Parameter |
Choices/Defaults |
Comments |
action
string
|
|
a "Accept", "Drop", "Ask", "Inform", "Reject", "User Auth", "Client Auth", "Apply Layer".
|
action_settings
dictionary
|
|
Action settings.
|
|
enable_identity_captive_portal
boolean
|
|
N/A
|
|
limit
string
|
|
N/A
|
auto_publish_session
boolean
|
|
Publish the current session if changes have been performed after task completes.
|
comments
string
|
|
Comments string.
|
content
list
|
|
List of processed file types that this rule applies on.
|
content_direction
string
|
|
On which direction the file types processing is applied.
|
content_negate
boolean
|
|
True if negate is set for data.
|
custom_fields
dictionary
|
|
Custom fields.
|
|
field_1
string
|
|
First custom field.
|
|
field_2
string
|
|
Second custom field.
|
|
field_3
string
|
|
Third custom field.
|
destination
list
|
|
Collection of Network objects identified by the name or UID.
|
destination_negate
boolean
|
|
True if negate is set for destination.
|
details_level
string
|
Choices:
- uid
- standard
- full
|
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.
|
enabled
boolean
|
|
Enable/Disable the rule.
|
ignore_errors
boolean
|
|
Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
|
ignore_warnings
boolean
|
|
Apply changes ignoring warnings.
|
inline_layer
string
|
|
Inline Layer identified by the name or UID. Relevant only if "Action" was set to "Apply Layer".
|
install_on
list
|
|
Which Gateways identified by the name or UID to install the policy on.
|
layer
string
|
|
Layer that the rule belongs to identified by the name or UID.
|
name
string
/ required
|
|
Object name.
|
position
string
|
|
Position in the rulebase.
|
service
list
|
|
Collection of Network objects identified by the name or UID.
|
service_negate
boolean
|
|
True if negate is set for service.
|
source
list
|
|
Collection of Network objects identified by the name or UID.
|
source_negate
boolean
|
|
True if negate is set for source.
|
state
string
|
Choices:
present ←
- absent
|
State of the access rule (present or absent). Defaults to present.
|
time
list
|
|
List of time objects. For example, "Weekend", "Off-Work", "Every-Day".
|
track
dictionary
|
|
Track Settings.
|
|
accounting
boolean
|
|
Turns accounting for track on and off.
|
|
alert
string
|
Choices:
- none
- alert
- snmp
- mail
- user alert 1
- user alert 2
- user alert 3
|
Type of alert for the track.
|
|
enable_firewall_session
boolean
|
|
Determine whether to generate session log to firewall only connections.
|
|
per_connection
boolean
|
|
Determines whether to perform the log per connection.
|
|
per_session
boolean
|
|
Determines whether to perform the log per session.
|
|
type
string
|
|
a "Log", "Extended Log", "Detailed Log", "None".
|
user_check
dictionary
|
|
User check settings.
|
|
confirm
string
|
Choices:
- per rule
- per category
- per application/site
- per data type
|
N/A
|
|
custom_frequency
dictionary
|
|
N/A
|
|
|
every
integer
|
|
N/A
|
|
|
unit
string
|
Choices:
- hours
- days
- weeks
- months
|
N/A
|
|
frequency
string
|
Choices:
- once a day
- once a week
- once a month
- custom frequency...
|
N/A
|
|
interaction
string
|
|
N/A
|
version
string
|
|
Version of checkpoint. If not given one, the latest version taken.
|
vpn
list
|
|
Communities or Directional.
|
|
community
list
|
|
List of community name or UID.
|
|
directional
list
|
|
Communities directional match condition.
|
|
|
from
string
|
|
From community name or UID.
|
|
|
to
string
|
|
To community name or UID.
|
wait_for_task
boolean
|
|
Wait for the task to end. Such as publish task.
|