This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Enable/Disable security rules via XML API

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Enable/Disable security rules via XML API

LCMember4164
L1 Bithead

‎12-31-2014 02:43 AM

Hi all,

is it possible to enable / disable an existing security rule via XML API ?

Looking at the documentation (both the XML config guide and the api on the firewall) I found no useful informations on this topic Smiley Sad

thank's !

4 REPLIES 4

bat
L5 Sessionator

‎12-31-2014 01:47 PM

Hi,

You can do so using the following command:

To disable:

https://<ip>/api/?type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='<rule-name>']&element=<disabled>yes</disabled>

To enable:

https://<ip>/api/?type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='<rule-name>']&element=<disabled>no</disabled>

hshah
L6 Presenter
In response to bat

‎05-07-2015 12:40 PM

Great Answer ...

0 Likes Likes

CoreySteele
L2 Linker
In response to bat

‎06-25-2015 05:25 PM

bat thank you for being awesome.  question: any idea why a get on the same xpath (without the element arg) won't simply return an XML object with the state of a security rule?

e.g. https://firewall/api/?type=config&action=get&xpath=%2Fconfig%2Fdevices%2Fentry%5B%40name%3D%27localh... returns something completely useless, like:

<response status="success" code="19">

     <result/>

</response>

What the deuce does that tell me?  Neither the status or the code change based on the state of the rule, so...

0 Likes Likes

bat
L5 Sessionator
In response to CoreySteele

‎06-25-2015 05:34 PM

Hi cjsteele

To know the status of rule query should be:

https://<ip>/api/?type=config&action=get&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='<rule-name>']/disabled


Let me know if this is what you are looking for.

  • 7222 Views
  • 4 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks