{ "id":"/axapi/v3/rule-set/{name}/rule/{name}", "type":"object", "node-type":"list", "title":"rule", "partition-visibility":"shared", "description":"Configure rule-set rule", "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Rule name", "optional":false }, "remark":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"Rule entry comment (Notes for this rule)", "optional":true }, "status":{ "type":"string", "format":"enum", "default":"enable", "partition-visibility":"shared", "description":"'enable': Enable rule; 'disable': Disable rule; ", "enum":[ "enable", "disable" ], "optional":true }, "ip-version":{ "type":"string", "format":"enum", "default":"v4", "partition-visibility":"shared", "description":"'v4': IPv4 rule; 'v6': IPv6 rule; ", "enum":[ "v4", "v6" ], "optional":true }, "action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'permit': permit; 'deny': deny; 'reset': reset; ", "enum":[ "permit", "deny", "reset" ], "optional":true }, "log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "listen-on-port", "policy" ], "description":"Enable logging", "optional":true }, "reset-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"Apply a Template LID", "optional":true }, "listen-on-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"log", "description":"Listen on port", "optional":true }, "policy":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"log", "description":"'cgnv6': Apply CGNv6 policy; 'forward': Forward packet; 'ipsec': Apply IPsec encapsulation; 'ipsec-group': Apply IPsec encapsulation from a group; ", "enum":[ "cgnv6", "forward", "ipsec", "ipsec-group" ], "optional":true }, "vpn-ipsec-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":31, "partition-visibility":"shared", "$ref":"/axapi/v3/vpn/ipsec", "description":"VPN IPsec name", "optional":true }, "vpn-ipsec-group-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":31, "partition-visibility":"shared", "$ref":"/axapi/v3/vpn/ipsec-group", "description":"VPN IPsec Group name", "optional":true }, "forward-listen-on-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Listen on port", "optional":true }, "lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"Apply a Template LID", "optional":true }, "listen-on-port-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"Apply a Template LID", "optional":true }, "fw-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "fwlog":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "cgnv6-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"cgnv6-policy", "description":"Enable logging", "optional":true }, "forward-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "lidlog":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "reset-lidlog":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "listen-on-port-lidlog":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "cgnv6-policy":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"cgnv6-log", "description":"'lsn-lid': Apply specified CGNv6 LSN LID; 'fixed-nat': Apply CGNv6 Fixed NAT; 'ds-lite': Apply CGNv6 DS-Lite; ", "enum":[ "lsn-lid", "fixed-nat", "ds-lite" ], "optional":true }, "cgnv6-fixed-nat-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "cgnv6-lsn-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"LSN LID", "optional":true }, "cgnv6-ds-lite":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'lsn-lid': Apply specified CGNv6 LSN LID; ", "enum":[ "lsn-lid" ], "optional":true }, "cgnv6-ds-lite-lsn-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"LSN LID", "optional":true }, "inspect-payload":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DS-Lite tunnel inspection", "optional":true }, "cgnv6-ds-lite-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "cgnv6-lsn-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging", "optional":true }, "gtp-template":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/template/gtp-policy", "description":"Configure GTP Policy Template (GTP Template Policy Name)", "optional":true }, "src-geoloc-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "not-list":[ "src-geoloc-list", "src-ip-subnet", "src-ipv6-subnet", "src-obj-network", "src-obj-grp-network", "src-slb-server" ], "description":"Single geolocation name", "optional":true }, "src-geoloc-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not-list":[ "src-geoloc-name", "src-ip-subnet", "src-ipv6-subnet", "src-obj-network", "src-obj-grp-network", "src-slb-server" ], "description":"Geolocation name list", "optional":true }, "src-geoloc-list-shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"private", "description":"Use Geolocation list from shared partition", "optional":true }, "src-ipv4-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "src-ipv6-any", "src-class-list", "src-ip-subnet", "src-ipv6-subnet", "src-obj-network", "src-obj-grp-network", "src-slb-server" ], "description":"'any': Any IPv4 address; ", "enum":[ "any" ], "optional":true }, "src-ipv6-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "src-ipv4-any", "src-class-list", "src-ip-subnet", "src-ipv6-subnet", "src-obj-network", "src-obj-grp-network", "src-slb-server" ], "description":"'any': Any IPv6 address; ", "enum":[ "any" ], "optional":true }, "src-class-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/class-list", "not-list":[ "src-ipv4-any", "src-ipv6-any", "src-ip-subnet", "src-ipv6-subnet", "src-obj-network", "src-obj-grp-network", "src-slb-server" ], "description":"Match source IP against class-list", "optional":true }, "source-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "src-ip-subnet":{ "type":"string", "format":"ipv4-cidr", "partition-visibility":"shared", "not-list":[ "src-geoloc-name", "src-geoloc-list", "src-ipv4-any", "src-ipv6-any", "src-class-list", "src-ipv6-subnet" ], "description":"IPv4 IP Address" }, "src-ipv6-subnet":{ "type":"string", "format":"ipv6-address-plen", "partition-visibility":"shared", "not-list":[ "src-geoloc-name", "src-geoloc-list", "src-ipv4-any", "src-ipv6-any", "src-class-list", "src-ip-subnet" ], "description":"IPv6 IP Address" }, "src-obj-network":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object/network", "not-list":[ "src-geoloc-name", "src-geoloc-list", "src-ipv4-any", "src-ipv6-any", "src-class-list" ], "description":"Network object" }, "src-obj-grp-network":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object-group/network", "not-list":[ "src-geoloc-name", "src-geoloc-list", "src-ipv4-any", "src-ipv6-any", "src-class-list" ], "description":"Network object group" }, "src-slb-server":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/slb/server", "not-list":[ "src-geoloc-name", "src-geoloc-list", "src-ipv4-any", "src-ipv6-any", "src-class-list" ], "description":"SLB Real server name" } } } ] }, "src-zone":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/zone", "not":"src-zone-any", "description":"Zone name", "optional":true }, "src-zone-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not":"src-zone", "description":"'any': any; ", "enum":[ "any" ], "optional":true }, "src-threat-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/threat-intel/threat-list", "description":"Bind threat-list for source IP based filtering", "optional":true }, "dst-geoloc-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "not-list":[ "dst-geoloc-list", "dst-ip-subnet", "dst-ipv6-subnet", "dst-obj-network", "dst-obj-grp-network", "dst-slb-server", "dst-slb-vserver" ], "description":"Single geolocation name", "optional":true }, "dst-geoloc-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not-list":[ "dst-geoloc-name", "dst-ip-subnet", "dst-ipv6-subnet", "dst-obj-network", "dst-obj-grp-network", "dst-slb-server", "dst-slb-vserver" ], "description":"Geolocation name list", "optional":true }, "dst-geoloc-list-shared":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"private", "description":"Use Geolocation list from shared partition", "optional":true }, "dst-ipv4-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "dst-ipv6-any", "dst-class-list", "dst-ip-subnet", "dst-ipv6-subnet", "dst-obj-network", "dst-obj-grp-network", "dst-slb-server", "dst-slb-vserver", "dst-domain-list" ], "description":"'any': Any IPv4 address; ", "enum":[ "any" ], "optional":true }, "dst-ipv6-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "dst-ipv4-any", "dst-class-list", "dst-ip-subnet", "dst-ipv6-subnet", "dst-obj-network", "dst-obj-grp-network", "dst-slb-server", "dst-slb-vserver", "dst-domain-list" ], "description":"'any': Any IPv6 address; ", "enum":[ "any" ], "optional":true }, "dst-class-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/class-list", "not-list":[ "dst-ipv4-any", "dst-ipv6-any", "dst-ip-subnet", "dst-ipv6-subnet", "dst-obj-network", "dst-obj-grp-network", "dst-slb-server", "dst-slb-vserver" ], "description":"Match destination IP against class-list", "optional":true }, "dest-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "dst-ip-subnet":{ "type":"string", "format":"ipv4-cidr", "partition-visibility":"shared", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list", "dst-ipv6-subnet" ], "description":"IPv4 IP Address" }, "dst-ipv6-subnet":{ "type":"string", "format":"ipv6-address-plen", "partition-visibility":"shared", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list", "dst-ip-subnet" ], "description":"IPv6 IP Address" }, "dst-obj-network":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object/network", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list" ], "description":"Network object" }, "dst-obj-grp-network":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object-group/network", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list" ], "description":"Network object group" }, "dst-slb-server":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/slb/server", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list" ], "description":"SLB Real server name" }, "dst-slb-vserver":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/slb/virtual-server", "not-list":[ "dst-geoloc-name", "dst-geoloc-list", "dst-ipv4-any", "dst-ipv6-any", "dst-class-list" ], "description":"SLB Virtual server name" } } } ] }, "dst-domain-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/domain-list", "not-list":[ "dst-ipv4-any", "dst-ipv6-any" ], "description":"Match destination IP against domain-list", "optional":true }, "dst-zone":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/zone", "not":"dst-zone-any", "description":"Zone name", "optional":true }, "dst-zone-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not":"dst-zone", "description":"'any': any; ", "enum":[ "any" ], "optional":true }, "dst-threat-list":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/threat-intel/threat-list", "description":"Bind threat-list for destination IP based filtering", "optional":true }, "service-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "protocols", "proto-id", "obj-grp-service", "icmp", "icmpv6" ], "description":"'any': any; ", "enum":[ "any" ], "optional":true }, "service-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "protocols":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"service-any", "description":"'tcp': tcp; 'udp': udp; 'sctp': sctp; ", "enum":[ "tcp", "udp", "sctp" ] }, "proto-id":{ "type":"number", "format":"number", "minimum":0, "maximum":255, "partition-visibility":"shared", "not":"service-any", "description":"Protocol ID" }, "obj-grp-service":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object-group/service", "not":"service-any", "description":"service object group" }, "icmp":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "service-any", "icmpv6" ], "description":"ICMP" }, "icmpv6":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "service-any", "icmp" ], "description":"ICMPv6" }, "icmp-type":{ "type":"number", "format":"number", "minimum":0, "maximum":254, "partition-visibility":"shared", "not":"special-type", "description":"ICMP type number" }, "special-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"icmp-type", "description":"'any-type': Any ICMP type; 'echo-reply': Type 0, echo reply; 'echo-request': Type 8, echo request; 'info-reply': Type 16, information reply; 'info-request': Type 15, information request; 'mask-reply': Type 18, address mask reply; 'mask-request': Type 17, address mask request; 'parameter-problem': Type 12, parameter problem; 'redirect': Type 5, redirect message; 'source-quench': Type 4, source quench; 'time-exceeded': Type 11, time exceeded; 'timestamp': Type 13, timestamp; 'timestamp-reply': Type 14, timestamp reply; 'dest-unreachable': Type 3, destination unreachable; ", "enum":[ "any-type", "echo-reply", "echo-request", "info-reply", "info-request", "mask-reply", "mask-request", "parameter-problem", "redirect", "source-quench", "time-exceeded", "timestamp", "timestamp-reply", "dest-unreachable" ] }, "icmp-code":{ "type":"number", "format":"number", "minimum":0, "maximum":254, "partition-visibility":"shared", "not":"special-code", "description":"ICMP code number" }, "special-code":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"icmp-code", "description":"'any-code': Any ICMP code; 'frag-required': Code 4, fragmentation required; 'host-unreachable': Code 1, destination host unreachable; 'network-unreachable': Code 0, destination network unreachable; 'port-unreachable': Code 3, destination port unreachable; 'proto-unreachable': Code 2, destination protocol unreachable; 'route-failed': Code 5, source route failed; ", "enum":[ "any-code", "frag-required", "host-unreachable", "network-unreachable", "port-unreachable", "proto-unreachable", "route-failed" ] }, "icmpv6-type":{ "type":"number", "format":"number", "minimum":0, "maximum":254, "partition-visibility":"shared", "not":"special-v6-type", "description":"ICMPv6 type number" }, "special-v6-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"icmpv6-type", "description":"'any-type': Any ICMPv6 type; 'dest-unreachable': Type 1, destination unreachable; 'echo-reply': Type 129, echo reply; 'echo-request': Type 128, echo request; 'packet-too-big': Type 2, packet too big; 'param-prob': Type 4, parameter problem; 'time-exceeded': Type 3, time exceeded; ", "enum":[ "any-type", "dest-unreachable", "echo-reply", "echo-request", "packet-too-big", "param-prob", "time-exceeded" ] }, "icmpv6-code":{ "type":"number", "format":"number", "minimum":0, "maximum":254, "partition-visibility":"shared", "not":"special-v6-code", "description":"ICMPv6 code number" }, "special-v6-code":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"icmpv6-code", "description":"'any-code': Any ICMPv6 code; 'addr-unreachable': Code 3, address unreachable; 'admin-prohibited': Code 1, admin prohibited; 'no-route': Code 0, no route to destination; 'not-neighbour': Code 2, not neighbor; 'port-unreachable': Code 4, destination port unreachable; ", "enum":[ "any-code", "addr-unreachable", "admin-prohibited", "no-route", "not-neighbour", "port-unreachable" ] }, "eq-src-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Equal to the port number" }, "gt-src-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "partition-visibility":"shared", "description":"Greater than the port number" }, "lt-src-port":{ "type":"number", "format":"number", "minimum":2, "maximum":65535, "partition-visibility":"shared", "description":"Lower than the port number" }, "range-src-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Port range (Starting Port Number)" }, "port-num-end-src":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Ending Port Number" }, "eq-dst-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Equal to the port number" }, "gt-dst-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "partition-visibility":"shared", "description":"Greater than the port number" }, "lt-dst-port":{ "type":"number", "format":"number", "minimum":2, "maximum":65535, "partition-visibility":"shared", "description":"Lower than the port number" }, "range-dst-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Port range (Starting Port Number)" }, "port-num-end-dst":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Ending Port Number" }, "sctp-template":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/template/sctp", "description":"SCTP Template" }, "alg":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'FTP': FTP; 'TFTP': TFTP; 'SIP': SIP; 'DNS': DNS; 'PPTP': PPTP; 'RTSP': RTSP; 'ESP': ESP; ", "enum":[ "FTP", "TFTP", "SIP", "DNS", "PPTP", "RTSP", "ESP" ] } } } ] }, "idle-timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":2097151, "partition-visibility":"shared", "description":"TCP/UDP idle-timeout", "optional":true }, "dscp-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "dscp-value":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"dscp-range", "description":"'default': Default dscp (000000); 'af11': AF11 (001010); 'af12': AF12 (001100); 'af13': AF13 (001110); 'af21': AF21 (010010); 'af22': AF22 (010100); 'af23': AF23 (010110); 'af31': AF31 (011010); 'af32': AF32 (011100); 'af33': AF33 (011110); 'af41': AF41 (100010); 'af42': AF42 (100100); 'af43': AF43 (100110); 'cs1': CS1 (001000); 'cs2': CS2 (010000); 'cs3': CS3 (011000); 'cs4': CS4 (100000); 'cs5': CS5 (101000); 'cs6': CS6 (110000); 'cs7': CS7 (111000); 'ef': EF (101110); ", "enum":[ "default", "af11", "af12", "af13", "af21", "af22", "af23", "af31", "af32", "af33", "af41", "af42", "af43", "cs1", "cs2", "cs3", "cs4", "cs5", "cs6", "cs7", "ef" ] }, "dscp-range-start":{ "type":"number", "format":"number", "minimum":1, "maximum":63, "partition-visibility":"shared", "description":"Start DSCP Number" }, "dscp-range-end":{ "type":"number", "format":"number", "minimum":1, "maximum":63, "partition-visibility":"shared", "description":"Ending DSCP Number" } } } ] }, "application-any":{ "type":"string", "format":"enum", "default":"any", "partition-visibility":"shared", "not-list":[ "obj-grp-application", "protocol", "protocol-tag" ], "description":"'any': any; ", "enum":[ "any" ], "optional":true }, "app-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "obj-grp-application":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/object-group/application", "not":"application-any", "description":"Application object group" }, "protocol":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"application-any", "description":"Specify application(s)" }, "protocol-tag":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"application-any", "description":"'aaa': Protocol/application used for AAA (Authentification, Authorization and Accounting) purposes.; 'adult-content': Adult content protocol/application.; 'advertising': Advertising networks and applications.; 'application-enforcing-tls': Application known to enforce HSTS and thus use of TLS.; 'analytics-and-statistics': User analytics and statistics protocol/application.; 'anonymizers-and-proxies': Traffic-anonymization protocol/application.; 'audio-chat': Protocol/application used for Audio Chat.; 'basic': Covers all protocols required for basic classification, including most networking protocols as well as standard protocols like HTTP.; 'blog': Blogging platform protocol/application.; 'cdn': Protocol/application used for Content-Delivery Networks.; 'certification-authority': Certification Authority for SSL/TLS certificate.; 'chat': Protocol/application used for Text Chat.; 'classified-ads': Protocol/application used for Classified Advertisements.; 'cloud-based-services': SaaS and/or PaaS cloud based services.; 'crowdfunding': Service for funding a project or venture by raising small amounts of money from a large number of people, typically via the Internet.; 'cryptocurrency': Services for mining cryptocurrencies, for example a Crypto Web Browser (an application that mines crypto currency in the background while its user browses the web).; 'database': Database-specific protocols.; 'disposable-email': Service offering Disposable Email Accounts (DEA). DEA is a technique to share temporary email address between many users.; 'ebook-reader': Services for e-book readers, i.e. connected devices that display electronic books (typically using e-ink displays to reduce glare and eye strain).; 'education': Protocols offering education services and online courses.; 'email': Native email protocol.; 'enterprise': Protocol/application used in an enterprise network.; 'file-management': Protocol/application designed specifically for file management and exchange. This can include bona fide network protocols (like SMB) as well as web/cloud services (like Dropbox).; 'file-transfer': Protocol that offers file transferring as a secondary feature. This typically includes IM, WebMail, and other protocols that allow file transfers in addition to their principal function.; 'forum': Online forum protocol/application.; 'gaming': Protocol/application used by games.; 'healthcare': Protocols offering medical services, i.e protocols used in medical environment.; 'instant-messaging-and-multimedia-conferencing': Protocol/application used for Instant Messaging or Multi-Conferencing.; 'internet-of-things': Internet Of Things protocol/application.; 'map-service': Digital Maps service (web site and their related API).; 'mobile': Mobile-specific protocol/application.; 'multimedia-streaming': Protocol/application used for multimedia streaming.; 'networking': Protocol used for (inter) networking purpose.; 'news-portal': Protocol/application used for News Portals.; 'payment-service': Application offering online services