Obtaining the IPS Rule List
Function
This API is used to obtain the IPS rule list.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/ips-rule
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID, which can be obtained by calling an API or from the console. You can obtain it by referring to Obtaining a Project ID. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
affected_application_like |
No |
Integer |
Keywords for querying affected objects, including Others, Sun, Apache, IBM, VMware, WordPress, Adobe, Oracle, and Google Chrome. |
create_time |
No |
Integer |
Year when an IPS rule was created. |
fw_instance_id |
No |
String |
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID. |
ips_cve_like |
No |
Integer |
Keyword for querying the CVE ID. A CVE ID is the vulnerability ID stored in the CVE vulnerability database. |
ips_group |
No |
Integer |
IPS group, which is distinguished by the IPS interception mode. It can be 0 (observation), 1 (strict), 2 (medium), or 3 (loose). |
ips_id |
No |
String |
IPS rule ID. |
ips_level |
No |
Integer |
IPS severity. It can be CRITICAL, HIGH, MEDIUM, or LOW. |
ips_name_like |
No |
String |
Keyword for querying an IPS rule name. |
ips_rules_type_like |
No |
Integer |
IPS rule type. The types include vulnerability scan, hacker tool detection, and Trojan detection. |
ips_status |
No |
String |
IPS rule status. It can be OBSERVE (observation), ENABLE (interception), CLOSE (disabled), DEFAULT (restored to default), or ALL_DEFAULT (globally restored to default). |
is_updated_ips_rule_queried |
No |
Boolean |
Whether to query the updated IPS rule library. true: Query updated rules (rules in the virtual patch rule library). false: Query the rules in the basic defense rule library. |
limit |
Yes |
Integer |
Number of records displayed on each page. The value ranges from 1 to 1024. |
object_id |
Yes |
String |
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If type is 0, object_id is the ID of a protected object on the Internet border. If type is 1, object_id is the ID of a protected object on the VPC border. Here, a protected object ID whose type is 0 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects). |
offset |
Yes |
Integer |
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0. |
enterprise_project_id |
No |
String |
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token, which can be obtained by referring to Obtaining a User Token. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
data |
IpsRuleListVO object |
Return value for querying the rule list. |
Parameter |
Type |
Description |
---|---|---|
fw_instance_id |
String |
Firewall ID. |
limit |
Integer |
Number of records displayed on each page. The value ranges from 1 to 1024. |
object_id |
String |
Protected object ID. |
offset |
Integer |
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0. |
records |
Array of IpsRuleVO objects |
Query the IPS rule list. |
total |
Integer |
Query the total number of IPS rules. |
Parameter |
Type |
Description |
---|---|---|
affected_application |
String |
Affected objects, including Others, Sun, Apache, IBM, VMware, WordPress, Adobe, Oracle, and Google Chrome. |
create_time |
String |
Year when an IPS rule was created. |
default_status |
String |
Default status. |
ips_cve |
String |
cve id |
ips_group |
String |
IPS group, which is distinguished by the IPS interception mode. It can be 0 (observation), 1 (strict), 2 (medium), and 3 (loose). |
ips_id |
String |
IPS rule ID. |
ips_level |
String |
IPS severity. It can be CRITICAL, HIGH, MEDIUM, or LOW. |
ips_name |
String |
IPS rule name. |
ips_rules_type |
String |
IPS rule type, including vulnerability scan, hacker tool detection, and Trojan detection. |
ips_status |
String |
IPS rule status. It can be OBSERVE (observation), ENABLE (interception), CLOSE (disabled), DEFAULT (restored to default), or ALL_DEFAULT (globally restored to default). |
Example Requests
Obtain the IPS rule list of the project whose ID is 408972e72dcd4c1a9b033e955802a36b. The firewall ID is e743cfaf-8164-4807-aa13-d893d83313cf, the enterprise project ID is fb55459c-41b3-47fc-885d-540946fddda4, and the target object ID is 1b90f031-0c7b-4f25-95e2-b6d9940d269e. The maximum number of query results is 1,000, and the offset is 0.
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/ips-rule?fw_instance_id=e743cfaf-8164-4807-aa13-d893d83313cf&enterprise_project_id=fb55459c-41b3-47fc-885d-540946fddda4&project_id=408972e72dcd4c1a9b033e955802a36b&object_id=1b90f031-0c7b-4f25-95e2-b6d9940d269e&limit=1000&offset=0
Example Responses
Status code: 200
Return value for querying the rule list.
{ "data" : { "fw_instance_id" : "e743cfaf-8164-4807-aa13-d893d83313cf", "limit" : 1000, "offset" : 1, "records" : [ { "affected_application" : "Others", "create_time" : "2015", "default_status" : "CLOSE", "ips_group" : "STRICTLY", "ips_id" : "340710", "ips_level" : "MEDIUM", "ips_name" : "WEBC2-QBP login response 1 - related to embedded CnC APT1", "ips_rules_type" : "Trojan.", "ips_status" : "CLOSE" }, { "affected_application" : "Others", "create_time" : "2015", "default_status" : "CLOSE", "ips_group" : "STRICTLY", "ips_id" : "340922", "ips_level" : "MEDIUM", "ips_name" : "Win32/Fujacks activities.", "ips_rules_type" : "Trojan.", "ips_status" : "CLOSE" } ], "total" : 2 } }
SDK Sample Code
The SDK sample code is as follows.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class ListIpsRulesSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); ListIpsRulesRequest request = new ListIpsRulesRequest(); try { ListIpsRulesResponse response = client.listIpsRules(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListIpsRulesRequest() response = client.list_ips_rules(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListIpsRulesRequest{} response, err := client.ListIpsRules(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
Return value for querying the rule list. |
401 |
Unauthorized: Request error. |
403 |
Forbidden: Access forbidden. |
404 |
Not Found: Web page not found. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot