Skip to main content

Add Firewall Rule to Firewall

POST https://infrahub-api.nexgencloud.com/v1/core/firewalls/{firewall_id}/firewall-rules

Creates a firewall rule and adds it to an existing firewall. Include the firewall ID in the path, and provide the firewall rule configuration in the request body, as detailed below.


Path parameters

id integer  Required

The ID of the firewall to which a firewall rule is being added.


Request body parameters

direction string  Required

The direction of traffic that the firewall rule applies to.
Possible values: one of ingress (incoming traffic) or egress (outgoing traffic).

protocol string  Required

The network protocol associated with the rule.
Possible values: Any one of the protocol values retrieved by calling the GET /core/sg-rules-protocols endpoint.

ethertype string  Required

The Ethernet type associated with the rule.
Possible values: one of IPv4 or IPv6.

remote_ip_prefix string  Required

The IP address range that is allowed to access the specified port.
Use 0.0.0.0/0 to permit traffic to/from any IP address.

port_range_min integer  optional

The minimum port number in the range of ports to be allowed by the firewall rule. Values 1-65535 are accepted.

port_range_max integer  optional

The maximum port number in the range of ports to be allowed by the firewall rule. Values 1-65535 are accepted.


Attributes

status boolean

Indicates the result of the request to add a firewall rule to an existing firewall. true signifies success, while false indicates an error.

message string

A description of the status of the request.

security_rule object

Provides the firewall rule configuration that was sent in the request, along with additional information such as the time of rule creation, rule ID, and the status of the firewall rule that was created.

Example request
curl -X POST "https://infrahub-api.nexgencloud.com/v1/core/firewalls/{firewall_id}/firewall-rules" \
  -H "accept: application/json"\
  -H "api_key: YOUR API KEY"\
  -H "content-type: application/json" \
  -d '{
    "direction": "string",
    "protocol": "string",
    "ethertype": "string",
    "remote_ip_prefix": "string"
    "port_range_min": 0,
    "port_range_max": 0,
  }'
Response
{
  "status": true,
  "message": "string",
  "firewall_rule": {
    "id": 0,
    "direction": "string",
    "protocol": "string",
    "port_range_min": 0,
    "port_range_max": 0,
    "ethertype": "string",
    "remote_ip_prefix": "string",
    "status": "string",
    "created_at": "1970-01-01T00:00:00.000Z"
  }
}

Returns

Returns the configuration of the firewall rule that was sent in the request with additional information: time of rule creation, rule ID, and the status of the firewall rule being created. A firewall_rule_status value of SUCCESS indicates the firewall rule has been added to the firewall successfully.


Back to top