fw¶
Firewall
fw Specification¶
Type Intermediate Resource Element Name fw Element URI /axapi/v3/fw Element Attributes fw_attributes Schema fw schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/fw | fw_attributes |
fw attributes¶
active-rule-set
Description: active-rule-set is a JSON Block. Please see below for active-rule-set
Type: Object
Refernce Object: /axapi/v3/fw/active-rule-set
alg-list
Type: List
Refernce Object: /axapi/v3/fw/alg/{name}+{name2}
apply-changes
Description: apply-changes is a JSON Block. Please see below for apply-changes
Type: Object
Refernce Object: /axapi/v3/fw/apply-changes
global
Description: global is a JSON Block. Please see below for global
Type: Object
Refernce Object: /axapi/v3/fw/global
helper-sessions
Description: helper-sessions is a JSON Block. Please see below for helper-sessions
Type: Object
Refernce Object: /axapi/v3/fw/helper-sessions
logging
Description: logging is a JSON Block. Please see below for logging
Type: Object
Refernce Object: /axapi/v3/fw/logging
session-aging-list
Type: List
Refernce Object: /axapi/v3/fw/session-aging/{name}
tcp-rst-close-immediate
Description: tcp-rst-close-immediate is a JSON Block. Please see below for tcp-rst-close-immediate
Type: Object
Refernce Object: /axapi/v3/fw/tcp-rst-close-immediate
tcp-window-check
Description: tcp-window-check is a JSON Block. Please see below for tcp-window-check
Type: Object
Refernce Object: /axapi/v3/fw/tcp-window-check
vrid
Description: vrid is a JSON Block. Please see below for vrid
Type: Object
Refernce Object: /axapi/v3/fw/vrid
active-rule-set¶
Specification Type object name
Description Rule set name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/rule-set
session-aging
Description Session Aging Template
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/fw/session-aging
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid¶
Specification Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid
Description Vrrp group (VRRP-A vrid)
Type: number
Range: 1-31
logging¶
Specification Type object name
Description Logging Template Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/slb/template/logging
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp-window-check¶
Specification Type object sampling-enable
Type: Liststatus
Description ‘enable’: Enable TCP window check (default); ‘disable’: Disable TCP window check;
Type: string
Supported Values: enable, disable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp-window-check_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘outside-window’: packet dropped for outside of tcp window;
Type: string
Supported Values: all, outside-window
apply-changes¶
Specification Type object apply-changes
Description Invoke rule-set recompile immediately
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
global¶
Specification Type object alg-processing
Description ‘honor-rule-set’: Honors firewall rule-sets; ‘override-rule-set’: Override firewall rule-sets;
Type: string
Supported Values: honor-rule-set, override-rule-set
Default: honor-rule-set
disable-ip-fw-sessions
Description disable create sessions for non TCP/UDP/ICMP
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
helper-sessions¶
Specification Type object idle-timeout
Description helper-sessions idle-timeout time (Idle-timeout in minutes (default: 1 minute))
Type: number
Range: 1-255
Default: 1
limit
Description Limit number of helper-sessions (Limit helper-sessions number)
Type: number
mode
Description ‘disable’: Disable helper-sessions;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg-list¶
Specification Type list Block object keys name
Description ‘FTP’: Disable FTP ALG default port 21; ‘TFTP’: Disable TFTP ALG default port 69; ‘SIP’: Disable SIP ALG default port 5060; ‘DNS’: Disable DNS ALG default port 53;
Type: string
Supported Values: FTP, TFTP, SIP, DNS
name2
Description ‘ICMP’: Disable ICMP ALG which allow ICMP errors pass firewall;
Type: string
Supported Values: ICMP
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
session-aging-list¶
Specification Type list Block object keys alive-if-active
Description keep connection alive if active traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
force-delete-timeout
Description The maximum time that a session can stay in the system before being deleted, default is off (number (second))
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive
force-delete-timeout-100ms
Description The maximum time that a session can stay in the system before being deleted, default is off (number in 100ms)
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive
half-close-idle-timeout
Description TCP Half Close Idle Timeout (sec), default is off (number)
Type: number
Range: 60-120
half-open-idle-timeout
Description TCP Half Open Idle Timeout (sec), default is off (number)
Type: number
Range: 1-60
icmp-idle-timeout
Description Idle Timeout value (default 2 seconds) (idle timeout in second, default 2)
Type: number
Range: 2-15000
Default: 2
ip-idle-timeout
Description Idle Timeout (sec), default is 30 (number)
Type: number
Range: 1-2097151
Default: 30
name
Description session-aging Template (session-aging Template name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp-idle-timeout
Description Idle Timeout (sec), default is 600 (number)
Type: number
Range: 1-2097151
Default: 600
udp-idle-timeout
Description Idle Timeout value (default 120 seconds) (idle timeout in second, default 120)
Type: number
Range: 1-2097151
Default: 120
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp-rst-close-immediate¶
Specification Type object status
Description ‘enable’: Enable TCP RST close immediate (default); ‘disable’: Disable TCP RST close immediate;
Type: string
Supported Values: enable, disable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters