APIRef_tm_security_firewall_management-ip-rules_rulesΒΆ

mgmt/tm/security/firewall/management-ip-rules/rules

/tm/security/firewall

Self IP firewall rule entry

REST Endpoints

Collection URI
/mgmt/tm/security/firewall/management-ip-rules/rules
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/security/firewall/management-ip-rules/rules/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, subPath

Properties

Name Type Default Value Required Access Description
action string none optional read/write Specifies the action that the system takes when a rule is matched.
appService string   optional read/write The application service that the object belongs to.
containerName string   optional read/write  
description string   optional read/write User defined description.
ipProtocol string   optional read/write Specifies the IP protocol against which the packet will be compared.
log string no optional read/write Specifies whether the packet will be logged if it matches the rule. Logging must also be enabled in the security log profile global-network configuration. Note that the statistics counter is always incremented when a packet matches a rule.
placeAfter string   optional read/write Specifies that a new rule should be placed after another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified.
placeBefore string   optional read/write Specifies that a new rule should be placed before another rule, first or last. If individual rules are being added (as opposed to specifying replace-all-with) then place-before or place-after must be specified.
ruleList string   optional read/write Specifies a list of rules to evaluate. See security firewall rule-list. If a rule-list is specified then only the schedule and status properties effect the rule.
schedule string   optional read/write Specifies a schedule for the rule. See security firewall schedule. If the rule refers to a rule-list the rule-list will be enabled according to the schedule. When the rule list is enabled, the schedules defined within the rule-list will be honored.
status string enabled optional read/write Specifies whether the rule is enabled, disabled or scheduled. A rule that is enabled is always checked. A rule that is disabled is never checked. A rule that is scheduled is checked according to the corresponding schedule configuration. A rule that is scheduled must have an associated schedule configuration.

Structures

Name Type Default Value Required Access Description
/destination array_structure   optional read/write  
/destination/address-lists array_structure   optional read/write Specifies a list of address lists (see security firewall address-list) against which the packet will be compared.
/destination/port-lists array_structure   optional read/write Specifies a list of port lists (see security firewall port-list) against which the packet will be compared.
/destination/addresses array_structure   optional read/write  
/destination/addresses/app-service string   optional read/write  
/destination/addresses/container-name string   optional read/write  
/destination/addresses/description string   optional read/write  
/destination/ports array_structure   optional read/write  
/destination/ports/app-service string   optional read/write  
/destination/ports/container-name string   optional read/write  
/destination/ports/description string   optional read/write  
/source array_structure   optional read/write  
/source/address-lists array_structure   optional read/write Specifies a list of address lists (see security firewall address-list) against which the packet will be compared.
/source/port-lists array_structure   optional read/write Specifies a list of port lists (see security firewall port-list) against which the packet will be compared.
/source/addresses array_structure   optional read/write  
/source/addresses/app-service string   optional read/write  
/source/addresses/container-name string   optional read/write  
/source/addresses/description string   optional read/write  
/source/ports array_structure   optional read/write  
/source/ports/app-service string   optional read/write  
/source/ports/container-name string   optional read/write  
/source/ports/description string   optional read/write  

Array Structures

Name Type Default Value Required Access Description
/icmp array_structure   optional read/write  
/icmp/app-service string   optional read/write  
/icmp/container-name string   optional read/write  
/icmp/description string   optional read/write  
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

Note

These firewall rules are applied to all packets that go through the management interface.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.