Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Creating and replacing firewall rules

  1. Lock the network container by sending a POST /csm/networkcontainer/<guid>/acquireLock request.
    The response to this request includes a lock identifier that you must include in subsequent requests.

    Sample network container acquire lock request
    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/acquireLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

    {
     "timeout":100000000,
     "preCallout":"",
     "postCallout":"",
     "callbackURL":"",
     "operationParams":[
        {
         "name":"acquisitionTimeout",
         "type":"java.lang.Integer",
         "multiplicity":"1",
         "value":"2"
        },
        {
         "name":"timeout",
         "type":"java.lang.Integer",
         "multiplicity":"1",
         "value":"180"
        }
      ]
    }
  2. Send a request to replace the firewall rules on the firewall network interface.
    The specific request that you send depends on whether you want to replace inbound or outbound firewall rules:

    • To replace inbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceInboundRules request.

      Sample replace inbound rules request
      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3b/replaceInboundRules
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER431983
                                                                                
      {
       "timeout":100000000,
       "preCallout":"",
       "postCallout":"",
       "callbackURL":"",
       "operationParams":[
          {
           "name":"InboundFirewallRule",
           "type":"com.bmc.cloud.model.beans.InboundFirewallRule",
           "multiplicity":"2",
           "value":[
              {
               "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Inbound-28",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.28",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              },
              {
               "cloudClass":"com.bmc.cloud.model.beans.InboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Inbound-29",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.29",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              }
            ]
          },
          {
           "name":"lockId",
           "type":"java.lang.String",
           "multiplicity":"1",
           "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }

    • To replace outbound firewall rules, send a POST /csm/firewallnetworkinterface/<guid>/replaceOutboundRules request.

      Sample replace outbound rules request
      POST /csm/firewallnetworkinterface/4b0738b0-3375-4460-8588-3951ef8a3bc3/replaceOutboundRules  
      Host: apiServer.calbro.com:8080
      Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

      {
       "timeout":100000000,
       "preCallout":"",
       "postCallout":"",
       "callbackURL":"",
       "operationParams":[
          {
           "name":"OutboundFirewallRule",
           "type":"com.bmc.cloud.model.beans.OutboundFirewallRule",
           "multiplicity":"2",
           "value":[
              {
               "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Outbound-28",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.28",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              },
              {
               "cloudClass":"com.bmc.cloud.model.beans.OutboundFirewallRule",
               "accept":false,
               "description":"Vlad's testing-Outbound-29",
               "sourceAddress":"10.1.4.16",
               "destinationAddress":"10.1.4.29",
               "destinationPort":129,
               "enabled":true,
               "protocol":"6"
              }
            ]
          },
          {
           "name":"lockId",
           "type":"java.lang.String",
           "multiplicity":"1",
           "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
          }
        ]
      }

  3. Unlock the network container by sending a POST /csm/networkcontainer/<guid>/releaseLock request.

    Sample network container release lock request
    POST /csm/networkcontainer/4b03903c-f277-48b7-8050-4ebb630d5e4a/releaseLock
    Host: apiServer.calbro.com:8080
    Authentication-Token: AQIC5wM2LY4Sfcx705TK5UqUK6Ythuk1tVWjHMl7/rpY0Ys=@REGUSER123091

    {
     "timeout":100000000,
     "preCallout":"",
     "postCallout":"",
     "callbackURL":"",
     "operationParams":[
        {
         "name":"lockId",
         "type":"java.lang.String",
         "multiplicity":"1",
         "value":"727e3355-35d0-4837-b1ea-b57f531ee5e1"
        }
      ]
    }

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*