trusguard-policies
List policies from Trusguard firewall.
Syntax
trusguard-policies [profile=PROFILE] [src-ipv4-object-list=SRC-IPV4-OBJECT-LIST] [dst-ipv4-object-list=DST-IPV4-OBJECT-LIST] [description=DESCRIPTION]
Options
- profile=PROFILE
- Optional. TrusGuard connect profile code
- src-ipv4-object-list=SRC-IPV4-OBJECT-LIST
- Optional. Comma-separated list of src ipv4 objects
- dst-ipv4-object-list=DST-IPV4-OBJECT-LIST
- Optional. Comma-separated list of dst ipv4 objects
- description=DESCRIPTION
- Optional. Filter by description
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | TrusGuard connect profile code |
| index | Long | Index | Policy index |
| is_enabled | Bool | Is enabled | Policy enabled |
| src_ipv4_object_list | String | Source IPv4 objects | Comma-separated source IPv4 object names |
| dst_ipv4_object_list | String | Destination IPv4 objects | Comma-separated destination IPv4 object names |
| service_object | String | Service object | Service object name |
| action | String | Action | Policy action |
| schedule_object | String | Schedule object | Schedule object name |
| is_log_enabled | Bool | Is log enabled | Log enabled |
| log_id | String | Log ID | Log identifier |
| qos_object | String | QoS object | QoS object name |
| is_ips_enabled | Bool | Is IPS enabled | IPS enabled |
| is_transparent_proxy_enabled | Bool | Is transparent proxy enabled | Proxy IP header retention enabled |
| proxy | String | Proxy | Proxy name |
| proxy_user | String | Proxy user | Proxy user |
| rule_num | Integer | Rule number | Rule count |
| description | String | Description | Policy description |
| hit_cnt_1d | Long | Hit count 1 | Hit count for 1 day |
| hit_cnt_7d | Long | Hit count 7 | Hit count for 7 days |
| hit_cnt_30d | Long | Hit count 30 | Hit count for 30 days |
| hit_cnt_60d | Long | Hit count 60 | Hit count for 60 days |
| hit_cnt_90d | Long | Hit count 90 | Hit count for 90 days |
| hit_cnt_180d | Long | Hit count 180 | Hit count for 180 days |
| hit_cnt_365d | Long | Hit count 365 | Hit count for 365 days |
| last_hit_elapsed | Long | Last hit elapsed | Last hit time for access blocking (days ago) |
| last_hit_time | Date | Last hit time | Last hit time |
| last_use_elapsed | Long | Last use elapsed | Last connection session check time for firewall policy (days ago) |
| last_use_time | Date | Last use time | Last hitcount time |
| updated | Date | Updated | Last updated time |
| update_admin | String | Update admin | Last update admin |
| session_limit_type | String | Session limit type | e.g. No Limit, Source IP Limit, Policy Limit |
| session_limit | Long | Session limit | Maximum number of sessions that can be connected based on source IP |
| ips_profile | String | IPS profile | IPS profile |
| is_reverse | Bool | Is reverse | Bidirectional policy |
| log_group_id | String | Log group ID | Log group ID |
| is_webfilter_enabled | Bool | Is web filter enabled | Web filter enabled |
| webfilter_profile | String | Web filter profile | Web filter for basic policy (firewall) |
| is_antimalware_enabled | Bool | Is anti malware enabled | Harmful site blocking enabled |
| anti_malware_profile | String | Anti malware profile | Harmful site blocking profile |
| is_cnc_enabled | Bool | Is C&C enabled | C&C connection blocking enabled |
| cnc_profile | String | C&C profile | C&C connection blocking profile |
| rule_id | String | Rule ID | Rule ID |
| is_app_enabled | Bool | Is app enabled | Application control enabled |
| app_control_profile | String | App control profile | Application control profile |
| is_antivirus_enabled | Bool | Anti virus enabled | Anti-virus enabled |
| anti_virus_profile | String | Anti virus profile | Anti-virus profile |
| is_dlp_enabled | Bool | DLP enabled | Data Loss Prevention enabled |
| dlp_profile | String | DLP profile | Data Loss Prevention profile |
| is_unused_policy_expire_enabled | Bool | Unused policy expire enabled | Auto deactivation enabled for basic policy (firewall) |
| unused_policy_expire_day | String | Unused policy expire day | Auto deactivation base day for basic policy (firewall) |
| is_stream_enabled | Bool | Stream enabled | Stream reassembly enabled |
| is_spam_enabled | Bool | Spam enabled | Anti-spam enabled for basic policy (firewall) |
| anti_spam_profile | String | Anti-spam profile | Anti-spam profile |
| is_timeout_enabled | Bool | Timeout enabled | Timeout enabled |
| timeout | Long | Timeout | Timeout value |
| pbr_id | String | Policy based routing ID | Policy based routing table ID |
| qos_direction | String | QoS application direction | QoS application direction |
| vlan_id_enabled | Bool | VLAN ID enabled | VLAN ID enabled for basic policy (firewall) |
| vlan_id | String | VLAN ID | VLAN ID for basic policy (firewall) |
| device_control | String | Device control | Device control |
| created | Date | Creation time | Creation time |
| create_admin | String | Creation admin | Admin who added the firewall policy |
| pbr_direction | String | Policy based routing direction | Policy-based routing table direction |
| total_hit_cnt | Long | Total hit count | Total hit count |
| rcvd_pkts | Long | Received packet count | Received packet count |
| sent_pkts | Long | Transmitted packet count | Transmitted packet count |
| rcvd_bytes | Long | Received bytes | Received bytes |
| sent_bytes | Long | Transmitted bytes | Transmitted bytes |
| activate_type | String | Activation type | e.g. Activate, Deactivate OFF, Deactivate Expired, Deactivate ZeroHit |
| ipv6_limit_hdr_hop | Integer | IPv6 header hop limit | IPv6 header hop limit |
| ipv6_limit_hdr_routing | Integer | IPv6 header routing limit | IPv6 header routing limit |
| ipv6_limit_hdr_fragment | Integer | IPv6 header fragment limit | IPv6 header fragment limit |
| ipv6_limit_hdr_esp | Integer | IPv6 header ESP limit | IPv6 header ESP limit |
| ipv6_limit_hdr_auth | Integer | IPv6 header auth limit | IPv6 header auth limit |
| ipv6_limit_hdr_dst | Integer | IPv6 header DST limit | IPv6 header DST limit |
| policy_group_id | String | Policy group ID | Policy group ID |
| policy_group_name | String | Policy group name | Policy group name |
| tms_creator | String | TMS creator | TMS PM integration |
| tms_id | String | TMS ID | TMS PM ID |
| is_applied | Bool | Is applied | Changes applied status |