How to modify Firewall Access Rules using CLI
03/26/2020 37 15523
Modifying Firewall Access Rules using the command line interface.
This article focuses on using CLI access to modify Firewall Access Rules.
If for example we do not have access to the unit's GUI or a newly created Access Rule blocks access to the unit, there is the possibility to change or disable/enable the rules.
Step 1: Log into the appliance using a terminal software like puTTY.
Step 2: Type
configure and hit Enter in order to enter the configuration mode.
Step 3: In order to see the Firewall Access Rules created on the unit please type
show access-rules and hit Enter.
This will display all the Firewall Access rules one by one with their id number.
The id number will be useful for modifying the rules, so once you find the rule you would like to change, please note down the ID.
By pressing the space bar you can skip from one rule to the next.
Step 4: In our case the rule we want to change has th ID 17.
To see the rule you may also type
show access-rule uuid 17 and hit Enter.
As you can see below this is a deny rule from LAN to WAN to the destination of a FQDN object "wp.pl".
Step 5: In our case we want to disable the rule.
In order to do so we need to type
access-rule uuid 17 and hit Enter.
Step 6: Then type
no enable and hit Enter, then type
commit and hit Enter once again.
Step 7: Finally, type
exit and hit Enter in order to exit the config session.
Then, close puTTY. The changes are applied and the rule is disabled.
Additionally, once you are in the configuration section of a specific rule, you can hit Tab in order to display all other Access Rule Commands that can be used.