Creating and replacing firewall rules

  1. Lock the network container by sending a POST /csm/networkcontainer/<guid>/acquireLock request.
    The response to this request includes a lock identifier that you must include in subsequent requests.

     Sample network container acquire lock request

    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/acquireLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091
    
    {
      "timeout":100000000,
      "preCallout":"",
      "postCallout":"",
      "callbackURL":"",
      "operationParams":[
        {
          "name":"acquisitionTimeout",
          "type":"java.lang.Integer",
          "multiplicity":"1",
          "value":"2"
        },
        {
          "name":"timeout",
          "type":"java.lang.Integer",
          "multiplicity":"1",
          "value":"180"
        }
      ]
    }

  2. Send a request to replace the firewall rules on the firewall network interface.
    The specific request that you send depends on whether you want to replace inbound or outbound firewall rules:
    • To replace inbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceInboundRules request.

       Sample replace inbound rules request

      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3b/replaceInboundRules
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER431983
                                                                                 
      {
        "timeout":100000000,
        "preCallout":"",
        "postCallout":"",
        "callbackURL":"",
        "operationParams":[
          {
            "name":"InboundFirewallRule",
            "type":"com.bmc.cloud.model.beans.InboundFirewallRule",
            "multiplicity":"2",
            "value":[
              {
                "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
                "accept":false,
                "description":"Vlad's testing-Inbound-28",
                "sourceAddress":"10.1.4.16",
                "destinationAddress":"10.1.4.28",
                "destinationPort":129,
                "enabled":true,
                "protocol":"6"
              },
              {
                "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
                "accept":false,
                "description":"Vlad's testing-Inbound-29",
                "sourceAddress":"10.1.4.16",
                "destinationAddress":"10.1.4.29",
                "destinationPort":129,
                "enabled":true,
                "protocol":"6"
              }
            ]
          },
          {
            "name":"lockId",
            "type":"java.lang.String",
            "multiplicity":"1",
            "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }

    • To replace outbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceOutboundRules request.

       Sample replace outbound rules request

      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3bc3/replaceOutboundRules  
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091
      
      {
        "timeout":100000000,
        "preCallout":"",
        "postCallout":"",
        "callbackURL":"",
        "operationParams":[
          {
            "name":"OutboundFirewallRule",
            "type":"com.bmc.cloud.model.beans.OutboundFirewallRule",
            "multiplicity":"2",
            "value":[
              {
                "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
                "accept":false,
                "description":"Vlad's testing-Outbound-28",
                "sourceAddress":"10.1.4.16",
                "destinationAddress":"10.1.4.28",
                "destinationPort":129,
                "enabled":true,
                "protocol":"6"
              },
              {
                "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
                "accept":false,
                "description":"Vlad's testing-Outbound-29",
                "sourceAddress":"10.1.4.16",
                "destinationAddress":"10.1.4.29",
                "destinationPort":129,
                "enabled":true,
                "protocol":"6"
              }
            ]
          },
          {
            "name":"lockId",
            "type":"java.lang.String",
            "multiplicity":"1",
            "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }

  3. Unlock the network container by sending a POST /csm/networkcontainer/<guid>/releaseLock request.

     Sample network container release lock request

    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/releaseLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091
    
    {
      "timeout":100000000,
      "preCallout":"",
      "postCallout":"",
      "callbackURL":"",
      "operationParams":[
        {
          "name":"lockId",
          "type":"java.lang.String",
          "multiplicity":"1",
          "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
        }
      ]
    }

Was this page helpful? Yes No Submitting... Thank you

Comments