1. Manuals
  2. Brands
  3. VMware Manuals
  4. Software
  5. VSHIELD APP 1.0 - API
  6. Programming manual

Delete All Dnat Rules; Configuring The Vshield Edge Firewall; Get The Firewall Rule Set For A Vshield Edge; Post A Firewall Rule Set - VMware VSHIELD APP 1.0 - API Programming Manual

Vshield api
Hide thumbs
Table of Contents

Advertisement

Delete All DNAT Rules

Example 5-22. Delete All DNAT Rules on a vShield Edge
Request:
DELETE <vshield_manager-uri>/api/1.0/network/<portgroup-moid>/dnat/rules
Example:
DELETE /api/1.0/network/network-244/dnat/rules HTTP/1.1
Authorization: Basic YWRtaW46ZGVmYXVsdA==
Host:localhost

Configuring the vShield Edge Firewall

The vShield Edge provides firewall protection for incoming and outgoing sessions. The default firewall policy 
allows all traffic to pass. In addition to the default firewall policy, you can configure a set of rules to allow or 
deny traffic sessions to and from specific sources and destinations. You manage the default firewall policy and 
firewall rule set separately for each vShield Edge agent.
All firewall rules for a vShield Edge configured by using REST requests appear under the vShield Edge > 
Firewall tab for the appropriate vShield Edge in the vShield Manager user interface and vSphere Client plug‐in.
For the vShield Edge firewall schema, see "vShield Edge Firewall Schema" on page 77.

Get the Firewall Rule Set for a vShield Edge

Example 5-23. Get the Entire Firewall Rule Set on a vShield Edge
Request:
GET <vShield_Manager-uri>/api/1.0/network/<portgroup-moid>/firewall/rules
Example:
GET /api/1.0/network/network-244/firewall/rules HTTP/1.1
Authorization: Basic YWRtaW46ZGVmYXVsdA==
Host: 10.112.196.213

Post a Firewall Rule Set

You add all firewall rules as a set for each vShield Edge. The vShield Manager processes the posted XML file 
as a complete rule set for the specified vShield Edge. The new rule set replaces the entire previous rule set.
I
   You must include rules from the current rule set in the new rule set to maintain those rules. Any 
MPORTANT
rules not included in the new rule set are deleted. Since you cannot delete the default rules, you must include 
the default rules in every rule set. You can change the action of any of the default rules.
Example 5-24. Post the Firewall Rule Set on a vShield Edge
Request:
POST <vShield_Manager-uri>/api/1.0/network/<portgroup-moid>/firewall/rules
<VShieldEdgeConfig>
<FirewallConfig>
<FirewallRule>
<protocol>tcp|udp|icmp|any</protocol>
<sourceIpAddress>see_below</sourceIpAddress>
<sourcePort>see_below</sourcePort>
<destinationIpAddress>see_below</destinationIpAddress>
VMware, Inc.
Chapter 5 vShield Edge Management
35

Advertisement

Table of Contents
loading

Related Manuals for VMware VSHIELD APP 1.0 - API

Related Content for VMware VSHIELD APP 1.0 - API

This manual is also suitable for:

Vshield manager 4.1 - apiVshield manager 4.1Vshield edge 1.0Vshield endpoint 1.0Vshield app 1.0 -

Table of Contents