Add Multiple Rules in a Section

Create multiple firewall rules in existing firewall section bounded by
limit of 1000 firewall rules per section. Adding multiple firewall rules in
a section modifies parent section entity and simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
contents to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.

Request:

Method:

POST

URI Path(s):

/api/v1/firewall/sections/<section-id>/rules?action=create_multiple

Request Headers:

n/a

Query Parameters:

FirewallInsertParameters+

Name	Description	Type	Notes
id	Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.	string	Maximum length: 64
operation	Operation	string	Enum: insert_top, insert_bottom, insert_after, insert_before Default: "insert_top"

Request Body:

FirewallRuleList+

Name	Description	Type	Notes
rules	List of the firewall rules List of firewall rules in the section. Only homogenous rules are supported.	array of FirewallRule	Required Maximum items: 1000

Example Request:

POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules?action=create_multiple { "rules" : [ { "display_name":"layer3rule1", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ] }, { "display_name":"layer3rule2", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ] } ] }

Successful Response:

Response Code:

200 OK

Response Headers:

Content-type: application/json

Response Body:

FirewallRuleList+

Name	Description	Type	Notes
rules	List of the firewall rules List of firewall rules in the section. Only homogenous rules are supported.	array of FirewallRule	Required Maximum items: 1000

Example Response:

{ "rules": [ { "id": "58368", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 }, { "id": "715776", "display_name": "layer3rule2", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } ] }

Add Multiple Rules in a Section

Request:

FirewallInsertParameters (schema)

FirewallRuleList (schema)

Example Request:

Successful Response:

FirewallRuleList (schema)

Example Response:

Required Permissions:

Feature:

Additional Errors: