yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
a9f303e99a61a96e4063face5ee2e27109e4faa9
doc-exports/docs/vpc/api-ref/AddFirewallRules.html
fanqinying 7655950d89 VPC API 20251113 version 
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: fanqinying <fanqinying@huawei.com>
Co-committed-by: fanqinying <fanqinying@huawei.com>
2026-04-10 09:21:14 +00:00

949 lines
46 KiB
HTML
Raw Blame History

<a name="AddFirewallRules"></a><a name="AddFirewallRules"></a>
<h1 class="topictitle1">Inserting a Network ACL Rule</h1>
<div id="body1708331107508"><div class="section"><h4 class="sectiontitle">Function</h4><p>This API is used to add rules to a network ACL.</p>
</div>
<div class="section" id="AddFirewallRules__atuogenerate_1"><h4 class="sectiontitle">URI</h4><p>PUT /v3/{project_id}/vpc/firewalls/{firewall_id}/insert-rules</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Path Parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.2"><p>Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.2.3.2.5.1.3"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.2.3.2.5.1.4"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p>firewall_id</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.2.3.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Network ACL ID. You can call the API <a href="ListFirewall.html">Querying Network ACLs</a> to obtain the ID of the target network ACL, and then use this API to add network ACL rules.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.1 "><p>project_id</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.2.3.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.2.3.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>ID of the project that the network ACL belongs to.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Request Parameters</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__request_AddFirewallRulesRequestBody" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Request body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.2"><p>Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.2.2.5.1.3"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.2.2.5.1.4"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p>firewall</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p><a href="#AddFirewallRules__request_FirewallInsertRuleOption">FirewallInsertRuleOption</a> object</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.2.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Request body for inserting a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.1 "><p>dry_run</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.2.2.5.1.3 "><p>Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.2.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Whether to only check the request.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<ul><li><p>true: A check request will be sent and no network ACL rule will be inserted. Check items include mandatory parameters, request format, and constraints. If the check fails, an error will be returned. If the check succeeds, response code 202 will be returned.</p>
</li><li><p>false: A request will be sent and a network ACL rule will be inserted.</p>
</li></ul>
<p><strong>Default Value</strong>:</p>
<p>false</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__request_FirewallInsertRuleOption"></a><a name="request_FirewallInsertRuleOption"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__request_FirewallInsertRuleOption" frame="border" border="1" rules="all"><caption><b>Table 3 </b>FirewallInsertRuleOption</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.2"><p>Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.3.2.5.1.3"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.3.2.5.1.4"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>ingress_rules</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Array of <a href="#AddFirewallRules__request_FirewallInsertRuleItemOption">FirewallInsertRuleItemOption</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Network ACL inbound rules.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>egress_rules</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>Array of <a href="#AddFirewallRules__request_FirewallInsertRuleItemOption">FirewallInsertRuleItemOption</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Network ACL outbound rules.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.1 "><p>insert_after_rule</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.3.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.3.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>ID of an inbound or outbound network ACL rule after which a new rule will be inserted. If not specified, the network ACL rule will be inserted at the beginning of the inbound or outbound rule list.</p>
<p><strong>Constraints</strong>:</p>
<p>If <strong>insert_after_rule</strong> is specified, either <strong>ingress_rules</strong> or <strong>egress_rules</strong> can be specified. That is, the new rule must be inserted into either the inbound or outbound rule list. The specified rule must exist in the inbound or outbound network ACL rule list.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__request_FirewallInsertRuleItemOption"></a><a name="request_FirewallInsertRuleItemOption"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__request_FirewallInsertRuleItemOption" frame="border" border="1" rules="all"><caption><b>Table 4 </b>FirewallInsertRuleItemOption</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.2"><p>Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.3.4.2.5.1.3"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="40%" id="mcps1.3.3.4.2.5.1.4"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>name</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Network ACL rule name.</p>
<p><strong>Constraints</strong>:</p>
<p>The value can contain 0 to 255 characters, including letters, digits, underscores (_), hyphens (-), and periods.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>description</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Supplementary information about the network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<p>The value can contain 0 to 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>action</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Whether a network ACL rule allows or denies traffic.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<ul><li><p>allow: A network ACL rule allows traffic.</p>
</li><li><p>deny: A network ACL rule denies traffic.</p>
</li></ul>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>protocol</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Communication protocol of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<ul><li><p>The protocol cannot be empty.</p>
</li><li><p>If the protocol is <strong>icmpv6</strong>, IP version should be IPv6.</p>
</li><li><p>If the protocol is <strong>icmp</strong>, IP version should be IPv4.</p>
</li><li><p>tcp</p>
</li><li><p>udp</p>
</li><li><p>icmp</p>
</li><li><p>icmpv6</p>
</li><li><p>IP protocol number (0-255)</p>
</li><li><p>any: any protocol</p>
</li></ul>
<p><strong>Range</strong>:</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>ip_version</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>Yes</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>Integer</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>IP address version of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<ul><li><p>4: IPv4 network ACL rule.</p>
</li><li><p>6: IPv6 network ACL rule.</p>
</li></ul>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>source_ip_address</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Source IP address or source IP address range of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<p><strong>source_ip_address</strong> and <strong>source_address_group_id</strong> cannot be specified at the same time.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>destination_ip_address</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Destination IP address or destination IP address range of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<p><strong>destination_ip_address</strong> and <strong>destination_address_group_id</strong> cannot be specified at the same time.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>source_port</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Source port of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<ul><li><p>Individual port: for example, 22</p>
</li><li><p>Consecutive ports: for example, 22-30</p>
</li><li><p>Non-consecutive ports: ports and port ranges, such as <strong>22,23-30</strong>. You can specify up to 20 port ranges. Port ranges cannot overlap.</p>
</li><li><p>All ports: Leave it empty or enter 1-65535.</p>
</li></ul>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>destination_port</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Destination port of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<ul><li><p>Individual port: for example, 22</p>
</li><li><p>Consecutive ports: for example, 22-30</p>
</li><li><p>Non-consecutive ports: ports and port ranges, such as <strong>22,23-30</strong>. You can specify up to 20 port ranges. Port ranges cannot overlap.</p>
</li><li><p>All ports: Leave it empty or enter 1-65535.</p>
</li></ul>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>source_address_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>ID of the source IP address group of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<ul><li><p><strong>source_ip_address</strong> and <strong>source_address_group_id</strong> cannot be specified at the same time.</p>
</li><li><p><strong>source_address_group_id</strong> and <strong>destination_address_group_id</strong> cannot be specified at the same time.</p>
</li></ul>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>destination_address_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>ID of the destination IP address group of a network ACL rule.</p>
<p><strong>Constraints</strong>:</p>
<ul><li><p><strong>destination_ip_address</strong> and <strong>destination_address_group_id</strong> cannot be specified at the same time.</p>
</li><li><p><strong>destination_address_group_id</strong> and <strong>source_address_group_id</strong> cannot be specified at the same time.</p>
</li></ul>
<p><strong>Range</strong>:</p>
<p>N/A</p>
<p><strong>Default Value</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.1 "><p>enabled</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.2 "><p>No</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.3.4.2.5.1.3 "><p>Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="40%" headers="mcps1.3.3.4.2.5.1.4 "><p><strong>Definition</strong>:</p>
<p>Whether a network ACL rule is enabled.</p>
<p><strong>Constraints</strong>:</p>
<p>N/A</p>
<p><strong>Range</strong>:</p>
<ul><li><p>true: A network ACL rule is enabled.</p>
</li><li><p>false: A network ACL rule is disabled.</p>
</li></ul>
<p><strong>Default Value</strong>:</p>
