Grupos de regras servem para organizar e facilitar a ordenação das regras.
As regras associadas com o grupo dão prefêrencia a ordem do grupo, e depois da regra.
Esta é uma API de gerenciamento dos grupos de regras de Firewall
API de listagem de grupos de regras
Esta api permite fazer filtros através de 3 parâmetros na URL (QueryStrings), que são: zone, type, direction
Exemplo de requisição
GET /api/firewall/rules/groups?type=forward&zone=lan&direction=destination HTTP/1.1
Host: api.exemplo.com
Accept: application/json
Authorization: Bearer <Access-Token>
from itflex_sdk.firewall.types import GetRulesGroupsRequest
request = GetRulesGroupsRequest(
type="forward",
zone="lan",
direction="destination"
)
response = sdk.firewall.get_rules_groups(request)
print(response.payload)
const response = sdk.firewall.getRulesGroups({
type: "forward",
zone: "lan",
direction: "destination"
});
console.log(response.payload);
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
{
"rules_groups": [
{
"id": 1,
"name": "Group",
"order": 5,
"type": "forward",
"zone": "lan",
"direction": "destination",
"created_at": "2018-08-02T08:28:30.932000+00:00",
"updated_at": "2018-08-02T08:28:30.932000+00:00"
},
{
"id": 5,
"name": "Another group",
"order": 10,
"type": "forward",
"zone": "lan",
"direction": "destination",
"created_at": "2018-08-02T09:30:30.932000+00:00",
"updated_at": "2018-08-02T09:30:30.932000+00:00"
},
{
"id": 8,
"name": "Foo group",
"order": 15,
"type": "forward",
"zone": "lan",
"direction": "destination",
"created_at": "2018-08-02T09:32:30.932000+00:00",
"updated_at": "2018-08-02T09:32:30.932000+00:00"
}
]
}
[
RulesGroup(
id=1,
name="Group",
order=5,
type="forward",
zone="lan",
direction="destination",
created_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00'))
),
RulesGroup(
id=5,
name="Another group",
order=10,
type="forward",
zone="lan",
direction="destination",
created_at=DateTime(2018, 8, 2, 9, 30, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 8, 2, 9, 30, 30, tzinfo=Timezone('+00:00'))
),
RulesGroup(
id=8,
name="Foo group",
order=15,
type="forward",
zone="lan",
direction="destination",
created_at=DateTime(2018, 8, 2, 9, 32, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 8, 2, 9, 32, 30, tzinfo=Timezone('+00:00'))
)
]
[
{
id: 1,
name: "Group",
order: 5,
type: "forward",
zone: "lan",
direction: "destination",
createdAt: "2018-08-02T08:28:30.932000+00:00",
updatedAt: "2018-08-02T08:28:30.932000+00:00"
},
{
id: 5,
name: "Another group",
order: 10,
type: "forward",
zone: "lan",
direction: "destination",
createdAt: "2018-08-02T09:30:30.000Z",
updatedAt: "2018-08-02T09:30:30.000Z"
},
{
id: 8,
name: "Foo group",
order: 15,
type: "forward",
zone: "lan",
direction: "destination",
createdAt: "2018-08-02T09:32:30.000Z",
updatedAt: "2018-08-02T09:32:30.000Z"
}
];
API de listagem de grupos de regras com suas respectivas regras
Esta api permite fazer filtros através de 3 parâmetros, que são: zone, type, direction
Exemplo de requisição
GET /api/firewall/rules/groups/full?type=forward&zone=lan&direction=destination HTTP/1.1
Host: api.exemplo.com
Accept: application/json
Authorization: Bearer <Access-Token>
from itflex_sdk.firewall.types import GetFullRulesGroupsRequest
request = GetFullRulesGroupsRequest(
type="forward",
zone="lan",
direction="destination"
)
response = sdk.firewall.get_full_rules_groups(request)
print(response.payload)
const response = sdk.firewall.getFullRulesGroups({
type: "forward",
zone: "lan",
direction: "destination"
});
console.log(response.payload);
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
{
"rules_groups": [
{
"id": 1,
"name": "Group",
"order": 5,
"type": "forward",
"zone": "lan",
"direction": "destination",
"rules": [
{
"id": 1,
"enabled": true,
"order": 3,
"linked_rule": {
"id": 15,
"group_name": null,
"description": null
},
"description": "Rule01",
"action": "accept",
"protocol": "tcp",
"log_enabled": true,
"log_info": "",
"src_conn_type": "any",
"src_conn": null,
"dst_conn_type": null,
"dst_conn": null,
"src_addr_type": "network",
"src_addr": "192.168.0.0/24",
"src_translated_addr": null,
"dst_addr_type": "any",
"dst_addr": null,
"dst_translated_addr": null,
"dst_port_type": null,
"dst_port": null,
"dst_translated_port": null
},
{
"id": 2,
"enabled": true,
"order": 7,
"linked_rule": null,
"description": "Rule02",
"action": "accept",
"protocol": "tcp",
"log_enabled": true,
"log_info": "test log info",
"src_conn_type": "any",
"src_conn": null,
"dst_conn_type": null,
"dst_conn": null,
"src_addr_type": "ip",
"src_addr": "192.168.100.24",
"src_translated_addr": null,
"dst_addr_type": "any",
"dst_addr": null,
"dst_translated_addr": null,
"dst_port_type": "port",
"dst_port": "2525",
"dst_translated_port": null
}
],
"created_at": "2018-08-02T08:28:30.932000+00:00",
"updated_at": "2018-08-02T08:28:30.932000+00:00"
}
]
}
[
RulesGroup(
id=1,
name="Group",
order=5,
type="forward",
zone="lan",
direction="destination",
rules=[
Rule(
id=1,
enabled=True,
order=3,
linked_rule=LinkedRule(
id=15,
group_name=None,
description=None
),
description="Rule01",
action="accept",
protocol="tcp",
log_enabled=True,
log_info="",
src_conn_type="any",
src_conn=None,
dst_conn_type=None,
dst_conn=None,
src_addr_type="network",
src_addr="192.168.0.0/24",
src_translated_addr=None,
dst_addr_type="any",
dst_addr=None,
dst_translated_addr=None,
dst_port_type=None,
dst_port=None,
dst_translated_port=None
),
Rule(
id=2,
enabled=True,
order=7,
linked_rule=None,
description="Rule02",
action="accept",
protocol="tcp",
log_enabled=True,
log_info="test log info",
src_conn_type="any",
src_conn=None,
dst_conn_type=None,
dst_conn=None,
src_addr_type="ip",
src_addr="192.168.100.24",
src_translated_addr=None,
dst_addr_type="any",
dst_addr=None,
dst_translated_addr=None,
dst_port_type="port",
dst_port="2525",
dst_translated_port=None
}
],
created_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00'))
)
]
[
{
id: 1,
name: "Group",
order: 5,
type: "forward",
zone: "lan",
direction: "destination",
rules: [
{
id: 1,
enabled: true,
order: 3,
linkedRule: {
id: 15,
groupName: null,
description: null
},
description: "Rule01",
action: "accept",
protocol: "tcp",
logEnabled: true,
logInfo: "",
srcConnType: "any",
srcConn: null,
dstConnType: null,
dstConn: null,
srcAddrType: "network",
srcAddr: "192.168.0.0/24",
srcTranslatedAddr: null,
dstAddrType: "any",
dstAddr: null,
dstTranslatedAddr: null,
dstPortType: null,
dstPort: null,
dstTranslatedPort: null
},
{
id: 2,
enabled: true,
order: 7,
linkedRule: null,
description: "Rule02",
action: "accept",
protocol: "tcp",
logEnabled: true,
logInfo: "test log info",
srcConnType: "any",
srcConn: null,
dstConnType: null,
dstConn: null,
srcAddrType: "ip",
srcAddr: "192.168.100.24",
srcTranslatedAddr: null,
dstAddrType: "any",
dstAddr: null,
dstTranslatedAddr: null,
dstPortType: "port",
dstPort: "2525",
dstTranslatedPort: null
}
],
createdAt: "2018-08-02T08:28:30.932000+00:00",
updatedAt: "2018-08-02T08:28:30.932000+00:00"
}
];
API de busca de grupos de regras
id
Exemplo de requisição
GET /api/firewall/groups/rules/1 HTTP/1.1
Host: api.exemplo.com
Accept: application/json
Authorization: Bearer <Access-Token>
response = sdk.firewall.get_rules_group(id=1)
print(response.payload)
const response = sdk.firewall.getRulesGroup({ id: 1 });
console.log(response.payload);
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": 1,
"name": "Group",
"order": 5,
"type": "forward",
"zone": "lan",
"direction": "source",
"created_at": "2018-08-02T08:28:30.932000+00:00",
"updated_at": "2018-08-02T08:28:30.932000+00:00"
}
RulesGroup(
id=1,
name="Group",
order=5,
type="forward",
zone="lan",
direction="source",
created_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 8, 2, 8, 28, 30, tzinfo=Timezone('+00:00'))
)
{
id: 1,
name: "Group",
order: 5,
type: "forward",
zone: "lan",
direction: "source",
createdAt: "2018-08-02T08:28:30.932000+00:00",
updatedAt: "2018-08-02T08:28:30.932000+00:00"
}
API de criação de grupos de regras
Exemplo de requisição
POST /api/firewall/rules/groups HTTP/1.1
Host: api.exemplo.com
Content-Type: application/json
Accept: application/json
Authorization: Bearer <Access-Token>
{
"type": "forward",
"zone": "lan",
"direction": "any",
"name": "New group",
"order": 20
}
