APIRef_tm_net_route-domain_fw-activeΒΆ
mgmt/tm/net/route-domain/fw-active
Firewall policy rule entry
REST Endpoints
- Collection URI
/mgmt/tm/net/route-domain/fw-active
- Collection Methods
OPTIONS, GET
- Resource URI
/mgmt/tm/net/route-domain/fw-active/~resource id
- Resource Methods
OPTIONS, GET
- Resource Natural Key
name, partition, subPath
Properties
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
action |
string | none | optional | read/write | Specifies the action that the system takes when a rule is matched. |
appService |
string | optional | read/write | The application service that the object belongs to. | |
description |
string | optional | read/write | User defined description. | |
ipProtocol |
string | optional | read/write | Specifies the IP protocol against which the packet will be compared. | |
irule |
string | optional | read/write | Specifies the name of the iRule which will be triggered if the packet matches this firewall rule. | |
iruleSampleRate |
integer | 1 | optional | read/write | Specifies the rate at which iRule will be triggered if the packet matches this firewall rule. |
log |
string | no | optional | read/write | Specifies whether the packet will be logged if it matches the rule. Logging must also be enabled in the security log profile global-network configuration. Note that the statistics counter is always incremented when a packet matches a rule. |
placeAfter |
string | optional | read/write | Specifies that a new rule should be placed after another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified. | |
placeBefore |
string | optional | read/write | Specifies that a new rule should be placed before another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified. | |
ruleList |
string | optional | read/write | Specifies a list of rules to evaluate. See security firewall rule-list. If a rule-list is specified then only the schedule and status properties effect the rule. | |
schedule |
string | optional | read/write | Specifies a schedule for the rule. See security firewall schedule. If the rule refers to a rule-list the rule-list will be enabled according to the schedule. When the rule list is enabled, the schedules defined within the rule-list will be honored. | |
servicePolicy |
string | optional | read/write | Specifies the service policy to use. | |
status |
string | enabled | optional | read/write | Specifies whether the rule is enabled, disabled or scheduled. A rule that is enabled is always checked. A rule that is disabled is never checked. A rule that is scheduled is checked according to the corresponding schedule configuration. A rule that is scheduled must have an associated schedule configuration. |
virtualServer |
string | optional | read/write |
Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/destination |
array_structure | optional | read/write | ||
/destination/address-lists |
array_structure | optional | read/write | Specifies a list of address lists (see security firewall address-list) against which the packet will be compared. | |
/destination/port-lists |
array_structure | optional | read/write | Specifies a list of port lists (see security firewall port-list) against which the packet will be compared. | |
/destination/addresses |
array_structure | optional | read/write | ||
/destination/addresses/app-service |
string | optional | read/write | ||
/destination/addresses/description |
string | optional | read/write | ||
/destination/fqdns |
array_structure | optional | read/write | ||
/destination/fqdns/app-service |
string | optional | read/write | ||
/destination/fqdns/description |
string | optional | read/write | ||
/destination/geo |
array_structure | optional | read/write | ||
/destination/geo/app-service |
string | optional | read/write | ||
/destination/geo/description |
string | optional | read/write | User defined description. | |
/destination/ports |
array_structure | optional | read/write | ||
/destination/ports/app-service |
string | optional | read/write | ||
/destination/ports/description |
string | optional | read/write | ||
/source |
array_structure | optional | read/write | ||
/source/address-lists |
array_structure | optional | read/write | Specifies a list of address lists (see security firewall address-list) against which the packet will be compared. | |
/source/port-lists |
array_structure | optional | read/write | Specifies a list of port lists (see security firewall port-list) against which the packet will be compared. | |
/source/vlans |
array_structure | optional | read/write | Specifies a list of vlans, vlan groups and tunnels against which the packet will be compared. | |
/source/addresses |
array_structure | optional | read/write | ||
/source/addresses/app-service |
string | optional | read/write | ||
/source/addresses/description |
string | optional | read/write | ||
/source/fqdns |
array_structure | optional | read/write | ||
/source/fqdns/app-service |
string | optional | read/write | ||
/source/fqdns/description |
string | optional | read/write | ||
/source/geo |
array_structure | optional | read/write | ||
/source/geo/app-service |
string | optional | read/write | ||
/source/geo/description |
string | optional | read/write | User defined description. | |
/source/ports |
array_structure | optional | read/write | ||
/source/ports/app-service |
string | optional | read/write | ||
/source/ports/description |
string | optional | read/write | ||
/source/identity |
array_structure | optional | read/write | ||
/source/identity/user-lists |
array_structure | optional | read/write | Specifies a list of user lists (see security firewall user-list) against which the packet will be compared. | |
/source/identity/subscriber-groups |
array_structure | optional | read/write | ||
/source/identity/subscriber-groups/description |
string | optional | read/write | ||
/source/identity/subscribers |
array_structure | optional | read/write | ||
/source/identity/subscribers/description |
string | optional | read/write | ||
/source/identity/user-groups |
array_structure | optional | read/write | Specifies the list of user groups against which the packet will be compared. | |
/source/identity/user-groups/description |
string | optional | read/write | ||
/source/identity/users |
array_structure | optional | read/write | Specifies the list of users against which the packet will be compared. | |
/source/identity/users/description |
string | optional | read/write |
Array Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/icmp |
array_structure | optional | read/write | ||
/icmp/app-service |
string | optional | read/write | ||
/icmp/description |
string | optional | read/write |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.