: dump security-policy config policy-rules
Focus
Focus

dump security-policy config policy-rules

Table of Contents

dump security-policy config policy-rules

Use the dump security-policy config policy-rules command to display the security policy rule configuration for a device.
Information displayed includes the security policy rule name, action, state, source zone ids, destination zone ids, and application definition ids.

Command

dump security-policy config policy-rules ( all | policy-rule= policy-rule name | application= application definition name | source-zone= source zone name | dest-zone= destination zone name | action= (allow | deny | reject) | state=( enabled | disabled ))+ ]

Options

allEnter all to display configuration of all security policy rules on the device.
applicationEnter an application name to display policy rules for the application.
source-zoneEnter the source zone to display configuration of security policy rules for the source zone.
dest-zoneEnter the destination zone to display configuration of security policy rules for the destination zone.
actionEnter allow to display configuration for those security policy rules where the action is set to allow.
Enter deny to display configuration for those security policy rules where the action is set to deny.
Enter reject to display configuration for those security policy rules where the action is set to reject.
policy-ruleEnter an application definition policy rule name to display information for the policy rule.
stateEnter enabled to display configuration for those security policy rules where the state is set to enabled.
Enter disabled to display configuration for those security policy rules where the state is set to disabled.

Command Notes

RoleSuper, Read Only, Monitor
Related Commands
dump security-policy config policy-sets
Introduced in Release 4.5.1

Example

dump security-policy config policy-rules policy-rule=branch-zbfw_rule1 Security Policy Rule ID : 1675995765132024696 Security Policy Rule Name : branch-zbfw_rule1 Action : allow Rule-Type : custom Enabled : true Source Zones : 1675995054995018796: branch1_lan_zone Destination Zones : 1675995069171003096: branch1_vpn_zone Applications : ANY Source Prefix Filters : 1675995350736002196: branch_lan1 Destination Prefix Filters : 1675995723718016196: branch_hub_prefix Users : ANY UserGroups : ANY Services : ANY
dump security-policy config policy-rules user="1674636535551002128" Security Policy Rule ID : 1675969523166013128 Security Policy Rule Name : Test 1 Action : allow Rule-Type : custom Enabled : true Source Zones : ANY Destination Zones : ANY Applications : ANY Source Prefix Filters : ANY Destination Prefix Filters : ANY Users : 1674636535551002128: None UserGroups : NONE Services : ANY