Access control list rule
Used by actions: DescribeAcLists.
Name | Type | Description |
---|---|---|
Id | Integer | Rule ID |
SourceIp | String | Access source Note: This field may return null , indicating that no valid value was found. |
TargetIp | String | Access destination Note: This field may return null , indicating that no valid value was found. |
Protocol | String | Protocol Note: This field may return null , indicating that no valid value was found. |
Port | String | Port Note: This field may return null , indicating that no valid value was found. |
Strategy | Integer | Policy Note: This field may return null , indicating that no valid value was found. |
Detail | String | Description Note: This field may return null , indicating that no valid value was found. |
Count | Integer | Hit count |
OrderIndex | Integer | Priority |
LogId | String | Alert rule ID Note: This field may return null , indicating that no valid value was found. |
AssetZone
Used by actions: DescribeSourceAsset.
Name | Type | Description |
---|---|---|
Zone | String | Region |
ZoneEng | String | Region |
Instance associated with an enterprise security group
Used by actions: DescribeAssociatedInstanceList.
Name | Type | Required | Description |
---|---|---|---|
InstanceId | String | Yes | Instance ID Note: This field may return null , indicating that no valid value was found. |
InstanceName | String | Yes | Instance name Note: This field may return null , indicating that no valid value was found. |
Type | Integer | Yes | Instance type. 3: CVM instance; 4: CLB instance; 5: ENI instance; 6: Cloud database Note: This field may return null , indicating that no valid value was found. |
VpcId | String | Yes | VPC ID Note: This field may return null , indicating that no valid value was found. |
VpcName | String | Yes | VPC name Note: This field may return null , indicating that no valid value was found. |
PublicIp | String | Yes | Public IP Note: This field may return null , indicating that no valid value was found. |
Ip | String | Yes | Private IP Note: This field may return null , indicating that no valid value was found. |
SecurityGroupCount | Integer | Yes | The number of associated security groups Note: This field may return null , indicating that no valid value was found. |
Canary publish information of the rule
Used by actions: DescribeNatAcRule.
Name | Type | Description |
---|---|---|
TaskId | Integer | Task ID. Note: This field may return null, indicating that no valid values can be obtained. |
TaskName | String | Task name. Note: This field may return null, indicating that no valid values can be obtained. |
LastTime | String | Last execution time Note: This field may return null, indicating that no valid values can be obtained. |
Allowlist or blocklist for intrusion prevention
Used by actions: DescribeBlockIgnoreList.
Name | Type | Description |
---|---|---|
Domain | String | Domain name. Note: This field may return null, indicating that no valid values can be obtained. |
Ioc | String | Rule IP. Note: This field may return null, indicating that no valid values can be obtained. |
Level | String | Threat level. Note: This field may return null, indicating that no valid values can be obtained. |
EventName | String | Source event name. Note: This field may return null, indicating that no valid values can be obtained. |
Direction | Integer | Direction. Valid values: 0: outbound; 1: inbound. Note: This field may return null, indicating that no valid values can be obtained. |
Protocol | String | Protocol. Note: This field may return null, indicating that no valid values can be obtained. |
Address | String | Address. Note: This field may return null, indicating that no valid values can be obtained. |
Action | Integer | Rule type. Valid values: 1: block; 2: allow. Note: This field may return null, indicating that no valid values can be obtained. |
StartTime | String | Time when a rule starts to take effect. Note: This field may return null, indicating that no valid values can be obtained. |
EndTime | String | Time when a rule expires. Note: This field may return null, indicating that no valid values can be obtained. |
IgnoreReason | String | Reason for ignoring. Note: This field may return null, indicating that no valid values can be obtained. |
Source | String | Security event source. Note: This field may return null, indicating that no valid values can be obtained. |
UniqueId | String | Rule ID. Note: This field may return null, indicating that no valid values can be obtained. |
MatchTimes | Integer | Number of rule matching times. Note: This field may return null, indicating that no valid values can be obtained. |
Country | String | Country. Note: This field may return null, indicating that no valid values can be obtained. |
Comment | String |
NAT firewall DNAT rules
Used by actions: SetNatFwDnatRule.
Name | Type | Required | Description |
---|---|---|---|
IpProtocol | String | Yes | Network protocol. Valid values: TCP or UDP. |
PublicIpAddress | String | Yes | Elastic IP. |
PublicPort | Integer | Yes | Public port. |
PrivateIpAddress | String | Yes | Private address. |
PrivatePort | Integer | Yes | Private port. |
Description | String | Yes | The description of NAT firewall forwarding rules. |
Common filters for search
Used by actions: DescribeNatAcRule.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Search key. |
Values | Array of String | Yes | Search values. |
OperatorType | Integer | Yes | Enum of integers that represent relations between Name and Values. enum FilterOperatorType { // Invalid FILTER_OPERATOR_TYPE_INVALID = 0; // Equal to FILTER_OPERATOR_TYPE_EQUAL = 1; // Greater than FILTER_OPERATOR_TYPE_GREATER = 2; // Less than FILTER_OPERATOR_TYPE_LESS = 3; // Greater than or equal to FILTER_OPERATOR_TYPE_GREATER_EQ = 4; // Less than or equal to FILTER_OPERATOR_TYPE_LESS_EQ = 5; // Not equal to FILTER_OPERATOR_TYPE_NO_EQ = 6; // In (contained in the array) FILTER_OPERATOR_TYPE_IN = 7; // Not in FILTER_OPERATOR_TYPE_NOT_IN = 8; // Fuzzily matched FILTER_OPERATOR_TYPE_FUZZINESS = 9; // Existing FILTER_OPERATOR_TYPE_EXIST = 10; // Not existing FILTER_OPERATOR_TYPE_NOT_EXIST = 11; // Regular FILTER_OPERATOR_TYPE_REGULAR = 12; } |
Parameters for creating an NAT access control rule
Used by actions: AddNatAcRule, ModifyNatAcRule.
Name | Type | Required | Description |
---|---|---|---|
SourceContent | String | Yes | Access source. Example: net: IP/CIDR(192.168.0.2) |
SourceType | String | Yes | Access source type. Values for inbound rules: ip , net , template , and location . Values for outbound rules: ip , net , template , instance , group , and tag . |
TargetContent | String | Yes | Access target. Example: `net: IP/CIDR(192.168.0.2); domain: domain name rule, e.g., *.qq.com |
TargetType | String | Yes | Access target type. Values for inbound rules: ip , net , template , instance , group , and tag . Values for outbound rules: ip , net , domain , template , and location . |
Protocol | String | Yes | Protocol. Values: TCP , UDP , ICMP , ANY , HTTP , HTTPS , HTTP/HTTPS , SMTP , SMTPS , SMTP/SMTPS , FTP , and DNS . |
RuleAction | String | Yes | Specify how the CFW instance deals with the traffic hit the access control rule. Values: accept (allow), drop (reject), and log (observe). |
Port | String | Yes | The port of the access control rule. Values: -1/-1 (all ports) and 80 (Port 80) |
Direction | Integer | Yes | Rule direction. Values: 1 (Inbound) and 0 (Outbound) |
OrderIndex | Integer | Yes | Rule sequence number |
Enable | String | Yes | Rule status. true (Enabled); false (Disabled) |
Uuid | Integer | No | The unique ID of the rule, which is not required when you create a rule. |
Description | String | No | Description |
Item in the access control list. Each item represents an access control rule.
Used by actions: DescribeNatAcRule.
