postFirewallsFirewallGroupIdRules
Create Firewall Rules
Details
- Method:
POST - Path:
/firewalls/{firewall-group-id}/rules - Operation ID:
post-firewalls-firewall-group-id-rules
Parameters
{
"ip_type": {
"description": "The type of IP rule.\n\n* v4\n* v6",
"required": true,
"location": "body",
"type": "string"
},
"protocol": {
"description": "The protocol for this rule.\n\n* ICMP\n* TCP\n* UDP\n* GRE\n* ESP\n* AH\n",
"required": true,
"location": "body",
"type": "string"
},
"subnet": {
"description": "IP address representing a subnet. The IP address format must match with the \"ip_type\" parameter value.",
"required": true,
"location": "body",
"type": "string"
},
"subnet_size": {
"description": "The number of bits for the netmask in CIDR notation. Example: 32",
"required": true,
"location": "body",
"type": "integer"
},
"port": {
"description": "TCP/UDP only. This field can be a specific port or a colon separated port range.",
"required": false,
"location": "body",
"type": "string"
},
"source": {
"description": "If the source string is given a value of \"cloudflare\" subnet and subnet_size will both be ignored.\nPossible values:\n\n| | Value | Description |\n| - | ------ | ------------- |\n| | \"\" | Use the value from `subnet` and `subnet_size`. |\n| | cloudflare | Allow all of Cloudflare's IP space through the firewall |\n| | [Load Balancer id](#operation/list-load-balancers) | Provide a load balancer ID to use its IPs |\n",
"required": false,
"location": "body",
"type": "string"
},
"notes": {
"description": "User-supplied notes for this rule.",
"required": false,
"location": "body",
"type": "string"
}
}Response Schema
{
"type": "object",
"properties": {
"firewall_rule": {
"title": "firewall-rule",
"type": "object",
"x-tags": [
"firewall"
],
"description": "Firewall rule information.",
"x-examples": {
"firewall rule": {
"id": 1,
"type": "v4",
"ip_type": "v4",
"action": "accept",
"protocol": "tcp",
"port": "80",
"subnet": "192.0.2.123",
"subnet_size": 24,
"source": "",
"notes": "Example Firewall Rule"
}
},
"properties": {
"id": {
"type": "integer",
"description": "A unique ID for the Firewall Rule."
},
"type": {
"type": "string",
"description": "This field is deprecated. Use `ip_type` instead.\n\nThe type of IP rule.\n\n* v4\n* v6",
"deprecated": true
},
"ip_type": {
"type": "string",
"description": "The type of IP rule.\n\n* v4\n* v6"
},
"action": {
"type": "string",
"description": "Action to take when this rule is met.\n\n* accept"
},
"protocol": {
"type": "string",
"description": "The protocol for this rule.\n\n* ICMP\n* TCP\n* UDP\n* GRE\n"
},
"port": {
"type": "string",
"description": "Port or port range for this rule."
},
"subnet": {
"type": "string",
"description": "IP address representing a subnet. The IP address format must match with the \"ip_type\" parameter value."
},
"subnet_size": {
"type": "integer",
"description": "The number of bits for the netmask in CIDR notation. Example: 24"
},
"source": {
"type": "string",
"description": "If the source string is given a value of \"cloudflare\" subnet and subnet_size will both be ignored.\nPossible values:\n\n| | Value | Description |\n| - | ------ | ------------- |\n| | \"\" | Use the value from `subnet` and `subnet_size`. |\n| | cloudflare | Allow all of Cloudflare's IP space through the firewall |"
},
"notes": {
"type": "string",
"description": "User-supplied notes for this rule."
}
}
}
}
}Usage
from ocp_agent import OCPAgent
agent = OCPAgent()
await agent.register_api('vultr')
# Call this tool
result = await agent.call_tool('postFirewallsFirewallGroupIdRules', {
# Add required parameters here
})