Creating a Network ACL Rule
Function
This API is used to create a network ACL rule.
URI
POST /v2.0/fwaas/firewall_rules
Request Message
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
firewall_rule |
Yes |
Object |
Specifies the firewall rule objects. For details, see Table 2. |
|
Attribute |
Mandatory |
Type |
Constraint |
Description |
|---|---|---|---|---|
|
name |
No |
String |
The value can contain a maximum of 255 characters. |
Specifies the network ACL rule name. The value can contain a maximum of 255 characters. |
|
description |
No |
String |
The value can contain a maximum of 255 characters. |
Provides supplementary information about the network ACL rule. The value can contain a maximum of 255 characters. |
|
protocol |
No |
String |
The value can be TCP, UDP, ICMP, or a value ranging from 0 to 255. |
Specifies the IP protocol. The value can be TCP, UDP, ICMP, or a value ranging from 0 to 255. |
|
source_port |
No |
String |
The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
Specifies the source port number or port number range. The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
|
destination_port |
No |
String |
The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
Specifies the destination port number or port number range. The value can be an integer from 1 to 65535 or a port number range in the format of a:b. |
|
ip_version |
No |
Integer |
The value can be IPv4 or IPv6. |
Specifies the IP protocol version. The value can be IPv4 or IPv6. |
|
source_ip_address |
No |
String |
N/A |
Specifies the source IP address or CIDR block. |
|
destination_ip_address |
No |
String |
N/A |
Specifies the destination IP address or CIDR block. |
|
action |
No |
String |
The value can be DENY or ALLOW. |
Specifies action performed on traffic passing through the network ACL. The value can be DENY or ALLOW. |
|
enabled |
No |
Boolean |
The value can be true or false. |
Specifies whether the network ACL rule is enabled. The value can be true or false. |
Response Message
|
Parameter |
Type |
Description |
|---|---|---|
|
firewall_rule |
Object |
Specifies the firewall rule objects. For details, see Table 4. |
|
Attribute |
Type |
Description |
|---|---|---|
|
id |
String |
Specifies the UUID of the network ACL rule. |
|
name |
String |
Specifies the network ACL rule name. |
|
description |
String |
Provides supplementary information about the network ACL rule. |
|
tenant_id |
String |
Specifies the project ID. |
|
public |
Boolean |
Specifies whether the firewall rule can be shared by different tenants. |
|
protocol |
String |
Specifies the IP protocol. |
|
source_port |
String |
Specifies the source port number or port number range. |
|
destination_port |
String |
Specifies the destination port number or port number range. |
|
ip_version |
Integer |
Specifies the IP protocol version. |
|
source_ip_address |
String |
Specifies the source IP address or CIDR block. |
|
destination_ip_address |
String |
Specifies the destination IP address or CIDR block. |
|
action |
String |
Specifies action performed on traffic passing through the network ACL. |
|
enabled |
Boolean |
Specifies whether the network ACL rule is enabled. |
|
project_id |
String |
Specifies the project ID. For details about how to obtain a project ID, see Obtaining a Project ID. |
Example:
Example request
POST https://{Endpoint}/v2.0/fwaas/firewall_rules
{
"firewall_rule": {
"action": "allow",
"enabled": true,
"destination_port": "80",
"protocol": "tcp",
"name": "ALLOW_HTTP"
}
}
Example response
{
"firewall_rule": {
"protocol": "tcp",
"description": "",
"source_ip_address": null,
"destination_ip_address": null,
"source_port": null,
"destination_port": "80",
"id": "b94acf06-efc2-485d-ba67-a61acf2a7e28",
"name": "ALLOW_HTTP",
"tenant_id": "23c8a121505047b6869edf39f3062712",
"enabled": true,
"action": "allow",
"ip_version": 4,
"public": false,
"project_id": "23c8a121505047b6869edf39f3062712"
}
}
Status Code
See Status Codes.
Error Code
See Error Codes.
Last Article: Querying a Network ACL Rule
Next Article: Updating a Network ACL Rule
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.