Importing an IP Address Blacklist for Traffic Filtering
Function
This API is used to import an IP address blacklist. The IP address list is saved in the body of the request. The IP address list supports the following formats:
Single IP address, for example, 100.1.1.10
Consecutive IP address segment, for example, 80.1.1.3-80.1.1.30
CIDR block with a mask, for example, 6.6.6.0/24
Calling Method
For details, see Calling APIs.
URI
POST /v1/{project_id}/ptf/ip-blacklist/import
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
fw_instance_id |
Yes |
String |
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
add_type |
No |
Integer |
Mode of importing the IP address blacklist: 0 (incremental import) or 1 (full import). The newly imported IP address blacklist will overwrite the existing IP address blacklist. |
|
ip_blacklist |
No |
String |
IP address list. The IP addresses can be separated by commas (,), semicolons (;), \r\n, \n), or \t. |
|
effect_scope |
No |
Array of integers |
Effective scope: 1 (EIP), 2 (NAT), or [1 2] (EIP and NAT). |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
data |
Object |
Data import |
Example Requests
Import an IP address blacklist in full mode. The project ID is eefb11b22d5944f2aa067954516df1cf, the protected object ID is 812f478c-940e-4e00-824f-7287250d76dc.
The effective scope is EIP, and the IP address list is 100.1.1.10\n80.1.1.3-80.1.1.30\n6.6.6.0/24\n2001:db8::2-2001:db8::200\n3001:db8::2\n4001:db8::2/64. IPv4 and IPv6 addresses can be imported at the same time. Use \n to separate the IP addresses.
https://{Endpoint}/v1/eefb11b22d5944f2aa067954516df1cf/ptf/ip-blacklist/import?fw_instance_id=812f478c-940e-4e00-824f-7287250d76dc
ImportIpBlacklistRequestBody:
{
"add_type": 1,
"ip_blacklist": "100.1.1.10\n80.1.1.3-80.1.1.30\n6.6.6.0/24\n2001:db8::2-2001:db8::200\n3001:db8::2\n4001:db8::2/64",
"effect_scope": [
1 ]
}
Example Responses
None
SDK Sample Code
The SDK sample code is as follows.
Import an IP address blacklist in full mode. The project ID is eefb11b22d5944f2aa067954516df1cf, the protected object ID is 812f478c-940e-4e00-824f-7287250d76dc.
The effective scope is EIP, and the IP address list is 100.1.1.10\n80.1.1.3-80.1.1.30\n6.6.6.0/24\n2001:db8::2-2001:db8::200\n3001:db8::2\n4001:db8::2/64. IPv4 and IPv6 addresses can be imported at the same time. Use \n to separate the IP addresses.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class ImportIpBlacklistSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); ImportIpBlacklistRequest request = new ImportIpBlacklistRequest(); try { ImportIpBlacklistResponse response = client.importIpBlacklist(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Import an IP address blacklist in full mode. The project ID is eefb11b22d5944f2aa067954516df1cf, the protected object ID is 812f478c-940e-4e00-824f-7287250d76dc.
The effective scope is EIP, and the IP address list is 100.1.1.10\n80.1.1.3-80.1.1.30\n6.6.6.0/24\n2001:db8::2-2001:db8::200\n3001:db8::2\n4001:db8::2/64. IPv4 and IPv6 addresses can be imported at the same time. Use \n to separate the IP addresses.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = ImportIpBlacklistRequest() response = client.import_ip_blacklist(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Import an IP address blacklist in full mode. The project ID is eefb11b22d5944f2aa067954516df1cf, the protected object ID is 812f478c-940e-4e00-824f-7287250d76dc.
The effective scope is EIP, and the IP address list is 100.1.1.10\n80.1.1.3-80.1.1.30\n6.6.6.0/24\n2001:db8::2-2001:db8::200\n3001:db8::2\n4001:db8::2/64. IPv4 and IPv6 addresses can be imported at the same time. Use \n to separate the IP addresses.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ImportIpBlacklistRequest{} response, err := client.ImportIpBlacklist(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Import success response. If the import is successful, no value is assigned to the field in the response body. |
|
401 |
Authentication failed. |
|
403 |
This operation is not allowed. |
|
500 |
Internal error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
