REST API Method: POST /rest/acltable/{identifier}/aclrule/{identifier}

Modifies an Access Control Rule managed object.

URL:

https://192.168.0.111/rest/acltable/{identifier}/aclrule/{identifier}

HTTP Method

POST

Requires Authentication:

true

Parameters

Parameter Name Required Service Affecting Data Type Default Value Possible Values Description
DescriptionNoNostringnone64 - Max Length Assigns an operator-friendly description text which can be used for future reference. Whitespaces are allowed.
aclActionYesYesEnum1Possible values:
  • 0 - ALLOW
  • 1 - DENY
Specifies the action taken by this rule if there is a match.
ipAddressingModeNoYesEnum0Possible values:
  • 0 - IPV4_ADDR_MODE
  • 1 - IPV6_ADDR_MODE
  • 2 - IPV4_AND_IPV6
Specifies the address mode for source IP/Mask and destination IP/Mask address. Note only IPv4 and IPv6 are valid.
srcIPAddrYesYesstringnone45 - Max Length Specifies the source IP address of the rule to be matched against the packet received.
srcIPAddrMaskYesYesstringnone45 - Max Length Specifies the netmask of the source IP address.
destIPAddrYesYesstringnone45 - Max Length Specifies the destination IP address of the rule to be matched against the packet received.
destIPAddrMaskYesYesstringnone45 - Max Length Specifies the netmask of the destination IP address.
aclProtocolYesYesintPossible values:
  • 0 - Minimum
  • 256 - Maximum
Specifies the protocol of the packet being matched against. Value of 256 will match all protocols.
aclMinSrcPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the minimum source port number to be matched against the packet which also includes the value specified. This is applicable only for SBC 1000/2000 platforms.
aclMaxSrcPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the maximum source port number to be matched against the packet which also includes the value specified. This is applicable only for SBC 1000/2000 platforms.
aclSrcPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the source port number to be matched against the packet which also includes the value specified. This is applicable only for SWe Lite system.
aclMinDstPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the minimum destination port number to be matched against the packet which also includes the value specified. This is applicable only for SBC 1000/2000 platforms.
aclMaxDstPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the maximum destination port number to be matched against the packet which also includes the value specified. This is applicable only for SBC 1000/2000 platforms.
aclDstPortYesYesintPossible values:
  • 0 - Minimum
  • 65535 - Maximum
Specifies the destination port number to be matched against the packet which also includes the value specified. This is applicable only for SWe Lite system.
ifNameYesYesstringnone64 - Max Length Specifies the name of the vSBC logical interface connected to the external network. Any of the Admin(mgt0) or Ethernet(Ethernet 1, Ethernet 2, Ethernet 3, Ethernet 4) interfaces can be used. Field left blank indicates the default setting is for any interfaces. This is applicable only for SWe Lite system.
aclPrecedenceYesYesint1Possible values:
  • 1 - Minimum
  • 65535 - Maximum
Specifies the rule precedence to control which ACL rule is applied when multiple rules match a given packet. If an incoming packet matches multiple rules, the IP ACL rule with the highest precedence(lowest numerical precedence value) is applied to that packet. Each IP ACL rule must define an unique precedence value. This is applicable only for SWe Lite system.
aclBucketSizeYesYesintPossible values:
  • 0 - Minimum
  • 255 - Maximum
Specifies the credit balance that should be consumed before the packets are discarded. The consumed credits resides in the buckets and gets reduced for every packet received on the Network Interface. If a packet is received when the credit balance is less than the size of the packet, the packet is discarded. Default value '0' represents unlimited continuous policing. This is applicable only for SWe Lite system.
aclFillRateYesYesintPossible values:
  • 0 - Minimum
  • 25000 - Maximum
Specifies the number of packets to add to the bucket credit balance(in packets/second). If a packet is received at a rate exceeding this fill rate, it is discarded. The bucket credit balance is always less than the configured bucket size regardless of the size of this increment. Default value '0' represents unlimited which passes packets unconditionally. This is applicable only for SWe Lite system.
ribbonProtectBadActorNoNoEnum0Possible values:
  • 0 - btFalse
  • 1 - btTrue
Represents if the ACL Rule is added through Ribbon Protect. Applicable only for a SWe Lite System.

Helpful Tip

The POST can contain either only the attributes that are being updated, or the full set of attributes for the resource

  • No labels