Fortinet black logo

New Features

Home FortiManager 7.4.0 New Features
7.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

Policy partial install supports policy reorder/move operation ( JSON API) 7.4.1

Policy partial install supports policy reorder/move operation ( JSON API) 7.4.1

Policy partial install ( JSON API) supports policy reorder/move operation.

Example of a reorder/move operation in partial installs using JSON API

  1. In this example, seven policies and address Addr_1 are created in a Policy Package.

  2. Install the policies to a FortiGate.

  3. Perform the following modifications on the Policy Package.

    1. Create one new policy and move it before policy 1.

    2. Change Addr_1 IP.

    3. Move policy 6 after policy 3.

    4. Delete policy 4.

  4. Using JSON API, perform a partial install.

    Post:

{
"method": "exec",
"params": [
  {
    "data": {
        "adom": "root",
        "objects": [
            ["add", "pkg/default/firewall/policy/9", "before", "1"],
            ["update", "obj/firewall/address/Addr_1", "", ""],
            ["delete", "pkg/default/firewall/policy/4", "", ""],
            ["move", "pkg/default/firewall/policy/6", "after", "3"]
        ],
        "flags": 0 
    },
    "url": "securityconsole/install/objects/v2"
  }
],
"session": "msWfmFWGIJyDX/LRYaOPFALvGjgjJ82yzV2s919g1DWgVY1r1HFJu1o4+xsOQCSdA0kyiSwB5DrXsl2rW0vEmw=="
}

Response:
{
    "result": [
        {
            "data": {
                "task": 20
            },
            "status": {
                "code": 0,
                "message": "OK"
            },
            "url": "securityconsole/install/objects/v2"
        }
    ]
}

  5. View the install log.

    View Install Log
    Starting log (Run on device)
    Start installing
    FortiGate-VM64 $  config vdom
    FortiGate-VM64 (vdom) $  edit root
    current vf=root:0
    FortiGate-VM64 (root) $  config firewall policy
    FortiGate-VM64 (policy) $  delete 4
    FortiGate-VM64 (policy) $  end
    FortiGate-VM64 (root) $  config firewall address
    FortiGate-VM64 (address) $  edit "Addr_1"
    FortiGate-VM64 (Addr_1) $  set subnet 6.6.6.7 255.255.255.255
    FortiGate-VM64 (Addr_1) $  next
    FortiGate-VM64 (address) $  end
    FortiGate-VM64 (root) $  config firewall policy
    FortiGate-VM64 (policy) $  edit 9
    FortiGate-VM64 (9) $  set name "8"
    FortiGate-VM64 (9) $  set uuid 798858d0-2506-51ee-2c43-da0bf419ad7d
    FortiGate-VM64 (9) $  set srcintf "any"
    FortiGate-VM64 (9) $  set dstintf "any"
    FortiGate-VM64 (9) $  set srcaddr "all"
    FortiGate-VM64 (9) $  set dstaddr "all"
    FortiGate-VM64 (9) $  set schedule "always"
    FortiGate-VM64 (9) $  set service "ALL"
    FortiGate-VM64 (9) $  set logtraffic all
    FortiGate-VM64 (9) $  next
    FortiGate-VM64 (policy) $  move 9 before 1
    FortiGate-VM64 (policy) $  move 5 after 6
    FortiGate-VM64 (policy) $  end
    FortiGate-VM64 (root) $  end
    ---> generating verification report
    <--- done generating verification report
    install finished

  6. All changes are installed to the FortiGate.

Previous
Next

Policy partial install supports policy reorder/move operation ( JSON API) 7.4.1

Policy partial install ( JSON API) supports policy reorder/move operation.

Example of a reorder/move operation in partial installs using JSON API

  1. In this example, seven policies and address Addr_1 are created in a Policy Package.

  2. Install the policies to a FortiGate.

  3. Perform the following modifications on the Policy Package.

    1. Create one new policy and move it before policy 1.

    2. Change Addr_1 IP.

    3. Move policy 6 after policy 3.

    4. Delete policy 4.

  4. Using JSON API, perform a partial install.

    Post:

{
"method": "exec",
"params": [
  {
    "data": {
        "adom": "root",
        "objects": [
            ["add", "pkg/default/firewall/policy/9", "before", "1"],
            ["update", "obj/firewall/address/Addr_1", "", ""],
            ["delete", "pkg/default/firewall/policy/4", "", ""],
            ["move", "pkg/default/firewall/policy/6", "after", "3"]
        ],
        "flags": 0 
    },
    "url": "securityconsole/install/objects/v2"
  }
],
"session": "msWfmFWGIJyDX/LRYaOPFALvGjgjJ82yzV2s919g1DWgVY1r1HFJu1o4+xsOQCSdA0kyiSwB5DrXsl2rW0vEmw=="
}

Response:
{
    "result": [
        {
            "data": {
                "task": 20
            },
            "status": {
                "code": 0,
                "message": "OK"
            },
            "url": "securityconsole/install/objects/v2"
        }
    ]
}

  5. View the install log.

    View Install Log
    Starting log (Run on device)
    Start installing
    FortiGate-VM64 $  config vdom
    FortiGate-VM64 (vdom) $  edit root
    current vf=root:0
    FortiGate-VM64 (root) $  config firewall policy
    FortiGate-VM64 (policy) $  delete 4
    FortiGate-VM64 (policy) $  end
    FortiGate-VM64 (root) $  config firewall address
    FortiGate-VM64 (address) $  edit "Addr_1"
    FortiGate-VM64 (Addr_1) $  set subnet 6.6.6.7 255.255.255.255
    FortiGate-VM64 (Addr_1) $  next
    FortiGate-VM64 (address) $  end
    FortiGate-VM64 (root) $  config firewall policy
    FortiGate-VM64 (policy) $  edit 9
    FortiGate-VM64 (9) $  set name "8"
    FortiGate-VM64 (9) $  set uuid 798858d0-2506-51ee-2c43-da0bf419ad7d
    FortiGate-VM64 (9) $  set srcintf "any"
    FortiGate-VM64 (9) $  set dstintf "any"
    FortiGate-VM64 (9) $  set srcaddr "all"
    FortiGate-VM64 (9) $  set dstaddr "all"
    FortiGate-VM64 (9) $  set schedule "always"
    FortiGate-VM64 (9) $  set service "ALL"
    FortiGate-VM64 (9) $  set logtraffic all
    FortiGate-VM64 (9) $  next
    FortiGate-VM64 (policy) $  move 9 before 1
    FortiGate-VM64 (policy) $  move 5 after 6
    FortiGate-VM64 (policy) $  end
    FortiGate-VM64 (root) $  end
    ---> generating verification report
    <--- done generating verification report
    install finished

  6. All changes are installed to the FortiGate.

Previous
Next