创建流量镜像筛选规则
功能介绍
创建流量镜像筛选规则
调用方法
请参见如何调用API。
URI
POST /v3/{project_id}/vpc/traffic-mirror-filter-rules
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
project_id |
是 |
String |
参数解释: 流量镜像筛选规则所属的项目ID。获取方式请参见获取项目ID。 取值范围: 不涉及。 |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
traffic_mirror_filter_rule |
是 |
流量镜像筛选条件规则对象 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
description |
否 |
String |
功能说明:流量镜像筛选规则的描述信息 取值范围:0-255个字符,不能包含“<”和“>” |
traffic_mirror_filter_id |
是 |
String |
功能说明:流量镜像筛选条件ID |
direction |
是 |
String |
功能说明:流量方向 取值范围: ingress,入方向; egress,出方向 |
protocol |
是 |
String |
功能说明:镜像流量的协议类型 取值范围:TCP、UDP、ICMP、ICMPV6、ALL |
ethertype |
是 |
String |
功能说明:镜像流量的地址协议版本 取值范围:IPv4,IPv6 |
source_cidr_block |
否 |
String |
功能说明:镜像流量的源网段 |
destination_cidr_block |
否 |
String |
功能说明:镜像流量的目的网段 |
source_port_range |
否 |
String |
功能说明:流量源端口范围 取值范围:1~65535 格式:80-200 |
destination_port_range |
否 |
String |
功能说明:流量目的端口范围 取值范围:1~65535 格式:80-200 |
action |
是 |
String |
功能说明:镜像策略 取值范围:accept(采集)、reject(不采集) |
priority |
是 |
Integer |
功能说明:镜像规则优先级 取值范围:1~65535,数字越小,优先级越高 |
响应参数
状态码:201
参数 |
参数类型 |
描述 |
---|---|---|
traffic_mirror_filter_rule |
TrafficMirrorFilterRule object |
参数解释: 查询流量镜像筛选规则详情的响应体。 取值范围: 不涉及。 |
request_id |
String |
参数解释: 请求ID。 取值范围: 不涉及。 |
参数 |
参数类型 |
描述 |
---|---|---|
id |
String |
参数解释: 流量镜像筛选规则的资源ID。 取值范围: 不涉及。 |
project_id |
String |
参数解释: 流量镜像筛选规则所属的项目ID。 取值范围: 不涉及。 |
description |
String |
参数解释: 流量镜像筛选规则的描述信息。 取值范围: 0-255个字符,不能包含“<”和“>”。 |
traffic_mirror_filter_id |
String |
参数解释: 流量镜像筛选规则所在流量镜像筛选条件的ID。 取值范围: 不涉及。 |
direction |
String |
参数解释: 流量镜像筛选规则的流量方向。 取值范围:
|
source_cidr_block |
String |
参数解释: 流量镜像筛选规则的源地址。 取值范围:
|
destination_cidr_block |
String |
参数解释: 流量镜像筛选规则的目的地址。 取值范围:
|
source_port_range |
String |
参数解释: 流量镜像筛选规则的源端口范围。 取值范围:
|
destination_port_range |
String |
参数解释: 流量镜像筛选规则的目的端口范围。 取值范围:
|
ethertype |
String |
参数解释: 流量支持的IP地址类型。 取值范围: IPv4,IPv6 |
protocol |
String |
参数解释: 流量支持的网络协议类型。 取值范围:
|
action |
String |
参数解释: 流量镜像筛选规则的流量采集策略。 取值范围:
|
priority |
Integer |
参数解释: 流量镜像筛选规则的优先级。 取值范围: 1~65535,数字越小,优先级越高。 |
created_at |
String |
参数解释: 流量镜像筛选规则的创建时间。 取值范围: UTC时间格式,yyyy-MM-ddTHH:mm:ssZ。 |
updated_at |
String |
参数解释: 流量镜像筛选规则的更新时间。 取值范围: UTC时间格式,yyyy-MM-ddTHH:mm:ssZ。 |
请求示例
创建一条流量镜像筛选规则,入方向,筛选条件ID为417d7317-6c17-4428-a0f3-997d3e2293a0,源cidr为192.168.0.0/24。
POST http://{endpoint}/v3/{project_id}/vpc/traffic-mirror-filter-rules { "traffic_mirror_filter_rule" : { "traffic_mirror_filter_id" : "417d7317-6c17-4428-a0f3-997d3e2293a0", "ethertype" : "ipv4", "direction" : "ingress", "protocol" : "ICMP", "source_cidr_block" : "192.168.0.0/24", "action" : "accept", "priority" : 29 } }
响应示例
状态码:201
Created
{ "request_id" : "8dec5453-1690-4378-a976-40ba5e6d62ff", "traffic_mirror_filter_rule" : { "created_at" : "2023-03-22T07:07:55.000+00:00", "updated_at" : "2023-03-22T07:07:55.000+00:00", "id" : "1be5f64b-49a1-427d-a49e-9619cfb0492c", "project_id" : "7365fcd452924e398ec4cc1fe39c0d12", "description" : "", "traffic_mirror_filter_id" : "417d7317-6c17-4428-a0f3-997d3e2293a0", "direction" : "ingress", "protocol" : "ICMP", "ethertype" : "IPv4", "source_cidr_block" : "192.168.0.0/24", "action" : "accept", "priority" : 29 } }
