Child pages
  • Set Default Firewall Rules
Skip to end of metadata
Go to start of metadata

Ensure that the following permissions are enabled before setting firewall rules for your virtual server:

  • Create own firewall rules
  • Destroy own firewall rules
  • Read own firewall rules
  • Update own firewall rules
  • Update own virtual server
  • Read own virtual server

To set default firewall rules for a VS (either DROP or ACCEPT), you need to set the rule for each network interface the VS is using. To do so, check the network interface ID and run the following request:

PUT /virtual_machines/:virtual_machine_id/network_interfaces/:id.xml
PUT /virtual_machines/:virtual_machine_id/network_interfaces/:id.json

XML Request example

curl -i -X PUT -u user:userpass -H 'Accept: application/xml' -H 'Content-type: application/xml' -d '<network_interface><default_firewall_rule>ACCEPT</default_firewall_rule></network_interface>' --url http://onapp.test/virtual_machines/:virtual_machine_id/network_interfaces/:network_interface_id.xml 

JSON Request example

curl -i -X PUT -u user:userpass -H 'Accept: application/json' -H 'Content-type: application/json' -d '{"network_interface":{"default_firewall_rule":"DROP"}}' --url http://onapp.test/virtual_machines/:virtual_machine_id/network_interfaces/:network_interface_id.json

Where:

default_firewall_rule* - set default firewall rule for the particular VS network interface – either DROP or ACCEPT

  • No labels