Appliance Networking Firewall Inbound set

Set the ordered list of firewall rules to allow or deny traffic from one or more incoming IP addresses. This overwrites the existing firewall rules and creates a new rule list. Within the list of traffic rules, rules are processed in order of appearance, from top to bottom. For example, the list of rules can be as follows:

AddressPrefixInterface NamePolicy 10.112.0.10*REJECT 10.112.0.10nic0ACCEPT

In the above example, the first rule drops all packets originating from 10.112.0.1 and
the second rule accepts all packets originating from 10.112.0.1 only on nic0. In effect, the second rule is always ignored which is not desired, hence the order has to be swapped. When a connection matches a firewall rule, further processing for the connection stops, and the appliance ignores any additional firewall rules you have set.

This operation was added in vSphere API 6.7.1.

Request

URI

PUT

https://{api_host}/api/appliance/networking/firewall/inbound

COPY

Request Body

Request body for invoking operation: set

Show optional properties

{
    "rules": [
        {
            "address": "string",
            "prefix": 0,
            "policy": "string"
        }
    ]
}

{
    "rules": [
        {
            "address": "string",
            "prefix": 0,
            "policy": "string",
            "interface_name": "string"
        }
    ]
}

array of Appliance Networking Firewall Inbound Rule

rules

Required

List of address-based firewall rules.

Authentication

This operation uses the following authentication methods.

api_key_auth

Responses

204

Success!

Operation doesn't return any data structure

500

Generic error

Returns Vapi Std Errors Error of type(s) application/json

"Vapi Std Errors Error Object"

array of object

messages

Required

Stack of one or more localizable messages for human error consumers.

The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.

Each subsequent message in the stack describes the "cause" of the prior message.

object

data

Optional

Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.

Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.

The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.

Some operations will not set this property when reporting errors.

string

error_type

Required

Discriminator field to help API consumers identify the structure type.

For more information see: Vapi Std Errors Error Type.

This property was added in vSphere API 6.7.2.

Can be missing or null for compatibility with preceding implementations.

Code Samples

COPY

                    curl -X PUT -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{"rules":["object"]}' https://{api_host}/api/appliance/networking/firewall/inbound

On This Page

Description

Request

Request Body

Authentication

Response

204 Response Body

Errors

Appliance Operations

GET

Appliance Networking Firewall Inbound get

PUT

Appliance Networking Firewall Inbound set