Loading...
 

Modify Firewall


HTTP VerbPUT
URI Template/account/{accID}/node/{nodeID}/firewall
MIME Typeapplication/vnd.pncp.v.1.0+json onwards
Normal HTTP Response Code200 OK
Invoked ByResellers can invoke this for their own account as well as any other account they own. End-clients can invoke this for their account only.
Response ModeSynchronous.

Sample Request

PUT /pncp-external-api-rest/account/88/node/1/firewall HTTP/1.1
Accept: application/vnd.pncp.v.5.0+json
Authorization: PNCP EWHBIyWfPKYCl9ZtNIruAmViuapvu7Vdw5ukeIVZ9ZQ=
Content-Type: application/vnd.pncp.v.5.0+json 
Content-Length: 529
User-Agent: Jakarta Commons-HttpClient/3.1
Host: YOUR_API_URL

{
   "firewallStatus":"ON",
   "firewallRules":[
      {
         "name":"rule1",
         "sourceIp":"192.0.0.1-192.0.0.3",
         "sourcePort":"ANY",
         "destinationIp":"ANY",
         "destinationPort":"8080",
         "firewallProtocol":"TCP",
         "firewallRuleAction":"ALLOW",
         "rulePriority":2,
         "active":true
      },
      {
         "name":"rule2",
         "sourceIp":"ANY",
         "sourcePort":"8080,8443",
         "destinationIp":"ANY",
         "destinationPort":"8080",
         "firewallProtocol":"TCP",
         "firewallRuleAction":"ALLOW",
         "rulePriority":3,
         "active":true
      }
   ]
}

Request Notes

  • firewallStatus can be set to NOT_PROVISIONED, ON, OFF or REMOTE_ONLY.
  • lastUpdatedTimestamp is a date of format yyyy/MM/dd HH:mm:ss.
  • sourceIp can be one of the following:
    • ANY (any IP),
    • An IP range (e.g. 64.38.194.0 – 64.38.194.255), or
    • A subnet mask (e.g. 64.38.194.0/24).
  • sourcePort and destinationPort can be set to multiple ports separated by commas (e.g. 8080, 8443)or to ranges (e.g. 8080-8085).
  • destinationIp can be set to either ANY or a public IP of one of the account’s virtual machines.
  • firewallProtocol can be set to TCP or UDP.
  • firewallRuleAction can be set to ALLOW or DENY.
  • The higher the value of rulePriority, the lower the priority of the rule.

Sample Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: application/vnd.pncp.v.5.0+json
Transfer-Encoding: chunked
Date: Tue, 31 Jan 2012 16:17:49 GMT

{
   "firewallStatus":"ON",
   "lastUpdatedTimestamp":"2012/01/31 17:16:40",
   "firewallRules":[
      {
         "name":"rule1",
         "sourceIp":"192.0.0.1-192.0.0.3",
         "sourcePort":"ANY",
         "destinationIp":"ANY",
         "destinationPort":"8080",
         "firewallProtocol":"TCP",
         "firewallRuleAction":"ALLOW",
         "rulePriority":1,
         "active":true
      },
      {
         "name":"rule2",
         "sourceIp":"ANY",
         "sourcePort":"8080,8443",
         "destinationIp":"ANY",
         "destinationPort":"8080",
         "firewallProtocol":"TCP",
         "firewallRuleAction":"ALLOW",
         "rulePriority":2,
         "active":true
      }
   ]
}

Field Info

Field Name
Required
firewallStatus
YES
firewallRulesdefault: [empty list]
[firewallRules].name
YES
[firewallRules].sourceIp
YES
[firewallRules].sourcePort
YES
[firewallRules].destinationIp
YES
[firewallRules].destinationPort
YES
[firewallRules].firewallProtocol
YES
[firewallRules].firewallRuleAction
YES
[firewallRules].rulePriority
YES
[firewallRules].active
YES