Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

REST API Call "PUT" how to Update packet filter rule with IP address and not to replace existing

Osama_Elsherbin
Nimbostratus
Nimbostratus

‎05-Jan-2021 05:35

Hello F5 Developers Community

I have an Issue with f5 API ?

the use case is that i need to add IP address to the Packet filter Policy and not to overwrite to the existing IP addresses through REST API Call

 

The following API Call that I Use

 

"curl -sk -u 'username****:password*****' -H "Content-Type: application/json" -X PUT -d '{"action":"discard","order":5 ,"rule":"(src host 10.10.10.10 or src host 20.20.20.20)"}' https://f5IPAddress/mgmt/tm/net/packet-filter/~Common~HQ_DENY_ACL?ver=15.1.0 "

 

And I got the below response:

 

"{"kind":"tm:net:packet-filter:packet-filterstate","name":"HQ_DENY_ACL","partition":"Common","fullPath":"/Common/HQ_DENY_ACL","generation":8435930,"selfLink":"https://localhost/mgmt/tm/net/packet-filter/~Common~HQ_DENY_ACL?ver=15.1.0","action":"discard","logging":"disabled","order":5,"rule":"(src host 10.10.10.10 or src host 20.20.20.20)"}"

 

That Shows IP addresses have been added successfuly added if i repeat action with different IPs they overwrite the existing from first action,

 

I Appreciate if any can support

Labels:
0 Kudos
2 REPLIES 2

Satoshi_Toyosa1
F5 Employee
F5 Employee

‎06-Jan-2021 11:52

Overwriting the existing rule is expected because the rule is represented as a single string (irrespective of a number of conditions joined by OR). This applies also to the equivalent tmsh command (modify net packet-filter <rule> ".....rule....").

 

To modify the rule, you need to GET the rule, compose a new rule from the current configuration, and PUT it.

 

I would use jq to create a rule with an additional "src host" (assuming that the rule consists of just "src host xx.xx.xx.xx") like this (SatPktRule is the name of the rule):

# Informatioal. Check the current rule. $ curl -sku $PASS https://$HOST/mgmt/tm/net/packet-filter/SatPktRule | jq '.rule' "(src host 10.10.10.10 or src host 10.10.10.20)"   # Add "src host 10.10.10.30" to the current $ curl -sku $PASS https://$HOST/mgmt/tm/net/packet-filter/SatPktRule | jq '.rule | rtrimstr(")") + " or src host 10.10.10.30)"' "(src host 10.10.10.10 or src host 10.10.10.20 or src host 10.10.10.30)"

 

0 Kudos

Satoshi_Toyosa1
F5 Employee
F5 Employee

‎06-Jan-2021 12:08

P.S. If you do not need to change the action and order properties, you can use the PATCH command instead. You only need to specify the rule.

0 Kudos
Copyright © 2023 Khoros, LLC