12-10-2015 11:05 PM
hi , i enter follow . but occurs error (Malformed Request)
12-11-2015 12:37 AM - edited 12-11-2015 01:17 AM
Hi
please try this:
https://10.21.63.99/api/?type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='rule1']&element=<source><member>1.1.1.1</member></source><destination><member>2.2.2.2</member></destination>&key=LUFRPT14MW5xOEo1R09KVlBZNnpnemh0VHRBOWl6TGM9bXcwM3JHUGVhRlNiY0dCR0srNERUQT09
please take a look here for more information regarding formatting of API: PAN-OS and Panorama XML API Reference Guide
regards
Tom
12-11-2015 01:16 AM - edited 12-11-2015 01:19 AM
You are missing the end-tag </destination> in your example.
Add it and it should work.
Note that you can check ms.log for errors and it should give you an idea of what was wrong :
Entity: line 1: parser error : Premature end of data in tag request line 1 r>12.12.12.1</member></source><destination><member>11.11.11.1</member></request>
^
Regards,
-Kim.
12-11-2015 07:22 AM
Please find a rule example below using curl: with --data-urlencode
for key, I exported the value on my mac from terminal: export KEY=whateverthekeyis
curl -k -d key=$KEY --data-urlencode "xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='API-Deny-All']" -d 'type=config' -d 'action=set' --data-urlencode "element=<to><member>any</member></to><from><member>any</member></from><source><member>any</member></source><destination><member>any</member></destination><source-user><member>any</member></source-user><category><member>any</member></category><application><member>any</member></application><service><member>any</member></service><hip-profiles><member>any</member></hip-profiles><action>deny</action><log-start>yes</log-start>" https://1.1.1.1/api
Here is another way to do it as well with curl
curl --globoff -k "https://1.1.1.1/api/?type=config&action=set&key=$KEY&xpath=/config/devices/entry[@name='localhost.lo...'vsys1']/rulebase/security/rules/entry[@name='allowany']&element=<to><member>any</member></to><from><member>any</member></from><source><member>internal-GROUP</member></source><destination><member>APP-GROUP</member></destination><application><member>any</member></application><service><member>any</member></service><action>allow</action><log-start>yes</log-start>"
Michael Clark
Palo Alto Networks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
