FirewallRuleType

Type:
FirewallRuleType
Namespace:
http://www.vmware.com/vcloud/v1.5
Description:
Represents a firewall rule.
Since:
0.9
Schema:
network.xsd
Media type(s):
None
Extends:
VCloudExtensibleType
XML Representation:
<FirewallRuleType xmlns="http://www.vmware.com/vcloud/v1.5">
    <Id> xs:string </Id>
    <IsEnabled> xs:boolean </IsEnabled>
    <MatchOnTranslate> xs:boolean </MatchOnTranslate>
    <Description> xs:string </Description>
    <Policy> xs:string </Policy>
    <Protocols>
        <Icmp> xs:boolean </Icmp>
        <Any> xs:boolean </Any>
        <Other> xs:string </Other>
    </Protocols>
    <IcmpSubType> xs:string </IcmpSubType>
    <Port> xs:int </Port>
    <DestinationPortRange> xs:string </DestinationPortRange>
    <DestinationIp> FirewallIpAddressType </DestinationIp>
    <DestinationVm>
        <VAppScopedVmId> xs:string </VAppScopedVmId>
        <VmNicId> xs:int </VmNicId>
        <IpType> xs:string </IpType>
    </DestinationVm>
    <SourcePort> xs:int </SourcePort>
    <SourcePortRange> xs:string </SourcePortRange>
    <SourceIp> FirewallIpAddressType </SourceIp>
    <SourceVm>
        <VAppScopedVmId> xs:string </VAppScopedVmId>
        <VmNicId> xs:int </VmNicId>
        <IpType> xs:string </IpType>
    </SourceVm>
    <Direction> xs:string </Direction>
    <EnableLogging> xs:boolean </EnableLogging>
</FirewallRuleType>

Elements

Element Type Required Modifiable Since Deprecated Description
Description string No always 0.9 A description of the rule.
DestinationIp FirewallIpAddressType No always 1.0 Destination IP address to which the rule applies. A value of Any matches any IP address.
DestinationPortRange string No always 5.1 Destination port range to which this rule applies.
DestinationVm VmSelectionType No always 5.1 Details of the destination VM
Direction string No always 1.5 5.1 Direction of traffic to which rule applies. One of: in (rule applies to incoming traffic. This is the default value), out (rule applies to outgoing traffic).
EnableLogging boolean No always 1.5 Used to enable or disable firewall rule logging. Default value is false.
IcmpSubType string No always 5.1 ICMP subtype. One of: address-mask-request, address-mask-reply, destination-unreachable, echo-request, echo-reply, parameter-problem, redirect, router-advertisement, router-solicitation, source-quench, time-exceeded, timestamp-request, timestamp-reply, any.
Id string No always 5.1 Firewall rule identifier.
IsEnabled boolean No always 0.9 Used to enable or disable the firewall rule. Default value is true.
MatchOnTranslate boolean No always 5.1 5.1 For DNATed traffic, match the firewall rules only after the destination IP is translated.
Policy string No always 0.9 One of: drop (drop packets that match the rule), allow (allow packets that match the rule to pass through the firewall)
Port int No always 0.9 5.1 The port to which this rule applies. A value of -1 matches any port.
Protocols FirewallRuleType/Protocols No always 0.9 Specify the protocols to which the rule should be applied.
SourceIp FirewallIpAddressType No always 1.5 Source IP address to which the rule applies. A value of Any matches any IP address.
SourcePort int No always 1.5 5.1 Destination port to which this rule applies. A value of -1 matches any port.
SourcePortRange string No always 5.1 Source port range to which this rule applies.
SourceVm VmSelectionType No always 5.1 Details of the source Vm
VCloudExtension VCloudExtensionType No always 0.9 An optional extension element that can contain an arbitrary number of elements and attributes. Not related to extension services.