Add Destination/Source Ports literals to Access Rules

[dadelowo367]

Hello Guys,

First of all, thanks for this

It will be really great to have the ability to add port literals for Access Rules just like we can with source and destination networks. Having to create port objects for access rules has left us with a lot of duplicated port objects.

Thanks.

[daxm]

You are welcome! Though, I must admit I didn't write that particular bit of the code. Someone in the community did. :-)
I don't read an "issue" here but before I close this "issue" I want to ensure I'm not missing something.

[dadelowo367]

Yeah, I think is more a feature request than an ''Issue" . Would it be possible to put this request out there, in case someone can help with this.

[daxm]

I'm glad I asked. I mis-read your message and didn't see any request in it. (I know. I've re-read it and it is obvious. I just missed the message's meaning last time.)
No guarantee but I'll see if I can look into this.

[daxm]

Alas, the online API documentation doesn't explicitly describe whether "literal" is a valid input for AccessRules. I'll have to spin up an FMC and check it from there.

[dadelowo367]

I tried to mess around with the API and was able to create Access rules with literal ports. Here is a sample Payload.

{
   "id":"",
   "enableSyslog":false,
   "sourceNetworks":{
      "literals":[
         {
            "type":"FQDN",
            "value":"10.1.1.22"
         },
         {
            "type":"FQDN",
            "value":"10.2.2.11"
         }
      ],
      "objects":[
         {
            "type":"Network",
            "overridable":false,
            "id":"005056BF-4E01-0ed3-0000-021474836483",
            "name":"Sample-Network-1"
         }
      ]
   },
   "destinationNetworks":{
      "literals":[
         {
            "type":"FQDN",
            "value":"10.4.4.88"
         }
      ]
   },
   "logBegin":false,
   "sourcePorts":{
      "objects":[
         {
            "type":"ProtocolPortObject",
            "protocol":"TCP",
            "overridable":false,
            "id":"005056BF-4E01-0ed3-0000-021474836597",
            "name":"demo_port1"
         }
      ]
   },
   "destinationPorts":{
     "literals":[
          {
             "type":"PortLiteral",
             "port":"7600",
             "protocol":"6"
          }
      ],
      "objects":[
         {
            "type":"ProtocolPortObject",
            "protocol":"TCP",
            "overridable":false,
            "id":"005056BF-4E01-0ed3-0000-021474836616",
            "name":"demo_port2"
         }
      ]
   },
   "logEnd":false,
   "variableSet":{
      "name":"Default Set",
      "id":"76fa83ea-c972-11e2-8be8-8e45bb1343c0",
      "type":"VariableSet"
   },
   "logFiles":false,
   "vlanTags":{
      "objects":[
         {
            "type":"VlanTag",
            "overridable":false,
            "id":"005056BF-4E01-0ed3-0000-021474836635",
            "name":"vlan1"
         },
         {
            "type":"VlanTag",
            "overridable":false,
            "id":"005056BF-4E01-0ed3-0000-021474836654",
            "name":"vlan2"
         }
      ]
   },
   "sendEventsToFMC":false,
   "enabled":true,
   "action":"ALLOW",
   "name":"Demo-Rule511",
   "type":"AccessRule"
}