from itflex_sdk.firewall.types import CreateRulesGroupRequest
request = CreateRulesGroupRequest(
type="forward",
zone="lan",
direction="any",
name="New group",
order=20
)
response = sdk.firewall.create_rules_group(request)
print(response.payload)
const rulesGroup = sdk.firewall.types.RulesGroup();
rulesGroup.type = "forward";
rulesGroup.zone = "lan";
rulesGroup.direction = "any";
rulesGroup.name = "New group";
rulesGroup.order = 20;
const response = sdk.firewall.createRulesGroup(rulesGroup);
console.log(response.payload);
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": 4,
"name": "New group",
"order": 20,
"type": "forward",
"zone": "lan",
"direction": "any",
"created_at": "2018-12-13T10:32:30.932000+00:00",
"updated_at": "2018-12-13T10:32:30.932000+00:00"
}
RulesGroup(
id=4,
name="New group",
order=20,
type="forward",
zone="lan",
direction="any",
created_at=DateTime(2018, 12, 13, 10, 32, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 12, 13, 10, 32, 30, tzinfo=Timezone('+00:00'))
)
{
id: 4,
name: "New group",
order: 20,
type: "forward",
zone: "lan",
direction: "any",
createdAt: "2018-12-13T10:32:30.932000+00:00",
updatedAt: "2018-12-13T10:32:30.932000+00:00"
}
API de edição de grupos de regras
id
Exemplo de requisição
PUT /api/firewall/rules/groups/4 HTTP/1.1
Host: api.exemplo.com
Content-Type: application/json
Accept: application/json
Authorization: Bearer <Access-Token>
{
"name": "Edited group",
"order": 25
}
from itflex_sdk.firewall.types import UpdateRulesGroupRequest
request = UpdateRulesGroupRequest(
id=4,
name="Edited group",
order=25
)
response = sdk.firewall.update_rules_group(request)
print(response.payload)
const rulesGroup = {
id: 4,
name: "Edited group",
order: 25
};
const response = sdk.firewall.updateRulesGroup(rulesGroup);
console.log(response.payload);
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": 4,
"name": "Edited group",
"order": 25,
"type": "forward",
"zone": "lan",
"direction": "any",
"created_at": "2018-12-13T10:32:30.932000+00:00",
"updated_at": "2018-12-13T10:37:15.932000+00:00"
}
RulesGroup(
id=4,
name="Edited group",
order=25,
type="forward",
zone="lan",
direction="any",
created_at=DateTime(2018, 12, 13, 10, 32, 30, tzinfo=Timezone('+00:00')),
updated_at=DateTime(2018, 12, 13, 10, 37, 15, tzinfo=Timezone('+00:00'))
)
{
id: 4,
name: "Edited group",
order: 25,
type: "forward",
zone: "lan",
direction: "any",
createdAt: "2018-12-13T10:32:30.932000+00:00",
updatedAt: "2018-12-13T10:37:15.932000+00:00"
}
API de exclusão de grupos de regras
id
Exemplo de requisição
DELETE /api/firewall/rules/groups/1 HTTP/1.1
Host: api.exemplo.com
Accept: application/json
Authorization: Bearer <Access-Token>
response = sdk.firewall.delete_rules_group(id=1)
const response = sdk.firewall.deleteRulesGroup({ id: 1 });
Exemplo de resposta
HTTP/1.1 200 OK
Content-Type: application/json
Parâmetros da url
| Campo | Descrição |
|---|---|
| id | int Identificador do grupo de regras |
Parâmetros de consulta
| Campo | Descrição |
|---|---|
| type | string Tipo das regras que o grupo contém. |
| zone | string Zona do grupo de regras. Ignorado se o parâmetro |
| direction | string Direção das regras do grupo. Ignorado se o parâmetro |
Requisição
| Campo | Descrição | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| name | stringrequerido único Nome do grupo de regras. |
||||||||
| order | intrequerido Campo de ordenação dos grupos de regras. Deve ser sempre um número positivo. |
||||||||
| type | stringrequerido inalterável Tipo das regras que o grupo contém. Valores possíveis:
|
||||||||
| zone | stringinalterável Zona do grupo de regras. Requerido se: o campo Valores possíveis:
|
||||||||
| direction | stringinalterável Direção das regras do grupo. Requerido se: o campo
|
Resposta
| Campo | Descrição |
|---|---|
| id | int Identificador do grupo de regras |
| name | string Nome do grupo de regras. |
| order | int Campo de ordenação dos grupos de regras. |
| type | string Tipo das regras que o grupo contém. |
| zone | string Zona do grupo de regras. |
| direction | string Direção das regras do grupo. |
| rules | List<Rule> Lista de regras vinculadas ao grupo. |