DomainFIPAclTemplateEntry

Defines the template of Egress Domain ACL Template entries

Overview

ACLTemplateName string required  
action enum (DROP | FORWARD | REDIRECT) filterable   orderable  
actionDetails object
addressOverride string filterable   orderable  
associatedLiveEntityID string filterable  
description string filterable  
destinationPort string filterable   orderable  
destinationType enum (NETWORK | NETWORKPOLICYGROUP | POLICYGROUP)
destinationValue string
destPgId string
destPgType string
domainName string
DSCP string filterable   orderable  
enterpriseName string required  
entityScope enum (ENTERPRISE | GLOBAL) autogenerated  
etherType string filterable   orderable  
externalID string filterable   orderable   locally unique  
flowLoggingEnabled boolean filterable   orderable  
ICMPCode string
ICMPType string
IPv6AddressOverride string filterable   orderable  
lastUpdatedBy string autogenerated  
locationID string filterable   orderable  
locationType enum (ANY | POLICYGROUP | REDIRECTIONTARGET | SUBNET | VPORTTAG | ZONE) filterable   orderable  
mirrorDestinationID string
networkID string filterable   orderable  
networkType enum (ANY | ENDPOINT_DOMAIN | ENDPOINT_SUBNET | ENDPOINT_ZONE | ENTERPRISE_NETWORK | INTERNET_POLICYGROUP | NETWORK_MACRO_GROUP | POLICYGROUP | PUBLIC_NETWORK | SUBNET | ZONE) filterable   orderable  
policyState enum (DRAFT | LIVE) filterable   orderable  
priority integer filterable   orderable  
protocol string filterable   orderable  
sourcePgId string
sourcePgType string
sourcePort string filterable   orderable  
sourceType enum (NETWORK | NETWORKPOLICYGROUP | POLICYGROUP)
sourceValue string
stateful boolean filterable   orderable  
statsID string filterable   orderable  
statsLoggingEnabled boolean filterable   orderable  

API Resource

/egressdomainfloatingipaclentrytemplates/id
delete get put

Parents

/egressdomainfloatingipacltemplates/id/egressdomainfloatingipaclentrytemplates
get post

Children

/egressdomainfloatingipaclentrytemplates/id/metadatas
get post
/egressdomainfloatingipaclentrytemplates/id/globalmetadatas
get post put

Members

This object has no members.

Attributes documentation

ACLTemplateName string required  
Discussion

The name of the parent Template for this acl entry

Charateristics

Format: free
SDK attribute: ACLTemplateName

action enum filterable   orderable  
Discussion

The action of the ACL entry DROP or FORWARD or REDIRECT. Action REDIRECT is allowed only for IngressAdvancedForwardingEntry

Charateristics

Allowed values: DROP, FORWARD, REDIRECT
Format: free
SDK attribute: action

actionDetails object
Discussion

Type of action to be performed when a ACL match criteria succeeds

Charateristics

Format: free
SDK attribute: actionDetails

addressOverride string filterable   orderable  
Discussion

Overrides the source IP for Ingress and destination IP for Egress, MAC entries will use this address as the match criteria.

Charateristics

Format: free
SDK attribute: addressOverride

associatedLiveEntityID string filterable  
Discussion

ID of the associated live entity

Charateristics

Format: free
SDK attribute: associatedLiveEntityID

description string filterable  
Discussion

Description of the ACL entry

Charateristics

Format: free
SDK attribute: description

destinationPort string filterable   orderable  
Discussion

The destination port to be matched if protocol is UDP or TCP. Value should be either * or single port number or a port range

Charateristics

Format: free
Max length: 255
SDK attribute: destinationPort

destinationType enum
Discussion

Network Type - either PolicyGroup or Network

Charateristics

Allowed values: NETWORK, NETWORKPOLICYGROUP, POLICYGROUP
Format: free
SDK attribute: destinationType

destinationValue string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destinationValue

destPgId string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destPgId

destPgType string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: destPgType

domainName string
Discussion

The name of the domain/domain template for the aclTemplateNames parent

Charateristics

Format: free
SDK attribute: domainName

DSCP string filterable   orderable  
Discussion

DSCP match condition to be set in the rule. It is either * or from 0-63

Charateristics

Format: free
SDK attribute: DSCP

enterpriseName string required  
Discussion

The name of the enterprise for the domains parent

Charateristics

Format: free
SDK attribute: enterpriseName

entityScope enum autogenerated  
Discussion

Specify if scope of entity is Data center or Enterprise level

Charateristics

Allowed values: ENTERPRISE, GLOBAL
SDK attribute: entityScope

etherType string filterable   orderable  
Discussion

Ether type of the packet to be matched. etherType can be * or a valid hexadecimal value

Charateristics

Format: free
SDK attribute: etherType

externalID string filterable   orderable   locally unique  
Discussion

External object ID. Used for integration with third party systems

Charateristics

Format: free
SDK attribute: externalID

flowLoggingEnabled boolean filterable   orderable  
Discussion

Is flow logging enabled for this particular template

Charateristics

Format: free
SDK attribute: flowLoggingEnabled

ICMPCode string
Discussion

The ICMP Code when protocol selected is ICMP

Charateristics

Format: free
SDK attribute: ICMPCode

ICMPType string
Discussion

The ICMP Type when protocol selected is ICMP

Charateristics

Format: free
SDK attribute: ICMPType

IPv6AddressOverride string filterable   orderable  
Discussion

Overrides the source IPv6 for Ingress and destination IP for Egress, MAC entries will use this address as the match criteria.

Charateristics

Format: free
SDK attribute: IPv6AddressOverride

lastUpdatedBy string autogenerated  
Discussion

ID of the user who last updated the object.

Charateristics

Format: free
SDK attribute: lastUpdatedBy

locationID string filterable   orderable  
Discussion

The ID of the location entity (Subnet/Zone/VportTag)

Charateristics

Format: free
SDK attribute: locationID

locationType enum filterable   orderable  
Discussion

Type of the location entity - ANY or SUBNET or ZONE or VPORTTAG

Charateristics

Allowed values: ANY, POLICYGROUP, REDIRECTIONTARGET, SUBNET, VPORTTAG, ZONE
Format: free
SDK attribute: locationType

mirrorDestinationID string
Discussion

This is the ID of the mirrorDestination entity associated with this entity

Charateristics

Format: free
SDK attribute: mirrorDestinationID

networkID string filterable   orderable  
Discussion

The destination network entity that is referenced(subnet/zone/macro)

Charateristics

Format: free
SDK attribute: networkID

networkType enum filterable   orderable  
Discussion

Type of the source network - VM_SUBNET or VM_ZONE or VM_DOMAIN or SUBNET or ZONE or ENTERPRISE_NETWORK or PUBLIC_NETWORK or ANY

Charateristics

Allowed values: ANY, ENDPOINT_DOMAIN, ENDPOINT_SUBNET, ENDPOINT_ZONE, ENTERPRISE_NETWORK, INTERNET_POLICYGROUP, NETWORK_MACRO_GROUP, POLICYGROUP, PUBLIC_NETWORK, SUBNET, ZONE
Format: free
SDK attribute: networkType

policyState enum filterable   orderable  
Discussion

State of the policy.

Charateristics

Allowed values: DRAFT, LIVE
Format: free
SDK attribute: policyState

priority integer filterable   orderable  
Discussion

The priority of the ACL entry that determines the order of entries

Charateristics

Format: free
SDK attribute: priority

protocol string filterable   orderable  
Discussion

Protocol number that must be matched

Charateristics

Format: free
SDK attribute: protocol

sourcePgId string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: sourcePgId

sourcePgType string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: sourcePgType

sourcePort string filterable   orderable  
Discussion

Source port to be matched if protocol is UDP or TCP. Value can be either * or single port number or a port range

Charateristics

Format: free
Max length: 255
SDK attribute: sourcePort

sourceType enum
Discussion

Location Type - either PolicyGroup or Network

Charateristics

Allowed values: NETWORK, NETWORKPOLICYGROUP, POLICYGROUP
Format: free
SDK attribute: sourceType

sourceValue string
Discussion

In case of PG this will be its EVPNBGPCommunity String, incase of network it will be network cidr

Charateristics

Format: free
SDK attribute: sourceValue

stateful boolean filterable   orderable  
Discussion

True means that this ACL entry is stateful, so there will be a corresponding rule that will be created by OVS in the network. False means that there is no corresponding rule created by OVS in the network.

Charateristics

SDK attribute: stateful

statsID string filterable   orderable  
Discussion

The statsID that is created in the VSD and identifies this ACL Template Entry. This is auto-generated by VSD

Charateristics

Format: free
SDK attribute: statsID

statsLoggingEnabled boolean filterable   orderable  
Discussion

Is stats logging enabled for this particular template

Charateristics

Format: free
SDK attribute: statsLoggingEnabled