Obtain Firewall Information - DescribeFirewall

Overview

Obtain Firewall Group Information

💡 Use Case One: Obtain information about a specific firewall. Use Case Two: Obtain information about the firewall bound to a specific resource. Use Case Three: Obtain information about all firewalls under a project.

Definition

Public Parameters

Parameter Name	Type	Description Information	Required
Action	string	Corresponding API command name, the current API is `DescribeFirewall`.	Yes
PublicKey	string	The user’s public key can be obtained from Console	Yes
Signature	string	User signature generated based on public key and API command, see Signature Algorithm	Yes

Request Parameters

Parameter Name	Type	Description Information	Required
Region	string	Region	Yes
ProjectId	string	Project ID. If not filled in, the default project is used, sub-accounts must be filled in.	No
FWId	string	Firewall ID, default is to return all firewalls	No
ResourceType	string	Resource type bound to the firewall, only needed when retrieving firewall information corresponding to the resource. Enumeration values are: “unatgw”, NAT Gateway; “uhost”, UHost; “upm”, Physical Cloud Host; “hadoophost”, Hadoop Node; “fortresshost”, Bastion Host; “udhost”, UDSet Host; “udockhost”, Container; “dbaudit”, Database Audit; “uni”, Virtual Network Interface; “cube”, Cube Container Instance; “ulb”, ULB Instance.	No
ResourceId	string	Resource ID of the bound firewall group.	No
Limit	int	Return data length, default is 20, maximum is 10000000	No
Offset	int	List start position offset, default is 0	No

Response Field

Field Name	Type	Description Information	Required
RetCode	int	Return status code. If it is 0, it means successful return. If it is not 0, it means failure.	Yes
Action	string	Operation command name.	Yes
Message	string	Returns an error message, providing detailed description when `RetCode` is non-zero.	No
DataSet	array[FirewallDataSet]	Obtained detailed information of the firewall group, see FirewallDataSet	No
TotalCount	int	Number of Firewall Resources	No

Data Model

FirewallDataSet

Field Name	Type	Description Information	Required
FWId	string	Firewall ID	Yes
GroupId	string	Security Group ID (To be deprecated soon)	Yes
Name	string	Firewall Name	No
Tag	string	Firewall Business Group	No
Remark	string	Firewall Remarks	No
ResourceCount	int	Number of Resources Bound to Firewall	No
CreateTime	int	Firewall group creation time, in Unix Timestamp format	No
Type	string	Firewall group type, enumeration values are: “user defined”, user-defined firewall; “recommend web”, default Web firewall; “recommend non web”, default non-Web firewall.	No
Rule	array[FirewallRuleSet]	The list of rules in the firewall group, see FirewallRuleSet.	No

FirewallRuleSet

Field Name	Type	Description Information	Required
SrcIP	string	Source Address	No
Priority	string	Priority	No
ProtocolType	string	Protocol Type	No
DstPort	string	Target Port	No
RuleAction	string	Firewall Action	No
Remark	string	Firewall Rule Remarks	No

Example

Request Example


https://api.surfercloud.com/?Action=DescribeFirewall
&Region=cn-xxx

Response Example


{
  "Action": "DescribeFirewallResponse",
  "DataSet": [
    {
      "CreateTime": 1508472648,
      "FWId": "firewall-XXXX",
      "GroupId": "25575",
      "Name": "non web service recommendation:tcp 22,3389",
      "Remark": "open tcp port:22,3389 and icmp",
      "ResourceCount": 0,
      "Rule": [
        {
          "DstPort": "22",
          "Priority": "HIGH",
          "ProtocolType": "TCP",
          "RuleAction": "ACCEPT",
          "SrcIP": "0.0.0.0/0"
        },
        {
          "DstPort": "3389",
          "Priority": "HIGH",
          "ProtocolType": "TCP",
          "RuleAction": "ACCEPT",
          "SrcIP": "0.0.0.0/0"
        },
        {
          "DstPort": "",
          "Priority": "HIGH",
          "ProtocolType": "ICMP",
          "RuleAction": "ACCEPT",
          "SrcIP": "0.0.0.0/0"
        }
      ],
      "Tag": "Default",
      "Type": "recommend non web"
    }
  ],
  "RetCode": 0,
  "TotalCount": 4
}