FirewallPolicyExtension example

Create a FirewallPolicyExtension object and set the state and rule IDs:

firewall_policy_extension = api.FirewallPolicyExtension()
firewall_policy_extension.state = "on"
firewall_policy_extension.rule_ids = rule_ids;

PolicySettings example

Next, create a PolicySettings object to configure Firewall-related settings. (For detailed information about policy settings, see Configure policy and default policy settings.) For example, you can enable reconnaissance scans:

policy_settings = api.PolicySettings()
setting_value = api.SettingValue()
setting_value.value = True
policy_settings.firewall_setting_reconnaissance_enabled = setting_value

Modify policy example

At this point, the Firewall policy extension and the policy settings are configured. Next, add them to a Policy object, and use a PoliciesApi object to modify a policy on Deep Security Manager.

policy = api.Policy()
policy.firewall = firewall_policy_extension
policy.policy_settings = policy_settings

policies_api = api.PoliciesApi(api.ApiClient(configuration))
returned_policy = policies_api.modify_policy(policy_id, policy, api_version)

The policy_id (or policyID) parameter of modifyPolicy identifies the actual policy on Deep Security Manager that is to be modified. This policy is modified according to the policy object that is used as the policy parameter. Any properties of the policy parameter that are not set remain unchanged on the actual policy.

Complete policy example

The following example creates a Policy object, modifies its FirewallPolicyExtension, and configures a policy setting. The policy is then updated on Deep Security Manager.

View source

policies_api = api.PoliciesApi(api.ApiClient(configuration))
policy = api.Policy()
firewall_policy_extension = api.FirewallPolicyExtension()

# Turn on firewall
firewall_policy_extension.state = "on"

# Assign rules
firewall_policy_extension.rule_ids = rule_ids;

# Add the firewall state to the policy
policy.firewall = firewall_policy_extension

# Turn on reconnaissance scan
policy_settings = api.PolicySettings()
setting_value = api.SettingValue()
setting_value.value = True
policy_settings.firewall_setting_reconnaissance_enabled = setting_value

# Add reconnaissance scan state to the policy
policy.policy_settings = policy_settings

# Modify the policy on Deep Security Manager
return policies_api.modify_policy(policy_id, policy, api_version)