Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 231 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Advanced API Help with HTML Requests Firewall Rules

drex dobson

I am trying to add and remove Source Destinations and Devices under Source to an existing rule thru HTML.

I read many articles, have read the API help, studied the API under GET command, and this should be very simple but all I did was succeed in creating another blank rule with the same name.

The rule currently exists in the FireWall and is active.  I need to add and remove those elements to this. Essentially, I want to remove Source/Source Destinations and Devices at will.

Here is the current iteration which  is not working.  Yes, the authentication, etc works.

https://172.16.0.1:4444/webconsole/APIController?reqxml=<Request><Login><Username>XXX</Username><Password>XXXXX</Password></Login><Set><FirewallRule><Name>BlockYouTube</Name><UserPolicy><SourceNetwork>TVGreatroom</SourceNetwork></UserPolicy></FirewallRule></Set></Request>

Any help is appreciated.

Thanks



This thread was automatically locked due to age.
  • 0

    Ok here is the pertinent rule

    I just want to add or remove elements <SourceNetworks>.

    Does this mean that I can't simply add or remove an entry to the source networks list?

    Meaning, I thought I could just appended or remove a single element user <sourcenetwork>... what I am starting to realize is that I must read the rule each time, and reissure it with the whole list of <sourcenetworks> that is either appended or shortened, each time.

    What I would like to do is to add or remove elements of only <sourcenetwork> idenpendently of one another.  Is this even possible??

    <FirewallRule transactionid="">
<Name>BlockYouTube</Name>
<Description/>
<IPFamily>IPv4</IPFamily>
<Status>Enable</Status>
<Section>Local</Section>
<Position>After</Position>
<PolicyType>Network</PolicyType>
<After>
<Name>blockall</Name>
</After>
<NetworkPolicy>
<Action>Accept</Action>
<LogTraffic>Disable</LogTraffic>
<SkipLocalDestined>Disable</SkipLocalDestined>
<SourceZones>
<Zone>LAN</Zone>
</SourceZones>
<DestinationZones>
<Zone>WAN</Zone>
</DestinationZones>
<Schedule>All The Time</Schedule>
<SourceNetworks>
<Network>DrexLAPTOP</Network>
<Network>DrexIPAD</Network>
<Network>DrexIphone</Network>
</SourceNetworks>
<DSCPMarking>-1</DSCPMarking>
<WebFilter>Block YouTube</WebFilter>
<WebCategoryBaseQoSPolicy> </WebCategoryBaseQoSPolicy>
<BlockQuickQuic>Enable</BlockQuickQuic>
<ScanVirus>Disable</ScanVirus>
<ZeroDayProtection>Disable</ZeroDayProtection>
<ProxyMode>Disable</ProxyMode>
<DecryptHTTPS>Disable</DecryptHTTPS>
<ApplicationControl>Block YouTube</ApplicationControl>
<ApplicationBaseQoSPolicy> </ApplicationBaseQoSPolicy>
<IntrusionPrevention>None</IntrusionPrevention>
<TrafficShappingPolicy>None</TrafficShappingPolicy>
<ScanSMTP>Disable</ScanSMTP>
<ScanSMTPS>Disable</ScanSMTPS>
<ScanIMAP>Disable</ScanIMAP>
<ScanIMAPS>Disable</ScanIMAPS>
<ScanPOP3>Disable</ScanPOP3>
<ScanPOP3S>Disable</ScanPOP3S>
<ScanFTP>Disable</ScanFTP>
<SourceSecurityHeartbeat>Disable</SourceSecurityHeartbeat>
<MinimumSourceHBPermitted>No Restriction</MinimumSourceHBPermitted>
<DestSecurityHeartbeat>Disable</DestSecurityHeartbeat>
<MinimumDestinationHBPermitted>No Restriction</MinimumDestinationHBPermitted>
</NetworkPolicy>
</FirewallRule>

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?