FirewallRule

None

Overview

ACLTemplateName string filterable   orderable  
action enum (DROP | FORWARD | REDIRECT) filterable   orderable  
addressOverride string filterable   orderable  
associatedApplicationID string filterable   orderable  
associatedApplicationObjectID string filterable   orderable  
associatedfirewallACLID string filterable   orderable  
description string filterable   orderable  
destinationIpv6Value string filterable   orderable  
destinationPort string filterable   orderable  
destinationType enum (MACROGROUP | NETWORK | NETWORKPOLICYGROUP | POLICYGROUP) filterable   orderable  
destinationValue string filterable   orderable  
destNetwork string filterable   orderable  
destPgId string filterable   orderable  
destPgType string filterable   orderable  
domainName string filterable   orderable  
DSCP string filterable   orderable  
enterpriseName string filterable   orderable  
etherType string filterable   orderable  
flowLoggingEnabled boolean filterable   orderable  
ICMPCode string filterable   orderable  
ICMPType string filterable   orderable  
IPv6AddressOverride string filterable   orderable  
locationID string filterable   orderable  
locationType enum (ANY | POLICYGROUP | REDIRECTIONTARGET | SUBNET | VPORTTAG | ZONE) filterable   orderable  
mirrorDestinationID string filterable   orderable  
networkID string filterable   orderable  
networkType enum (ANY | ENDPOINT_DOMAIN | ENDPOINT_SUBNET | ENDPOINT_ZONE | ENTERPRISE_NETWORK | INTERNET_POLICYGROUP | NETWORK | NETWORK_MACRO_GROUP | POLICYGROUP | PUBLIC_NETWORK | SUBNET | ZONE) filterable   orderable  
priority string filterable   orderable  
sourceIpv6Value string filterable   orderable  
sourceNetwork string filterable   orderable  
sourcePgId string filterable   orderable  
sourcePgType string filterable   orderable  
sourcePort string filterable   orderable  
sourceType enum (MACROGROUP | NETWORK | NETWORKPOLICYGROUP | POLICYGROUP) filterable   orderable  
sourceValue string filterable   orderable  
stateful boolean filterable   orderable  
statsID string filterable   orderable  
statsLoggingEnabled boolean filterable   orderable  

API Resource

/firewallrules/id
delete get put

Parents

/enterprises/id/firewallrules
get post
/firewallacls/id/firewallrules
get

Children

This object has no children.

Members

This object has no members.

Attributes documentation

ACLTemplateName string filterable   orderable  
Discussion

The name of the parent Template for this acl entry

Charateristics

Format: free
SDK attribute: ACLTemplateName

action enum filterable   orderable  
Discussion

The action of the ACL entry DROP or FORWARD or REDIRECT.

Charateristics

Allowed values: DROP , FORWARD , REDIRECT
SDK attribute: action

addressOverride string filterable   orderable  
Discussion

Overrides the source IP for Ingress and destination IP for Egress, macentries will use this adress as the match criteria.

Charateristics

Format: free
SDK attribute: addressOverride

associatedApplicationID string filterable   orderable  
Discussion

The associated application ID

Charateristics

Format: free
SDK attribute: associatedApplicationID

associatedApplicationObjectID string filterable   orderable  
Discussion

The associated application object ID

Charateristics

Format: free
SDK attribute: associatedApplicationObjectID

associatedfirewallACLID string filterable   orderable  
Discussion

Associated Firewall Acl ID

Charateristics

Format: free
SDK attribute: associatedfirewallACLID

description string filterable   orderable  
Discussion

Description of the ACL entry

Charateristics

Format: free
SDK attribute: description

destinationIpv6Value string filterable   orderable  
Discussion

destination IPV6 address

Charateristics

Format: free
SDK attribute: destinationIpv6Value

destinationPort string filterable   orderable  
Discussion

The destination port to be matched if protocol is UDP or TCP. Value should be either * or single port number or a port range

Charateristics

Format: free
Max length: 255
SDK attribute: destinationPort

destinationType enum filterable   orderable  
Discussion

Network Type - either PolicyGroup or Network

Charateristics

Allowed values: MACROGROUP, NETWORK, NETWORKPOLICYGROUP, POLICYGROUP
SDK attribute: destinationType

destinationValue string filterable   orderable  
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destinationValue

destNetwork string filterable   orderable  
Discussion

Destination network - available in version 1.0 api

Charateristics

Format: free
SDK attribute: destNetwork

destPgId string filterable   orderable  
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destPgId

destPgType string filterable   orderable  
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destPgType

domainName string filterable   orderable  
Discussion

The name of the domain/domain template for the aclTemplateNames parent

Charateristics

Format: free
SDK attribute: domainName

DSCP string filterable   orderable  
Discussion

DSCP match condition to be set in the rule. It is either * or from 0-63

Charateristics

Format: free
SDK attribute: DSCP

enterpriseName string filterable   orderable  
Discussion

The name of the enterprise for the domains parent

Charateristics

Format: free
SDK attribute: enterpriseName

etherType string filterable   orderable  
Discussion

Ether type of the packet to be matched. etherType can be * or a valid hexadecimal value