Name | Type | Description |
---|---|---|
SourceContent | String | Access source. Note: This field may return null, indicating that no valid values can be obtained. |
TargetContent | String | Access destination. Note: This field may return null, indicating that no valid values can be obtained. |
Protocol | String | Protocol. Note: This field may return null, indicating that no valid values can be obtained. |
Port | String | Port. Note: This field may return null, indicating that no valid values can be obtained. |
RuleAction | String | Action that Cloud Firewall performs on the traffic. Valid values: accept (allow), drop (reject), and log (monitor). Note: This field may return null, indicating that no valid values can be obtained. |
Description | String | Description. Note: This field may return null, indicating that no valid values can be obtained. |
Count | Integer | Number of rule matching times. |
OrderIndex | Integer | Rule sequence number. |
SourceType | String | Access source type. Valid values for an inbound rule: ip, net, template, and location; valid values for an outbound rule: ip, net, template, instance, group, and tag. Note: This field may return null, indicating that no valid values can be obtained. |
TargetType | String | Access destination type. Valid values for an inbound rule: ip, net, template, instance, group, and tag; valid values for an outbound rule: ip, net, domain, template, and location. Note: This field may return null, indicating that no valid values can be obtained. |
Uuid | Integer | Unique ID of the rule. Note: This field may return null, indicating that no valid values can be obtained. |
Invalid | Integer | Rule validity. Note: This field may return null, indicating that no valid values can be obtained. |
IsRegion | Integer | Valid values: 0: common rules; 1: regional rules. Note: This field may return null, indicating that no valid values can be obtained. |
CountryCode | Integer | Country ID. Note: This field may return null, indicating that no valid values can be obtained. |
CityCode | Integer | City ID. Note: This field may return null, indicating that no valid values can be obtained. |
CountryName | String | Country name. Note: This field may return null, indicating that no valid values can be obtained. |
CityName | String | City name. Note: This field may return null, indicating that no valid values can be obtained. |
CloudCode | String | Cloud provider code. Note: This field may return null, indicating that no valid values can be obtained. |
IsCloud | Integer | Valid values: 0: common rules; 1: cloud provider rules. Note: This field may return null, indicating that no valid values can be obtained. |
Enable | String | Rule status. Valid values: true: enabled; false: disabled. Note: This field may return null, indicating that no valid values can be obtained. |
Direction | Integer | Rule direction. Valid values: 1: inbound; 0: outbound. Note: This field may return null, indicating that no valid values can be obtained. |
InstanceName | String | Instance name. Note: This field may return null, indicating that no valid values can be obtained. |
InternalUuid | Integer | UUID for internal use. Generally, this field is not required. Note: This field may return null, indicating that no valid values can be obtained. |
Status | Integer | Rule status. This field is valid when you query rule matching details. Valid values: 0: new; 1: deleted; 2: edited and deleted. Note: This field may return null, indicating that no valid values can be obtained. |
BetaList | Array of BetaInfoByACL | Details of associated tasks Note: This field may return null , indicating that no valid values can be obtained. |
Sets the VPC DNS toggle of the NAT firewall
Used by actions: ModifyNatFwVpcDnsSwitch.
Name | Type | Required | Description |
---|---|---|---|
VpcId | String | Yes | VPC ID |
Status | Integer | Yes | 0: off; 1: on |
Firewall IP range information
Used by actions: CreateNatFwInstance, CreateNatFwInstanceWithDomain, ModifyNatFwReSelect.
Name | Type | Required | Description |
---|---|---|---|
FwCidrType | String | Yes | The IP range type of the firewall. Values: VpcSelf (VPC IP range preferred); Assis (Secondary IP range preferred); Custom (Custom IP range) |
FwCidrLst | Array of FwVpcCidr | No | The IP segment assigned for each VPC. |
ComFwCidr | String | No | The IP segment used by other firewalls. Specify this if you want to assign a dedicated segment for the firewall. |
Firewall IP range of the VPC
Used by actions: CreateNatFwInstance, CreateNatFwInstanceWithDomain, ModifyNatFwReSelect.
