Obtaining Custom IPS Rules
Function
This API is used to obtain custom IPS rules.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/ips/custom-rule
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID, which can be obtained by calling an API or from the console. You can obtain it by referring to Obtaining a Project ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
action_type |
No |
Integer |
Action: 0 (log only), 1 (reset/block). |
|
affected_os |
No |
Integer |
OS |
|
attack_type |
No |
Integer |
Attack type. |
|
fw_instance_id |
Yes |
String |
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID. |
|
ips_name |
No |
String |
IPS rule name. |
|
limit |
Yes |
Integer |
Number of records on a query result page. |
|
object_id |
Yes |
String |
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border. Here, a protected object ID whose type is 1 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects). |
|
offset |
Yes |
Integer |
Query offset. |
|
protocol |
No |
Integer |
Protocol. |
|
severity |
No |
Integer |
Severity: critical, high, medium, or low. |
|
software |
No |
Integer |
Affected software. |
|
enterprise_project_id |
No |
String |
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
User token, which can be obtained by referring to Obtaining a User Token. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
data |
|
Parameter |
Type |
Description |
|---|---|---|
|
limit |
Integer |
Number of records displayed on each page. The value ranges from 1 to 1024. |
|
offset |
Integer |
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0. |
|
total |
Integer |
The query obtains the total number of custom IPS rules |
|
records |
Array of CustomerIpsListVO objects |
Customize IPS rule records |
|
Parameter |
Type |
Description |
|---|---|---|
|
action |
Integer |
Action: 0 (log only), or 1 (reset/block). |
|
affected_os |
Integer |
OS |
|
attack_type |
Integer |
Attack type. |
|
config_status |
Integer |
Rule status: 0 (initialized), 1 (configuring), 2 (configuration succeeded), or 3 (configuration failed). |
|
content |
String |
Content storage in JSON format. |
|
dst_port_type |
Integer |
Destination port type. |
|
dst_ports |
String |
Destination port. |
|
group_id |
String |
Firewall cluster ID. |
|
ips_cfw_id |
String |
ID of a custom IPS rule in CFW. |
|
ips_id |
String |
ID of a rule in Hillstone. |
|
ips_name |
String |
IPS rule name. |
|
protocol |
Integer |
Protocol. |
|
severity |
Integer |
Severity: critical, high, medium, or low. |
|
software |
Integer |
Affected software. |
|
src_port_type |
Integer |
Source port type. |
|
src_ports |
String |
Source port. |
Example Requests
Obtain the custom IPS rule list of the project whose ID is eefb11b22d5944f2aa067954516df1cf. The firewall ID is e743cfaf-8164-4807-aa13-d893d83313cf, the enterprise project ID is fb55459c-41b3-47fc-885d-540946fddda4, and the target object ID is 1b90f031-0c7b-4f25-95e2-b6d9940d269e. The maximum number of query results is 1,000, and the offset is 0.
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/ips/custom-rule?fw_instance_id=e743cfaf-8164-4807-aa13-d893d83313cf&enterprise_project_id=fb55459c-41b3-47fc-885d-540946fddda4&object_id=1b90f031-0c7b-4f25-95e2-b6d9940d269e&limit=1000&offset=0
Example Responses
Status code: 200
OK
{
"data" : {
"limit" : 1000,
"offset" : 0,
"records" : [ ],
"total" : 0
}
}
SDK Sample Code
The SDK sample code is as follows.
Java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class ListCustomerIpsSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); ListCustomerIpsRequest request = new ListCustomerIpsRequest(); try { ListCustomerIpsResponse response = client.listCustomerIps(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Python
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListCustomerIpsRequest() response = client.list_customer_ips(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Go
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListCustomerIpsRequest{} response, err := client.ListCustomerIps(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
More
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
OK |
|
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
