Forum Discussion

seamlessfirework's avatar
Aug 28, 2024

AFM / Configuring rules within a rule list through REST

Hey guys,

Unfortunately I have to configure some AFM rule lists and rules, respectively. My first attempt was to add a new rule list with the whole rule set in one piece with a single POST request. I got this error message

{
    "code": 400,
    "message": "Rule entries that are being added with the \"add\" option must specify either \"place-before\" or \"place-after\"",
    "errorStack": [],
    "apiError": 26214401
}

I then tried to add new empty rule lists through REST which worked. After that I wanted to add several rules within that new rule list. That failed again with the error message mentioned above. Even POSTing a single rule in the this rule list fails with the same error message.

It seems that the this message has been copied from the tmsh refrence documentation (see here: https://clouddocs.f5.com/cli/tmsh-reference/v15/modules/security/security_firewall_rule-list.html) .

I am a bit confused now how to add rules to a list. However, I added "ruleNumber" in the JSON body and experimented with different numbers (i.e. 0) but it did not work.

Configuring rules within rule lists and refrencing the list within a policy is the way to go here at my company. While writing this post I found out that it is possible to just configure rules within a policy (we rarely use the AFM module).

So here are my questions:

  1. Do you have any ideas what I am doing wrong when using REST configuring rules within a rule list?
  2. The mentioned way to go seems odd to me. Is it enough for simple packet filtering ("look at the source and allow only port 443" for example) to configure rules within a policy? What is your good practice?
  • I found the solution by myself. It is obvious and the REST documentation says it, too. I just needed to add this in my POST

    "placeAfter": "",

     

1 Reply

  • I found the solution by myself. It is obvious and the REST documentation says it, too. I just needed to add this in my POST

    "placeAfter": "",