Hi everybody,
I am trying to automate ACLs in EXOS 22. I need create an ACL and apply to a port.
Using restconf does not yet offer a way to do this. I tried using XOS 30.6 but it only allows to create a acl but the method to apply to a port is missing (/rest/restconf/data/ietf-access-control-list:acls/attachment-points). So, I tried to use my current SOAP/XML to do this.
With my EXOS 16.2 switches, the script works fine with the following parameters:
Method “setDynamicAcl”
<?xml version="1.0" encoding="UTF-8"?><rule xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><name xsi:type="xsd:string">test_001</name><applicationName xsi:type="xsd:string">Cli</applicationName><match> <dstIpAddress xsi:type="xsd:string">192.168.0.1/32</dstIpAddress> <dstEthernetAddress xsi:type="xsd:string">00:0d:f2:00:00:01</dstEthernetAddress></match><response> <deny xsi:type="xsd:boolean">true</deny></response></rule>
Method “insertDynamicAclOnInterface”
<?xml version="1.0" encoding="UTF-8"?><port xsi:type="xsd:string">24</port><newRule xsi:type="xsd:string">test_001</newRule><applicationName xsi:type="xsd:string">Cli</applicationName><direction xsi:type="xsd:string">BEFORE</direction>
But, when I try to do this on EXOS 22 the xmld server reply “Internal Server Error”.
Any “get” method works fine with xmlservice (listDynamicAcl, by example).
Am I missing something? Maybe an configuration to allow “set” methods?
Does anyone have any ideas that can help me?
Thanks in advance.
