Unsupported content This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.

Creating and replacing firewall rules


  1. Lock the network container by sending a POST /csm/networkcontainer/<guid>/acquireLock request.
    The response to this request includes a lock identifier that you must include in subsequent requests.

    Sample network container acquire lock request
    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/acquireLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

    {
     "timeout":100000000,
     "preCallout":"",
     "postCallout":"",
     "callbackURL":"",
     "operationParams":[
        {
         "name":"acquisitionTimeout",
         "type":"java.lang.Integer",
         "multiplicity":"1",
         "value":"2"
        },
        {
         "name":"timeout",
         "type":"java.lang.Integer",
         "multiplicity":"1",
         "value":"180"
        }
      ]
    }
  2. Send a request to replace the firewall rules on the firewall network interface.
    The specific request that you send depends on whether you want to replace inbound or outbound firewall rules:
    • To replace inbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceInboundRules request.

      Sample replace inbound rules request
      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3b/replaceInboundRules
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER431983
                                                                                
      {
       "timeout":100000000,
       "preCallout":"",
       "postCallout":"",
       "callbackURL":"",
       "operationParams":[
          {
           "name":"InboundFirewallRule",
           "type":"com.bmc.cloud.model.beans.InboundFirewallRule",
           "multiplicity":"2",
           "value":[
              {
               "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Inbound-28",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.28",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              },
              {
               "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Inbound-29",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.29",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              }
            ]
          },
          {
           "name":"lockId",
           "type":"java.lang.String",
           "multiplicity":"1",
           "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }
    • To replace outbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceOutboundRules request.

      Sample replace outbound rules request
      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3bc3/replaceOutboundRules  
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

      {
       "timeout":100000000,
       "preCallout":"",
       "postCallout":"",
       "callbackURL":"",
       "operationParams":[
          {
           "name":"OutboundFirewallRule",
           "type":"com.bmc.cloud.model.beans.OutboundFirewallRule",
           "multiplicity":"2",
           "value":[
              {
               "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Outbound-28",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.28",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              },
              {
               "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Outbound-29",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.29",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              }
            ]
          },
          {
           "name":"lockId",
           "type":"java.lang.String",
           "multiplicity":"1",
           "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }
  3. Unlock the network container by sending a POST /csm/networkcontainer/<guid>/releaseLock request.

    Sample network container release lock request
    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/releaseLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

    {
     "timeout":100000000,
     "preCallout":"",
     "postCallout":"",
     "callbackURL":"",
     "operationParams":[
        {
         "name":"lockId",
         "type":"java.lang.String",
         "multiplicity":"1",
         "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
        }
      ]
    }

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*