cancel
Showing results for 
Search instead for 
Did you mean: 

REST API Call "PUT" how to Update packet filter rule with IP address and not to replace existing

Osama_Elsherbin
Nimbostratus
Nimbostratus

Hello F5 Developers Community

I have an Issue with f5 API ?

the use case is that i need to add IP address to the Packet filter Policy and not to overwrite to the existing IP addresses through REST API Call

 

The following API Call that I Use

 

"curl -sk -u 'username****:password*****' -H "Content-Type: application/json" -X PUT -d '{"action":"discard","order":5 ,"rule":"(src host 10.10.10.10 or src host 20.20.20.20)"}' https://f5IPAddress/mgmt/tm/net/packet-filter/~Common~HQ_DENY_ACL?ver=15.1.0 "

 

And I got the below response:

 

"{"kind":"tm:net:packet-filter:packet-filterstate","name":"HQ_DENY_ACL","partition":"Common","fullPath":"/Common/HQ_DENY_ACL","generation":8435930,"selfLink":"https://localhost/mgmt/tm/net/packet-filter/~Common~HQ_DENY_ACL?ver=15.1.0","action":"discard","logging":"disabled","order":5,"rule":"(src host 10.10.10.10 or src host 20.20.20.20)"}"

 

That Shows IP addresses have been added successfuly added if i repeat action with different IPs they overwrite the existing from first action,

 

I Appreciate if any can support

2 REPLIES 2

Satoshi_Toyosa1
F5 Employee
F5 Employee

Overwriting the existing rule is expected because the rule is represented as a single string (irrespective of a number of conditions joined by OR). This applies also to the equivalent tmsh command (modify net packet-filter <rule> ".....rule....").

 

To modify the rule, you need to GET the rule, compose a new rule from the current configuration, and PUT it.

 

I would use jq to create a rule with an additional "src host" (assuming that the rule consists of just "src host xx.xx.xx.xx") like this (SatPktRule is the name of the rule):

# Informatioal. Check the current rule. $ curl -sku $PASS https://$HOST/mgmt/tm/net/packet-filter/SatPktRule | jq '.rule' "(src host 10.10.10.10 or src host 10.10.10.20)"   # Add "src host 10.10.10.30" to the current $ curl -sku $PASS https://$HOST/mgmt/tm/net/packet-filter/SatPktRule | jq '.rule | rtrimstr(")") + " or src host 10.10.10.30)"' "(src host 10.10.10.10 or src host 10.10.10.20 or src host 10.10.10.30)"

 

Satoshi_Toyosa1
F5 Employee
F5 Employee

P.S. If you do not need to change the action and order properties, you can use the PATCH command instead. You only need to specify the rule.