
            "domain": {
                "uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
                "name": "SMC User",
                "domain-type": "domain"
            },
            "broadcast": "allow",
            "subnet4": "192.168.178.0",
            "mask-length4": 24,
            "subnet-mask": "255.255.255.0",
            "nat-settings": {
                "auto-rule": false
            },
            "groups": [],
            "comments": "",
            "color": "black",
            "icon": "NetworkObjects/network",
            "tags": [],
            "meta-info": {
                "lock": "unlocked",
                "validation-state": "ok",
                "last-modify-time": {
                    "posix": 1549962149585,
                    "iso-8601": "2019-02-12T10:02+0100"
                },
                "last-modifier": "user",
                "creation-time": {
                    "posix": 1549962149585,
                    "iso-8601": "2019-02-12T10:02+0100"
                },
                "creator": "user"
            },
            "read-only": false
        }
    ],
    "from": 1,
    "to": 3,
    "total": 3
}

 

Thanks and BR!

Mirko

Outcomes