Help Center/ Cloud Firewall/ API Reference/ API/ IPS Management/ Querying a Protection Mode
Updated on 2025-08-11 GMT+08:00

Querying a Protection Mode

Function

This API is used to query a protection mode.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/ips/protect

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

object_id

Yes

String

Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If type is 0, object_id is the ID of a protected object on the Internet border. If type is 1, object_id is the ID of a protected object on the VPC border. Here, a protected object ID whose type is 0 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects).

enterprise_project_id

No

String

Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

fw_instance_id

No

String

Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token. You can obtain the token by referring to Obtaining a User Token.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

data

IpsProtectModeObject object

Returned value for querying the IPS protection mode.

Table 5 IpsProtectModeObject

Parameter

Type

Description

id

String

IPS protection mode ID. The value is the ID of the protected object, which can be obtained by calling the API for querying a firewall instance. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects).

mode

Integer

IPS protection mode: 0 (observation mode), 1 (strict mode), 2 (medium mode), or 3 (loose mode).

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Example Requests

Query the IPS protection mode of project 9d80d070b6d44942af73c9c3d38e0429.

https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/ips/protect?fw_instance_id=546af3f8-88e9-47f2-a205-2346d7090925&enterprise_project_id=default&object_id=cfebd347-b655-4b84-b938-3c54317599b2

Example Responses

Status code: 200

Return value for a protection mode query

{
  "data" : {
    "id" : "d5b75aba-dfca-40e4-99dd-ed56578e8e48",
    "mode" : 0
  }
}

Status code: 400

Bad Request

{
  "error_code" : "CFW.0020016",
  "error_msg" : "Incorrect instance status."
}

SDK Sample Code

The SDK sample code is as follows.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cfw.v1.region.CfwRegion;
import com.huaweicloud.sdk.cfw.v1.*;
import com.huaweicloud.sdk.cfw.v1.model.*;


public class ListIpsProtectModeSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        CfwClient client = CfwClient.newBuilder()
                .withCredential(auth)
                .withRegion(CfwRegion.valueOf("<YOUR REGION>"))
                .build();
        ListIpsProtectModeRequest request = new ListIpsProtectModeRequest();
        try {
            ListIpsProtectModeResponse response = client.listIpsProtectMode(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcfw.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = CfwClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CfwRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListIpsProtectModeRequest()
        response = client.list_ips_protect_mode(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := cfw.NewCfwClient(
        cfw.CfwClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListIpsProtectModeRequest{}
	response, err := client.ListIpsProtectMode(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Return value for a protection mode query

400

Bad Request

401

Unauthorized: Request error.

403

Forbidden: Access forbidden.

404

Not Found: Web page not found.

500

Internal Server Error

Error Codes

See Error Codes.