Querying Traffic Mirror Filter Rules

Function

This API is used to query information about all traffic mirror filter rules, including the source and destination addresses and ports.

Calling Method

For details, see Calling APIs.

URI

GET /v3/{project_id}/vpc/traffic-mirror-filter-rules

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Definition: ID of the project that a traffic mirror filter rule belongs to. For details about how to obtain a project ID, see Obtaining a Project ID. Range: N/A

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
id	No	Array of strings	Definition: ID of a traffic mirror filter rule. You can use this field to accurately filter traffic mirror filter rules. Multiple IDs can be specified for filtering. Range: N/A
action	No	Array of strings	Definition: Action of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple actions can be specified for filtering. Range: accept and reject
description	No	Array of strings	Definition: Description of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple descriptions can be specified for filtering. Range: N/A
destination_cidr_block	No	Array of strings	Definition: Destination of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple destinations can be specified for filtering. Range: N/A
destination_port_range	No	Array of strings	Definition: Destination port range of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple destination port ranges can be specified for filtering. Range: N/A
direction	No	Array of strings	Definition: Direction of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple directions can be specified for filtering. Range: ingress: inbound traffic egress: outbound traffic
priority	No	Array of integers	Definition: Priority of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple priorities can be specified for filtering. Range: 1 to 65535
protocol	No	Array of strings	Definition: Network protocol in a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple protocols can be specified for filtering. Range: TCP: Traffic mirror rules with protocol set to TCP will be filtered. UDP: Traffic mirror rules with protocol set to UDP will be filtered. ICMP: Traffic mirror rules with protocol set to ICMP will be filtered. ICMPV6: Traffic mirror rules with protocol set to ICMPv6 will be filtered. ALL: Traffic mirror rules with protocol set to All will be filtered.
source_cidr_block	No	Array of strings	Definition: Source of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple sources can be specified for filtering. Range: N/A
source_port_range	No	Array of strings	Definition: Source port range of a traffic mirror filter rule. You can use this field to filter traffic mirror filter rules. Multiple source port ranges can be specified for filtering. Range: N/A
traffic_mirror_filter_id	No	Array of strings	Definition: ID of the traffic mirror filter that a traffic mirror filter rule belongs to. You can use this field to filter traffic mirror filter rules. Multiple IDs can be specified for filtering. Range: N/A

Request Parameters

None

Response Parameters

Status code: 200

**Table 3** Response body parameters
Parameter	Type	Description
traffic_mirror_filter_rules	Array of TrafficMirrorFilterRule objects	Definition: Response body for querying traffic mirror filter rules. Range: N/A
page_info	PageInfo object	Definition: Pagination information. Range: N/A
request_id	String	Definition: Request ID. Range: N/A

**Table 4** TrafficMirrorFilterRule
Parameter	Type	Description
id	String	Definition: ID of a traffic mirror filter rule. Range: N/A
project_id	String	Definition: ID of the project that a traffic mirror filter rule belongs to. Range: N/A
description	String	Definition: Description of a traffic mirror filter rule. Range: The value can contain 0 to 255 characters and cannot contain angle brackets (< or >).
traffic_mirror_filter_id	String	Definition: ID of the traffic mirror filter that a traffic mirror filter rule belongs to. Range: N/A
direction	String	Definition: Traffic direction of a traffic mirror filter rule. Range: ingress: inbound traffic egress: outbound traffic
source_cidr_block	String	Definition: Source of a traffic mirror filter rule. Range: Single IP address: IP address/subnet mask. For example, 192.168.10.10/32 for a single IPv4 address or 2002:50::44/128 for a single IPv6 address. CIDR block: IP address/subnet mask. For example, 192.168.52.0/24 for an IPv4 CIDR block or 2407:c080:802:469::/64 for an IPv6 CIDR block. All IP addresses: 0.0.0.0/0 indicates all IPv4 addresses, and ::/0 indicates all IPv6 addresses.
destination_cidr_block	String	Definition: Destination of a traffic mirror filter rule. Range: Single IP address: IP address/subnet mask. For example, 192.168.10.10/32 for a single IPv4 address or 2002:50::44/128 for a single IPv6 address. CIDR block: IP address/subnet mask. For example, 192.168.52.0/24 for an IPv4 CIDR block or 2407:c080:802:469::/64 for an IPv6 CIDR block. All IP addresses: 0.0.0.0/0 indicates all IPv4 addresses, and ::/0 indicates all IPv6 addresses.
source_port_range	String	Definition: Source port range of a traffic mirror filter rule. Range: Port range: 1 to 65535 Use a hyphen (-) to connect the start port and the end port, for example, 22-23. The end port cannot be smaller than the start port.
destination_port_range	String	Definition: Destination port range of a traffic mirror filter rule. Range: Port range: 1 to 65535 Use a hyphen (-) to connect the start port and the end port, for example, 22-23. The end port cannot be smaller than the start port.
ethertype	String	Definition: IP address version. Range: IPv4 or IPv6
protocol	String	Definition: Network protocol type. Range: TCP: If you select TCP, you can customize the source and destination port ranges. UDP: If you select UDP, you can customize the source and destination port ranges. ICMP: If you set IP address version to IPv4 and select ICMP, all ports are specified for source and destination port ranges by default. ICMPV6: If you set IP address version to IPv6 and select ICMPv6, all ports are specified for source and destination port ranges by default. ALL: If you select ALL, all network protocols are supported and all ports are specified for source and destination port ranges by default.
action	String	Definition: Action of a traffic mirror filter rule. Range: accept reject
priority	Integer	Definition: Priority of a traffic mirror filter rule. Range: The value is from 1 to 65535. A smaller value indicates a higher priority.
created_at	String	Definition: Time when a traffic mirror filter rule was created. Range: The value is a UTC time in the format of yyyy-MM-ddTHH:mm:ssZ.
updated_at	String	Definition: Time when a traffic mirror filter rule was updated. Range: The value is a UTC time in the format of yyyy-MM-ddTHH:mm:ssZ.

**Table 5** PageInfo
Parameter	Type	Description
previous_marker	String	Definition: The first record on the current page. Range: N/A
current_count	Integer	Definition: Total number of resources on the current page. Range: N/A
next_marker	String	Definition: The last record on the current page. The next_marker field does not exist if the page is the last one. Range: N/A

Example Requests

Querying traffic mirror filter rules

GET http://{endpoint}/v3/{project_id}/vpc/traffic-mirror-filter-rules

Example Responses

Status code: 200

{
  "request_id" : "38719a68-c7c1-4fe1-bf12-4bb049349174",
  "traffic_mirror_filter_rules" : [ {
    "created_at" : "2023-02-17T08:42:44.000+00:00",
    "updated_at" : "2023-02-17T08:42:44.000+00:00",
    "id" : "3daa97b5-ad58-477d-86a5-52b65257f94b",
    "project_id" : "7365fcd452924e398ec4cc1fe39c0d12",
    "description" : "",
    "traffic_mirror_filter_id" : "b765ba87-c0b4-4f1a-9ec3-d5b1d1ddb137",
    "direction" : "ingress",
    "protocol" : "ICMPV6",
    "ethertype" : "IPv4",
    "action" : "accept",
    "priority" : 16
  } ],
  "page_info" : {
    "previous_marker" : "3daa97b5-ad58-477d-86a5-52b65257f94b",
    "current_count" : 1
  }
}

SDK Sample Code

The SDK sample code is as follows.

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.vpc.v3.region.VpcRegion;
import com.huaweicloud.sdk.vpc.v3.*;
import com.huaweicloud.sdk.vpc.v3.model.*;


public class ListTrafficMirrorFilterRulesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        VpcClient client = VpcClient.newBuilder()
                .withCredential(auth)
                .withRegion(VpcRegion.valueOf("<YOUR REGION>"))
                .build();
        ListTrafficMirrorFilterRulesRequest request = new ListTrafficMirrorFilterRulesRequest();
        try {
            ListTrafficMirrorFilterRulesResponse response = client.listTrafficMirrorFilterRules(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

      
       
         
         
           # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkvpc.v3.region.vpc_region import VpcRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkvpc.v3 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = VpcClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(VpcRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListTrafficMirrorFilterRulesRequest()
        response = client.list_traffic_mirror_filter_rules(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    vpc "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := vpc.NewVpcClient(
        vpc.VpcClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListTrafficMirrorFilterRulesRequest{}
	response, err := client.ListTrafficMirrorFilterRules(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     