Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 1226 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG - enable/disable firewall rule with API

Andrea_e

Hi!
Is it possible to enable/disable a firewall rule without the need to write it all in the XML of the API request?
I need to do this because I may edit the rule in the WEB UI, and I don't wont to edit every time the API request.

Thanks,
Andrea



This thread was automatically locked due to age.
Parents
  • 0

    no, you have to send the full API-packet every time.

    ... but if you wrote the WEB-IU by yourself, you may add/merge static content+dynamic-content+other static content ... before you send the data.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Thanks!
    I've seen that it should be possible to export the XML of the firewall rules, but if I select "Export selective configuration" I don't have the Firewall rules, or I don't know which of the hundreds options should I choose.
    In this way I can take the exported XML, edit the status and use it in the API call.

  • 0 in reply to Andrea_e

    Depending on your version. In some Firmware versions it was called SecurityPolicy. V19.0 has firewallrule

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Found it, thanks!
    From the export I've copied a rule and I've created this XML (just changing the name of the rule):

    <Request>
<Login>
 <Username>admin</Username>
 <Password passwordform='plain'>admin pw</Password>
</Login>
<Set operation='update'>
 <SecurityPolicy transactionid="">
    <Name>Test002</Name>
    <Description/>
    <IPFamily>IPv4</IPFamily>
    <Status>Disable</Status>
    <Position>After</Position>
    <PolicyType>Network</PolicyType>
    <After>
      <Name>S.Maria->LAN</Name>
    </After>
    <SourceZones>
      <Zone>LAN</Zone>
    </SourceZones>
    <DestinationZones>
      <Zone>Studi</Zone>
    </DestinationZones>
    <Schedule>All The Time</Schedule>
    <Action>Accept</Action>
    <LogTraffic>Disable</LogTraffic>
    <MatchIdentity>Disable</MatchIdentity>
    <DSCPMarking>-1</DSCPMarking>
    <ApplicationControl>None</ApplicationControl>
    <ApplicationBaseQoSPolicy>Revoke</ApplicationBaseQoSPolicy>
    <WebFilter>None</WebFilter>
    <WebCategoryBaseQoSPolicy>Revoke</WebCategoryBaseQoSPolicy>
    <IntrusionPrevention>None</IntrusionPrevention>
    <TrafficShappingPolicy>None</TrafficShappingPolicy>
    <ApplyNAT>Disable</ApplyNAT>
    <OverrideGatewayDefaultNATPolicy>Disable</OverrideGatewayDefaultNATPolicy>
    <PrimaryGateway/>
    <BackupGateway/>
    <ScanHTTP>Disable</ScanHTTP>
    <ScanHTTPS>Disable</ScanHTTPS>
    <Sandstorm>Disable</Sandstorm>
    <BlockQuickQuic>Disable</BlockQuickQuic>
    <ScanFTP>Disable</ScanFTP>
    <SourceSecurityHeartbeat>Disable</SourceSecurityHeartbeat>
    <MinimumSourceHBPermitted>No Restriction</MinimumSourceHBPermitted>
    <DestSecurityHeartbeat>Disable</DestSecurityHeartbeat>
    <MinimumDestinationHBPermitted>No Restriction</MinimumDestinationHBPermitted>
  </SecurityPolicy>
</Set>
</Request>

    But I get <Status code="529">Input request file is Invalid</Status>
    Thanks for the support!

  • 0 in reply to Andrea_e

    any idea why the XML isn't working?

Reply Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?