Name | Type | Required | Description |
---|---|---|---|
VpcId | String | Yes | VPC ID |
FwCidr | String | Yes | IP range of the firewall. The mask must be at least /24. |
IP protection status
Used by actions: DescribeIPStatusList.
Name | Type | Description |
---|---|---|
IP | String | IP address |
Status | Integer | Protection status. 1: enabled; -1: incorrect address; others: disabled |
// InstanceInfo instance details result
type InstanceInfo struct {
AppID string json:"AppId" gorm:"column:appid"
Region string json:"Region" gorm:"column:region"
VPCID string json:"VpcId" gorm:"column:vpc_id"
SubNetID string json:"SubnetId" gorm:"column:subnet_id"
InstanceID string json:"InstanceId" gorm:"column:instance_id"
InstanceName string json:"InstanceName" gorm:"column:instance_name"
//InsType common.CVM 3 is CVM instance, 4 is CLB instance, 5 is ENI instance, 6 is MySQL, 7 is Redis, 8 is NAT, 9 is VPN, 10 is ES, 11 is MariaDB, and 12 is Kafka
InsType int json:"InsType" gorm:"column:instance_type"
PublicIP string json:"PublicIp" gorm:"column:public_ip"
PrivateIP string json:"PrivateIp" gorm:"column:ip"
// It is not required for rule publishing and is used for frontend display
PortNum string `json:"PortNum" gorm:"column:port_num"`
LeakNum string `json:"LeakNum" gorm:"column:leak_num"`
ResourceGroupNum int `json:"ResourceGroupNum"`
VPCName string `json:"VPCName" gorm:"column:VPCName"`
}
Used by actions: DescribeSourceAsset.
Name | Type | Description |
---|---|---|
AppId | String | App ID |
Region | String | Region |
VpcId | String | VPC ID |
VPCName | String | VPC name |
SubnetId | String | Subnet ID |
InstanceId | String | Asset ID |
InstanceName | String | Asset name |
InsType | Integer | Asset type 3: CVM instance; 4: CLB instance; 5: ENI instance; 6: MySQL; 7: Redis; 8: NAT; 9: VPN; 10: ES; 11: MariaDB; 12: Kafka; 13: NATFW |
PublicIp | String | Public IP |
PrivateIp | String | Private IP |
PortNum | String | Number of ports |
LeakNum | String | Number of vulnerabilities |
InsSource | String | 1: public network; 2: private network |
ResourcePath | Array of String | [a,b] Note: This field may return null , indicating that no valid value was found. |
Blocklist, allowlist, IOC list
Used by actions: ModifyBlockIgnoreList.
Name | Type | Required | Description |
---|---|---|---|
IP | String | Yes | IP address to be handled. Either IP or Domain is required. |
Direction | Integer | Yes | 0 or 1. 0: outbound; 1: inbound |
Domain | String | No | Domain name to be handled. Either IP or Domain is required. |
Statistical line graph general structure
Used by actions: DescribeBlockByIpTimesList.
Name | Type | Description |
---|---|---|
Num | Integer | Value |
StatTime | String | Time shown on the x-axis of the line graph |
The filter list displayed by the NAT firewall instance
Used by actions: DescribeNatFwInstancesInfo.
Name | Type | Required | Description |
---|---|---|---|
FilterType | String | Yes | Filter type, e.g., instance ID |
FilterContent | String | Yes | Filtered content, separated with "," |
NAT instance type
Used by actions: DescribeNatFwInstance, DescribeNatFwInstanceWithRegion.
Name | Type | Description |
---|---|---|
NatinsId | String | NAT instance ID |
NatinsName | String | NAT instance name |
Region | String | Instance region Note: This field may return null , indicating that no valid value was found. |
FwMode | Integer | 0: create new; 1: use existing Note: This field may return null , indicating that no valid value was found. |
Status | Integer | 0: normal; 1: creating Note: This field may return null , indicating that no valid value was found. |
NatIp | String | NAT public IP Note: This field may return null , indicating that no valid value was found. |
NAT instance card details
Used by actions: DescribeNatFwInstancesInfo.
