APIRef_tm_net_route-domain_fw-activeΒΆ

mgmt/tm/net/route-domain/fw-active

/tm/net

Firewall policy rule entry

REST Endpoints

Collection URI
/mgmt/tm/net/route-domain/fw-active
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/net/route-domain/fw-active/~resource id
Resource Methods
OPTIONS, GET
Resource Natural Key
name, partition, subPath

Properties

Name Type Default Value Required Access Description
action string none optional read/write Specifies the action that the system takes when a rule is matched.
appService string   optional read/write The application service that the object belongs to.
description string   optional read/write User defined description.
ipProtocol string   optional read/write Specifies the IP protocol against which the packet will be compared.
irule string   optional read/write Specifies the name of the iRule which will be triggered if the packet matches this firewall rule.
iruleSampleRate integer 1 optional read/write Specifies the rate at which iRule will be triggered if the packet matches this firewall rule.
log string no optional read/write Specifies whether the packet will be logged if it matches the rule. Logging must also be enabled in the security log profile global-network configuration. Note that the statistics counter is always incremented when a packet matches a rule.
placeAfter string   optional read/write Specifies that a new rule should be placed after another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified.
placeBefore string   optional read/write Specifies that a new rule should be placed before another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified.
ruleList string   optional read/write Specifies a list of rules to evaluate. See security firewall rule-list. If a rule-list is specified then only the schedule and status properties effect the rule.
schedule string   optional read/write Specifies a schedule for the rule. See security firewall schedule. If the rule refers to a rule-list the rule-list will be enabled according to the schedule. When the rule list is enabled, the schedules defined within the rule-list will be honored.
servicePolicy string   optional read/write Specifies the service policy to use.
status string enabled optional read/write Specifies whether the rule is enabled, disabled or scheduled. A rule that is enabled is always checked. A rule that is disabled is never checked. A rule that is scheduled is checked according to the corresponding schedule configuration. A rule that is scheduled must have an associated schedule configuration.
virtualServer string   optional read/write  

Structures

Name Type Default Value Required Access Description
/destination array_structure   optional read/write  
/destination/address-lists array_structure   optional read/write Specifies a list of address lists (see security firewall address-list) against which the packet will be compared.
/destination/port-lists array_structure   optional read/write Specifies a list of port lists (see security firewall port-list) against which the packet will be compared.
/destination/addresses array_structure   optional read/write  
/destination/addresses/app-service string   optional read/write  
/destination/addresses/description string   optional read/write  
/destination/fqdns array_structure   optional read/write  
/destination/fqdns/app-service string   optional read/write  
/destination/fqdns/description string   optional read/write  
/destination/geo array_structure   optional read/write  
/destination/geo/app-service string   optional read/write  
/destination/geo/description string   optional read/write User defined description.
/destination/ports array_structure   optional read/write  
/destination/ports/app-service string   optional read/write  
/destination/ports/description string   optional read/write  
/source array_structure   optional read/write  
/source/address-lists array_structure   optional read/write Specifies a list of address lists (see security firewall address-list) against which the packet will be compared.
/source/port-lists array_structure   optional read/write Specifies a list of port lists (see security firewall port-list) against which the packet will be compared.
/source/vlans array_structure   optional read/write Specifies a list of vlans, vlan groups and tunnels against which the packet will be compared.
/source/addresses array_structure   optional read/write  
/source/addresses/app-service string   optional read/write  
/source/addresses/description string   optional read/write  
/source/fqdns array_structure   optional read/write  
/source/fqdns/app-service string   optional read/write  
/source/fqdns/description string   optional read/write  
/source/geo array_structure   optional read/write  
/source/geo/app-service string   optional read/write  
/source/geo/description string   optional read/write User defined description.
/source/ports array_structure   optional read/write  
/source/ports/app-service string   optional read/write  
/source/ports/description string   optional read/write  
/source/identity array_structure   optional read/write  
/source/identity/user-lists array_structure   optional read/write Specifies a list of user lists (see security firewall user-list) against which the packet will be compared.
/source/identity/subscriber-groups array_structure   optional read/write  
/source/identity/subscriber-groups/description string   optional read/write  
/source/identity/subscribers array_structure   optional read/write  
/source/identity/subscribers/description string   optional read/write  
/source/identity/user-groups array_structure   optional read/write Specifies the list of user groups against which the packet will be compared.
/source/identity/user-groups/description string   optional read/write  
/source/identity/users array_structure   optional read/write Specifies the list of users against which the packet will be compared.
/source/identity/users/description string   optional read/write  

Array Structures

Name Type Default Value Required Access Description
/icmp array_structure   optional read/write  
/icmp/app-service string   optional read/write  
/icmp/description string   optional read/write  
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.