Updating a Custom IPS Rule
Function
This API is used to update a custom IPS rule.
Calling Method
For details, see Calling APIs.
URI
PUT /v1/{project_id}/ips/custom-rule/{ips_cfw_id}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
ips_cfw_id |
Yes |
String |
Definition ID of a custom IPS rule in CFW. Constraints N/A Range 32-bit UUID. Default Value N/A |
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
action_type |
Yes |
Integer |
Definition Action. Range 0 (log only) or 1 (reset/block) |
|
affected_os |
Yes |
Integer |
Definition Affected OS. Range 0 (any), 1 (Windows), 2 (Linux), 3 (FreeBSD), 4 (Solaris), 5 (other Unix), 6 (network devices), 7 (macOS), 8 (iOS), 9 (Android), or 10 (other) |
|
attack_type |
Yes |
Integer |
Definition Attack type. Constraints N/A Range 1 (access control), 2 (vulnerability scan), 3 (email attack), 4 (vulnerability exploit), 5 (web attack), 6 (password attack), 7 (hijacking), 8 (protocol anomaly), 9 (Trojan), 10 (worm), 11 (buffer overflow), 12 (hacker tool), 13 (spyware), 14 (DDoS flood), 15 (application-layer DDoS attack), 16 (other suspicious behavior), 17 (suspicious DNS activity), 18 (phishing), 19 (spam), or 20 (other attack) Default Value N/A |
|
contents |
Yes |
Array of IpsContent objects |
Definition Content that matches an IPS attack. Range |
|
direction |
Yes |
Integer |
Definition Default value: null. 0: from the client to the server; 1: from the server to the client. Range N/A |
|
dst_port |
Yes |
Port object |
|
|
fw_instance_id |
Yes |
String |
Definition Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
|
ips_name |
Yes |
String |
Definition IPS rule name. Range N/A |
|
protocol |
Yes |
Integer |
Definition Protocol type. Range 1** (FTP), 2 (TELNET), 3 (SMTP), 4 (DNS_TCP), 5 (DNS_UDP), 6 (DHCP), 7 (TFTP), 8 (FINGER), 9 (HTTP), 10 (POP3), 11 (SUNRPC_TCP), 12 (SUNRPC_UDP), 13 (NNTP), 14 (MSRPC_TCP), 15 (MSRPC_UDP), 16 (NETBIOS_NAME_TCP), 17 (NETBIOS_NAME_UDP), 18 (NETBIOS_SMB), 19 (NETBIOS_DATAGRAM), 20 (IMAP4), 21 (SNMP), 22 (LDAP), 23 (MSSQL), or 24 (ORACLE) |
|
severity |
Yes |
Integer |
Definition Severity. Range critical, high, medium, or low |
|
software |
Yes |
Integer |
Definition Affected software. Range 0 (ANY), 1 (ADOBE), 2 (APACHE), 3 (APPLE), 4 (CA), 5 (CISCO), 6 (GOOGLE_CHROME), 7 (HP), 8 (IBM), 9 (IE), 10 (IIS), 11 (MC_AFEE), 12 (MEDIA_PLAYER), 13 (MICROSOFT_NET), 14 (MICROSOFT_EDGE), 15 (MICROSOFT_EXCHANGE), 16 (MICROSOFT_OFFICE), 17 (MICROSOFT_OUTLOOK), 18 (MICROSOFT_SHARE_POINT), 19 (MICROSOFT_WINDOWS), 20 (MOZILLA), 21 (MSSQL), 22 (MYSQL), 23 (NOVELL), 24 (ORACLE), 25 (SAMBA), 26 (SAMSUNG), 27 (SAP), 28 (SCADA), 29 (SQUID), 30 (SUN), 31 (SYMANTEC), 32 (TREND_MICRO), 33 (VMWARE), 34 (WORD_PRESS), or 35 (OTHERS) |
|
src_port |
Yes |
Port object |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
content |
No |
String |
Definition Content. Range N/A |
|
depth |
No |
Integer |
Definition Depth. Range N/A |
|
is_hex |
No |
Boolean |
Definition Whether the packet content is in hexadecimal format. Range N/A |
|
is_ignore |
No |
Boolean |
Definition Case insensitive or not. Range N/A |
|
is_uri |
No |
Boolean |
Definition Whether to intercept packets in a URI. Range N/A |
|
offset |
No |
Integer |
Definition Offset. Range N/A |
|
relative_position |
No |
Integer |
Definition Relative position. Range N/A |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
data |
data object |
Definition Response to the request for updating a custom IPS rule. Range N/A |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Definition Error code. Range N/A |
|
error_msg |
String |
Definition Error message. Range N/A |
Example Requests
Update the custom IPS rule whose project ID is 3d84b4755b39476997c9f7b5a95c25ed and IPS firewall ID is cd74e74a-310f-4558-a4bf-da4215c820f8.
https://{Endpoint}/v1/3d84b4755b39476997c9f7b5a95c25ed/ips/custom-rule/cd74e74a-310f-4558-a4bf-da4215c820f8
{
"fw_instance_id" : "d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788",
"ips_name" : "test_OS_Linux",
"direction" : -1,
"src_port" : {
"port_type" : -1
},
"dst_port" : {
"port_type" : -1
},
"contents" : [ {
"content" : "ab",
"is_hex" : false,
"is_ignore" : false,
"is_uri" : false,
"relative_position" : 0,
"offset" : 0,
"depth" : 65535
} ],
"action_type" : 1,
"severity" : 0,
"attack_type" : 1,
"software" : 0,
"affected_os" : 1,
"protocol" : 9
}
Example Responses
Status code: 200
OK
{
"data" : {
"id" : "64b8978e-20c0-4b43-b178-885e3cbb380d"
}
}
Status code: 400
Bad Request
{
"error_code" : "CFW.00200003",
"error_msg" : "Parameter error."
}
SDK Sample Code
The SDK sample code is as follows.
Update the custom IPS rule whose project ID is 3d84b4755b39476997c9f7b5a95c25ed and IPS firewall ID is cd74e74a-310f-4558-a4bf-da4215c820f8.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; import java.util.List; import java.util.ArrayList; public class UpdateCustomerIpsSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); UpdateCustomerIpsRequest request = new UpdateCustomerIpsRequest(); request.withIpsCfwId("{ips_cfw_id}"); CustomerIpsSaveDto body = new CustomerIpsSaveDto(); Port srcPortbody = new Port(); srcPortbody.withPortType(-1); Port dstPortbody = new Port(); dstPortbody.withPortType(-1); List<IpsContent> listbodyContents = new ArrayList<>(); listbodyContents.add( new IpsContent() .withContent("ab") .withDepth(65535) .withIsHex(false) .withIsIgnore(false) .withIsUri(false) .withOffset(0) .withRelativePosition(0) ); body.withSrcPort(srcPortbody); body.withSoftware(0); body.withSeverity(0); body.withProtocol(9); body.withIpsName("test_OS_Linux"); body.withFwInstanceId("d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788"); body.withDstPort(dstPortbody); body.withDirection(-1); body.withContents(listbodyContents); body.withAttackType(1); body.withAffectedOs(CustomerIpsSaveDto.AffectedOsEnum.NUMBER_1); body.withActionType(CustomerIpsSaveDto.ActionTypeEnum.NUMBER_1); request.withBody(body); try { UpdateCustomerIpsResponse response = client.updateCustomerIps(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Update the custom IPS rule whose project ID is 3d84b4755b39476997c9f7b5a95c25ed and IPS firewall ID is cd74e74a-310f-4558-a4bf-da4215c820f8.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateCustomerIpsRequest() request.ips_cfw_id = "{ips_cfw_id}" srcPortbody = Port( port_type=-1 ) dstPortbody = Port( port_type=-1 ) listContentsbody = [ IpsContent( content="ab", depth=65535, is_hex=False, is_ignore=False, is_uri=False, offset=0, relative_position=0 ) ] request.body = CustomerIpsSaveDto( src_port=srcPortbody, software=0, severity=0, protocol=9, ips_name="test_OS_Linux", fw_instance_id="d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788", dst_port=dstPortbody, direction=-1, contents=listContentsbody, attack_type=1, affected_os=1, action_type=1 ) response = client.update_customer_ips(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Update the custom IPS rule whose project ID is 3d84b4755b39476997c9f7b5a95c25ed and IPS firewall ID is cd74e74a-310f-4558-a4bf-da4215c820f8.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateCustomerIpsRequest{} request.IpsCfwId = "{ips_cfw_id}" portTypeSrcPort:= int32(-1) srcPortbody := &model.Port{ PortType: &portTypeSrcPort, } portTypeDstPort:= int32(-1) dstPortbody := &model.Port{ PortType: &portTypeDstPort, } contentContents:= "ab" depthContents:= int32(65535) isHexContents:= false isIgnoreContents:= false isUriContents:= false offsetContents:= int32(0) relativePositionContents:= int32(0) var listContentsbody = []model.IpsContent{ { Content: &contentContents, Depth: &depthContents, IsHex: &isHexContents, IsIgnore: &isIgnoreContents, IsUri: &isUriContents, Offset: &offsetContents, RelativePosition: &relativePositionContents, }, } request.Body = &model.CustomerIpsSaveDto{ SrcPort: srcPortbody, Software: int32(0), Severity: int32(0), Protocol: int32(9), IpsName: "test_OS_Linux", FwInstanceId: "d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788", DstPort: dstPortbody, Direction: int32(-1), Contents: listContentsbody, AttackType: int32(1), AffectedOs: model.GetCustomerIpsSaveDtoAffectedOsEnum().E_1, ActionType: model.GetCustomerIpsSaveDtoActionTypeEnum().E_1, } response, err := client.UpdateCustomerIps(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
OK |
|
400 |
Bad Request |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
