In this case "Internet Security" its my Rulebase to export for migration. What we have seen from the Checkpoint API is in case we have more than 400 rules we have to use an offload to generate exportations on chunks of 400 rules, that means if we have 650 security rules we will have to do this:
mgmt_cli show access-rulebase offset 0 limit 400 name "Internet Security" details-level "full" use-object-dictionary true --format json > RuleSet_0_400.json mgmt_cli show access-rulebase offset 401 limit 650 name "Internet Security" details-level "full" use-object-dictionary true --format json > RuleSet_401_650.json
After we created all the json files we will need to create a new file and we will name it "order" to put inside the filenames in the order they need to be read, like in this example:
Edit "order" file
After that we have to ZIP it, to do it right all these 3 files needs to be under the same folder and from within the folder we can run the command from the CLI:
zip Rules.zip *
This will create a new Rules.zip with only contaning the 3 files wihtout any other folder inside. It's important to remember when you create the ZIP file to avoid having any folder inside the ZIP file, just the json and "order" files.
If the Security rules are less than 400 we have to just export to a single json file, there is no need to ZIP it then
Exporting Nat Rules
For Nat rules we have found the limitation is for 500 nat Rules per export, so we can apply the same we did with the Security Rules. So for the example we are gonna sat we have 600 Nat Rules.
Notice the name of the Ruleset in this case is Internet without Security at the end. You have to check from the SmartCenter to see the Nat ruleset Name.