cgnv6 stateful-firewall¶
Stateful Firewall Configuration
stateful-firewall Specification¶
Type
Intermediate Resource
Element Name
stateful-firewall
Element URI
/axapi/v3/cgnv6/stateful-firewall
Element Attributes
stateful-firewall_attributes
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/cgnv6/stateful-firewall | stateful-firewall_attributes |
stateful-firewall attributes¶
alg
Description: alg is a JSON Block. Please see below for alg
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg
endpoint-independent-filtering
Description: endpoint-independent-filtering is a JSON Block. Please see below for endpoint-independent-filtering
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering
global
Description: global is a JSON Block. Please see below for global
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/global
stun-timeout-list
Type: List
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/stun-timeout/{port}+{port-end}
tcp
Description: tcp is a JSON Block. Please see below for tcp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/tcp
udp
Description: udp is a JSON Block. Please see below for udp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/udp
vrid
Description: vrid is a JSON Block. Please see below for vrid
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/vrid
udp¶
Specification
Type
object
idle-timeout-list
Type: List
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/udp/idle-timeout/{port}+{port-end}
stun-timeout-list
Type: List
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/udp/stun-timeout/{port}+{port-end}
udp_stun-timeout-list¶
Specification
Type
list
Block object keys
port
Description Single Destination Port or Port Range Start
Type: number
Range: 1-65535
port-end
Description Port Range End
Type: number
Range: 1-65535
stun-timeout-val-port-range
Description STUN timeout (default: 2 minutes)
Type: number
Range: 0-60
Default: 2
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
udp_idle-timeout-list¶
Specification
Type
list
Block object keys
fast
Description Fast aging for idle sessions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: fast and idle-timeout-val-port-range are mutually exclusive
idle-timeout-val-port-range
Description Idle timeout for IPv4 and IPv6 TCP established sessions (Idle timeout for IPv4 and IPv6 TCP established sessions (default: 300 seconds))
Type: number
Range: 60-15000
Default: 300
Mutual Exclusion: idle-timeout-val-port-range and fast are mutually exclusive
port
Description Single Destination Port or Port Range Start
Type: number
Range: 1-65535
port-end
Description Port Range End
Type: number
Range: 1-65535
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid-value
Description Set VRRP-A vrid for stateful firewall (IPv4 and IPv6)
Type: number
Range: 1-31
alg¶
Specification
Type
object
ftp
Description: ftp is a JSON Block. Please see below for alg_ftp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/ftp
pptp
Description: pptp is a JSON Block. Please see below for alg_pptp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/pptp
rtp
Description: rtp is a JSON Block. Please see below for alg_rtp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/rtp
rtsp
Description: rtsp is a JSON Block. Please see below for alg_rtsp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/rtsp
sip
Description: sip is a JSON Block. Please see below for alg_sip
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/sip
tftp
Description: tftp is a JSON Block. Please see below for alg_tftp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/alg/tftp
alg_ftp¶
Specification
Type
object
ftp-value
Description ‘disable’: Disable ALG;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_sip¶
Specification
Type
object
sip-value
Description ‘disable’: Disable ALG;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_pptp¶
Specification
Type
object
pptp-value
Description ‘disable’: Disable ALG;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_rtsp¶
Specification
Type
object
rtsp-value
Description ‘disable’: Disable ALG;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_rtp¶
Specification
Type
object
rtp-stun-timeout
Description RTP/RTCP STUN timeout (default: 5 minutes)}
Type: number
Range: 2-10
Default: 5
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_tftp¶
Specification
Type
object
tftp-value
Description ‘disable’: Disable ALG;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
global¶
Specification
Type
object
respond-to-user-mac
Description Use the user’s source MAC for the next hop rather than the routing table (default: off)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
stateful-firewall-value
Description ‘enable’: Enable stateful firewall;
Type: string
Supported Values: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp¶
Specification
Type
object
idle-timeout-list
Type: List
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/tcp/idle-timeout/{port}+{port-end}
stun-timeout-list
Type: List
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/tcp/stun-timeout/{port}+{port-end}
syn-timeout
Description: syn-timeout is a JSON Block. Please see below for tcp_syn-timeout
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/tcp/syn-timeout
tcp_stun-timeout-list¶
Specification
Type
list
Block object keys
port
Description Single Destination Port or Port Range Start
Type: number
Range: 1-65535
port-end
Description Port Range End
Type: number
Range: 1-65535
stun-timeout-val-port-range
Description STUN timeout (default: 2minutes)
Type: number
Range: 0-60
Default: 2
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp_syn-timeout¶
Specification
Type
object
syn-timeout-val
Description Set Seconds session can remain in half-open state before being deleted (default: 4 seconds)
Type: number
Range: 2-30
Default: 4
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp_idle-timeout-list¶
Specification
Type
list
Block object keys
idle-timeout-val-port-range
Description Set Idle timeout for IPv4 and IPv6 TCP established sessions (Idle timeout for IPv4 and IPv6 TCP established sessions (default: 300 seconds))
Type: number
Range: 60-15000
Default: 300
port
Description Single Destination Port or Port Range Start
Type: number
Range: 1-65535
port-end
Description Port Range End
Type: number
Range: 1-65535
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
stun-timeout-list¶
Specification
Type
list
Block object keys
port
Description Single Destination Port or Port Range Start
Type: number
Range: 1-65535
port-end
Description Port Range End
Type: number
Range: 1-65535
stun-timeout-val-port-range
Description STUN timeout (default: 2 minutes)
Type: number
Range: 0-60
Default: 2
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
endpoint-independent-filtering¶
Specification
Type
object
tcp
Description: tcp is a JSON Block. Please see below for endpoint-independent-filtering_tcp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering/tcp
udp
Description: udp is a JSON Block. Please see below for endpoint-independent-filtering_udp
Type: Object
Refernce Object: /axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering/udp
endpoint-independent-filtering_udp¶
Specification
Type
object
port-list
Type: List
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
endpoint-independent-filtering_udp_port-list¶
Specification
Type
list
Block object keys
port
Description Single Destination Port or Port Range Start
Type: number
port-end
Description Port Range End
Type: number
endpoint-independent-filtering_tcp¶
Specification
Type
object
port-list
Type: List
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
endpoint-independent-filtering_tcp_port-list¶
Specification
Type
list
Block object keys
port
Description Single Destination Port or Port Range Start
Type: number
port-end
Description Port Range End
Type: number