Overwrite Firewall Rules operation
The Overwrite Firewall Rules operation enables you to create and execute a job that overwrites or appends all the rules in the specified firewall.
The following table describes the elements for the <items> XML element and adapter request for the Overwrite Firewall Rules operation.
Elements for the <items> XML element and adapter request for the Overwrite Firewall Rules operation
The following figure shows a sample <items> XML element for the Overwrite Firewall Rules operation.
<items> XML element for the Overwrite Firewall Rules operation
<item>
<parameters>
<container-name>Container1</container-name>
<zone-name>Zone 1</zone-name>
<context-host-address>20.20.20.20</context-host-address>
<firewall-rules>
<element>
<description>New Update 5</description>
<destination-host-address>10.10.10.15</destination-host-address>
<destination-network-address>10.20.20.20</destination-network-address>
<destination-network-mask>255.255.255.255</destination-network-mask>
<destination-port>200</destination-port>
<enabled-flag>true</enabled-flag>
<permit-flag>false</permit-flag>
<source-host-address>20.20.20.25</source-host-address>
<source-network-address>20.20.20.30</source-network-address>
<source-network-mask>255.255.255.255</source-network-mask>
<transport-protocol>100</transport-protocol>
</element>
</firewall-rules>
</parameters>
</item>
</items>
The following figure shows a sample adapter request for the Overwrite Firewall Rules operation.
Sample adapter request for the Overwrite Firewall Rules operation
<entity>firewall</entity>
<request>
<operation-name>overwrite-firewall-rules</operation-name>
<parameters>
<container-name>Container1</container-name>
<zone-name>Zone 1</zone-name>
<context-host-address>20.20.20.20</context-host-address>
<firewall-rules>
<element>
<description>New Desc</description>
<destination-host-address>10.10.10.15</destination-host-address>
<destination-port>200</destination-port>
<enabled-flag>true</enabled-flag>
<permit-flag>false</permit-flag>
<source-host-address>20.20.20.25</source-host-address>
<transport-protocol>100</transport-protocol>
</element>
</firewall-rules>
</parameters>
</request>
</bmc-configuration-automation-networks-request>
The following figure illustrates the adapter response for the sample Overwrite Firewall Rules operation when it executes successfully.
Adapter response for the successful Overwrite Firewall Rules operation
<metadata>
<status>success</status>
</metadata>
<parameters />
</bmc-configuration-automation-networks-response>
The following table describes the response elements for the successful Get All Firewall Rules operation.
Response Elements for the successful Get All Firewall Rules operation
The following figure illustrates the adapter response for the sample Overwrite Firewall Rules operation when it fails to execute.
Adapter response for the failed Overwrite Firewall Rules operation
<metadata>
<status>success</status>
</metadata>
<parameters>
<output>
<metadata>
<status>error</status>
<error>Error occurred processing request data Summary: Failed to
call a web service.
Caused by:
Summary: Input contains invalid rules: The firewall rule destination
network address should not be populated when destination host address
is populated. The firewall rule destination network mask should not
be populated when destination host address is populated. The firewall
rule source network address should not be populated when source host
address is populated. The firewall rule source network mask should
not be populated when source host address is populated.
</error>
</metadata>
</output>
</parameters>
</bmc-configuration-automation-networks-response>
The following table describes the response elements for the failed Get All Firewall Rules operation.
Response Elements for the failed Get All Firewall Rules operation