firewall

firewall

Configuration Editor for API to add, modify, delete, and get configuration for Firewall settings resource.

Read/write properties

firewall_static_nat_policy <firewall_static_nat_policy_obj[]>

Static NAT Policy for firewall.

firewall_dynamic_nat_policy <firewall_dynamic_nat_policy_obj[]>

Dynamic NAT Policy for firewall.

firewall_local_policy <firewall_local_policy_obj[]>

Local policy for firewall.

firewall_settings <firewall_settings_obj[]>

Basic settings for firewall.

firewall_destination_nat_policy <firewall_destination_nat_policy_obj[]>

Destination NAT Policy for firewall.

package_name <String>

Config package name using which the firewall API operation should be performed.. Minimum length = 1 Maximum length = 141

site_name <String>

Site Name. Minimum length = 1 Maximum length = 42

Read only properties

Operations

add delete get (all) modify

[add]{}

URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall

Description: Use this operation to add the firewall settings

HTTP Method: POST

Request Payload: JSON

{"firewall": { "firewall_static_nat_policy":[{ "service_type":<String_value> , "outside_network_ip_address":<String_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "bind_responder_route":<Boolean_value> , "service_name":<String_value> , "outside_zone":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> }] , "firewall_dynamic_nat_policy":[{ "port_forwarding_rules":[{ "protocol":<String_value> , "outside_port":<String_value> , "log_connection_end":<Boolean_value> , "inside_network_ip_address":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "inside_port":<String_value> , "log_connection_start":<Boolean_value> , "allow_fragments":<Boolean_value> }] , "enable_gre_pptp_passthrough":<Boolean_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "allow_related":<Boolean_value> , "service_name":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> , "service_type":<String_value> , "outside_network_ip_address":<String_value> , "port_parity":<Boolean_value> , "bind_responder_route":<Boolean_value> , "enable_ipsec_passthrough":<Boolean_value> , "outside_zone":<String_value> , "type":<String_value> }] , "firewall_local_policy":[{ "destination_service_name":<String_value> , "match_type":<String_value> , "destination_port":<Integer_value> , "application_objects":<String_value> , "source_port":<Integer_value> , "ip_dscp":<String_value> , "destination_ip_address":<String_value> , "source_service_type":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "destination_service_type":<String_value> , "id":<Integer_value> , "ip_protocol_num":<Integer_value> , "reverse_also":<Boolean_value> , "source_ip_address":<String_value> , "application_family":<String_value> , "application":<String_value> , "log_connection_end":<Boolean_value> , "to_zones":<String_value> , "action":<String_value> , "match_established":<Boolean_value> , "log_connection_start":<Boolean_value> , "source_service_name":<String_value> , "allow_fragments":<Boolean_value> , "from_zones":<String_value> }] , "firewall_settings":[{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }] , "firewall_destination_nat_policy":[{ "service_type":<String_value> , "outside_network_ip_address":<String_value> , "outside_port":<Integer_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "service_name":<String_value> , "inside_port":<String_value> , "id":<Integer_value> }] , "package_name":<String_value> , "site_name":<String_value> }}

