settings¶

Configure global flags and apply/reset/restore the firewall configuration.

read¶

Input¶

The read API requires an action field. Valid actions:

settings
status

Example:

{
  "action": "settings"
}

Output¶

settings¶

Return the firewall global properties.

Output example:

{
  "settings": {
    "ExternalPing": "enabled",
    "Policy": "permissive",
    "MACValidationPolicy": "drop",
    "MACValidation": "disabled",
    "HairpinNat": "disabled"
  }
}

status¶

Return the status of the firewall. Available fields:

CanRestore: set to 1 if firewall backup is present and can be restored, 0 otherwise
CanApply: set to 1 if firewall configuration has been changed but not applied, 0 otherwise.

If CanApply is set to 1, the configuration can be reset to the running one.

Output example:

{
  "status": {
    "CanRestore": 1,
    "CanApply": 0
  }
}

validate¶

Constraints¶

The request must contain an action field. Valid actions are:

`settings'

Constraints for settings action:

MACValidation, ExternalPing and HairpinNat: can be enabled or disabled
Policy: can be permissive or strict
MACValidationPolicy: can be drop or accept

Input¶

settings¶

Example:

{
  "action": "settings",
  "ExternalPing": "enabled",
  "Policy": "permissive",
  "MACValidationPolicy": "drop",
  "MACValidation": "disabled"
}

update¶

Same input format from validate for settings action. Execute the firewall-adjust event.

reset¶

Reset the configuration to the running one. No event is fired.

Example:

{
  "action": "reset"
}

apply¶

Apply modified configuration. Execute the firewall-adjust event.

Example:

{
  "action": "apply"
}

restore¶

Restore the configuration previous to the last apply. Execute the firewall-adjust event.

Example:

{
  "action": "restore"
}

discard¶

Discard any saved backup, no more restore actions will be possible.

Example:

{
  "action": "discard"
}