Add Firewall Rule

To add a firewall rule, use the request listed below. After you add a rule, you have to apply it to initiate a transaction responsible for running firewall rules. See the Apply Firewall Rule section for details.

POST /virtual_machines/:virtual_machine_id/firewall_rules.xml
POST /virtual_machines/:virtual_machine_id/firewall_rules.json 

XML Request example

curl -i -X POST -H 'Accept: application/xml' -H 'Content-type: application/xml' -u user:userpass -d '<?xml version="1.0" encoding="UTF-8"?><firewall_rule><address></address><command>DROP</command><port></port><protocol>TCP</protocol><network_interface_id>105</network_interface_id></firewall_rule>' --url http://onapp.test/virtual_machines/:virtual_machine_id/firewall_rules.xml

JSON Request example

curl -i -X POST -H 'Accept: application/json' -H 'Content-type: application/json' -u user:userpass -d '{"firewall_rule":{"address":"","command":"DROP","protocol":"TCP","network_interface_id":"105","port":""}}' --url http://onapp.test/virtual_machines/:virtual_machine_id/firewall_rules.json

Send the following parameters:

address* - Set the IP address for which this rule is active.

• Leave the empty field to apply this rule to all IPs
• Enter hyphen-separated IPs to apply the rule to an IP range (e.g. 192.168.1.1-192.168.1.10)
• Enter the IPs with slash to apply the rule to CIDR (e.g. 192.168.1.1/24)

command* - sets the command to ACCEPT or DROP the abovementioned IPs

port - sets the port addresses

• Leave the empty field to apply the rule to all ports
• Enter colon-separated ports to apply the rule to a port range (e.g. 1024:1028)
• Enter comma-separated ports to apply the rule to the list of ports (e.g. 80,443,21)

protocol* - protocol type (TCP or UDP)

network_interface_id* - interface of the network