Response Payload: JSON

{ "firewall":{ "firewall_static_nat_policy":[{ "service_type":<String_value>

, "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "bind_responder_route":<Boolean_value> , "service_name":<String_value> , "outside_zone":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> }], "firewall_dynamic_nat_policy":[{ "priority":<Integer_value> , "port_forwarding_rules":[{ "protocol":<String_value> , "outside_port":<String_value> , "log_connection_end":<Boolean_value> , "inside_network_ip_address":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "inside_port":<String_value> , "log_connection_start":<Boolean_value> , "allow_fragments":<Boolean_value> }], "enable_gre_pptp_passthrough":<Boolean_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "allow_related":<Boolean_value> , "service_name":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> , "service_type":<String_value> , "outside_network_ip_address":<String_value> , "port_parity":<Boolean_value> , "bind_responder_route":<Boolean_value> , "enable_ipsec_passthrough":<Boolean_value> , "outside_zone":<String_value> , "type":<String_value> }], "firewall_local_policy":[{ "priority":<Integer_value> , "destination_service_name":<String_value> , "match_type":<String_value> , "destination_port":<Integer_value> , "application_objects":<String_value> , "source_port":<Integer_value> , "ip_dscp":<String_value> , "destination_ip_address":<String_value> , "source_service_type":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "destination_service_type":<String_value> , "id":<Integer_value> , "ip_protocol_num":<Integer_value> , "reverse_also":<Boolean_value> , "source_ip_address":<String_value> , "application_family":<String_value> , "application":<String_value> , "log_connection_end":<Boolean_value> , "to_zones":<String_value> , "action":<String_value> , "match_established":<Boolean_value> , "log_connection_start":<Boolean_value> , "source_service_name":<String_value> , "allow_fragments":<Boolean_value> , "from_zones":<String_value> }], "firewall_settings":[{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }], "firewall_destination_nat_policy":[{ "service_type":<String_value> , "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "outside_port":<Integer_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "service_name":<String_value> , "inside_port":<String_value> , "id":<Integer_value> }], "package_name":<String_value> , "site_name":<String_value> }]}

[delete]{}

URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall/site_name=<String>,package_name=<String>

Description: Use this operation to delete the firewall settings

HTTP Method: DELETE

Response Payload: JSON

{ "errorcode": 0, "message": "Done", "severity": <String;_value> }

[get (all)]{}

URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall/package_name=<package_name>

Description: Use this operation to get the firewall settings

HTTP Method: GET

Response Payload: JSON

{"firewall":[{ "firewall_static_nat_policy":[{ "service_type":<String_value>

, "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "bind_responder_route":<Boolean_value> , "service_name":<String_value> , "outside_zone":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> }], "firewall_dynamic_nat_policy":[{ "priority":<Integer_value> , "port_forwarding_rules":[{ "protocol":<String_value> , "outside_port":<String_value> , "log_connection_end":<Boolean_value> , "inside_network_ip_address":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "inside_port":<String_value> , "log_connection_start":<Boolean_value> , "allow_fragments":<Boolean_value> }], "enable_gre_pptp_passthrough":<Boolean_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "allow_related":<Boolean_value> , "service_name":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> , "service_type":<String_value> , "outside_network_ip_address":<String_value> , "port_parity":<Boolean_value> , "bind_responder_route":<Boolean_value> , "enable_ipsec_passthrough":<Boolean_value> , "outside_zone":<String_value> , "type":<String_value> }], "firewall_local_policy":[{ "priority":<Integer_value> , "destination_service_name":<String_value> , "match_type":<String_value> , "destination_port":<Integer_value> , "application_objects":<String_value> , "source_port":<Integer_value> , "ip_dscp":<String_value> , "destination_ip_address":<String_value> , "source_service_type":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "destination_service_type":<String_value> , "id":<Integer_value> , "ip_protocol_num":<Integer_value> , "reverse_also":<Boolean_value> , "source_ip_address":<String_value> , "application_family":<String_value> , "application":<String_value> , "log_connection_end":<Boolean_value> , "to_zones":<String_value> , "action":<String_value> , "match_established":<Boolean_value> , "log_connection_start":<Boolean_value> , "source_service_name":<String_value> , "allow_fragments":<Boolean_value> , "from_zones":<String_value> }], "firewall_settings":[{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }], "firewall_destination_nat_policy":[{ "service_type":<String_value> , "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "outside_port":<Integer_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "service_name":<String_value> , "inside_port":<String_value> , "id":<Integer_value> }], "package_name":<String_value> , "site_name":<String_value> }]}

