InlineDSRule1

InlineDSRule1
InlineDSRule1
JSON Example 
{
    "is_default": false,
    "direction": "string",
    "rule_tag": "string",
    "ip_protocol": "string",
    "notes": "string",
    "applied_tos": [
        {
            "target_display_name": "string",
            "is_valid": false,
            "target_id": "string",
            "target_type": "string"
        }
    ],
    "logged": false,
    "disabled": false,
    "sources": [
        {
            "target_display_name": "string",
            "is_valid": false,
            "target_id": "string",
            "target_type": "string"
        }
    ],
    "services": [
        {
            "target_display_name": "string",
            "is_valid": false,
            "target_id": "string",
            "target_type": "string",
            "service": {
                "resource_type": "string"
            }
        }
    ],
    "action": "string",
    "sources_excluded": false,
    "destinations_excluded": false,
    "destinations": [
        {
            "target_display_name": "string",
            "is_valid": false,
            "target_id": "string",
            "target_type": "string"
        }
    ]
}
boolean
is_default
Optional

Flag to indicate whether rule is default.

string
direction
Optional

Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.

Possible values are : IN, OUT, IN_OUT,
string
rule_tag
Optional

User level field which will be printed in CLI and packet logs.

string
ip_protocol
Optional

Type of IP packet that should be matched while enforcing the rule.

Possible values are : IPV4, IPV6, IPV4_IPV6,
string
notes
Optional

User notes specific to the rule.

array of ResourceReference
applied_tos
Optional

List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.

boolean
logged
Optional

Flag to enable packet logging. Default is disabled.

boolean
disabled
Optional

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.

array of ResourceReference
sources
Optional

List of sources. Null will be treated as any.

array of DSService
services
Optional

List of the services. Null will be treated as any.

string
action
Required

Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).

Possible values are : ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT,
boolean
sources_excluded
Optional

Negation of the source.

boolean
destinations_excluded
Optional

Negation of the destination.

array of ResourceReference
destinations
Optional

List of the destinations. Null will be treated as any.

Used By