Name | Type | Description |
---|---|---|
NatinsId | String | NAT instance ID |
NatinsName | String | NAT instance name |
Region | String | Instance region |
FwMode | Integer | 0: create new; 1: use existing |
BandWidth | Integer | Instance bandwidth (Mbps) |
InFlowMax | Integer | Inbound traffic peak bandwidth (bps) |
OutFlowMax | Integer | Outbound traffic peak bandwidth (bps) |
RegionZh | String | Chinese region information |
EipAddress | Array of String | Public IP array Note: This field may return null , indicating that no valid value was found. |
VpcIp | Array of String | Array of internal and external IPs Note: This field may return null , indicating that no valid value was found. |
Subnets | Array of String | Array of subnets associated with an instance Note: This field may return null , indicating that no valid value was found. |
Status | Integer | 0: normal 1: initializing Note: This field may return null , indicating that no valid value was found. |
RegionDetail | String | Region information Note: This field may return null, indicating that no valid values can be obtained. |
ZoneZh | String | Availability zone of the instance Note: This field may return null, indicating that no valid values can be obtained. |
ZoneZhBak | String | Availability zone of the instance Note: This field may return null, indicating that no valid values can be obtained. |
RuleUsed | Integer | Number of used rules. Note: This field may return null, indicating that no valid values can be obtained. |
RuleMax | Integer | The maximum number of rules allowed in the instance. Note: This field may return null, indicating that no valid values can be obtained. |
Parameters passed for the Create New mode
Used by actions: CreateNatFwInstance, CreateNatFwInstanceWithDomain.
Name | Type | Required | Description |
---|---|---|---|
VpcList | Array of String | Yes | VPC list for the Create New mode |
Eips | Array of String | No | The list of egress public EIPs bound for the Create New mode. Either Eips or AddCount is required. |
AddCount | Integer | No | The number of egress public EIPs newly bound for the Create New mode. Either Eips or AddCount is required. |
Changes of the rule sequence number.
Used by actions: ModifyNatSequenceRules.
Name | Type | Required | Description |
---|---|---|---|
OrderIndex | Integer | Yes | Original sequence number |
NewOrderIndex | Integer | Yes | New sequence number |
Rule input object
Used by actions: CreateAcRules, ModifyAcRule.
Name | Type | Required | Description |
---|---|---|---|
OrderIndex | Integer | Yes | Priority |
SourceIp | String | Yes | Access source |
TargetIp | String | Yes | Access destination |
Protocol | String | Yes | Protocol |
Strategy | String | Yes | Policy. 0: observe; 1: block; 2: allow |
SourceType | Integer | Yes | Access source type. 1: IP; 3: domain name; 4: IP address template; 5: domain name address template |
Direction | Integer | Yes | Direction. 0: outbound; 1: inbound |
Detail | String | Yes | Description |
TargetType | Integer | Yes | Access destination type. 1: IP, 3: domain name; 4: IP address template; 5: domain name address template |
Port | String | No | Port |
Id | Integer | No | ID value |
LogId | String | No | Log ID, required when an alert log is created |
City | Integer | No | City code |
Country | Integer | No | Country code |
CloudCode | String | No | Cloud vendor. Multiple vendors are supported and separated with commas. 1: Tencent Cloud (only in Hong Kong, China and overseas); 2: Alibaba Cloud; 3: Amazon Cloud; 4: Huawei Cloud; 5: Microsoft Cloud |
IsRegion | Integer | No | Indicates whether it is a region |
CityName | String | No | City name |
CountryName | String | No | Country name |
Getting started on scanning information
Used by actions: DescribeGuideScanInfo.