[modify]{}

URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall

Description: Use this operation to modify the firewall settings

HTTP Method: PUT

Request Payload: JSON

{"firewall":{ "firewall_static_nat_policy":[{ "service_type":<String_value> , "outside_network_ip_address":<String_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "bind_responder_route":<Boolean_value> , "service_name":<String_value> , "outside_zone":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> }] , "firewall_dynamic_nat_policy":[{ "port_forwarding_rules":[{ "protocol":<String_value> , "outside_port":<String_value> , "log_connection_end":<Boolean_value> , "inside_network_ip_address":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "inside_port":<String_value> , "log_connection_start":<Boolean_value> , "allow_fragments":<Boolean_value> }] , "enable_gre_pptp_passthrough":<Boolean_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "allow_related":<Boolean_value> , "service_name":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> , "service_type":<String_value> , "outside_network_ip_address":<String_value> , "port_parity":<Boolean_value> , "bind_responder_route":<Boolean_value> , "enable_ipsec_passthrough":<Boolean_value> , "outside_zone":<String_value> , "type":<String_value> }] , "firewall_local_policy":[{ "destination_service_name":<String_value> , "match_type":<String_value> , "destination_port":<Integer_value> , "application_objects":<String_value> , "source_port":<Integer_value> , "ip_dscp":<String_value> , "destination_ip_address":<String_value> , "source_service_type":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "destination_service_type":<String_value> , "id":<Integer_value> , "ip_protocol_num":<Integer_value> , "reverse_also":<Boolean_value> , "source_ip_address":<String_value> , "application_family":<String_value> , "application":<String_value> , "log_connection_end":<Boolean_value> , "to_zones":<String_value> , "action":<String_value> , "match_established":<Boolean_value> , "log_connection_start":<Boolean_value> , "source_service_name":<String_value> , "allow_fragments":<Boolean_value> , "from_zones":<String_value> }] , "firewall_settings":[{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }] , "firewall_destination_nat_policy":[{ "service_type":<String_value> , "outside_network_ip_address":<String_value> , "outside_port":<Integer_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "service_name":<String_value> , "inside_port":<String_value> , "id":<Integer_value> }] , "package_name":<String_value> , "site_name":<String_value> }}

Response Payload: JSON

{ "firewall":[{ "firewall_static_nat_policy":[{ "service_type":<String_value>

, "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "bind_responder_route":<Boolean_value> , "service_name":<String_value> , "outside_zone":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> }], "firewall_dynamic_nat_policy":[{ "priority":<Integer_value> , "port_forwarding_rules":[{ "protocol":<String_value> , "outside_port":<String_value> , "log_connection_end":<Boolean_value> , "inside_network_ip_address":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "inside_port":<String_value> , "log_connection_start":<Boolean_value> , "allow_fragments":<Boolean_value> }], "enable_gre_pptp_passthrough":<Boolean_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "allow_related":<Boolean_value> , "service_name":<String_value> , "id":<Integer_value> , "inside_zone":<String_value> , "service_type":<String_value> , "outside_network_ip_address":<String_value> , "port_parity":<Boolean_value> , "bind_responder_route":<Boolean_value> , "enable_ipsec_passthrough":<Boolean_value> , "outside_zone":<String_value> , "type":<String_value> }], "firewall_local_policy":[{ "priority":<Integer_value> , "destination_service_name":<String_value> , "match_type":<String_value> , "destination_port":<Integer_value> , "application_objects":<String_value> , "source_port":<Integer_value> , "ip_dscp":<String_value> , "destination_ip_address":<String_value> , "source_service_type":<String_value> , "track_connection":<Boolean_value> , "log_interval":<Integer_value> , "destination_service_type":<String_value> , "id":<Integer_value> , "ip_protocol_num":<Integer_value> , "reverse_also":<Boolean_value> , "source_ip_address":<String_value> , "application_family":<String_value> , "application":<String_value> , "log_connection_end":<Boolean_value> , "to_zones":<String_value> , "action":<String_value> , "match_established":<Boolean_value> , "log_connection_start":<Boolean_value> , "source_service_name":<String_value> , "allow_fragments":<Boolean_value> , "from_zones":<String_value> }], "firewall_settings":[{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }], "firewall_destination_nat_policy":[{ "service_type":<String_value> , "priority":<Integer_value> , "outside_network_ip_address":<String_value> , "outside_port":<Integer_value> , "direction":<String_value> , "inside_network_ip_address":<String_value> , "service_name":<String_value> , "inside_port":<String_value> , "id":<Integer_value> }], "package_name":<String_value> , "site_name":<String_value> }]}

Was this article helpful?