firewall_settings_obj
firewall_settings_obj
Configuration Editor for API to add, modify, delete, and get configuration for Basic and Advanced Firewall settings resource.
Read/write properties
icmp_idle_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an active ICMP session..
tcp_closed_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an aborted TCP session..
source_route_validation <Boolean>
If enabled, packets will be dropped when received on an interface that differs from the packet's route, as determined by the Source IP address..
policy_template_name <String>
This is the name of the Policy Template defined globally whose filters will be included in this site's collection of firewall filters..
tcp_idle_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an active TCP session..
tcp_initial_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing a TCP session that has not completed a handshake..
max_new_connections_per_source <Integer>
The maximum number of non-established Connections to allow per Source IP Address. 0 = unlimited..
untracked_and_denied_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing Untracked or Denied Connections..
udp_idle_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an active UDP session..
tcp_timewait_seconds <Integer>
The time, in seconds, to wait for new packets before closing a terminated TCP session..
default_track_connection <Boolean>
Whether or not to enable bidirectional connection state tracking for TCP, UDP and ICMP packets that do not match a filter policy or NAT rule. This feature will block flows which appear illegitimate, due to asymmetric routing or failure of checksum, protocol specific validation -- proceed with caution if NetScaler SD-WAN is not fully inline..
icmp_initial_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an ICMP session that has not seen traffic in both directions..
generic_initial_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing a generic session that has not seen traffic in both directions..
default_firewall_action <String>
The action for packets that do not match a policy.. Possible values = [allow,drop]
udp_initial_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing a UDP session that has not seen traffic in both directions..
generic_idle_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing an active generic session..
tcp_closing_timeout_seconds <Integer>
The time, in seconds, to wait for new packets before closing a TCP session after a request to terminate..
Read only properties
priority <Integer>
The order/precedence in which Filters are applied (automatically redistributed)..
Operations
[add]{}
URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall_settings_obj
Description: Use this operation to add the basic and advanced firewall settings
HTTP Method: POST
Request Payload: JSON
{"firewall_settings_obj": { "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }}
Response Payload: JSON
{ "firewall_settings_obj":{ "icmp_idle_timeout_seconds":<Integer_value>
, "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }]}
[delete]{}
URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall_settings_obj/policy_template_name=<String>
Description: Use this operation to delete the basic and advanced firewall settings
HTTP Method: DELETE
Response Payload: JSON
{ "errorcode": 0, "message": "Done", "severity": <String;_value> }
[get (all)]{}
URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall_settings_obj
Description: Use this operation to get the basic and advanced firewall settings
HTTP Method: GET
Response Payload: JSON
{"firewall_settings_obj":[{ "icmp_idle_timeout_seconds":<Integer_value>
, "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }]}
[modify]{}
URL: http://<MGMT-IP>/sdwan/nitro/v1/config_editor/firewall_settings_obj
Description: Use this operation to modify the basic and advanced firewall settings
HTTP Method: PUT
Request Payload: JSON
{"firewall_settings_obj":{ "icmp_idle_timeout_seconds":<Integer_value> , "tcp_closed_timeout_seconds":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }}
Response Payload: JSON
{ "firewall_settings_obj":[{ "icmp_idle_timeout_seconds":<Integer_value>
, "tcp_closed_timeout_seconds":<Integer_value> , "priority":<Integer_value> , "source_route_validation":<Boolean_value> , "policy_template_name":<String_value> , "tcp_idle_timeout_seconds":<Integer_value> , "tcp_initial_timeout_seconds":<Integer_value> , "max_new_connections_per_source":<Integer_value> , "untracked_and_denied_timeout_seconds":<Integer_value> , "udp_idle_timeout_seconds":<Integer_value> , "tcp_timewait_seconds":<Integer_value> , "default_track_connection":<Boolean_value> , "icmp_initial_timeout_seconds":<Integer_value> , "generic_initial_timeout_seconds":<Integer_value> , "default_firewall_action":<String_value> , "udp_initial_timeout_seconds":<Integer_value> , "generic_idle_timeout_seconds":<Integer_value> , "tcp_closing_timeout_seconds":<Integer_value> }]}