<p>true</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Response Parameters</h4><p><strong>Status code: 200</strong></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__response_AddFirewallRulesResponseBody" frame="border" border="1" rules="all"><caption><b>Table 5 </b>Response body parameters</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.3.2.4.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.3.2.4.1.2"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.3.2.4.1.3"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.3.2.4.1.1 "><p>firewall</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.3.2.4.1.2 "><p><a href="#AddFirewallRules__response_FirewallDetail">FirewallDetail</a> object</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.3.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Response body for inserting a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.3.2.4.1.1 "><p>request_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.3.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.3.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Request ID.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__response_FirewallDetail"></a><a name="response_FirewallDetail"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__response_FirewallDetail" frame="border" border="1" rules="all"><caption><b>Table 6 </b>FirewallDetail</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.4.2.4.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.4.2.4.1.2"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.4.2.4.1.3"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL ID. Each network ACL comes with an ID, which uniquely identifies the network ACL.</p>
<p><strong>Range</strong>:</p>
<p>The value is in UUID format with hyphens (-).</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>name</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Name of the network ACL.</p>
<p><strong>Range</strong>:</p>
<p>The value can contain 1 to 64 characters, including letters, digits, underscores (_), hyphens (-), and periods.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>description</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Supplementary information about the network ACL.</p>
<p><strong>Range</strong>:</p>
<p>The value can contain 0 to 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>project_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the project that the network ACL belongs to.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>created_at</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Time when the network ACL was created. The value is automatically generated by the system.</p>
<p><strong>Range</strong>:</p>
<p>The value is a UTC time in the format of <em>yyyy-MM-ddTHH:mm:ssZ</em>.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>updated_at</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Time when the network ACL was last updated. The value is automatically generated by the system.</p>
<p><strong>Range</strong>:</p>
<p>The value is a UTC time in the format of <em>yyyy-MM-ddTHH:mm:ssZ</em>.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>admin_state_up</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL administrative status.</p>
<p><strong>Range</strong></p>
<ul><li><p>true: The network ACL is enabled.</p>
</li><li><p>false: The network ACL is disabled.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>status</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL status.</p>
<p><strong>Range</strong></p>
<ul><li><p>ACTIVE: The network ACL is associated with a subnet.</p>
</li><li><p>INACTIVE: The network ACL is not associated with a subnet.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>enterprise_project_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the enterprise project that the network ACL belongs to.</p>
<p><strong>Range</strong>:</p>
<p>The value is <strong>0</strong> or a string that contains a maximum of 36 characters in UUID format with hyphens (-). <strong>0</strong> indicates the default enterprise project.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>tags</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>Array of <a href="#AddFirewallRules__response_ResponseTag">ResponseTag</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Tags of a network ACL, including tag keys and tag values, which can be used to classify and identify resources. For details, see the tag objects.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>associations</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>Array of <a href="#AddFirewallRules__response_FirewallAssociation">FirewallAssociation</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Subnets associated with the network ACL.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>ingress_rules</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>Array of <a href="#AddFirewallRules__response_FirewallRuleDetail">FirewallRuleDetail</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL inbound rules.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.1 "><p>egress_rules</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.4.2.4.1.2 "><p>Array of <a href="#AddFirewallRules__response_FirewallRuleDetail">FirewallRuleDetail</a> objects</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.4.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL outbound rules.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__response_ResponseTag"></a><a name="response_ResponseTag"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__response_ResponseTag" frame="border" border="1" rules="all"><caption><b>Table 7 </b>ResponseTag</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.5.2.4.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.5.2.4.1.2"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.5.2.4.1.3"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.5.2.4.1.1 "><p>key</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.5.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.5.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Tag key.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>A tag key can contain a maximum of 128 Unicode characters and cannot be left blank.</p>
</li><li><p>Each tag key of a resource must be unique.</p>
</li><li><p>The value can contain:</p>
<ul><li><p>Letters</p>
</li><li><p>Digits</p>
</li><li><p>Special characters: underscores (_), periods (.), colons (:), plus signs (+), hyphens (-), at signs (@), and equal signs (=)</p>
