Edit an existing trusted traffic request using trusted traffic ID (Parameter: trusted_traffic_id).
To get the trusted_traffic_id value, use GET /trustedTraffic/firewalls/{firewallName} method
Warning: If other devices in the group do not have the relevant host group, editing trusted traffic to the group level can cause mismatches to the resulted trusted traffic
Resource Name:
Request Method: PUT
Request Parameters:|
Element |
Type |
Description |
|---|---|---|
| destination Mandatory |
String |
Destination can be host group, IP or range |
| service
Mandatory |
boolean |
Create new object if not exist.
|
| source
Mandatory |
String |
Source can be host group, IP or range |
| trusted_traffic_request
Mandatory |
List of Import trusted traffic request object |
See Import trusted traffic request Type . |
| trustedTrafficId Mandatory | integer | To get the trusted_traffic_id value, use GET /trustedTraffic/firewalls/{firewallName} method |
service_name Type
The following table describes the elements in the service_name type object:
|
Element |
Type |
Description |
|---|---|---|
|
service_name Mandatory |
string |
Service name. |
service_details Type
The following table describes the elements in the service details type object:
|
Element |
Type |
Description |
|---|---|---|
| dest_port_high
|
string |
Destination port (highest value) for TCP/UDP |
| dest_port_low | string | Destination port (lowest value) for TCP/UDP |
| icmp_code | string | ICMP code standard |
| icmp_type | string | ICMP type standard |
| protocol | string | Protocol: TCP, UDP, ICMP |
| src_port_high | string | Source port (highest value) for TCP/UDP |
| src_port_low | string | Source port (lowest value) for TCP/UDP |
Import trusted traffic request Type
The following table describes the elements in the Import trusted traffic request type object:
|
Element |
Type |
Description |
|---|---|---|
| comment
Optional |
string |
Comment |
| expiration_date Optional |
integer | Milliseconds from 1.1.1970. See: https://currentmillis.com - UNIX time. Expiration date must be in the future |
| tree_name Mandatory |
string | The firewall name. Do not use group or ALL_FIREWALLS here. Use the device-setup-controller API GET /devices method to return the firewall name. |
| trust_Traffic_Level_To_apply Mandatory |
string | Trusted traffic level: ALL_FIREWALLS or the tree name of the firewall/group |
|
trust_future_host_groups_changes Optional |
boolean |
Trust future host group changes
|
Response:
|
Code |
Description |
|---|---|
| 200 |
Operation completed successfully |
|
400 |
Validation error |
|
401 |
Unauthorized |
Request cURL examples
Edit-curl -X PUT "https:// 10.20.15.182/afa/api/v1/trustedTraffic/10959" -H "accept: */*" -H "Content-Type: application/json" -d "{ \"destination\": \"Any\", \"service\": { \"create_new_object_if_not_exist\": false, \"service_name\": \"icmp\" }, \"source\": \"Any\", \"trusted_traffic_request\": { \"comment\":\"trusted traffic is added\", \"tree_name\": \"10_20_244_3_prod1\", \"trust_Traffic_Level_To_apply\": \"10.20.244.3_prod1\", \"trust_future_host_groups_changes\": false }}"
Request examples
{
"destination": "Any",
"service": {
"create_new_object_if_not_exist": true,
"service_details": {
"dest_port_low": "242",
"dest_port_high": "34",
"src_port_high": "24",
"src_port_low": "20"
},
"service_name": "stoptogo"
},
"source": "Any",
"trusted_traffic_request": {
"tree_name": "Nachos",
"trust_Traffic_Level_To_apply": "Nachos",
"trust_future_host_groups_changes": true
}
}
Related topics
Yes 
No 