Name | Type | Description |
---|---|---|
ScanResultInfo | ScanResultInfo | Scanning result information |
ScanStatus | Integer | Scanning status. 0: scanning; 1: completed; 2: auto scanning unselected |
ScanPercent | Float | Progress |
ScanTime | String | Estimated completion time |
Getting started on scanning result information PortNum int
LeakNum int
IPNum int
IPStatus bool
IdpStatus bool
BanStatus bool
Used by actions: DescribeGuideScanInfo.
Name | Type | Description |
---|---|---|
LeakNum | Integer | Number of vulnerability exploits |
IPNum | Integer | Number of protected IPs |
PortNum | Integer | Number of exposed ports |
IPStatus | Boolean | Protection status |
IdpStatus | Boolean | Attack blocking status |
BanStatus | Boolean | Port blocking status |
Two-way enterprise security group rules
Used by actions: CreateSecurityGroupRules, DescribeSecurityGroupList.
Name | Type | Required | Description |
---|---|---|---|
OrderIndex | Integer | Yes | Priority Note: This field may return null , indicating that no valid value was found. |
SourceId | String | Yes | Access source Note: This field may return null , indicating that no valid value was found. |
SourceType | Integer | Yes | Access source type. Default: 0. 0: IP; 1: VPC; 2: SUBNET; 3: CVM; 4: CLB; 5: ENI; 6: CDB; 7: Parameter template. 100: asset group Note: This field may return null , indicating that no valid value was found. |
TargetId | String | Yes | Access destination Note: This field may return null , indicating that no valid value was found. |
TargetType | Integer | Yes | Access destination type. Default: 0. 0: IP; 1: VPC; 2: SUBNET; 3: CVM; 4: CLB; 5: ENI; 6: CDB; 7: Parameter template. 100: asset group Note: This field may return null , indicating that no valid value was found. |
Protocol | String | Yes | Protocol Note: This field may return null , indicating that no valid value was found. |
Port | String | Yes | Destination port Note: This field may return null , indicating that no valid value was found. |
Strategy | Integer | Yes | Policy. 1: block; 2: allow Note: This field may return null , indicating that no valid value was found. |
Direction | Integer | Yes | Direction. 0: outbound; 1: inbound. 1 by default Note: This field may return null , indicating that no valid value was found. |
Region | String | Yes | Region |
Detail | String | No | Description Note: This field may return null , indicating that no valid value was found. |
Status | Integer | No | Toggle status. 0: off; 1: on Note: This field may return null , indicating that no valid value was found. |
IsNew | Integer | No | Indicates whether the rule is normal. 0: normal; 1: abnormal Note: This field may return null , indicating that no valid value was found. |
BothWay | Integer | No | One-way/two-way. 0: one-way; 1: two-way Note: This field may return null , indicating that no valid value was found. |
VpcId | String | No | VPC ID Note: This field may return null , indicating that no valid value was found. |
SubnetId | String | No | Subnet ID Note: This field may return null , indicating that no valid value was found. |
InstanceName | String | No | Instance name Note: This field may return null , indicating that no valid value was found. |
PublicIp | String | No | Public IP. Multiple IPs are separated by commas. Note: This field may return null , indicating that no valid value was found. |
PrivateIp | String | No | Private IP. Multiple IPs are separated by commas. Note: This field may return null , indicating that no valid value was found. |
Cidr | String | No | Masked address. Multiple addresses are separated by commas. Note: This field may return null , indicating that no valid value was found. |
ServiceTemplateId | String | No | Port protocol template ID Note: This field may return null , indicating that no valid value was found. |
ProtocolPortType | Integer | No | Indicates whether to use the port protocol template. 0: no; 1: yes |
Security group list data
Used by actions: CreateSecurityGroupRules, DescribeSecurityGroupList.
