This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
pdn
Contributor
a month ago
Jump to solution

REST API endpoint for publishing and pushing multi-port access rule

Let's say we have to publish multile access rules to the Checkpoint that have the same source AND destination, but different ports.  Is there a REST API that we could use to send a 'group' publish to the Checkpoint?  So essentially, today with multiple individual publishes, we would see multiple individual rules published/installed on the Checkpoint, each with a single port number.  If the group publish/install feature is avaiable, we should only see one rule, that is for all requested different ports.  Same source and destination, but for multiple ports, that is.

 

Thanks.

0 Kudos
1 Solution

Accepted Solutions
Bob_Zimmerman
Authority
Authority
a month ago
In response to pdn
Jump to solution

That's also in the return section. Go to the top of the page, and collapse the sections as you go down. An expanded section has a white V in a gray circle, and a collapsed section has a white > in a gray circle. Click on the gray circle to toggle. Once you have everything collapsed, expand the Arguments section. The "service" key accepts string or List: string. Both forms want the string to be either a name or a UUID of an appropriate object.

View solution in original post

6 Replies
pdn
Contributor
a month ago
Jump to solution

Is the 'service-ranges' parameter for the add-access-rule REST API call used for that multi-port group configuration?

Preview file
252 KB
0 Kudos
Bob_Zimmerman
Authority
Authority
a month ago
In response to pdn
Jump to solution

'service-ranges' isn't used for any configuration. It's only present in returned objects if you include "show-as-ranges":true in your call's body. I just confirmed /add-access-rule doesn't actually accept the show-as-ranges key in the body, so the service-ranges key in the documentation for the return is a documentation bug.

Bob_Zimmerman
Authority
Authority
a month ago
Jump to solution

To be sure I understand, it sounds like you're saying you add one rule per service, then publish, and you want the publish to look like it's a single rule instead of two or more. Publishing shows the changes made accurately. If you add multiple rules, it will always show multiple rules added.

Why not just add a single rule with multiple services? Via HTTP, you simply stick an array of service object names or UUIDs into the "service" key. Via mgmt_cli, you have to deal with how mgmt_cli represents arrays and do "service.1 <name or UUID> service.2 <name or UUID> service.3 <name or UUID> ...".

0 Kudos
pdn
Contributor
a month ago
In response to Bob_Zimmerman
Jump to solution

So using the add-access-rule REST API call, with the service parameter (screenshot attached) as a list?

Preview file
220 KB
0 Kudos
Bob_Zimmerman
Authority
Authority
a month ago
In response to pdn
Jump to solution

That's also in the return section. Go to the top of the page, and collapse the sections as you go down. An expanded section has a white V in a gray circle, and a collapsed section has a white > in a gray circle. Click on the gray circle to toggle. Once you have everything collapsed, expand the Arguments section. The "service" key accepts string or List: string. Both forms want the string to be either a name or a UUID of an appropriate object.

pdn
Contributor
a month ago
In response to Bob_Zimmerman
Jump to solution

OK, thanks.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events