Retrieves all the rules in a device's or group's policy
Retrieves all the rules in a device's or group's policy.
The response lists all the rules of all the policies that apply to each device, including the value of each rule field.
Resource Name:
/api/v1/rules
Request Method: GET
Request URL Parameters:
Element |
Type |
Description |
---|---|---|
entity Mandatory |
String |
The display name of the device, group, or matrix. |
entityType Optional |
String |
One of the following:
|
Note: The page and size elements are not supported for this request.
cURL example
curl -X GET "https://<localhost>/afa/api/v1/rules?entity=VR-Marigold-PA_vsys1_default&entityType=FIREWALL" -H "accept: */*"
Status Codes
Code | Description |
---|---|
200 | OK |
401 | Unauthorized |
500 | Internal server error |
Response Parameters:
Parameter | Type | Description |
---|---|---|
name | string | Name of the device |
type | string | Type of the device |
rules | array | An array of rule objects |
rules.ruleNum | string | Rule number |
rules.ruleId | string | ID of the rule |
rules.deviceID | integer | ID of the device |
rules.source | array | Source IP addresses or IP ranges |
rules.isNegateSource | boolean | Indicates if source is negated |
rules.destination | array | Destination IP addresses or IP ranges |
rules.isNegateDestination | boolean | Indicates if destination is negated |
rules.service | array | Services or ports used in the rule |
rules.isNegateService | boolean | Indicates if service is negated |
rules.action | string | Action to be taken (e.g., Allow, Deny) |
rules.enable | string | Indicates if the rule is enabled |
rules.log | string | Indicates if the rule logging is enabled |
rules.application | array | Applications associated with the rule |
rules.user | array | Users associated with the rule |
Response example
[ { "name": "FDT1", "type": "DEVICE", "rules": [ { "ruleNum": "6", "ruleId": "005056AE_94F6_0ed3_0000_000268434437", "deviceID": 52650, "source": [ "net_object-10.30.204.24-30" ], "isNegateSource": false, "destination": [ "net_object-10.50.204.48-28" ], "isNegateDestination": false, "service": [ "ser_object-tcp-84-87" ], "isNegateService": false, "action": "Allow", "enable": "enabled", "log": "1", "application": [ "any" ], "user": [ "any" ] }, { "ruleNum": "7", "ruleId": "005056AE_94F6_0ed3_0000_000268434438", "deviceID": 52650, "source": [ "ip-10.30.204.30" ], "isNegateSource": false, "destination": [ "ip-10.50.204.90" ], "isNegateDestination": false, "service": [ "ser_group1" ], "isNegateService": false, "action": "Allow", "enable": "enabled", "log": "1", "application": [ "any" ], "user": [ "any" ] }
]
}
]