| Solution |
FortiManager responds to an invalid protocol number when retrieving service objects using JSON API as below:
[Request]
{
"method": "get",
"params": [
{
"option": "{option}",
"url": "/pm/config/adom/root/obj/firewall/service/custom/ALL_TCP"
}
],
"session": "MU887MBN7utmvDu31Fc8kK/RQ5J900Gn0kh5NwDc5mSFgIWheLtG67HaMEB8BH3IIUIPzOepWd2gYDeuZjfshZod6po6jUyx",
"id": 1
}
[Response]
{
"id": 1,
"result": [
{
"data": {
"app-category": [],
"app-service-type": 0,
"application": [],
"category": [
"General"
],
"check-reset-range": 3,
"color": 0,
"comment": null,
"fabric-object": 0,
"fqdn": null,
"global-object": 0,
"helper": 1,
"iprange": "0.0.0.0",
"name": "ALL_TCP",
"obj seq": 2,
"oid": 3194,
"protocol": 5,
"proxy": 0,
"sctp-portrange": [],
"session-ttl": "0",
"tcp-halfclose-timer": 0,
"tcp-halfopen-timer": 0,
"tcp-portrange": [
"1-65535"
],
"tcp-timewait-timer": 0,
"udp-idle-timer": 0,
"udp-portrange": [],
"visibility": 1
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/root/obj/firewall/service/custom/ALL_TCP"
}
+ ALL_UDP
………..
"name": "ALL_UDP",
"obj seq": 3,
"oid": 3195,
"protocol": 5,
………..
+ ALL_ICMP6
………..
"name": "ALL_ICMP6",
"obj seq": 5,
"oid": 3197,
"protocol": 6,
………..
The Protocol numbers for each service are as follows:
- ALL_TCP: 6
- ALL_UDP: 17
- ALL_ICMP6: 58
- ALL_ICMP: 1
However, the reason why the protocol number included in the code returned by FortiManager is different is that this value is not a protocol number in FortiManabger, but an internal mapping of option enum to an integer.
FortiManager has the internal mapping of an option enum to an integer:
ICMP: 1
IP: 2
TCP/UDP/SCTP : 5
ICMP6: 6
HTTP: 7
FTP: 8
CONNECT: 9
SOCKS: 10
ALL: 11
SOCKS-TCP : 12
SOCKS-UDP : 13
Related articles:
|
