Skip to main content

Describe a Security Rule

GET 

/v1/config/rulestacks/:rulestackname/rulelists/:rulelistname/priorities/:priority

Retrieve the information related to the security rule associated with a specified rulestack.

Request

Path Parameters

    rulestackname stringrequired

    The name of the rulestack.

    rulelistname stringrequired

    The name of the rulelist.

    priority stringrequired

    The security rule priority.

Query Parameters

    Candidate Candidate

    Default value: true

    Rulestack candidate.

    Running Running

    Rulestacks in run state.

Responses

OK

Schema
    Response object
    Priority Priority (integer)

    The priority of the rule.

    RuleEntryCandidate object
    Action Action (string)

    Possible values: [Allow, DenySilent, DenyResetServer, DenyResetBoth]

    Default value: Allow

    Security rule actions: Allow, DenySilent, DenyResetServer, DenyResetBoth.

    Applications string[]

    Default value: Any

    Application details.

    AuditComment Auditcomment (string)

    Possible values: <= 512 characters

    Audit remarks.

    Category object

    Security rule category.

    IntelligentFeeds string[]

    Specify Intelligence Feed as the source or destination of your security rule.

    URLCategoryNames string[]

    Specify URL categories in security rules to block or allow access to websites.

    DecryptionRuleType Decryptionruletype (string)

    Possible values: [SSLOutboundInspection]

    Decryption policy rule.

    Description Description (string)

    Possible values: <= 512 characters

    Rule entry description.
    Max length: 512 characters, Pattern: Any character ^.*$.

    Destination object

    Rule entry destination.

    Cidrs string[]

    Default value: Any

    The CIDR block or range as the destination of your security rule.

    Countries string[]

    Country as the destination of your security rule

    Feeds string[]

    Intelligence Feed as the destination of your security rule.

    FqdnLists string[]

    Fully Qualified Domain Name (FQDN) list as the destination of your security rule.

    PrefixLists string[]

    Grouped IP addresses as the destination of your security rule.

    Enabled Enabled (boolean)

    Default value: true

    Specify whether or not the rule is enabled.

    Logging Logging (boolean)

    Specify whether or not logging is enabled.

    NegateDestination Negatedestination (boolean)

    Rule to negate a specified destination.

    NegateSource Negatesource (boolean)

    Rule to negate a specified source.

    Protocol Protocol (string)

    Default value: application-default

    Application protocol.

    RuleName Rulename (string)required

    Possible values: non-empty and <= 128 characters, Value must match regular expression ^[a-zA-Z0-9-]+$

    Name of the rule entry.
    Length: 0-48 characters, Pattern: ^[a-zA-Z0-9-]+$.

    Source object

    Traffic source.

    Cidrs string[]

    Default value: Any

    The CIDR block or range as the source of your security rule.

    Countries string[]

    Country as the source of your security rule

    Feeds string[]

    Intelligence Feed as the source of your security rule.

    PrefixLists string[]

    Grouped IP addresses as the source of your security rule.

    Tags object[]

    Possible values: <= 200

    The key:value pairs to associate with a resource.

  • Array [
  • Key Key (string)required

    Possible values: non-empty and <= 128 characters

    A unique identifier in the key-value pair. The constant that defines the data set. .

    Value Value (string)required

    Possible values: non-empty and <= 128 characters

    The variable that belongs to the data set.

  • ]
  • UpdateToken Updatetoken (string)

    Refresh token.

    RuleEntryRunning object
    Action Action (string)

    Possible values: [Allow, DenySilent, DenyResetServer, DenyResetBoth]

    Default value: Allow

    Security rule actions: Allow, DenySilent, DenyResetServer, DenyResetBoth.

    Applications string[]

    Default value: Any

    Application details.

    AuditComment Auditcomment (string)

    Possible values: <= 512 characters

    Audit remarks.

    Category object

    Security rule category.

    IntelligentFeeds string[]

    Specify Intelligence Feed as the source or destination of your security rule.

    URLCategoryNames string[]

    Specify URL categories in security rules to block or allow access to websites.

    DecryptionRuleType Decryptionruletype (string)

    Possible values: [SSLOutboundInspection]

    Decryption policy rule.

    Description Description (string)

    Possible values: <= 512 characters

    Rule entry description.
    Max length: 512 characters, Pattern: Any character ^.*$.

    Destination object

    Rule entry destination.

    Cidrs string[]

    Default value: Any

    The CIDR block or range as the destination of your security rule.

    Countries string[]

    Country as the destination of your security rule

    Feeds string[]

    Intelligence Feed as the destination of your security rule.

    FqdnLists string[]

    Fully Qualified Domain Name (FQDN) list as the destination of your security rule.

    PrefixLists string[]

    Grouped IP addresses as the destination of your security rule.

    Enabled Enabled (boolean)

    Default value: true

    Specify whether or not the rule is enabled.

    Logging Logging (boolean)

    Specify whether or not logging is enabled.

    NegateDestination Negatedestination (boolean)

    Rule to negate a specified destination.

    NegateSource Negatesource (boolean)

    Rule to negate a specified source.

    Protocol Protocol (string)

    Default value: application-default

    Application protocol.

    RuleName Rulename (string)required

    Possible values: non-empty and <= 128 characters, Value must match regular expression ^[a-zA-Z0-9-]+$

    Name of the rule entry.
    Length: 0-48 characters, Pattern: ^[a-zA-Z0-9-]+$.

    Source object

    Traffic source.

    Cidrs string[]

    Default value: Any

    The CIDR block or range as the source of your security rule.

    Countries string[]

    Country as the source of your security rule

    Feeds string[]

    Intelligence Feed as the source of your security rule.

    PrefixLists string[]

    Grouped IP addresses as the source of your security rule.

    Tags object[]

    Possible values: <= 200

    The key:value pairs to associate with a resource.

  • Array [
  • Key Key (string)required

    Possible values: non-empty and <= 128 characters

    A unique identifier in the key-value pair. The constant that defines the data set. .

    Value Value (string)required

    Possible values: non-empty and <= 128 characters

    The variable that belongs to the data set.

  • ]
  • UpdateToken Updatetoken (string)

    Refresh token.

    RuleListName Rulelistname (string)

    Name of the rule list.
    Length: 0-128 characters, Pattern: ^[a-zA-Z0-9-]+$.

    RuleStackName Rulestackname (string)

    Name of the rulestack.

    ResponseStatus object
    ErrorCode Errorcode (integer)

    Default value: 0

    Default value of a successful response is 0. Any other number indicates an error code.

    400—HTTP bad request

    • InvalidRequestException—Operation failed due to invalid request. For example, unsupported parameter name, value, priority, or length in the request.
    • ResourceNotFoundException—Unable to locate a resource using the parameters you provided. For example, RuleListName is not found, Priority is not found.
    • ThrottlingException—Operation failed due to throttling limitations.

    500—Bad request

    • InternalServerError—Your request is valid but Cloud NGFW could not perform the operation due to a system issue.
    Reason Reason (string)

    The error description.

Loading...