Virtual Routers Firewall Policies
Allowed HTTP methods
Method |
Description |
|---|---|
GET |
get / list object/s |
POST |
create new object/s |
DELETE |
delete object/s |
List single policy
- GET /vrfwpolicies/{vrfwpolicy_uuid}/
Gets detailed information on a policy identified by vrfwpolicy_uuid.
- statuscode 200:
no error
Example request:
GET /api/2.0/vrfwpolicies/906abae3-b533-4c5d-8d98-c459195b6230/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
Example response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"active": true,
"filters": [
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.1",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 1,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/fb747784-c370-4137-bc92-469cedc5cbce/",
"uuid": "fb747784-c370-4137-bc92-469cedc5cbce"
},
"src": "10.0.2.1",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "fb747784-c370-4137-bc92-469cedc5cbce"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.2",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 2,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/d2994d4b-e935-4b87-90fb-41e42565a1a0/",
"uuid": "d2994d4b-e935-4b87-90fb-41e42565a1a0"
},
"src": "10.0.2.2",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "d2994d4b-e935-4b87-90fb-41e42565a1a0"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.3",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 3,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/74a7a760-70c2-4267-bffc-d96d695bb7dc/",
"uuid": "74a7a760-70c2-4267-bffc-d96d695bb7dc"
},
"src": "10.0.2.3",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "74a7a760-70c2-4267-bffc-d96d695bb7dc"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.4",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 4,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/4146531d-d902-4b79-ba40-d4cc3ba3495b/",
"uuid": "4146531d-d902-4b79-ba40-d4cc3ba3495b"
},
"src": "10.0.2.4",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "4146531d-d902-4b79-ba40-d4cc3ba3495b"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.5",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 5,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/13390e58-ed8f-4dfa-8401-9d17846638f3/",
"uuid": "13390e58-ed8f-4dfa-8401-9d17846638f3"
},
"src": "10.0.2.5",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "13390e58-ed8f-4dfa-8401-9d17846638f3"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.6",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 6,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/52e2f238-16c7-4882-a2e6-bdb87c1e91e6/",
"uuid": "52e2f238-16c7-4882-a2e6-bdb87c1e91e6"
},
"src": "10.0.2.6",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "52e2f238-16c7-4882-a2e6-bdb87c1e91e6"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.7",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 7,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/a2f3a53b-9a66-4f1b-92b6-95f5760c5854/",
"uuid": "a2f3a53b-9a66-4f1b-92b6-95f5760c5854"
},
"src": "10.0.2.7",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "a2f3a53b-9a66-4f1b-92b6-95f5760c5854"
},
{
"action": "deny",
"action_queue": null,
"dst": "10.0.1.8",
"dst_addr_op": true,
"dst_port": "22",
"dst_port_op": true,
"icmp_type": "Echo reply",
"jobs": [],
"log": false,
"order": 8,
"protocol": "tcp",
"resource_uri": {
"resource_uri": "/api/2.0/vrfwfilters/08bd64b4-1e3b-422c-beba-e0bd8d8cc1fa/",
"uuid": "08bd64b4-1e3b-422c-beba-e0bd8d8cc1fa"
},
"src": "10.0.2.8",
"src_addr_op": true,
"src_port": "",
"src_port_op": true,
"uuid": "08bd64b4-1e3b-422c-beba-e0bd8d8cc1fa"
}
],
"jobs": [
{
"resource_uri": "/api/2.0/jobs/4a54dd7b-4c9b-45ac-94a4-664d1a93e684/",
"uuid": "4a54dd7b-4c9b-45ac-94a4-664d1a93e684"
},
{
"resource_uri": "/api/2.0/jobs/0dd31f40-a6e3-4a76-a289-0850c15630ac/",
"uuid": "0dd31f40-a6e3-4a76-a289-0850c15630ac"
},
{
"resource_uri": "/api/2.0/jobs/4f4af216-5f72-4464-a157-f85d3c5c7dae/",
"uuid": "4f4af216-5f72-4464-a157-f85d3c5c7dae"
},
{
"resource_uri": "/api/2.0/jobs/139898e2-1385-4f7e-8e90-2d33f71708b7/",
"uuid": "139898e2-1385-4f7e-8e90-2d33f71708b7"
},
{
"resource_uri": "/api/2.0/jobs/97b8b81b-c8af-4590-ae59-f4b02230d782/",
"uuid": "97b8b81b-c8af-4590-ae59-f4b02230d782"
},
{
"resource_uri": "/api/2.0/jobs/8b07441d-f3af-45ee-a20f-eec7b438d276/",
"uuid": "8b07441d-f3af-45ee-a20f-eec7b438d276"
}
],
"lan_interface": {
"resource_uri": "/api/2.0/lans/9b183b90-84cf-46fb-b3d8-12d2e5383eae/",
"uuid": "9b183b90-84cf-46fb-b3d8-12d2e5383eae"
},
"name": "WEB POLICY FILTERS ACTIVATE",
"order": 1,
"resource_uri": "/api/2.0/vrfwpolicies/906abae3-b533-4c5d-8d98-c459195b6230/",
"upstream_interface": null,
"uuid": "906abae3-b533-4c5d-8d98-c459195b6230"
}
Creating
- POST /vrfwpolicies/
Creates a new virtual router firewall policy.
- Status Codes:
201 Created – object created
Example request:
POST /api/2.0/vrfwpolicies/ HTTP/1.1 Content-Type: application/json Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop { "objects": [ { "active": false, "filters": {}, "lan_interface": "9b183b90-84cf-46fb-b3d8-12d2e5383eae", "name": "Policy two", "order": 2 } ] }
Example response:
HTTP/1.1 202 ACCEPTED Content-Type: application/json; charset=utf-8 { "objects": [ { "active": false, "filters": [], "jobs": [ { "resource_uri": "/api/2.0/jobs/bce9ecf6-f503-4f43-be04-d5965c9ab94e/", "uuid": "bce9ecf6-f503-4f43-be04-d5965c9ab94e" } ], "lan_interface": { "resource_uri": "/api/2.0/lans/9b183b90-84cf-46fb-b3d8-12d2e5383eae/", "uuid": "9b183b90-84cf-46fb-b3d8-12d2e5383eae" }, "name": "Policy two", "order": 2, "resource_uri": "/api/2.0/vrfwpolicies/a5e14575-9e42-4748-95e9-205bf43b2da0/", "upstream_interface": null, "uuid": "a5e14575-9e42-4748-95e9-205bf43b2da0" } ] }
Editing
- PUT /vrfwpolicies/{uuid}/
Edits a virtual router firewall policy. In case the policy is activated, all the filters are going to be applied. Also in case the policy is deactivated, all the filters are going to be removed from Firewall.
- Status Codes:
200 OK – no error
Example request:
PUT /api/2.0/vrfwpolicies/c59aa136-23a6-4b6a-a30c-05af01f9c7c2/ HTTP/1.1 Content-Type: application/json Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop { "active": true, "filters": [ { "action": "deny", "dst": "192.168.2.108", "dst_addr_op": "=", "dst_port": "22", "dst_port_op": "=", "log": false, "order": 1, "protocol": "tcp", "src": "192.168.1.10", "src_addr_op": "=", "src_port": "", "src_port_op": "=" } ], "lan_interface": "9b183b90-84cf-46fb-b3d8-12d2e5383eae", "name": "Policy one", "order": 1 }
Example response:
HTTP/1.1 202 ACCEPTED Content-Type: application/json; charset=utf-8 { "active": true, "filters": [ { "action": "deny", "action_queue": null, "dst": "192.168.2.108", "dst_addr_op": true, "dst_port": "22", "dst_port_op": true, "icmp_type": null, "jobs": [], "log": false, "order": 1, "protocol": "tcp", "resource_uri": { "resource_uri": "/api/2.0/vrfwfilters/0ab92f1d-c38d-437c-ab31-3dd67ebfda65/", "uuid": "0ab92f1d-c38d-437c-ab31-3dd67ebfda65" }, "src": "192.168.1.10", "src_addr_op": true, "src_port": "", "src_port_op": true, "uuid": "0ab92f1d-c38d-437c-ab31-3dd67ebfda65" } ], "jobs": [ { "resource_uri": "/api/2.0/jobs/f1ec0bb4-3c90-480e-bd15-4f7494c1f32f/", "uuid": "f1ec0bb4-3c90-480e-bd15-4f7494c1f32f" }, { "resource_uri": "/api/2.0/jobs/8a9a1e00-040b-4b2c-867a-dc7f6a87cb4a/", "uuid": "8a9a1e00-040b-4b2c-867a-dc7f6a87cb4a" } ], "lan_interface": { "resource_uri": "/api/2.0/lans/9b183b90-84cf-46fb-b3d8-12d2e5383eae/", "uuid": "9b183b90-84cf-46fb-b3d8-12d2e5383eae" }, "name": "Policy one", "order": 1, "resource_uri": "/api/2.0/vrfwpolicies/c59aa136-23a6-4b6a-a30c-05af01f9c7c2/", "upstream_interface": null, "uuid": "c59aa136-23a6-4b6a-a30c-05af01f9c7c2" }
Deleting
- DELETE /vrfwpolicies/{vrfwpolicy_uuid}/
Deletes a single virtual router firewall policy.
- Status Codes:
204 No Content – No content, object deletion started.
Example request:
DELETE /api/2.0/vrfwpolicies/906abae3-b533-4c5d-8d98-c459195b6230/ HTTP/1.1 Content-Type: application/json Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
Example response:
HTTP/1.1 202 ACCEPTED Content-Type: application/json; charset=utf-8 { "job": { "resource_uri": "/api/2.0/jobs/dd3f1687-f660-45f5-8e10-1d67fe1fe975/", "uuid": "dd3f1687-f660-45f5-8e10-1d67fe1fe975" }, "uuid": "906abae3-b533-4c5d-8d98-c459195b6230" }
Enable Policy
- POST /vrfwpolicies/{vrfwpolicy_uuid}/action/?do=enable
Enables the Policy and all its filters.
- Status Codes:
200 OK – no error
Example request:
POST /api/2.0/vrfwpolicies/906abae3-b533-4c5d-8d98-c459195b6230/action/?do=enable HTTP/1.1 Content-Type: application/json Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop {}
Example response:
HTTP/1.1 202 ACCEPTED Content-Type: application/json; charset=utf-8 { "action": "enable", "job": { "resource_uri": "/api/2.0/jobs/f98f1e57-e1b2-423e-aacd-e1dcecd1bf31/", "uuid": "f98f1e57-e1b2-423e-aacd-e1dcecd1bf31" }, "result": "success", "uuid": "906abae3-b533-4c5d-8d98-c459195b6230" }
Disable Policy
- POST /vrfwpolicies/{vrfwpolicy_uuid}/action/?do=disable
Disables the Policy and all its filters.
- Status Codes:
200 OK – no error
Example request:
POST /api/2.0/vrfwpolicies/906abae3-b533-4c5d-8d98-c459195b6230/action/?do=disable HTTP/1.1 Content-Type: application/json Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop {}
Example response:
HTTP/1.1 202 ACCEPTED Content-Type: application/json; charset=utf-8 { "action": "disable", "job": { "resource_uri": "/api/2.0/jobs/7e25b5be-9abe-4c2b-8ff1-39ad1a82a88d/", "uuid": "7e25b5be-9abe-4c2b-8ff1-39ad1a82a88d" }, "result": "success", "uuid": "906abae3-b533-4c5d-8d98-c459195b6230" }
Schema
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"allowed_detail_http_methods": [
"get",
"post",
"delete",
"put"
],
"allowed_list_http_methods": [
"get",
"post",
"delete",
"put"
],
"default_format": "application/json",
"default_limit": 20,
"fields": {
"active": {
"default": null,
"help_text": "Boolean data. Ex: True",
"readonly": false,
"required": true,
"type": "boolean"
},
"filters": {
"default": "No default provided.",
"help_text": "Filters related to this policy",
"readonly": false,
"required": true,
"type": "related"
},
"jobs": {
"default": "No default provided.",
"help_text": "Background jobs related to this resource",
"readonly": true,
"required": true,
"type": "related"
},
"lan_interface": {
"default": null,
"help_text": "A single related resource. Can be either a URI or set of nested resource data.",
"readonly": false,
"required": false,
"type": "related"
},
"name": {
"default": null,
"help_text": "Unicode string data. Ex: \"Hello World\"",
"readonly": false,
"required": true,
"type": "string"
},
"order": {
"default": null,
"help_text": "Integer data. Ex: 2673",
"readonly": false,
"required": true,
"type": "integer"
},
"resource_uri": {
"default": "No default provided.",
"help_text": "Unicode string data. Ex: \"Hello World\"",
"readonly": true,
"required": true,
"type": "string"
},
"upstream_interface": {
"default": null,
"help_text": "A single related resource. Can be either a URI or set of nested resource data.",
"readonly": false,
"required": false,
"type": "related"
},
"uuid": {
"default": null,
"help_text": "UUID of the Firewall Policy",
"readonly": true,
"required": true,
"type": "string"
}
},
"filtering": {
"name": "exact",
"name__contains": "exact",
"tag": "exact",
"uuid": "exact"
},
"ordering": [
"uuid",
"name"
]
}