hi,
1. Following is a list of REST methods
and request body format:
# get status of all firewall switches
# GET /firewall/module/status
# set enable the firewall switches
# PUT /firewall/module/enable/{switch-id}
# {switch-id} is 'all' or switchID
# set disable the firewall switches
# PUT /firewall/module/disable/{switch-id}
# {switch-id} is 'all' or switchID
# get rules of the firewall switches
# GET /firewall/rules/{switch-id}
# {switch-id} is 'all' or switchID
# set a rule to the firewall switches
# POST /firewall/rules/{switch-id}
# {switch-id} is 'all' or switchID
request body format:
{"<field1>":"<value1>", "<field2>":"<value2>",...}
<field> : <value>
"priority": "0 to 65533"
"in_port" : "<int>"
"dl_src" : "<xx:xx:xx:xx:xx:xx>"
"dl_dst" : "<xx:xx:xx:xx:xx:xx>"
"dl_type" : "<ARP or IPv4>"
"dl_vlan" : "<int>"
"nw_src" : "<A.B.C.D/M>"
"nw_dst" : "<A.B.C.D/M>"
"nw_proto": "<TCP or UDP or ICMP>"
"tp_src" : "<int>"
"tp_dst" : "<int>"
"actions" : "<ALLOW or DENY>"
Note: specifying nw_src/nw_dst
without specifying dl-type as "ARP" or "IPv4"
will automatically set dl-type as "IPv4".
Note: When "priority" has not been set up,
"0" is set to "priority".
Note: When "actions" has not been set up,
"ALLOW" is set to "actions".
# delete a rule of the firewall switches from ruleID
# DELETE /firewall/rules/{switch-id}
# {switch-id} is 'all' or switchID
request body format:
{"<field>":"<value>"}
<field> : <value>
"rule_id": "<int>"
2. Exsamples.
- blocking of connection from MAC address 12:34:56:78:9a:bc .
$ curl -X POST -d '{"dl_src": "12:34:56:78:9a:bc", "actions": "DENY"}'
http://localhost:8080/firewall/rules/0000000000000001
- blocking of connection to 10.0.5.0/24 subnet.
$ curl -X POST -d '{"dl_type": "IPv4", "nw_dst": "10.0.5.0/24", "actions":
"DENY"}' http://localhost:8080/firewall/rules/0000000000000001
- blocking of all TCP packets.
$ curl -X POST -d '{"dl_type": "IPv4", "nw_proto": "TCP", "actions": "DENY"}'
http://localhost:8080/firewall/rules/0000000000000001
Thanks.
(2013年04月01日 17:18), YAMAMOTO Takashi wrote:
> hi,
>
>> +# set a rule to the firewall switches
>> +# POST /firewall/rules/{switch-id}
>> +# {switch-id} is 'all' or switchID
>
> how the request body looks like?
> can you give me a few examples?
>
> YAMAMOTO Takashi
>
> ------------------------------------------------------------------------------
> Own the Future-Intel® Level Up Game Demo Contest 2013
> Rise to greatness in Intel's independent game demo contest.
> Compete for recognition, cash, and the chance to get your game
> on Steam. $5K grand prize plus 10 genre and skill prizes.
> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> _______________________________________________
> Ryu-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ryu-devel
>
------------------------------------------------------------------------------
Own the Future-Intel(R) Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent game demo contest. Compete
for recognition, cash, and the chance to get your game on Steam.
$5K grand prize plus 10 genre and skill prizes. Submit your demo
by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
