Defines the template of Ingress ACL entries
This object has no members.
The name of the parent Template for this acl entry
Format: free
SDK attribute: ACLTemplateName
The action of the ACL entry DROP or FORWARD or REDIRECT. Action REDIRECT is allowed only for IngressAdvancedForwardingEntry Possible values are DROP, FORWARD, REDIRECT, .
Allowed values: DROP, FORWARD, REDIRECT
Format: free
SDK attribute: action
Overrides the source IP for Ingress and destination IP for Egress, MAC entries will use this address as the match criteria.
Format: free
SDK attribute: addressOverride
The associated application ID
Format: free
SDK attribute: associatedApplicationID
The associated application object ID
Format: free
SDK attribute: associatedApplicationObjectID
The associated application object type Refer to API section for supported types.
Allowed values: ACLENTRY_LOCATION, ADDRESS_RANGE, ADDRESS_RANGE_STATE, ALARM, APPD_APPLICATION, APPD_EXTERNAL_APP_SERVICE, APPD_FLOW, APPD_FLOW_FORWARDING_POLICY, APPD_FLOW_SECURITY_POLICY, APPD_SERVICE, APPD_TIER, AUTO_DISC_GATEWAY, BACK_HAUL_SERVICE_RESP, BGP_DAMPENING_MED_RESPONSE, BGP_NEIGHBOR, BGP_NEIGHBOR_MED_RESPONSE, BGP_PROFILE, BGP_PROFILE_MED_RESPONSE, BGPPEER, BOOTSTRAP, BOOTSTRAP_ACTIVATION, BRIDGEINTERFACE, CERTIFICATE, CHILD_ENTITY_POLICY_CHANGE, CLOUD_MGMT_SYSTEM, CONTAINER_RESYNC, CUSTOMER_VRF_SEQUENCENO, DC_CONFIG, DHCP_ALLOC_MESSAGE, DHCP_CONFIG_RESP, DHCP_OPTION, DISKSTATS, DOMAIN, DOMAIN_CONFIG, DOMAIN_CONFIG_RESP, DOMAIN_FLOATING_IP_ACL_TEMPLATE, DOMAIN_FLOATING_IP_ACL_TEMPLATE_ENTRY, DOMAIN_TEMPLATE, DSCP_FORWARDING_CLASS_MAPPING, DSCP_FORWARDING_CLASS_TABLE, EGRESS_ACL, EGRESS_ACL_ENTRY, EGRESS_ACL_TEMPLATE, EGRESS_ACL_TEMPLATE_ENTRY, EGRESS_QOS_PRIMITIVE, ENDPOINT, ENTERPRISE, ENTERPRISE_CONFIG, ENTERPRISE_CONFIG_RESP, ENTERPRISE_NETWORK, ENTERPRISE_PERMISSION, ENTERPRISE_PROFILE, ENTERPRISE_SECURED_DATA, ENTERPRISE_SECURITY, ENTITY_METADATA_BINDING, ESI_SEQUENCENO, EVENT_LOG, EVPN_BGP_COMMUNITY_TAG_ENTRY, EVPN_BGP_COMMUNITY_TAG_SEQ_NO, EXPORTIMPORT, EXTERNAL_SERVICE, FLOATING_IP_ACL_TEMPLATE, FLOATING_IP_ACL_TEMPLATE_ENTRY, FLOATINGIP, FLOATINGIP_ACL, FLOATINGIP_ACL_ENTRY, GATEWAY, GATEWAY_CONFIG, GATEWAY_CONFIG_RESP, GATEWAY_SECURED_DATA, GATEWAY_SECURITY, GATEWAY_SECURITY_PROFILE_REQUEST, GATEWAY_SECURITY_PROFILE_RESPONSE, GATEWAY_SECURITY_REQUEST, GATEWAY_SECURITY_RESPONSE, GATEWAY_SERVICE_CONFIG, GATEWAY_SERVICE_CONFIG_RESP, GATEWAY_TEMPLATE, GATEWAY_VPORT_CONFIG, GATEWAY_VPORT_CONFIG_RESP, GEO_VM_EVENT, GEO_VM_REQ, GEO_VM_RES, GROUP, GROUPKEY_ENCRYPTION_PROFILE, HEALTH_REQ, HOSTINTERFACE, HSC, IKE_CERTIFICATE, IKE_ENCRYPTION_PROFILE, IKE_GATEWAY, IKE_GATEWAY_CONFIG, IKE_GATEWAY_CONNECTION, IKE_GATEWAY_PROFILE, IKE_PSK, IKE_SUBNET, INFRASTRUCTURE_CONFIG, INFRASTRUCTURE_GATEWAY_PROFILE, INFRASTRUCTURE_PORT_PROFILE, INFRASTRUCTURE_VSC_PROFILE, INGRESS_ACL, INGRESS_ACL_ENTRY, INGRESS_ACL_TEMPLATE, INGRESS_ACL_TEMPLATE_ENTRY, INGRESS_ADV_FWD, INGRESS_ADV_FWD_ENTRY, INGRESS_ADV_FWD_TEMPLATE, INGRESS_ADV_FWD_TEMPLATE_ENTRY, INGRESS_EXT_SERVICE, INGRESS_EXT_SERVICE_ENTRY, INGRESS_EXT_SERVICE_TEMPLATE, INGRESS_EXT_SERVICE_TEMPLATE_ENTRY, IP_BINDING, JOB, KEYSERVER_MEMBER, KEYSERVER_MONITOR, KEYSERVER_MONITOR_ENCRYPTED_SEED, KEYSERVER_MONITOR_SEED, KEYSERVER_MONITOR_SEK, KEYSERVER_NOTIFICATION, L2DOMAIN, L2DOMAIN_SHARED, L2DOMAIN_TEMPLATE, LDAP_CONFIG, LIBVIRT_INTERFACE, LICENSE, LOCATION, MC_CHANNEL_MAP, MC_LIST, MC_RANGE, METADATA, METADATA_TAG, MIRROR_DESTINATION, MONITORING_PORT, MULTI_NIC_VPORT, NATMAPENTRY, NETWORK_ELEMENT, NETWORK_LAYOUT, NETWORK_MACRO_GROUP, NETWORK_POLICY_GROUP, NEXT_HOP_RESP, NODE_EXECUTION, NS_REDUNDANT_PORT, NSG_NOTIFICATION, NSGATEWAY, NSGATEWAY_CONFIG, NSGATEWAY_TEMPLATE, NSPORT, NSPORT_STATIC_CONFIG, NSPORT_TEMPLATE, NSPORT_VLAN_CONFIG, NSREDUNDANT_GW_GRP, PATCONFIG_CONFIG_RESP, PATNATPOOL, PERMISSION, PERMITTED_ACTION, POLICING_POLICY, POLICY_DECISION, POLICY_GROUP, POLICY_GROUP_TEMPLATE, PORT, PORT_MR, PORT_PUSH, PORT_TEMPLATE, PORT_VLAN_CONFIG, PORT_VLAN_CONFIG_RESPONSE, PUBLIC_NETWORK, QOS_PRIMITIVE, RATE_LIMITER, RD_SEQUENCENO, REDUNDANT_GW_GRP, ROUTING_POL_MED_RESPONSE, ROUTING_POLICY, RTRD_ENTITY, RTRD_SEQUENCENO, SERVICE_GATEWAY_RESPONSE, SERVICE_VRF_SEQUENCENO, SERVICES_GATEWAY_RESPONSE, SHAPING_POLICY, SHARED_RESOURCE, SITE, SITE_REQ, SITE_RES, STATIC_ROUTE, STATIC_ROUTE_RESP, STATISTICS, STATS_COLLECTOR, STATS_POLICY, STATS_TCA, STATSSERVER, SUBNET, SUBNET_ENTRY, SUBNET_MAC_ENTRY, SUBNET_POOL_ENTRY, SUBNET_TEMPLATE, SYSTEM_CONFIG, SYSTEM_CONFIG_REQ, SYSTEM_CONFIG_RESP, SYSTEM_MONITORING, UNSUPPORTED, UPLINK_RD, USER, VIRTUAL_IP, VIRTUAL_MACHINE, VIRTUAL_MACHINE_REPORT, VLAN, VLAN_CONFIG_RESPONSE, VLAN_TEMPLATE, VM_DESCRIPTION, VM_INTERFACE, VM_RESYNC, VMWARE_RELOAD_CONFIG, VMWARE_VCENTER, VMWARE_VCENTER_CLUSTER, VMWARE_VCENTER_DATACENTER, VMWARE_VCENTER_EAM_CONFIG, VMWARE_VCENTER_HYPERVISOR, VMWARE_VCENTER_VRS_BASE_CONFIG, VMWARE_VCENTER_VRS_CONFIG, VMWARE_VRS_ADDRESS_RANGE, VNID_SEQUENCENO, VPN_CONNECT, VPORT, VPORT_GATEWAY_RESPONSE, VPORT_MEDIATION_REQUEST, VPORT_MIRROR, VPORT_TAG_BASE, VPORTTAG, VPORTTAGTEMPLATE, VPRN_LABEL_SEQUENCENO, VRS, VSC, VSD, VSD_COMPONENT, VSG_REDUNDANT_PORT, VSP, WAN_SERVICE, ZONE, ZONE_TEMPLATE
SDK attribute: associatedApplicationObjectType
In the draft mode, the ACL entry refers to this LiveEntity. In non-drafted mode, this is null.
Format: free
SDK attribute: associatedLiveEntityID
Description of the ACL entry
Format: free
SDK attribute: description
The destination port to be matched if protocol is UDP or TCP. Value should be either * or single port number or a port range
Format: free
Max length: 255
SDK attribute: destinationPort
The name of the domain/domain template for the aclTemplateNames parent
Format: free
SDK attribute: domainName
DSCP match condition to be set in the rule. It is either * or from 0-63
Format: free
SDK attribute: DSCP
The name of the enterprise for the domains parent
Format: free
SDK attribute: enterpriseName
Specify if scope of entity is Data center or Enterprise level
Allowed values: ENTERPRISE, GLOBAL
Format: free
SDK attribute: entityScope
Ether type of the packet to be matched. etherType can be * or a valid hexadecimal value
Format: free
SDK attribute: etherType
External object ID. Used for integration with third party systems
Format: free
SDK attribute: externalID
Is flow logging enabled for this particular template
Format: free
SDK attribute: flowLoggingEnabled
The ICMP Code when protocol selected is ICMP.
Format: free
SDK attribute: ICMPCode
The ICMP Type when protocol selected is ICMP.
Format: free
SDK attribute: ICMPType
Overrides the source IPv6 for Ingress and destination IPv6 for Egress, MAC entries will use this address as the match criteria.
Format: free
SDK attribute: IPv6AddressOverride
ID of the user who last updated the object.
Format: free
SDK attribute: lastUpdatedBy
The ID of the source endpoint (Subnet/Zone/VportTag/PortGroup)
Format: free
SDK attribute: locationID
Type of the source endpoint (Subnet/Zone/VportTag/PortGroup)
Allowed values: ANY, POLICYGROUP, REDIRECTIONTARGET, SUBNET, VPORTTAG, ZONE
SDK attribute: locationType
Destination ID of the mirror destination object.
Format: free
SDK attribute: mirrorDestinationID
The ID of the destination endpoint (Subnet/Zone/Macro/MacroGroup/PolicyGroup)
Format: free
SDK attribute: networkID
Type of the destination endpoint (Subnet/Zone/Macro/MacroGroup/PolicyGroup)
Allowed values: ANY, ENDPOINT_DOMAIN, ENDPOINT_SUBNET, ENDPOINT_ZONE, ENTERPRISE_NETWORK, INTERNET_POLICYGROUP, NETWORK_MACRO_GROUP, POLICYGROUP, PUBLIC_NETWORK, SUBNET, ZONE
SDK attribute: networkType
State of the policy.
Allowed values: DRAFT, LIVE
SDK attribute: policyState
The priority of the ACL entry that determines the order of entries
Format: free
SDK attribute: priority
Protocol number that must be matched
Format: free
SDK attribute: protocol
Source port to be matched if protocol is UDP or TCP. Value can be either * or single port number or a port range
Format: free
Max length: 255
SDK attribute: sourcePort
True means that this ACL entry is stateful, so there will be a corresponding rule that will be created by OVS in the network. False means that there is no corresponding rule created by OVS in the network.
SDK attribute: stateful
The statsID that is created in the VSD and identifies this ACL Template Entry. This is auto-generated by VSD
Format: free
SDK attribute: statsID
Is stats logging enabled for this particular template
Format: free
SDK attribute: statsLoggingEnabled