cancel
Showing results for 
Search instead for 
Did you mean: 

Put API L3 firewall rules

SOLVED
Conversationalist

Put API L3 firewall rules

I am using Postman to interact with the API and seem to be stuck on how to issue a PUT for L3 firewall rules. I have a parameter of "rules" with a value of the array as defined in the attached -

I get a 200 message, but when I GET the network the firewall rules have not been modified.

 

I've also tried defining a "rules": array in the body (as shown in the online Meraki API documentation) with no different results. 

 

Guidance would be appreciated. 

 

Sample array used in the value field attached

{
        "comment": "allow https - corp internet",
        "policy": "allow",
        "protocol": "tcp",
        "srcPort": "Any",
        "srcCidr": "10.0.0.0/8",
        "destPort": "443",
        "destCidr": "Any",
        "syslogEnabled": false
    },
    {
        "comment": "allow ssh - corp internet",
        "policy": "allow",
        "protocol": "tcp",
        "srcPort": "Any",
        "srcCidr": "10.0.0.0/8",
        "destPort": "22",
        "destCidr": "Any",
        "syslogEnabled": true
    }
1 ACCEPTED SOLUTION

Accepted Solutions
Conversationalist

Re: Put API L3 firewall rules

I have resolved my issue.   As instructed in the API documentation I have been using the "params" key of "rules" and a "value" of the array.  The body also contained the array as the example code indicated.  If I removed the params key of rules, than I would receive the following error:

404 Bad Request

{ 
     "errors": [
         "Missing parameter -  the \"rules\" parameter is required"
      ]
}

I imported the sample curl example from the Meraki API documentation into Postman and noticed that the params did not include anything, only the body with the array.  I updated my request accordingly and now L3 firewall rules are updated.  As a note, the firewall replaces any existing rules with the array contents. So to update a single rule you would need to include all the rules.

 

4 REPLIES
Kind of a big deal

Re: Put API L3 firewall rules

I haven't added a rule via API before but I have two observations.

1.  The documentation says "Update L3 Firewall Rules" so I wonder if you are only allowed to update and not add. It doesn't clarify

2.  The rules array appears to be required and make sure to pay attention that it uses a bracket instead of the curly brace so I assume the body of the postman request would be formatted similar to this

{
  "rules": [
      {
        "comment": "allow https - corp internet",
        "policy": "allow",
        "protocol": "tcp",
        "srcPort": "Any",
        "srcCidr": "10.0.0.0/8",
        "destPort": "443",
        "destCidr": "Any",
        "syslogEnabled": false

 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Conversationalist

Re: Put API L3 firewall rules

{
 	"rules": [
 	{
        "comment": "allow https - corp internet",
        "policy": "allow",
        "protocol": "tcp",
        "srcPort": "Any",
        "srcCidr": "10.0.0.0/8",
        "destPort": "443",
        "destCidr": "Any",
        "syslogEnabled": false
    },
    {
        "comment": "allow ssh - corp internet",
        "policy": "allow",
        "protocol": "tcp",
        "srcPort": "Any",
        "srcCidr": "10.0.0.0/8",
        "destPort": "22",
        "destCidr": "Any",
        "syslogEnabled": true
    }
	]
}

this is what I have tried in the body, I am thinking the value in my params field is not correct, but not sure on what other format it should be in.

 

You might be onto something with the "Update firewall rule" language instead of "Add", but I tried adding additional destination ports and/or source CIDR in a rule, keeping the same rule order as retrieved in a GET, but the modified rules do not reflect the changes on another GET. 

 

Conversationalist

Re: Put API L3 firewall rules

I have resolved my issue.   As instructed in the API documentation I have been using the "params" key of "rules" and a "value" of the array.  The body also contained the array as the example code indicated.  If I removed the params key of rules, than I would receive the following error:

404 Bad Request

{ 
     "errors": [
         "Missing parameter -  the \"rules\" parameter is required"
      ]
}

I imported the sample curl example from the Meraki API documentation into Postman and noticed that the params did not include anything, only the body with the array.  I updated my request accordingly and now L3 firewall rules are updated.  As a note, the firewall replaces any existing rules with the array contents. So to update a single rule you would need to include all the rules.

 

Highlighted
Kind of a big deal

Re: Put API L3 firewall rules

Thanks for following up on this.  I was curious what the resolution would be. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.