Charateristics

Format: free
SDK attribute: etherType

flowLoggingEnabled boolean filterable   orderable  
Discussion

Is flow logging enabled for this particular template

Charateristics

SDK attribute: flowLoggingEnabled

ICMPCode string filterable   orderable  
Discussion

The ICMP Code when protocol selected is ICMP

Charateristics

Format: free
SDK attribute: ICMPCode

ICMPType string filterable   orderable  
Discussion

The ICMP Type when protocol selected is ICMP

Charateristics

Format: free
SDK attribute: ICMPType

IPv6AddressOverride string filterable   orderable  
Discussion

Overrides the source IPV6 for Ingress and destination IPV6 for Egress, macentries will use this adress as the match criteria.

Charateristics

Format: free
SDK attribute: IPv6AddressOverride

locationID string filterable   orderable  
Discussion

The ID of the location entity (Subnet/Zone/VportTag)

Charateristics

Format: free
SDK attribute: locationID

locationType enum filterable   orderable  
Discussion

Type of the location entity - ANY or SUBNET or ZONE or VPORTTAG

Charateristics

Allowed values: ANY, POLICYGROUP, REDIRECTIONTARGET, SUBNET, VPORTTAG, ZONE
SDK attribute: locationType

mirrorDestinationID string filterable   orderable  
Discussion

This is the ID of the mirrorDestrination entity associated with this entity

Charateristics

Format: free
SDK attribute: mirrorDestinationID

networkID string filterable   orderable  
Discussion

The destination network entity that is referenced(subnet/zone/macro)

Charateristics

Format: free
SDK attribute: networkID

networkType enum filterable   orderable  
Discussion

Type of the source network - VM_SUBNET or VM_ZONE or VM_DOMAIN or SUBNET or ZONE or ENTERPRISE_NETWORK or PUBLIC_NETWORK or ANY

Charateristics

Allowed values: ANY, ENDPOINT_DOMAIN, ENDPOINT_SUBNET, ENDPOINT_ZONE, ENTERPRISE_NETWORK, INTERNET_POLICYGROUP, NETWORK, NETWORK_MACRO_GROUP, POLICYGROUP, PUBLIC_NETWORK, SUBNET, ZONE
SDK attribute: networkType

priority string filterable   orderable  
Discussion

The priority of the ACL entry that determines the order of entries

Charateristics

Format: free
SDK attribute: priority

sourceIpv6Value string filterable   orderable  
Discussion

source IPV6 address

Charateristics

Format: free
SDK attribute: sourceIpv6Value

sourceNetwork string filterable   orderable  
Discussion

Source network - available in version 1.0 api

Charateristics

Format: free
SDK attribute: sourceNetwork

sourcePgId string filterable   orderable  
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: sourcePgId

sourcePgType string filterable   orderable  
Discussion

in case of PG this will be its EVPNBGPCommunity String, incase of network itdomainfip will be network cidr

Charateristics

Format: free
SDK attribute: sourcePgType

sourcePort string filterable   orderable  
Discussion

Source port to be matched if protocol is UDP or TCP. Value can be either * or single port number or a port range

Charateristics

Format: free
Max length: 255
SDK attribute: sourcePort

sourceType enum filterable   orderable  
Discussion

Location Type - either PolicyGroup or Network

Charateristics

Allowed values: MACROGROUP, NETWORK, NETWORKPOLICYGROUP, POLICYGROUP
SDK attribute: sourceType

sourceValue string filterable   orderable  
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: sourceValue

stateful boolean filterable   orderable  
Discussion

true means that this ACL entry is stateful, so there will be a corresponding rule that will be created by OVS in the network. false means that there is no correspondingrule created by OVS in the network

Charateristics

Default value: false
SDK attribute: stateful

statsID string filterable   orderable  
Discussion

The statsID that is created in the VSD and identifies this ACL Template Entry.. This is auto-generated by VSD

Charateristics

Format: free
SDK attribute: statsID

statsLoggingEnabled boolean filterable   orderable  
Discussion

Is stats logging enabled for this particular template

Charateristics

SDK attribute: statsLoggingEnabled