UpdateFirewallRule

API Request

URLs

PUT zstack/v1/vpcfirewalls/rules/{uuid}/actions

Headers

Authorization: OAuth the-session-uuid

Body

{
  "updateFirewallRule": {
    "ruleSetUuid": "c7b605d7c7e037f8b4df43bfe5a26d0f",
    "action": "accept",
    "protocol": "tcp",
    "destPort": "22",
    "sourcePort": "22",
    "sourceIp": "192.168.1.2",
    "destIp": "192.168.1.1",
    "allowStates": "invalid,new",
    "tcpFlag": "SYN",
    "icmpTypeName": "echo-reply",
    "ruleNumber": 1001.0,
    "enableLog": false,
    "state": "disable",
    "description": "example rule des"
  },
  "systemTags": [],
  "userTags": []
}

Note: In the preceding sample, both systemTags and userTags are optional. These two fields can be included in the body structure.

Curl Sample

curl -H "Content-Type: application/json;charset=UTF-8" \
-H "Authorization: OAuth b86c9016b4f24953a9edefb53ca0678c" \
-X PUT -d '{"updateFirewallRule":{"vpcFirewallUuid":"181da73e752432b283d3096bb29afb59","ruleSetUuid":"cb6db506c523354282aecf56acd4b78d","action":"accept","protocol":"tcp","destPort":"22","sourcePort":"22","sourceIp":"192.168.1.2","destIp":"192.168.1.1","allowStates":"invalid,new","tcpFlag":"SYN","icmpTypeName":"echo-reply","ruleNumber":1001.0,"enableLog":false,"state":"disable","description":"example rule des"}}' http://localhost:8080/zstack/v1/vpcfirewalls/rules/7e9bd2ad1f48320d8782d737b262abb1/actions

Request Parameters


Name	Type	Location	Description	Optional Value	Starting Version
ruleSetUuid	String	body (contained in the updateFirewallRule structure)	The ruleset UUID.		3.6.0
uuid	String	url	The rule UUID.		3.6.0
action	String	body (contained in the updateFirewallRule structure)	The action taken against data packets.	drop reject accept	3.6.0
protocol	String	body (contained in the updateFirewallRule structure)	Optional. The protocol.		3.6.0
destPort	String	body (contained in the updateFirewallRule structure)	Optional. The destination port.		3.6.0
sourcePort	String	body (contained in the updateFirewallRule structure)	Optional. The source port.		3.6.0
sourceIp	String	body (contained in the updateFirewallRule structure)	Optional. The source IP address.		3.6.0
destIp	String	body (contained in the updateFirewallRule structure)	Optional. The destination IP address.		3.6.0
allowStates	String	body (contained in the updateFirewallRule structure)	Optional. The allow status of packets.		3.6.0
tcpFlag	String	body (contained in the updateFirewallRule structure)	Optional. The TCP flag.		3.6.0
icmpTypeName	String	body (contained in the updateFirewallRule structure)	Optional. The ICMP type.		3.6.0
ruleNumber	Integer	body (contained in the updateFirewallRule structure)	The priority of the rule.		3.6.0
enableLog	boolean	body (contained in the updateFirewallRule structure)	Optional. Specifies whether to enable logging.		3.6.0
state	String	body (contained in the updateFirewallRule structure)	The action that changes the state of the rule.	enable disable	3.6.0
description	String	body (contained in the updateFirewallRule structure)	Optional. The detailed description of the rule.		3.6.0
systemTags	List	body	Optional. The system tags.		3.6.0
userTags	List	body	Optional. The user tags.		3.6.0

API Response

Sample Response

{
  "inventory": {
    "ruleSetUuid": "52099ab881ba30a09589fa0040a1b6a2",
    "action": "accept",
    "protocol": "TCP",
    "destPort": "22",
    "sourcePort": "22",
    "sourceIp": "192.168.1.2",
    "destIp": "192.168.1.1",
    "ruleNumber": 1001.0,
    "allowStates": "invalid,new",
    "tcpFlag": "SYN",
    "icmpTypeName": "echo-reply",
    "enableLog": false,
    "isApplied": true,
    "expired": false,
    "state": "disable",
    "isDefault": false,
    "description": "example rule des"
  }
}


Name	Type	Description	Starting Version
error	ErrorCode	The error code. If not null, the operation fails, or vice versa. For more information, see error.	3.6.0
inventory	VpcFirewallRuleInventory	See inventory.	3.6.0

#error


Name	Type	Description	Starting Version
code	String	The error code, which is a numbered or alphanumeric code that specifies an error. For example, SYS.1000, HOST.1001.	3.6.0
description	String	The brief description of the error.	3.6.0
details	String	The details about the error.	3.6.0
elaboration	String	The reserved field. Default value: null.	3.6.0
opaque	LinkedHashMap	The reserved field. Default value: null.	3.6.0
cause	ErrorCode	The root error, which is the associated root cause of the current error. If no root error exists, this parameter is null.	3.6.0