SDK代码示例
SDK代码示例如下。
创建一条流量镜像筛选规则,入方向,筛选条件ID为417d7317-6c17-4428-a0f3-997d3e2293a0,源cidr为192.168.0.0/24。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.vpc.v3.region.VpcRegion; import com.huaweicloud.sdk.vpc.v3.*; import com.huaweicloud.sdk.vpc.v3.model.*; public class CreateTrafficMirrorFilterRuleSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); VpcClient client = VpcClient.newBuilder() .withCredential(auth) .withRegion(VpcRegion.valueOf("<YOUR REGION>")) .build(); CreateTrafficMirrorFilterRuleRequest request = new CreateTrafficMirrorFilterRuleRequest(); CreateTrafficMirrorFilterRuleRequestBody body = new CreateTrafficMirrorFilterRuleRequestBody(); CreateTrafficMirrorFilterRuleOption trafficMirrorFilterRulebody = new CreateTrafficMirrorFilterRuleOption(); trafficMirrorFilterRulebody.withTrafficMirrorFilterId("417d7317-6c17-4428-a0f3-997d3e2293a0") .withDirection("ingress") .withProtocol("ICMP") .withEthertype("ipv4") .withSourceCidrBlock("192.168.0.0/24") .withAction("accept") .withPriority(29); body.withTrafficMirrorFilterRule(trafficMirrorFilterRulebody); request.withBody(body); try { CreateTrafficMirrorFilterRuleResponse response = client.createTrafficMirrorFilterRule(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
创建一条流量镜像筛选规则,入方向,筛选条件ID为417d7317-6c17-4428-a0f3-997d3e2293a0,源cidr为192.168.0.0/24。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkvpc.v3.region.vpc_region import VpcRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkvpc.v3 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = VpcClient.new_builder() \ .with_credentials(credentials) \ .with_region(VpcRegion.value_of("<YOUR REGION>")) \ .build() try: request = CreateTrafficMirrorFilterRuleRequest() trafficMirrorFilterRulebody = CreateTrafficMirrorFilterRuleOption( traffic_mirror_filter_id="417d7317-6c17-4428-a0f3-997d3e2293a0", direction="ingress", protocol="ICMP", ethertype="ipv4", source_cidr_block="192.168.0.0/24", action="accept", priority=29 ) request.body = CreateTrafficMirrorFilterRuleRequestBody( traffic_mirror_filter_rule=trafficMirrorFilterRulebody ) response = client.create_traffic_mirror_filter_rule(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
创建一条流量镜像筛选规则,入方向,筛选条件ID为417d7317-6c17-4428-a0f3-997d3e2293a0,源cidr为192.168.0.0/24。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" vpc "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := vpc.NewVpcClient( vpc.VpcClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.CreateTrafficMirrorFilterRuleRequest{} sourceCidrBlockTrafficMirrorFilterRule:= "192.168.0.0/24" trafficMirrorFilterRulebody := &model.CreateTrafficMirrorFilterRuleOption{ TrafficMirrorFilterId: "417d7317-6c17-4428-a0f3-997d3e2293a0", Direction: "ingress", Protocol: "ICMP", Ethertype: "ipv4", SourceCidrBlock: &sourceCidrBlockTrafficMirrorFilterRule, Action: "accept", Priority: int32(29), } request.Body = &model.CreateTrafficMirrorFilterRuleRequestBody{ TrafficMirrorFilterRule: trafficMirrorFilterRulebody, } response, err := client.CreateTrafficMirrorFilterRule(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
---|---|
201 |
Created |
错误码
请参见错误码。