Egress forwarding policy rules define what action to take for a particular type of traffic, based on its origin, destination, protocol, EtherType, ports, DSCP value and other information. Supported actions are to redirect traffic, change the forwarding class of the traffic or to allow traffic to pass untouched.
acl_template_name: The name of the parent Template for this acl entry
icmp_code: The ICMP Code when protocol selected is ICMP.
icmp_type: The ICMP Type when protocol selected is ICMP.
fc_override: Value of the Service Class to be overridden in the packet when the match conditions are satisfied Possible values are NONE, A, B, C, D, E, F, G, H, .
ipv6_address_override: Overrides the source IPv6 for Egress and destination IPv6 for Egress, mac entries will use this address as the match criteria.
dscp(Mandatory): DSCP match condition to be set in the rule. It is either * or from 0-63
failsafe_datapath: Backup datapath option if VNF/VM is down
last_updated_by: ID of the user who last updated the object.
action(Mandatory): The action of the ACL entry. Possible values are DROP, FORWARD, REDIRECT. Action REDIRECT is allowed only for EgressAdvancedForwardingEntry.
address_override: Overrides the source IP for Egress and destination IP for Ingress, mac entries will use this address as the match criteria.
web_filter_id: ID of web filter category or web domain name entity used
web_filter_type: Indicates type of web filter being set
redirect_vport_tag_id: VPort tag to which traffic will be redirected to, when ACL entry match criteria succeeds
description: Description of the ACL entry
destination_port: The destination port to be matched if protocol is UDP or TCP. Value should be either * or single port number or a port range
network_id: The source network entity id that is referenced(subnet/zone/macro/PolicyGroupExpression)
network_type: Type of the source network.
mirror_destination_id: Destination ID of the mirror destination object.
flow_logging_enabled: Is flow logging enabled for this particular template
enterprise_name: The name of the enterprise for the domains parent
entity_scope: Specify if scope of entity is Data center or Enterprise level
location_id: The ID of the destination location entity (Subnet/Zone/VportTag/PolicyGroupExpression)
location_type(Mandatory): Type of the destination location entity.
policy_state: State of the policy. Possible values are DRAFT, LIVE, .
domain_name: The name of the domain/domain template for the aclTemplateNames parent
source_port: Source port to be matched if protocol is UDP or TCP. Value can be either * or single port number or a port range
uplink_preference: Indicates the preferencial path selection for network traffic for this ACL - default is DEFAULT when the attribute is applicable.
priority: The priority of the ACL entry that determines the order of entries
protocol: Protocol number that must be matched
associated_live_entity_id: In the draft mode, the ACL entry refers to this LiveEntity. In non-drafted mode, this is null.
associated_live_template_id: In the draft mode, the ACL entity refers to this live entity parent. In non-drafted mode, this is null
associated_traffic_type: The associated Traffic type. L4 Service / L4 Service Group
associated_traffic_type_id: The associated Traffic Type ID
stats_id: The statsID that is created in the VSD and identifies this ACL Template Entry. This is auto-generated by VSD
stats_logging_enabled: Is stats logging enabled for this particular template
ether_type(Mandatory): Ether type of the packet to be matched. etherType can be * or a valid hexadecimal value
external_id: External object ID. Used for integration with third party systems