#inventory


Name	Type	Description	Starting Version
uuid	String	The firewall rule UUID.	3.6.0
ruleSetUuid	String	The ruleset UUID.	3.6.0
destPort	String	The destination port.	3.6.0
sourcePort	String	The source port.	3.6.0
sourceIp	String	The source IP address.	3.6.0
destIp	String	The destination IP address.	3.6.0
ruleNumber	Integer	The priority of the rule.	3.6.0
allowStates	String	Indicates the allow status of packets.	3.6.0
tcpFlag	String	The TCP flag.	3.6.0
icmpTypeName	String	The ICMP type.	3.6.0
isApplied	boolean	Indicates whether the rule is applied.	4.0.0
expired	boolean	Indicates whether the rule is expired.	4.0.0
isDefault	boolean	Indicates whether the rule is a default rule.	3.6.0
description	String	The detailed description of the resource.	3.6.0
createDate	Timestamp	The creation date.	3.6.0
lastOpDate	Timestamp	The last operation date.	3.6.0
action	ActionType	See action.	3.6.0
protocol	ProtocolType	See protocol.	3.6.0
state	FirewallRuleState	See state.	3.6.0

#action


Name	Type	Starting Version
drop	ActionType	3.6.0
reject	ActionType	3.6.0
accept	ActionType	3.6.0

#protocol


Name	Type	Starting Version
tcp_udp	ProtocolType	3.6.0
all	ProtocolType	3.6.0
ah	ProtocolType	3.6.0
ax.25	ProtocolType	3.6.0
dccp	ProtocolType	3.6.0
ddp	ProtocolType	3.6.0
egp	ProtocolType	3.6.0
eigrp	ProtocolType	3.6.0
encap	ProtocolType	3.6.0
esp	ProtocolType	3.6.0
etherip	ProtocolType	3.6.0
fc	ProtocolType	3.6.0
ggp	ProtocolType	3.6.0
gre	ProtocolType	3.6.0
hip	ProtocolType	3.6.0
hmp	ProtocolType	3.6.0
icmp	ProtocolType	3.6.0
ipdr-cmtp	ProtocolType	3.6.0
idpr	ProtocolType	3.6.0
igmp	ProtocolType	3.6.0
igp	ProtocolType	3.6.0
ip	ProtocolType	3.6.0
ipcomp	ProtocolType	3.6.0
ipencap	ProtocolType	3.6.0
ipip	ProtocolType	3.6.0
isis	ProtocolType	3.6.0
iso-tp4	ProtocolType	3.6.0
l2tp	ProtocolType	3.6.0
manet	ProtocolType	3.6.0
mpls-in-ip	ProtocolType	3.6.0
ospf	ProtocolType	3.6.0
pim	ProtocolType	3.6.0
pup	ProtocolType	3.6.0
rdp	ProtocolType	3.6.0
rohc	ProtocolType	3.6.0
rspf	ProtocolType	3.6.0
rsvp	ProtocolType	3.6.0
sctp	ProtocolType	3.6.0
skip	ProtocolType	3.6.0
st	ProtocolType	3.6.0
tcp	ProtocolType	3.6.0
udp	ProtocolType	3.6.0
udplite	ProtocolType	3.6.0
vmtp	ProtocolType	3.6.0
vrrp	ProtocolType	3.6.0
wesp	ProtocolType	3.6.0
xns-idp	ProtocolType	3.6.0
xtp	ProtocolType	3.6.0

#state


Name	Type	Description	Starting Version
disable	FirewallRuleState		3.6.0
enable	FirewallRuleState		3.6.0

SDK Sample

Java SDK

UpdateFirewallRuleAction action = new UpdateFirewallRuleAction();
action.ruleSetUuid = "c7b605d7c7e037f8b4df43bfe5a26d0f";
action.uuid = "7e9bd2ad1f48320d8782d737b262abb1";
action.action = "accept";
action.protocol = "tcp";
action.destPort = "22";
action.sourcePort = "22";
action.sourceIp = "192.168.1.2";
action.destIp = "192.168.1.1";
action.allowStates = "invalid,new";
action.tcpFlag = "SYN";
action.icmpTypeName = "echo-reply";
action.ruleNumber = 1001.0;
action.enableLog = false;
action.state = "disable";
action.description = "example rule des";
action.sessionId = "b86c9016b4f24953a9edefb53ca0678c";
UpdateFirewallRuleAction.Result res = action.call();

Python SDK

UpdateFirewallRuleAction action = UpdateFirewallRuleAction()
action.ruleSetUuid = "c7b605d7c7e037f8b4df43bfe5a26d0f"
action.uuid = "7e9bd2ad1f48320d8782d737b262abb1"
action.action = "accept"
action.protocol = "tcp"
action.destPort = "22"
action.sourcePort = "22"
action.sourceIp = "192.168.1.2"
action.destIp = "192.168.1.1"
action.allowStates = "invalid,new"
action.tcpFlag = "SYN"
action.icmpTypeName = "echo-reply"
action.ruleNumber = 1001.0
action.enableLog = false
action.state = "disable"
action.description = "example rule des"
action.sessionId = "b86c9016b4f24953a9edefb53ca0678c"
UpdateFirewallRuleAction.Result res = action.call()