FirewallSectionFilterParameters (schema)

Parameters to filter section from list of sections

Pagination and Filtering parameters to get only a subset of sections.
Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.
string
context_profiles Limits results to sections having rules with specific Context Profiles.

The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
deep_search Toggle to search with direct or indirect references.

This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.
boolean Default: "False"
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.
string
enforced_on Limit result to sections having a specific kind of enforcement point

Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported.
AttachmentTypeQueryString
exclude_applied_to_type Limit result to sections not having a specific AppliedTo type

Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.
DSAppliedToType
extended_sources Limits results to sections having rules with specific Extended Sources.

The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.
string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
include_applied_to_type Limit result to sections having a specific AppliedTo type

Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.
DSAppliedToType
included_fields Comma separated list of fields that should be included in query result string
locked Limit results to sections which are locked/unlocked

Used to filter out locked or unlocked sections.
boolean
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
search_invalid_references Return invalid references in results.

Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).
boolean Default: "False"
search_scope Limit result to sections of a specific enforcement point

This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall.
string
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.
string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.
string
type Section Type

Section Type with values layer2 or layer3
string Enum: LAYER2, LAYER3
Default: "LAYER3"