Uploading a policy and monitoring its status

There are two ways of uploading or refreshing a policy — from the engine and from the policy.

To upload a policy from the engine, you must first search for the engine after logging in using the filtering feature:

GET http://localhost:8082/7.0/elements?filter=Helsinki FW

Engine

After the engine has been retrieved, the following JSON content is displayed:

    "link":
    [
    {
    "href": "http://localhost:8082/7.0/elements/fw_cluster/1563/refresh",
    "rel": "refresh"
    },
    {
    "href": "http://localhost:8082/7.0/elements/fw_cluster/1563/upload",
    "rel": "upload"
    },
    …
]

Policy

The verb ‘upload’ is listed, so you can execute the following request:

POST http://localhost:8082/7.0/elements/fw_cluster/1563/upload?filter=HQ Policy

By filtering the REST call with the HQ Policy, you enable the upload of the HQ Policy on the Helsinki Firewall Cluster.

This results in the 201 HTTP response status code and the following:

{
        "follower": "http://localhost:8082/7.0/elements/fw_cluster/1563/upload/NWYyMDBiOTA4ZTY3NDM0ZTotNzgyM2JmMmI6MTNmZWMxMGI3ZGY6LTdmZDA=",
        "href": "http://localhost:8082/7.0/elements/fw_cluster/1563",
        "in_progress": true,
        "last_message": "",
        "success": true
}

To follow up on the upload, you can periodically request for its status in the following way:

GET http://localhost:8082/7.0/elements/fw_cluster/1563/upload/NWYyMDBiOTA4ZTY3NDM0ZTotNzgyM2JmMmI6MTNmZWMxMGI3ZGY6LTdmZDA=

For as long as the attribute in_progress is not set to false, the upload continues with a new last_message attribute.

It is also possible to refresh a policy on the engine. As you can see from the engine links, the verb ‘refresh’ is also available on the engine:

POST http://localhost:8082/7.0/elements/fw_cluster/1563/refresh

This process ends in the same way as an upload. The engine must have a policy already installed to proceed to the upload.

See addRuleAndUpload.py JSON or XML samples.