NAT Rule#

This class is used to manage NAT Rule

class NATRule#
add(package, position, name=None, enabled=False, install_on=None, method=None, original_destination=None, original_service=None, original_source=None, translated_destination=None, translated_service=None, translated_source=None, **kw)#

Create new object.

Parameters

  • package (str) – Name of the package.

  • position (Union[int, str, dict]) – Position in the rulebase. If an integer is provided, it will add the rule at the specific position. If a string is provided, it will add the rule at the position mentioned in the valid values (“top” or “bottom”). Otherwise, you can provide a dictionnary to explain more complex position (see the API documentation).

  • name (str, optional) – Rule name.

  • enabled (bool, optional) – Enable/Disable the rule.

  • install_on (Union[str, List[str]], optional) – Which Gateways identified by the name or UID to install the policy on

  • method (str, optional) – Nat method. Valid values are “static”, “hide”, “nat64”, “nat46” and “cgnat”

  • original_destination (str, optional) – Original destination.

  • original_service (str, optional) – Original service.

  • original_source (str, optional) – Original source.

  • translated_destination (str, optional) – Translated destination.

  • translated_service (str, optional) – Translated service.

  • translated_source (str, optional) – Translated service.

Keyword Arguments

  • **comments (str, optional) – Comments string.

  • **details-level (str, optional) – The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

  • **ignore-warnings (bool, optional) – Apply changes ignoring warnings. Defaults to False

  • **ignore-errors (bool, optional) – Apply changes ignoring errors. You won’t be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. Defaults to False

Returns

The response from the server

Return type

Box

Examples

>>> firewallManagement.access_control_nat.nat_rule.add(
... package="standard",
... position="top",
... name="New NAT Rule 1",
... enabled=True,
... install_on="6c488338-8eec-4103-ad21-cd461ac2c476",
... method="static",
... original_destination="Any",
... original_service="New_TCP_Service_1",
... original_source="Any",
... translated_destination="Any",
... translated_service="New_TCP_Service_1",
... translated_source="Any",)
delete(package, uid=None, name=None, rule_number=None, **kw)#

Delete existing object using object name or uid.

Parameters

  • package (str) – Name of the package

  • uid (str, optional) – Object unique identifier.

  • name (str, optional) – Object name.

  • rule_number (int, optional) – Rule number.

Keyword Arguments

**details-level (str, optional) – The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

Returns

The response from the server

Return type

Box

Examples

>>> firewallManagement.access_control_nat.nat_rule.delete(
... package="standard",
... uid="a5a88521-c996-a256-9625-b5a5d56c39ad")
set(package, uid=None, name=None, rule_number=None, new_name=None, new_position=None, enabled=False, install_on=None, method=None, original_destination=None, original_service=None, original_source=None, translated_destination=None, translated_service=None, translated_source=None, **kw)#

Edit existing object using object name or uid.

Parameters

  • package (str) – Name of the package.

  • uid (str, optional) – Object unique identifier.

  • new_name (str, optional) – New name of the object.

  • rule_number (int, optional) – Rule number.

  • name (str, optional) – Rule name.

  • new_position (Union[int, str, dict], optional) – New position in the rulebase. If an integer is provided, it will add the rule at the specific position. If a string is provided, it will add the rule at the position mentioned in the valid values (“top” or “bottom”). Otherwise, you can provide a dictionnary to explain more complex position (see the API documentation).

  • enabled (bool, optional) – Enable/Disable the rule.

  • install_on (Union[str, List[str]], optional) – Which Gateways identified by the name or UID to install the policy on

  • method (str, optional) – Nat method. Valid values are “static”, “hide”, “nat64”, “nat46” and “cgnat”

  • original_destination (str, optional) – Original destination.

  • original_service (str, optional) – Original service.

  • original_source (str, optional) – Original source.

  • translated_destination (str, optional) – Translated destination.

  • translated_service (str, optional) – Translated service.

  • translated_source (str, optional) – Translated service.

Keyword Arguments

  • **details-level (str, optional) – The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

  • **ignore-warnings (bool, optional) – Apply changes ignoring warnings. Defaults to False

  • **ignore-errors (bool, optional) – Apply changes ignoring errors. You won’t be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. Defaults to False

Returns

The response from the server

Return type

Box

Examples

>>> firewallManagement.access_control_nat.nat_rule.set(
... uid="a5a88521-c996-a256-9625-b5a5d56c39ad",
... new_name="New NAT Rule 1",
... new_position=3,
... package="standard",
... position="top",
... enabled=True,
... install_on="6c488338-8eec-4103-ad21-cd461ac2c476",
... method="static",
... original_destination="Any",
... original_service="New_TCP_Service_1",
... original_source="Any",
... translated_destination="Any",
... translated_service="New_TCP_Service_1",
... translated_source="Any")
show(package, uid=None, name=None, rule_number=None, **kw)#

Retrieve existing object using object name or uid.

Parameters

  • package (str) – Name of the package.

  • rule_number (int, optional) – Rule number. Mandatory if “uid” or “name” are not set.

  • uid (str, optional) – Object unique identifier. Mandatory if “rule_number” or “name” are not set.

  • name (str, optional) – Object name. Mandatory if “rule_number” or “uid” are not set.

Keyword Arguments

**details-level (str, optional) – The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

Returns

The response from the server

Return type

Box

Examples

>>> firewallManagement.access_control_nat.nat_rule.show(
... uid="a5a88521-c996-a256-9625-b5a5d56c39ad",
... package="standard")
show_nat_rulebase(package, filter_results=None, filter_settings=None, limit=50, offset=0, order=None, use_object_dictionnary=None, **kw)#

Shows the entire NAT Rules layer. This layer is divided into sections. A NAT Rule may be within a section, or independent of a section (in which case it is said to be under the “global” section). There are two types of sections: auto generated read only sections and general sections which are created manually. The reply features a list of objects. Each object may be a section of the layer, within which its rules may be found, or a rule itself, for the case of rules which are under the global section. An optional “filter” field may be added in order to filter out only those rules that match a searchcriteria.

Parameters

  • package (str, optional) – Name of the package

  • name (str, optional) – Object name. Must be unique in the domain.

  • uid (str, optional) – Object unique identifier.

  • filter_results (str, optional) – Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The logical operators in the expression (‘AND’, ‘OR’) should be provided in capital letters. he search involves both a IP search and a textual search in name, comment, tags etc.

  • filter_settings (str, optional) – Sets filter preferences.

  • limit (int, optional) – The maximal number of returned results. Defaults to 50 (between 1 and 500)

  • offset (int, optional) – Number of the results to initially skip. Defaults to 0

  • order (List[dict], optional) – Sorts results by the given field. By default the results are sorted in the descending order by the session publish time.

  • package – Name of the package.

  • use_object_dictionnary (bool, optional) – N/A

Keyword Arguments

  • **details-level (str, optional) – The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

  • **domains-to-process (List[str], optional) – Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.

  • **dereference-group-members (bool, optional) – Indicates whether to dereference “members” field by details level for every object in reply.

Returns

The response from the server

Return type

Box

Examples

>>> firewallManagement.access_control_nat.nat_rule.show_nat_rulebase(
... package="standard",
... offset=0,
... limit=20,
... order={"ASC": "name"},
... details_level="standard",
... use_object_dictionnary=True,
... filter_results="",
... filter_settings={},)