Querying Custom IPS Rule Details
Function
Function: Query custom IPS rule details. Feature: Query custom IPS rule details based on the IPS ID entered in the path.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/ips/custom-rule/{ips_cfw_id}
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
ips_cfw_id |
Yes |
String |
Definition ID of a custom IPS rule in CFW. Constraints N/A Range 32-bit UUID. Default Value N/A |
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
fw_instance_id |
Yes |
String |
Definition Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
Request Parameters
None
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
data |
CustomerIpsVO object |
Definition Returned data of a custom IPS rule. Range N/A |
Parameter |
Type |
Description |
---|---|---|
action |
Integer |
Definition Action. Range 0 (log only) or 1 (reset/block) |
affected_os |
Integer |
Definition Affected OS. Range 0 (any), 1 (Windows), 2 (Linux), 3 (FreeBSD), 4 (Solaris), 5 (other Unix), 6 (network devices), 7 (macOS), 8 (iOS), 9 (Android), or 10 (other) |
attack_type |
Integer |
Definition Attack type. Range 1 (access control), 2 (vulnerability scan), 3 (email attack), 4 (vulnerability exploit), 5 (web attack), 6 (password attack), 7 (hijacking), 8 (protocol anomaly), 9 (Trojan), 10 (worm), 11 (buffer overflow), 12 (hacker tool), 13 (spyware), 14 (DDoS flood), 15 (application-layer DDoS attack), 16 (other suspicious behavior), 17 (suspicious DNS activity), 18 (phishing), 19 (spam), or 20 (other attack) |
config_status |
Integer |
Definition Rule status. Range 0 (initialized), 1 (configuring), 2 (configuration succeeded), or 3 (configuration failed) |
contents |
Array of IpsContent objects |
Definition Content that matches an IPS attack. Range |
direction |
Integer |
Definition Default value: null. 0: from the client to the server; 1: from the server to the client. Range N/A |
dst_port |
Port object |
|
ips_cfw_id |
String |
Definition ID of a custom IPS rule in CFW. Constraints N/A Range 32-bit UUID. Default Value N/A |
ips_id |
String |
Definition IPS rule ID. Range N/A |
ips_name |
String |
Definition IPS rule name. Range N/A |
protocol |
Integer |
Definition Protocol type. Range 1** (FTP), 2 (TELNET), 3 (SMTP), 4 (DNS_TCP), 5 (DNS_UDP), 6 (DHCP), 7 (TFTP), 8 (FINGER), 9 (HTTP), 10 (POP3), 11 (SUNRPC_TCP), 12 (SUNRPC_UDP), 13 (NNTP), 14 (MSRPC_TCP), 15 (MSRPC_UDP), 16 (NETBIOS_NAME_TCP), 17 (NETBIOS_NAME_UDP), 18 (NETBIOS_SMB), 19 (NETBIOS_DATAGRAM), 20 (IMAP4), 21 (SNMP), 22 (LDAP), 23 (MSSQL), or 24 (ORACLE) |
severity |
Integer |
Definition Severity. Range critical, high, medium, or low |
software |
Integer |
Definition Affected software. Range 0 (ANY), 1 (ADOBE), 2 (APACHE), 3 (APPLE), 4 (CA), 5 (CISCO), 6 (GOOGLE_CHROME), 7 (HP), 8 (IBM), 9 (IE), 10 (IIS), 11 (MC_AFEE), 12 (MEDIA_PLAYER), 13 (MICROSOFT_NET), 14 (MICROSOFT_EDGE), 15 (MICROSOFT_EXCHANGE), 16 (MICROSOFT_OFFICE), 17 (MICROSOFT_OUTLOOK), 18 (MICROSOFT_SHARE_POINT), 19 (MICROSOFT_WINDOWS), 20 (MOZILLA), 21 (MSSQL), 22 (MYSQL), 23 (NOVELL), 24 (ORACLE), 25 (SAMBA), 26 (SAMSUNG), 27 (SAP), 28 (SCADA), 29 (SQUID), 30 (SUN), 31 (SYMANTEC), 32 (TREND_MICRO), 33 (VMWARE), 34 (WORD_PRESS), or 35 (OTHERS) |
src_port |
Port object |
Parameter |
Type |
Description |
---|---|---|
content |
String |
Definition Content. Range N/A |
depth |
Integer |
Definition Depth. Range N/A |
is_hex |
Boolean |
Definition Whether the packet content is in hexadecimal format. Range N/A |
is_ignore |
Boolean |
Definition Case insensitive or not. Range N/A |
is_uri |
Boolean |
Definition Whether to intercept packets in a URI. Range N/A |
offset |
Integer |
Definition Offset. Range N/A |
relative_position |
Integer |
Definition Relative position. Range N/A |
Parameter |
Type |
Description |
---|---|---|
port_type |
Integer |
Definition Port type. Range -1 (any), 0 (include), or 1 (exclude) |
ports |
String |
Definition Port. Range N/A |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Definition Error code. Range N/A |
error_msg |
String |
Definition Error message. Range N/A |
Example Requests
Query details about the IPS rule whose project ID is 3d84b4755b39476997c9f7b5a95c25ed, firewall ID is d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788, protected object ID is 64b8978e-20c0-4b43-b178-885e3cbb380d, and custom IPS rule ID is c059d198-5996-46dd-9ed8-83167e6babe8.
https://{Endpoint}/v1/3d84b4755b39476997c9f7b5a95c25ed/ips/custom-rule/c059d198-5996-46dd-9ed8-83167e6babe8?fw_instance_id=d6e0a4d0-8b16-47fe-98b6-e1b0a7a14788&object_id=64b8978e-20c0-4b43-b178-885e3cbb380d
Example Responses
Status code: 200
OK
{ "data" : { "action" : 1, "affected_os" : 0, "attack_type" : 1, "config_status" : 2, "contents" : [ { "content" : "apitest", "depth" : 65535, "is_hex" : false, "is_ignore" : true, "is_uri" : false, "offset" : 0, "relative_position" : 0 } ], "direction" : -1, "dst_port" : { "port_type" : -1 }, "ips_cfw_id" : "c059d198-5996-46dd-9ed8-83167e6babe8", "ips_id" : "350020", "ips_name" : "Deletable_editable_API_verification", "protocol" : 9, "severity" : 0, "software" : 0, "src_port" : { "port_type" : -1 } } }
Status code: 400
Bad Request
{ "error_code" : "CFW.00200003", "error_msg" : "Parameter error." }
SDK Sample Code
The SDK sample code is as follows.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class ShowCustomerIpsInfoSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); ShowCustomerIpsInfoRequest request = new ShowCustomerIpsInfoRequest(); request.withIpsCfwId("{ips_cfw_id}"); try { ShowCustomerIpsInfoResponse response = client.showCustomerIpsInfo(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = ShowCustomerIpsInfoRequest() request.ips_cfw_id = "{ips_cfw_id}" response = client.show_customer_ips_info(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ShowCustomerIpsInfoRequest{} request.IpsCfwId = "{ips_cfw_id}" response, err := client.ShowCustomerIpsInfo(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
OK |
400 |
Bad Request |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot