Creating Address Object and Address Group Object using API cURL
09/05/2022 1 People found this article helpful 367,454 Views
Description
This article demonstrates how to create address object and address group object using API cURL
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
The following steps should be completed first to be able to use the API.
- SonicOS API enabled on Device| Settings | Admnistration| Audit/SonicOS API
- "Enable RFC-2617 HTTP Basic Access authentication" option selected on the same page
- A user created that is part of "SonicWall Administrators" group
- HTTPS "User Login" option enabled on the respective interface, which will be used for API calls
In this use case we will create Address Objects and add them to a Address Group Object named "Blacklist". A typical scenario could be to populate and Address Group Object that is associated to an Access Rule to deny network traffic. The following API calls can be utilized with cURL tool. Please replace the IP address and username/password per your config.
- Authentication
curl -k -i -u myuser:mypassword -digest -X HEAD https://192.168.168.168/api/sonicos/auth
- Starting the firewall management
curl --insecure -X POST "https://192.168.168.168/api/sonicos/start-management"
- Changing the firewall to Config Mode
curl --insecure -X POST "https://192.168.168.168/api/sonicos/config-mode"
- Creating Address Object named "AO-100.100.100.100" with IP address 100.100.100.100
curl --insecure -X POST "https://192.168.168.168/api/sonicos/address-objects/ipv4" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"address_objects\":[{\"ipv4\":{\"name\":\"AO-100.100.100.100\",\"zone\":\"WAN\",\"host\":{\"ip\":\"100.100.100.100\"}}}]}"
- Creating Address Group Object named "Blacklist" and adding "AO-100.100.100.100" as a member
curl --insecure -X POST "https://192.168.168.168/api/sonicos/address-groups/ipv4" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"address_groups\": [{ \"ipv4\": { \"name\": \"Blacklist\", \"address_object\": { \"ipv4\": [ { \"name\": \"AO-100.100.100.100\" } ] } } }]}"
- Committing the change
curl --insecure -X POST "https://192.168.168.168/api/sonicos/config/pending" -H "accept: application/json" -H "Content-Type: application/json" -d "{}"
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
The following steps should be completed first to be able to use the API.
- SonicOS API enabled on Manage | Appliance | Base Settings
- "Enable RFC-2617 HTTP Basic Access authentication" option selected on the same page
- A user created that is part of "SonicWall Administrators" group
- HTTPS "User Login" option enabled on the respective interface, which will be used for API calls
In this use case we will create Address Objects and add them to a Address Group Object named "Blacklist". A typical scenario could be to populate and Address Group Object that is associated to an Access Rule to deny network traffic. The following API calls can be utilized with cURL tool. Please replace the IP address and username/password per your config.
- Authentication
curl -k -i -u myuser:mypassword -digest -X HEAD https://192.168.168.168/api/sonicos/auth
- Creating Address Object named "AO-100.100.100.100" with IP address 100.100.100.100
curl --insecure -X POST "https://192.168.168.168/api/sonicos/address-objects/ipv4" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"address_object\":{\"ipv4\":{\"name\":\"AO-100.100.100.100\",\"zone\":\"WAN\",\"host\":{\"ip\":\"100.100.100.100\"}}}}"
- Creating Address Group Object named "Blacklist" and adding "AO-100.100.100.100" as a member
curl --insecure -X POST "https://192.168.168.168/api/sonicos/address-groups/ipv4" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"address_group\": { \"ipv4\": { \"name\": \"Blacklist\", \"address_object\": { \"ipv4\": [ { \"name\": \"AO-100.100.100.100\" } ] } } }}"
- Committing the change
curl --insecure -X POST "https://192.168.168.168/api/sonicos/config/pending" -H "accept: application/json" -H "Content-Type: application/json" -d "{}"
Related Articles
Categories
Was This Article Helpful?
YESNO