InlineFirewallSection1

InlineFirewallSection1
InlineFirewallSection1
JSON Example
{
    "autoplumbed": false,
    "category": "string",
    "comments": "string",
    "enforced_on": "string",
    "firewall_schedule": {
        "is_valid": false,
        "target_display_name": "string",
        "target_id": "string",
        "target_type": "string"
    },
    "lock_modified_by": "string",
    "lock_modified_time": 0,
    "locked": false,
    "priority": 0,
    "tcp_strict": false
}
boolean
autoplumbed
Optional

This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.

string
category
Optional

Category from policy framework.

string
comments
Optional

Comments for section lock/unlock.

string
enforced_on
Optional

This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.

ResourceReference
firewall_schedule
Optional

A weak reference to an NSX resource.

string
lock_modified_by
Optional

ID of the user who last modified the lock for the section.

integer As int64 As int64
lock_modified_time
Optional

Section locked/unlocked time in epoch milliseconds.

boolean
locked
Optional

Section is locked/unlocked.

integer As int64 As int64
priority
Optional

Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.

boolean
tcp_strict
Optional

If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.

Used By