</li></ul>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.5.2.4.1.1 "><p>value</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.5.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.5.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Tag value.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>Each value can contain a maximum of 255 Unicode characters and can be left blank.</p>
</li><li><p>The value can contain:</p>
<ul><li><p>Letters</p>
</li><li><p>Digits</p>
</li><li><p>Special characters: underscores (_), colons (:), plus signs (+), hyphens (-), at signs (@), and equal signs (=)</p>
</li></ul>
</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__response_FirewallAssociation"></a><a name="response_FirewallAssociation"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__response_FirewallAssociation" frame="border" border="1" rules="all"><caption><b>Table 8 </b>FirewallAssociation</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.6.2.4.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.6.2.4.1.2"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.6.2.4.1.3"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.6.2.4.1.1 "><p>virsubnet_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.6.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.6.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the subnet associated with the network ACL.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>If the network ACL type is normal, it can only be associated with common subnets.</p>
</li><li><p>If the network ACL type is CloudDCN, it can only be associated with CloudDCN subnets.</p>
</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="AddFirewallRules__response_FirewallRuleDetail"></a><a name="response_FirewallRuleDetail"></a><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__response_FirewallRuleDetail" frame="border" border="1" rules="all"><caption><b>Table 9 </b>FirewallRuleDetail</caption><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.7.2.4.1.1"><p>Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.4.7.2.4.1.2"><p>Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.7.2.4.1.3"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL rule ID. Each network ACL rule comes with an ID, which uniquely identifies the network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p>The value is in UUID format with hyphens (-).</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>name</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Network ACL rule name.</p>
<p><strong>Range</strong>:</p>
<p>The value can contain 0 to 255 characters, including letters, digits, underscores (_), hyphens (-), and periods.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>description</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Supplementary information about the network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p>The value can contain 0 to 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>action</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Whether a network ACL rule allows or denies traffic.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>allow: A network ACL rule allows traffic.</p>
</li><li><p>deny: A network ACL rule denies traffic.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>project_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the project that the network ACL rule belongs to.</p>
<p><strong>Range</strong>:</p>
<p>N/A</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>protocol</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Communication protocol of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>tcp</p>
</li><li><p>udp</p>
</li><li><p>icmp</p>
</li><li><p>icmpv6</p>
</li><li><p>IP protocol number (0-255)</p>
</li><li><p>any: any protocol</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>ip_version</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>Integer</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>IP address version of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>4: IPv4 network ACL rule.</p>
</li><li><p>6: IPv6 network ACL rule.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>source_ip_address</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Source IP address or source IP address range of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p><strong>source_ip_address</strong> and <strong>source_address_group_id</strong> cannot be specified at the same time.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>destination_ip_address</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Destination IP address or destination IP address range of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p><strong>destination_ip_address</strong> and <strong>destination_address_group_id</strong> cannot be specified at the same time.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>source_port</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Source port of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>Individual port: for example, 22</p>
</li><li><p>Consecutive ports: for example, 22-30</p>
</li><li><p>Non-consecutive ports: ports and port ranges, such as <strong>22,23-30</strong>. You can specify up to 20 port ranges. Port ranges cannot overlap.</p>
</li><li><p>All ports: Leave it empty or enter 1-65535.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>destination_port</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Destination port of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>Individual port: for example, 22</p>
</li><li><p>Consecutive ports: for example, 22-30</p>
</li><li><p>Non-consecutive ports: ports and port ranges, such as <strong>22,23-30</strong>. You can specify up to 20 port ranges. Port ranges cannot overlap.</p>
</li><li><p>All ports: Leave it empty or enter 1-65535.</p>
