Skip to main content
segla_samaty
segla_samaty
New Member
August 22, 2023
Solved

Fitering table based on mutiple params FMG 6.4.8

  • August 22, 2023
  • 3 replies
  • 2352 views

Hello,

I'm trying to collect (through the json-rpc api) the firewall service objects that match 

 

 

 

 

["tcp-portrange", "==", ["443", "80"]]

 

 

 

 

and 

 

 

 

 

["udp-portrange", "==",["53"]]

 

 

 

 

.

 How can I use the "&&" operator to combine those two filtering conditions.
 
The doc isn't so clear to me.
 
I tried many things including this

 

 

 

{         "method": "get",         "params": [                    {                          "filter": [                               ["tcp-portrange", "==",["443", "80"]],                               "&&",                               ["udp-portrange", "==",["53"]]                           ],                           "url": "/pm/config/adom/ADOM-DC-FR-1/obj/firewall/service/custom"                    }            ],           "session": "{{session}}",           "id": "1" }​

 

 

 

still having code -11
 
@oholecek_FTNT Need your help
Best answer by oholecek_FTNT

Hello Segla,

 

First thing to say (putting aside the UDP filter for now) is that if you want to list services that have TCP port either 443 or 80, you cannot use the filter you have, but you need to either use two separate filters which are by default joined with logical OR:

 

"filter": [   [ "tcp-portrange", "==", "80"],   [ "tcp-portrange", "==", "443"] ]

 

 

Or single filter with "in" operator (notice that ports are NOT in nested array in this case):
"filter": [   [ "tcp-portrange", "in", "80", "443" ] ]

 

Note: This might not work as you expect for services that use real range, like SNMP service with range "161-162", because it is a text and must be compared as it.

 

I have added some examples to our Postman collection request List firewall services with OR filter.

 

 

 

Now, for the AND logic. Using "&&" is really the correct way. See our Postman collection request List firewall services with AND filter.

 

From your description it is not clear what you want to achieve. You write that you want to list services that have TCP port range (443 or 80) and UDP port range 53 at the same time (this is what "&&" operator means), but with standard configuration you would get nothing because there is no such service predefined. There is a possibility that you defined some weird service like that manually, so you can use the request from example above if that is the case.

 

However, don't you rather want to list all services that have TCP port 80 or 443 or UDP port 53? In standard configuration, that would return 3 services: HTTP, HTTPS and DNS. The filter would look like this:

 

"filter": [   [ "tcp-portrange", "in", "80", "443" ],   [ "udp-portrange", "==", "53" ] ]

 

This is exactly what List firewall services with OR filter example does.

 

I hope this helps.

Ondrej

3 replies

asrour
Staff
asrour
Staff
August 22, 2023

what is the ADOM name?

 "url": "/pm/config/adom/{{adom}}/obj/firewall/service/custom"
segla_samaty
segla_samatyAuthor
New Member
August 23, 2023

Hi @asrour 

 

I'm using Postman, {{adom}} is a variable holding the actual ADOM name. I didn't think my ADOM name could be an issue but, "ADOM-DC-FR-1" is  the name.

 

url be like 

 

"url": "/pm/config/adom/ADOM-DC-FR-1/obj/firewall/service/custom"

 

 

segla_samaty
segla_samatyAuthor
New Member
September 20, 2023

Help pls, I'm stuck! 

 

What a really want is to get all services with "tcp-portrange" == ["443", "80"] and
"udp-portrange" == ["53"] at the same time.

segla_samaty
segla_samatyAuthor
New Member
September 20, 2023

Help pls, I'm stuck! 

What a really want is to get all services with "tcp-portrange" == ["443", "80"] and
"udp-portrange" == ["53"] at the same time.

oholecek_FTNT
Staff
oholecek_FTNTAnswer
Staff
October 14, 2023

Hello Segla,

 

First thing to say (putting aside the UDP filter for now) is that if you want to list services that have TCP port either 443 or 80, you cannot use the filter you have, but you need to either use two separate filters which are by default joined with logical OR:

 

"filter": [   [ "tcp-portrange", "==", "80"],   [ "tcp-portrange", "==", "443"] ]

 

 

Or single filter with "in" operator (notice that ports are NOT in nested array in this case):
"filter": [   [ "tcp-portrange", "in", "80", "443" ] ]

 

Note: This might not work as you expect for services that use real range, like SNMP service with range "161-162", because it is a text and must be compared as it.

 

I have added some examples to our Postman collection request List firewall services with OR filter.

 

 

 

Now, for the AND logic. Using "&&" is really the correct way. See our Postman collection request List firewall services with AND filter.

 

From your description it is not clear what you want to achieve. You write that you want to list services that have TCP port range (443 or 80) and UDP port range 53 at the same time (this is what "&&" operator means), but with standard configuration you would get nothing because there is no such service predefined. There is a possibility that you defined some weird service like that manually, so you can use the request from example above if that is the case.

 

However, don't you rather want to list all services that have TCP port 80 or 443 or UDP port 53? In standard configuration, that would return 3 services: HTTP, HTTPS and DNS. The filter would look like this:

 

"filter": [   [ "tcp-portrange", "in", "80", "443" ],   [ "udp-portrange", "==", "53" ] ]

 

This is exactly what List firewall services with OR filter example does.

 

I hope this helps.

Ondrej

Terms & ConditionsAccessibility statement