Name | Type | Required | Description |
---|---|---|---|
OrderIndex | Integer | Yes | Priority |
SourceId | String | Yes | Access source |
SourceType | Integer | Yes | Access source type. Default: 0. 1: VPC; 2: SUBNET; 3: CVM; 4: CLB; 5: ENI; 6: CDB; 7: Parameter template. 100: Resource group |
TargetId | String | Yes | Access destination |
TargetType | Integer | Yes | Access destination type. Default: 0. 1: VPC; 2: SUBNET; 3: CVM; 4: CLB; 5: ENI; 6: CDB; 7: Parameter template; 100: resource group |
Protocol | String | Yes | Protocol |
Port | String | Yes | Destination port |
Strategy | Integer | Yes | Policy. 1: block; 2: allow |
Detail | String | Yes | Description |
BothWay | Integer | Yes | One-way/two-way. 0: one-way; 1: two-way |
Id | Integer | No | Rule ID |
Status | Integer | No | Toggle status. 0: off; 1: on |
IsNew | Integer | No | Indicates whether the rule is normal. 0: normal; 1: abnormal |
VpcId | String | No | VPC ID Note: This field may return null , indicating that no valid value was found. |
SubnetId | String | No | Subnet ID Note: This field may return null , indicating that no valid value was found. |
InstanceName | String | No | Instance name Note: This field may return null , indicating that no valid value was found. |
PublicIp | String | No | Public IP. Multiple IPs are separated by commas. Note: This field may return null , indicating that no valid value was found. |
PrivateIp | String | No | Private IP. Multiple IPs are separated by commas. Note: This field may return null , indicating that no valid value was found. |
Cidr | String | No | Masked address. Multiple addresses are separated by commas. Note: This field may return null , indicating that no valid value was found. |
ServiceTemplateId | String | No | Port protocol template ID Note: This field may return null , indicating that no valid value was found. |
BothWayInfo | Array of SecurityGroupBothWayInfo | No | Two-way rules Note: This field may return null , indicating that no valid value was found. |
Direction | Integer | No | Direction. 0: outbound; 1: inbound. 1 by default |
ProtocolPortType | Integer | No | Indicates whether to use the port protocol template. 0: no; 1: yes |
Change priority of enterprise security group rules
Used by actions: ModifySecurityGroupSequenceRules.
Name | Type | Required | Description |
---|---|---|---|
OrderIndex | Integer | Yes | Current priority of enterprise security group rules |
NewOrderIndex | Integer | Yes | New priority of enterprise security group rules |
Security group rules
Used by actions: AddEnterpriseSecurityGroupRules, DescribeEnterpriseSecurityGroupRule, ModifyEnterpriseSecurityGroupRule.
Name | Type | Required | Description |
---|---|---|---|
SourceContent | String | Yes | Source example: net: IP/CIDR (192.168.0.2) template: parameter template (ipm-dyodhpby) instance: asset instance (ins-123456) resourcegroup: asset group (/all groups/group 1/subgroup 1) tag: resource tag ({"Key":"tag key","Value":"tag value"}) region: region (ap-gaungzhou) |
SourceType | String | Yes | Access source type. Valid values: net|template|instance|resourcegroup|tag|region |
DestContent | String | Yes | Destination example: net: IP/CIDR (192.168.0.2) template: parameter template (ipm-dyodhpby) instance: asset instance (ins-123456) resourcegroup: asset group (/all groups/group 1/subgroup 1) tag: resource tag ({"Key":"tag key","Value":"tag value"}) region: region (ap-gaungzhou) |
DestType | String | Yes | Access destination type. Valid values: net|template|instance|resourcegroup|tag|region |
RuleAction | String | Yes | The action that Cloud Firewall performs on the traffic. Valid values: accept: allow drop: deny |
Description | String | Yes | Description |
OrderIndex | String | Yes | Rule priority. -1: lowest; 1: highest |
Protocol | String | No | Protocol. TCP/UDP/ICMP/ANY Note: This field may return null , indicating that no valid value was found. |
Port | String | No | The port to apply access control rules. Valid values: -1/-1: all ports 80: port 80 Note: This field may return null , indicating that no valid value was found. |
ServiceTemplateId | String | No | Parameter template ID of port and protocol type; mutually exclusive with Protocol and Port Note: This field may return null , indicating that no valid value was found. |
Id | String | No | The unique ID of the rule |
Enable | String | No | Rule status. true: enabled; false: disabled |
Priority
Used by actions: ModifySequenceRules.