</li></ul>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>source_address_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the source IP address group of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p><strong>source_ip_address</strong> and <strong>source_address_group_id</strong> cannot be specified at the same time.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>destination_address_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>String</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>ID of the destination IP address group of a network ACL rule.</p>
<p><strong>Range</strong>:</p>
<p><strong>destination_ip_address</strong> and <strong>destination_address_group_id</strong> cannot be specified at the same time.</p>
</td>
</tr>
<tr><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.1 "><p>enabled</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.4.7.2.4.1.2 "><p>Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.7.2.4.1.3 "><p><strong>Definition</strong>:</p>
<p>Whether a network ACL rule is enabled.</p>
<p><strong>Range</strong>:</p>
<ul><li><p>true: (default value) A network ACL rule is enabled.</p>
</li><li><p>false: A network ACL rule is disabled.</p>
</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Example Requests</h4><ul><li><p>Insert an inbound rule below the rule whose ID is 774cf578-e70d-ec11-a40c-b864b1cf74ea to the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.</p>
<pre class="screen">PUT https://{Endpoint}/v3/{project_id}/vpc/firewalls/e9a7731d-5bd9-4250-a524-b9a076fd5629/insert-rules
{
"firewall" : {
"ingress_rules" : [ {
"name" : "network_acl_rule test 2",
"description" : "network_acl_rule test 2",
"action" : "allow",
"protocol" : "tcp",
"ip_version" : "4",
"source_ip_address" : "192.168.12.0/24",
"destination_ip_address" : "192.168.17.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90",
"source_address_group_id" : null,
"destination_address_group_id" : null
} ],
"insert_after_rule" : "774cf578-e70d-ec11-a40c-b864b1cf74ea"
}
}</pre>
</li><li><p>Insert an outbound rule below the rule whose ID is f9a7731d-5bd9-4250-a524-b9a076fd5629 to the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.</p>
<pre class="screen">PUT https://{Endpoint}/v3/{project_id}/vpc/firewalls/e9a7731d-5bd9-4250-a524-b9a076fd5629/insert-rules
{
"firewall" : {
"egress_rules" : [ {
"name" : "network_acl_rule test 2",
"description" : "network_acl_rule test 2",
"action" : "allow",
"protocol" : "tcp",
"ip_version" : "4",
"source_ip_address" : "192.168.22.0/24",
"destination_ip_address" : "192.168.27.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90",
"source_address_group_id" : null,
"destination_address_group_id" : null
} ],
"insert_after_rule" : "f9a7731d-5bd9-4250-a524-b9a076fd5629"
}
}</pre>
</li></ul>
</div>
<div class="section"><h4 class="sectiontitle">Example Responses</h4><p><strong>Status code: 200</strong></p>
<p>Normal response to the PUT operation. For more status codes, see <a href="vpc_api_0002.html">Status Codes</a>.</p>
<pre class="screen">{
"firewall" : {
"id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629",
"name" : "network_acl_test1",
"description" : "network_acl_test1",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"created_at" : "2022-04-07T07:30:46.000+00:00",
"updated_at" : "2022-04-07T07:30:46.000+00:00",
"admin_state_up" : true,
"enterprise_project_id" : "158ad39a-dab7-45a3-9b5a-2836b3cf93f9",
"status" : "ACTIVE",
"tags" : [ ],
"ingress_rules" : [ {
"id" : "774cf578-e70d-ec11-a40c-b864b1cf74ea",
"name" : "network_acl_rule test",
"description" : "network_acl_rule test",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : 4,
"source_ip_address" : "192.168.3.0/24",
"destination_ip_address" : "192.168.6.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90"
}, {
"id" : "8cdd7975-3124-c8cf-1046-2255714f44a7",
"name" : "network_acl_rule test 2",
"description" : "network_acl_rule test 2",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : 4,
"source_ip_address" : "192.168.12.0/24",
"destination_ip_address" : "192.168.17.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90"
} ],
"egress_rules" : [ {
"id" : "f9a7731d-5bd9-4250-a524-b9a076fd5629",
"name" : "network_acl_rule test",
"description" : "network_acl_rule test",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : 4,
"source_ip_address" : "192.168.3.0/24",
"destination_ip_address" : "192.168.6.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90"
}, {
"id" : "f223851e-c5a3-9761-294a-9ad9f548c105",
"name" : "network_acl_rule test 2",
"description" : "network_acl_rule test 2",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : 4,
"source_ip_address" : "192.168.22.0/24",
"destination_ip_address" : "192.168.27.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90"
} ],
"associations" : [ {
"virsubnet_id" : "8359e5b0-353f-4ef3-a071-98e67a34a143"
} ]
}
}</pre>
</div>
<div class="section"><h4 class="sectiontitle">Status Codes</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="AddFirewallRules__status_code" frame="border" border="1" rules="all"><thead align="left"><tr><th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.7.2.1.3.1.1"><p>Status Code</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="85%" id="mcps1.3.7.2.1.3.1.2"><p>Description</p>
</th>
</tr>
</thead>
<tbody><tr><td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.7.2.1.3.1.1 "><p>200</p>
</td>
<td class="cellrowborder" valign="top" width="85%" headers="mcps1.3.7.2.1.3.1.2 "><p>Normal response to the PUT operation. For more status codes, see <a href="vpc_api_0002.html">Status Codes</a>.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section"><h4 class="sectiontitle">Error Codes</h4><p>See <a href="vpc_api_0003.html">Error Codes</a>.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="topic_300000004.html">Network ACL</a></div>
</div>
</div>
View Git Blame Copy Permalink