NewOrChangedRuleConfig.py

from enum import Enum

class DupRuleAct(Enum):
        REPLACE = 1 # This indicates the values of RULE_DATA will completely replace an existing rule with the same name or "comment" field
        APPEND = 2 # This indicates that the values in the "destCidr" and "srcCidr" fields of RULE_DATA will be appended to the corresponding fields
                   # on an existing rule with the same name or "comment" field.
                   # NOTE: If you specify 'Any' for either the srcCidr or the destCidr, it will replace the value of that field with 'Any' instead of appending.
                   # If you specify a Cidr string but originally it was 'Any', it will replace 'Any' with the new Cidr string.
        ADD_DUPLICATE = 3 # This indicates that even if a rule is found with the same exact "comment" field, a new one with the values in RULE_DATA will be added


RULE_DATA= {
        "comment": "TestRule", #this field contains the name of the rule to add/modify/append
        "policy": "allow", #'allow' or 'deny' traffic specified by this rule
        "protocol": "any", #The type of protocol (must be 'tcp', 'udp', 'icmp' or 'any')
        "srcPort": "Any", #Comma-separated list of destination port(s) (integer in the range 1-65535), or 'any'
        "srcCidr": "Any", #Comma-separated list of source IP address(es) (in IP or CIDR notation), or 'any' (note: FQDN not supported for source addresses) i.e. 10.0.1.34,192.168.1.10/24
        "destPort": "Any", #Comma-separated list of destination port(s) (integer in the range 1-65535), or 'any'
        "destCidr": "10.5.8.1", #Comma-separated list of destination IP address(es) (in IP or CIDR notation), fully-qualified domain names (FQDN) or 'any' i.e. 10.0.1.34/32,192.168.1.10/24, www.cnn.com
        "syslogEnabled": True #Log this rule to syslog (True or False, boolean value) - only applicable if a syslog has been configured
    }

RULE_ACTION=DupRuleAct.REPLACE # can be DupRuleAct.REPLACE, DupRuleAct.APPEND or DupRuleAct.ADD_DUPLICATE as defined above