python-script How to add source address to gpolicy (XML API)

cancel
Showing results for 
Search instead for 
Did you mean: 

python-script How to add source address to gpolicy (XML API)

L2 Linker

Hello,

i would like to add source address and destination address in a policy using XML API. below syntax is right?

/api/?type=config&action=set&key=key_value&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='test']&element=<source><member>192.168.1.1</member></source><destination><member>192.168.2.2</member></destination>

6 REPLIES 6

L5 Sessionator

Yup the below syntax is right. I have test the same below is the screenshot. This command can add source and destination to existing rule or can create a new rule and in that rule it will have only source address and destination address

 

API_Output.png

You are right.

 

also, if you are not building a custom tool then you could use what exists already :

 

https://live.paloaltonetworks.com/t5/SDK-API-Articles/rules-edit-php-to-manage-edit-export-rules-fro...

 

it is built on a library that allows to you to any change in 2 lines of code or less.

 

cheers

L2 Linker

thanks guys for response. One more question.

I am new for python programming and this code does not working . Pls review 

 

def key_api():
logging.debug("In API key")
conn = httplib.HTTPSConnection(ip)
try:
conn.request("GET", "/api/?type=keygen&user="+username+"&password=" + password1)
except IOError:
print " Unable to get the device's API key"
logging.debug("Error occured")
raise SystemExit(1)
r1 = conn.getresponse()
data1 = r1.read()
m=re.search(r"(<key>)(\w+)", data1)
try:
api_key = m.group(2)
except AttributeError:
print "NO API key is returned , Possibly incorrect creden"
logging.debug("Possible ")
conn.close()
raise SystemExit(1)
conn.close()
print "Working correct1"
return api_key

def send_command(source_address,destination_address):
conn = httplib.HTTPSConnection(ip)
conn.request("GET", "/api/?type=config&action=set&key="+str(api_key)+"&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='test_Gombodorj']&element=<source><member>"+source_address+"</member></sou rce><destination><member>"+destination_address+"</member></destination>")
print "Working correct2"
type=config&action=set&key="+str(api_key)+"&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='test_Gombodorj']&element=<source><member>"+source_address+"</member></sou rce><destination><member>"+destination_address+"</member></destination>")
38 print "Working correct2"

Is this all of your code, what kind of error are you getting?

 

Not sure you lost your indentation when pasting the code but if not you may want to make sure it's properly indented as white space is significant in python.  Towards the end of the send_command function it looks like you are defining a variable named 'type' but after the = sign I don't see a quotation mark.

 

 

any error is not occured. But didnt source and destination address added into policy

Here is my full code :

http://pastebin.com/YDqNQvVE

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!