qiaoli
2ced5c725f
Reviewed-by: Gladkov, Maksim <mgladkov@noreply.gitea.eco.tsi-dev.otc-service.com> Co-authored-by: qiaoli <qiaoli@huawei.com> Co-committed-by: qiaoli <qiaoli@huawei.com>
18 KiB
Creating a Blacklist or Whitelist Rule
Function
This API is used to create a blacklist or whitelist rule.
URI
POST /v1/{project_id}/black-white-list
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID. |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
enterprise_project_id |
No |
String |
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0. |
fw_instance_id |
No |
String |
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. You can obtain the token by referring to Obtaining a User Token. |
Content-Type |
Yes |
String |
Content type. It can only be set to application/json. |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
object_id |
Yes |
String |
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects). |
list_type |
Yes |
Integer |
Blacklist/Whitelist type: 4 (blacklist), 5 (whitelist). |
direction |
Yes |
Integer |
Address direction: 0 (source), 1 (destination). |
address_type |
Yes |
Integer |
Internet protocol type of an address: 0 (IPv4), 1 (IPv6). |
address |
Yes |
String |
IP address |
protocol |
Yes |
Integer |
Protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual), and can be left blank when type is set to 1 (automatic). |
port |
Yes |
String |
Destination port. |
description |
No |
String |
Description. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
data |
BlackWhiteListId object |
Response to the request for adding a blacklist/whitelist item. |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Blacklist/Whitelist ID. |
name |
String |
Blacklist/Whitelist name.Which is the Address |
Status code: 400
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Example Requests
Add an IPv4 whitelist to object cfebd347-b655-4b84-b938-3c54317599b2 of project 9d80d070b6d44942af73c9c3d38e0429. Direction: source address; IP address: 1.1.1.1; protocol type: TCP; port number: 1.
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/black-white-list
{
"object_id" : "cfebd347-b655-4b84-b938-3c54317599b2",
"list_type" : 5,
"direction" : 0,
"address" : "1.1.1.1",
"protocol" : 6,
"port" : "1",
"address_type" : 0
}
Example Responses
Status code: 200
Response to the request for adding a blacklist or whitelist rule.
{
"data" : {
"id" : "6e91797b-05bd-4c69-9454-6af905178729",
"name" : "10.10.1.3"
}
}
Status code: 400
Bad Request
{
"error_code" : "CFW.0020016",
"error_msg" : "Incorrect instance status."
}
Status Codes
Status Code |
Description |
|---|---|
200 |
Response to the request for adding a blacklist or whitelist rule. |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
500 |
Internal Server Error |
Error Codes
See Error Codes.