API를 사용하는 보안 규칙 세트 명령의 구문에 9.1과 10.2 사이에 차이가 있습니까?
3247
Created On 06/16/23 00:28 AM - Last Modified 01/07/25 19:22 PM
Question
API를 사용하는 보안 규칙 세트 명령의 구문에 9.1과 10.2 사이에 차이가 있습니까?
Environment
- PA-시리즈 차세대 방화벽
- PAN-OS 9.1, 10.2
- XML API
Answer
There are differences in the rule set between PAN-OS 9.1 and 10.2.
Example given below
PAN-OS 9.1:
- 엉덩이 프로필 태그 하나로 지정하세요.
[HIP 태그]
<hip-profiles><member>any</member></hip-profiles>
[예]
curl https://[WebUIIP]/api/? --data "key=[Key]&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='rule1']&element='<to><member>any</member></to><from><member>any</member></from><source><member>any</member></source><destination><member>any</member></destination><source-user><member>any</member></source-user><category><member>any</member></category><application><member>any</member></application><service><member>any</member></service><action>allow</action><hip-profiles><member>any</member></hip-profiles>'"
PAN-OS 10.2:
- 이는 소스와 데스티네이션 두 개의 힙 프로필 태그로 지정됩니다.
[HIP 태그 ]
<source-hip><member>any</member></source-hip><destination-hip><member>any</member></destination-hip>
[예]
curl https://[WebUIIP]/api/? --data "key=[Key]&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/vsys/entry[@name='vsys1']/rulebase/security/rules/entry[@name='rule1']&element='<to><member>any</member></to><from><member>any</member></from><source><member>any</member></source><destination><member>any</member></destination><source-user><member>any</member></source-user><category><member>any</member></category><application><member>any</member></application><service><member>any</member></service><action>allow</action><source-hip><member>any</member></source-hip><destination-hip><member>any</member></destination-hip>'"
Additional Information
참고: 이것은 특정 명령 중 하나입니다. 다른 명령도 다를 수 있습니다. 특정 버전은 API 설명서를 참조하세요.