for accepting electronic payments by a variety of payment methods (credit card, bank-based payments such as direct debit, bank transfer, etc).; 'peer-to-peer': Protocol/application used for Peer-to-peer purposes.; 'remote-access': Protocol/application used for remote access.; 'scada': SCADA (Supervisory control and data acquisition) protocols, all generations.; 'social-networks': Social networking application.; 'software-update': Auto-update protocol.; 'speedtest': Speedtest application allowing to access quality of Internet connection (upload, download, latency, etc).; 'standards-based': Protocol issued from standardized bodies such as IETF, ITU, IEEE, ETSI, OIF.; 'transportation': Transportation services, for example smartphone applications that allow users to hail a taxi.; 'video-chat': Protocol/application used for Video Chat.; 'voip': Application used for Voice-Over-IP.; 'vpn-tunnels': Protocol/application used for VPN or tunneling purposes.; 'web': Application based on HTTP/HTTPS.; 'web-e-commerce': Protocol/application used for E-commerce websites.; 'web-search-engines': Protocol/application used for Web search portals.; 'web-websites': Protocol/application used for Company Websites.; 'webmails': Web-based e-mail application.; 'web-ext-adult': Web Extension Adult; 'web-ext-auctions': Web Extension Auctions; 'web-ext-blogs': Web Extension Blogs; 'web-ext-business-and-economy': Web Extension Business and Economy; 'web-ext-cdns': Web Extension CDNs; 'web-ext-collaboration': Web Extension Collaboration; 'web-ext-computer-and-internet-info': Web Extension Computer and Internet Info; 'web-ext-computer-and-internet-security': Web Extension Computer and Internet Security; 'web-ext-dating': Web Extension Dating; 'web-ext-educational-institutions': Web Extension Educational Institutions; 'web-ext-entertainment-and-arts': Web Extension Entertainment and Arts; 'web-ext-fashion-and-beauty': Web Extension Fashion and Beauty; 'web-ext-file-share': Web Extension File Share; 'web-ext-financial-services': Web Extension Financial Services; 'web-ext-gambling': Web Extension Gambling; 'web-ext-games': Web Extension Games; 'web-ext-government': Web Extension Government; 'web-ext-health-and-medicine': Web Extension Health and Medicine; 'web-ext-individual-stock-advice-and-tools': Web Extension Individual Stock Advice and Tools; 'web-ext-internet-portals': Web Extension Internet Portals; 'web-ext-job-search': Web Extension Job Search; 'web-ext-local-information': Web Extension Local Information; 'web-ext-malware': Web Extension Malware; 'web-ext-motor-vehicles': Web Extension Motor Vehicles; 'web-ext-music': Web Extension Music; 'web-ext-news': Web Extension News; 'web-ext-p2p': Web Extension P2P; 'web-ext-parked-sites': Web Extension Parked Sites; 'web-ext-proxy-avoid-and-anonymizers': Web Extension Proxy Avoid and Anonymizers; 'web-ext-real-estate': Web Extension Real Estate; 'web-ext-reference-and-research': Web Extension Reference and Research; 'web-ext-search-engines': Web Extension Search Engines; 'web-ext-shopping': Web Extension Shopping; 'web-ext-social-network': Web Extension Social Network; 'web-ext-society': Web Extension Society; 'web-ext-software': Web Extension Software; 'web-ext-sports': Web Extension Sports; 'web-ext-streaming-media': Web Extension Streaming Media; 'web-ext-training-and-tools': Web Extension Training and Tools; 'web-ext-translation': Web Extension Translation; 'web-ext-travel': Web Extension Travel; 'web-ext-web-advertisements': Web Extension Web Advertisements; 'web-ext-web-based-email': Web Extension Web based Email; 'web-ext-web-hosting': Web Extension Web Hosting; 'web-ext-web-service': Web Extension Web Service; ", "enum":[ "aaa", "adult-content", "advertising", "application-enforcing-tls", "analytics-and-statistics", "anonymizers-and-proxies", "audio-chat", "basic", "blog", "cdn", "certification-authority", "chat", "classified-ads", "cloud-based-services", "crowdfunding", "cryptocurrency", "database", "disposable-email", "ebook-reader", "education", "email", "enterprise", "file-management", "file-transfer", "forum", "gaming", "healthcare", "instant-messaging-and-multimedia-conferencing", "internet-of-things", "map-service", "mobile", "multimedia-streaming", "networking", "news-portal", "payment-service", "peer-to-peer", "remote-access", "scada", "social-networks", "software-update", "speedtest", "standards-based", "transportation", "video-chat", "voip", "vpn-tunnels", "web", "web-e-commerce", "web-search-engines", "web-websites", "webmails", "web-ext-adult", "web-ext-auctions", "web-ext-blogs", "web-ext-business-and-economy", "web-ext-cdns", "web-ext-collaboration", "web-ext-computer-and-internet-info", "web-ext-computer-and-internet-security", "web-ext-dating", "web-ext-educational-institutions", "web-ext-entertainment-and-arts", "web-ext-fashion-and-beauty", "web-ext-file-share", "web-ext-financial-services", "web-ext-gambling", "web-ext-games", "web-ext-government", "web-ext-health-and-medicine", "web-ext-individual-stock-advice-and-tools", "web-ext-internet-portals", "web-ext-job-search", "web-ext-local-information", "web-ext-malware", "web-ext-motor-vehicles", "web-ext-music", "web-ext-news", "web-ext-p2p", "web-ext-parked-sites", "web-ext-proxy-avoid-and-anonymizers", "web-ext-real-estate", "web-ext-reference-and-research", "web-ext-search-engines", "web-ext-shopping", "web-ext-social-network", "web-ext-society", "web-ext-software", "web-ext-sports", "web-ext-streaming-media", "web-ext-training-and-tools", "web-ext-translation", "web-ext-travel", "web-ext-web-advertisements", "web-ext-web-based-email", "web-ext-web-hosting", "web-ext-web-service" ] } } } ] }, "track-application":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable application statistic (functional only in action permit)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'hit-count': Hit counts; 'permit-bytes': Permitted bytes counter; 'deny-bytes': Denied bytes counter; 'reset-bytes': Reset bytes counter; 'permit-packets': Permitted packets counter; 'deny-packets': Denied packets counter; 'reset-packets': Reset packets counter; 'active-session-tcp': Active TCP session counter; 'active-session-udp': Active UDP session counter; 'active-session-icmp': Active ICMP session counter; 'active-session-other': Active other protocol session counter; 'session-tcp': TCP session counter; 'session-udp': UDP session counter; 'session-icmp': ICMP session counter; 'session-other': Other protocol session counter; 'active-session-sctp': Active SCTP session counter; 'session-sctp': SCTP session counter; 'hitcount-timestamp': Last hit counts timestamp; 'rate-limit-drops': Rate Limit Drops; ", "enum":[ "all", "hit-count", "permit-bytes", "deny-bytes", "reset-bytes", "permit-packets", "deny-packets", "reset-packets", "active-session-tcp", "active-session-udp", "active-session-icmp", "active-session-other", "session-tcp", "session-udp", "session-icmp", "session-other", "active-session-sctp", "session-sctp", "hitcount-timestamp", "rate-limit-drops" ] } } } ] }, "action-group":{ "type":"object", "$ref":"/axapi/v3/rule-set/{name}/rule/{name}/action-group", "properties":{ "type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'permit': permit; 'deny': deny; 'reset': reset; ", "enum":[ "permit", "deny", "reset" ] }, "permit-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "ipsec", "ipsec-group" ], "description":"Enable logging" }, "reset-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging" }, "deny-log":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable logging" }, "logging-template-list":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "permit-log-template-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'fw-logging-template': Logging with specified fw template; 'cgnv6-logging-template': Logging with specified cgnv6 template; 'netflow-monitor': Logging with specified netflow/ipfix monitor; ", "enum":[ "fw-logging-template", "cgnv6-logging-template", "netflow-monitor" ] }, "permit-fw-log":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/fw/template/logging", "description":"Logging template name" }, "permit-cgnv6-log":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/cgnv6/template/logging", "description":"Logging template name" }, "permit-netflow-log":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/netflow/monitor", "description":"Name of netflow monitor" } } } ] }, "reset-log-template-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'fw-logging-template': Logging with specified fw template; ", "enum":[ "fw-logging-template" ] }, "reset-fw-log":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/fw/template/logging", "description":"Logging template name" }, "deny-log-template-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'fw-logging-template': Logging with specified fw template; ", "enum":[ "fw-logging-template" ] }, "deny-fw-log":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/fw/template/logging", "description":"Logging template name" }, "listen-on-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "ipsec", "ipsec-group", "cgnv6" ], "description":"Listen on port" }, "forward":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "ipsec", "ipsec-group", "cgnv6" ], "description":"Forward packet" }, "ipsec":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "permit-log", "listen-on-port", "forward", "ipsec-group", "cgnv6", "permit-respond-to-user-mac" ], "description":"Apply IPsec encapsulation" }, "ipsec-group":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "permit-log", "listen-on-port", "forward", "ipsec", "cgnv6" ], "description":"Apply IPsec Group encapsulation" }, "vpn-ipsec-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":31, "partition-visibility":"shared", "$ref":"/axapi/v3/vpn/ipsec", "description":"VPN IPsec name" }, "vpn-ipsec-group-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":31, "partition-visibility":"shared", "$ref":"/axapi/v3/vpn/ipsec-group", "description":"VPN IPsec Group name" }, "cgnv6":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "listen-on-port", "forward", "ipsec", "ipsec-group" ], "description":"Apply CGNv6 policy" }, "cgnv6-policy":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'lsn-lid': Apply specified CGNv6 LSN LID; 'fixed-nat': Apply CGNv6 Fixed NAT; 'ds-lite': Apply CGNv6 DS-Lite; ", "enum":[ "lsn-lid", "fixed-nat", "ds-lite" ] }, "cgnv6-lsn-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"LSN LID" }, "cgnv6-ds-lite":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'lsn-lid': Apply specified CGNv6 LSN LID; ", "enum":[ "lsn-lid" ] }, "cgnv6-ds-lite-lsn-lid":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "description":"LSN LID" }, "inspect-payload":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable DS-Lite tunnel inspection" }, "permit-limit-policy":{ "type":"number", "format":"number", "minimum":1, "maximum":1023, "partition-visibility":"shared", "$ref":"/axapi/v3/template/limit-policy", "description":"Limit policy Template" }, "permit-respond-to-user-mac":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"ipsec", "description":"Use the user's source MAC for the next hop rather than the routing table (default:off)" }, "reset-respond-to-user-mac":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Use the user's source MAC for the next hop rather than the routing table (default:off)" }, "set-dscp":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"DSCP setting" }, "dscp-value":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"dscp-number", "description":"'default': Default dscp (000000); 'af11': AF11 (001010); 'af12': AF12 (001100); 'af13': AF13 (001110); 'af21': AF21 (010010); 'af22': AF22 (010100); 'af23': AF23 (010110); 'af31': AF31 (011010); 'af32': AF32 (011100); 'af33': AF33 (011110); 'af41': AF41 (100010); 'af42': AF42 (100100); 'af43': AF43 (100110); 'cs1': CS1 (001000); 'cs2': CS2 (010000); 'cs3': CS3 (011000); 'cs4': CS4 (100000); 'cs5': CS5 (101000); 'cs6': CS6 (110000); 'cs7': CS7 (111000); 'ef': EF (101110); ", "enum":[ "default", "af11", "af12", "af13", "af21", "af22", "af23", "af31", "af32", "af33", "af41", "af42", "af43", "cs1", "cs2", "cs3", "cs4", "cs5", "cs6", "cs7", "ef" ] }, "dscp-number":{ "type":"number", "format":"number", "minimum":0, "maximum":63, "partition-visibility":"shared", "not":"dscp-value", "description":"DSCP Number" }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } }, "move-rule":{ "type":"object", "$ref":"/axapi/v3/rule-set/{name}/rule/{name}/move-rule", "properties":{ "location":{ "type":"string", "format":"enum", "default":"bottom", "partition-visibility":"shared", "description":"'top': top; 'before': before; 'after': after; 'bottom': bottom; ", "enum":[ "top", "before", "after", "bottom" ] }, "target-rule":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } }, "object-keys":[ "name" ], "required":[ "name" ] }