How to Move Security Rules Through the CLI

How to Move Security Rules Through the CLI

59032
Created On 09/25/18 19:44 PM - Last Modified 04/30/26 18:51 PM


Objective


Overview

This document describes how to move security rules from the CLI.

 

Details

The same options to move a rule in the CLI as in the WebGUI.

Environment


  • Palo Alto Networks Firewall
  • Moving Security Rules

Procedure


 

If only 1 vsys is being used:

> configure

# move rulebase security rules <rulename> <action>

# commit

The actions are: after, before, bottom and top.

 

If more than 1 vsys is being used:

> configure

# move vsys <vsys#> rulebase security rules <rulename> <action>

# commit

The actions are: after, before, bottom and top.

 

In the following example, there are three security policies configured:

security-policies.PNG

 

To move the 3rd policy, DMZ-Trust, to the top through the CLI enter following commands:

> configure

# move rulebase security rules DMZ-Trust top

# commit

 

 

After the commit, verify the rule has been moved to the top:

security-policies1.PNG

 

owner: ashaikh
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcRCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language