Name | Type | Required | Description |
---|---|---|---|
Id | Integer | Yes | Rule ID |
OrderIndex | Integer | Yes | Rule priority before change |
NewOrderIndex | Integer | Yes | Rule priority after change |
Most frequent attacker statistics
Used by actions: DescribeBlockStaticList, DescribeTLogIpList.
Name | Type | Description |
---|---|---|
Num | Integer | Number |
Port | String | Port |
Ip | String | IP |
Address | String | Address |
InsID | String | Asset ID |
InsName | String | Asset name |
Firewall status list
Used by actions: DescribeSwitchLists.
Name | Type | Description |
---|---|---|
PublicIp | String | Public IP Note: This field may return null , indicating that no valid value was found. |
IntranetIp | String | Private IP Note: This field may return null , indicating that no valid value was found. |
InstanceName | String | Instance name Note: This field may return null , indicating that no valid value was found. |
InstanceId | String | Instance ID Note: This field may return null , indicating that no valid value was found. |
AssetType | String | Asset type |
Area | String | Region Note: This field may return null , indicating that no valid value was found. |
Switch | Integer | Firewall toggle |
Id | Integer | ID value |
PublicIpType | Integer | Public IP type Note: This field may return null , indicating that no valid value was found. |
PortTimes | Integer | Number of risky ports Note: This field may return null , indicating that no valid value was found. |
LastTime | String | Last scan time Note: This field may return null , indicating that no valid value was found. |
ScanMode | String | Scan mode Note: This field may return null , indicating that no valid value was found. |
ScanStatus | Integer | Scan status Note: This field may return null , indicating that no valid value was found. |
Alert monitoring data
Used by actions: DescribeTLogInfo.
Name | Type | Description |
---|---|---|
OutNum | Integer | Compromised servers |
HandleNum | Integer | Unhandled alerts |
VulNum | Integer | Vulnerability attacks |
NetworkNum | Integer | Detected networks |
BanNum | Integer | Blocklist |
BruteForceNum | Integer | Brute force attacks |
Unhandled event details
Used by actions: DescribeUnHandleEventTabList.
Name | Type | Description |
---|---|---|
EventTableListStruct | Array of UnHandleEventDetail | Unhandled event type |
BaseLineUser | Integer | 1: yes; 0: no |
BaseLineInSwitch | Integer | 1: on; 0: off |
BaseLineOutSwitch | Integer | 1: on; 0: off |
VpcFwCount | Integer | Number of inter-VPC firewall instances Note: This field may return null , indicating that no valid value was found. |
Unhandled event statistics
Used by actions: DescribeUnHandleEventTabList.
Name | Type | Description |
---|---|---|
EventName | String | Security event name |
Total | Integer | Number of unhandled events |
VPC DNS status of NAT firewall
Used by actions: DescribeNatFwVpcDnsLst.
Name | Type | Description |
---|---|---|
VpcId | String | VPC ID |
VpcName | String | VPC name |
FwMode | Integer | NAT firewall mode. 0: Create new; 1: Use existing |
VpcIpv4Cidr | String | VPC IPv4 CIDR block (Classless Inter-Domain Routing) |
DNSEip | String | Public EIP, which is the firewall DNS resolution address |
NatInsId | String | NAT gateway ID Note: This field may return null , indicating that no valid value was found. |
NatInsName | String | NAT gateway name Note: This field may return null , indicating that no valid value was found. |
SwitchStatus | Integer | 0: off; 1: on |
本页内容是否解决了您的问题?