Manage IP Restrictions

Note:

Only administrators can execute these APIs.

1. Save the Firewall Fields

This POST method saves the firewall fields.

POST	{{url}}/api/settings/firewall/fields

Request Parameters

Parameter	Description	Data Type	Required
country	A list of one or more country codes in a two-letter ISO format.	string	Optional
client_ip	A list of one or more IPv4 addresses in CIDR notation. For example:152.57.227.128/32	ip	Optional

Request Example

curl -X POST  '{{url}}/api/settings/firewall/fields' -H 'Authorization: Bearer <token>'
--data
{
  "fields" : {
    "country" : {
      "header" : "CloudFront-Viewer-Country",
      "field_type" : "string",
      "info" : "The country as represented by the 2 character ISO code.",
      "operators" : [ "equals", "contains", "startswith", "endswith" ]
    },
    "client_ip" : {
      "header" : "clientip",
      "field_type" : "ip",
      "info" : "The IP address(es) in CIDR notation. Example: 120.121.122.0/24, 180.179.178.176/32.",
      "operators" : [ "contains" ]
    }
  }
}

Response Example

Status: 200 OK

2. Get the Firewall fields

This GET method returns the firewall fields.

GET	{{url}}/api/settings/firewall/fields

Request Example

curl --location '{{url}}/api/settings/firewall/fields'\
--header 'Accept: application/json'

Response Example

{
  "fields" : {
    "country" : {
      "header" : "CloudFront-Viewer-Country",
      "field_type" : "string",
      "info" : "The country as represented by the 2 character ISO code.",
      "operators" : [ "equals", "contains", "startswith", "endswith" ]
    },
    "client_ip" : {
      "header" : "clientip",
      "field_type" : "ip",
      "info" : "The IP address(es) in CIDR notation. Example: 120.121.122.0/24, 180.179.178.176/32.",
      "operators" : [ "contains" ]
    }
  }
}

Status: 200 OK

3. Save the Firewall Rules

This POST method saves the firewall rules. The fields saved using the API {{url}}/api/settings/firewall/fields can be used to save the firewall rules.

POST	{{url}}/api/settings/firewall

Request Parameters

Parameter	Description	Data Type	Required
priority	The rules are executed as per the priority number.	integer	Mandatory
action	Allow or deny access.	string	Mandatory
field	Values: Country or client_ip	string	Mandatory
invert	Values: Tue/False. Default: False	boolean	Optional
operator	Depends on the selected field. It could be Equals, Contains, Startswith, Endswith	string	Mandatory
default_action	Allow or Deny. Default is Deny	string	Mandatory
antilockout	Values: True/False. Default is False	boolean	Optional

Request Example

curl -X POST  '{{url}}/api/settings/firewall>' -H 'Authorization: Bearer <token>'
--data
{
    "rules": [
        {
            "priority": 1,
            "action": "BLOCk",
            "field": "country",
            "invert": false,
            "operator": "EQUALS",
            "values": [
                "KP",
                "CU",
                "SY",
                "IR",
                "CG",
                "ZW",
                "MM",
                "SD",
                "IQ",
                "CI"
            ]
        },
        {
   "action": "ALLOW",
   "field": "client_ip",
   "invert": false,
   "operator": "EQUALS",
   "priority": 2,
   "values": [
    "192.168.0.0/24",
    "2001:db8::/32"
   ]
  }
    ],
    "default_action": "ALLOW",
    "antilockout": false
}

Response Example

{
    "rules": [
        {
            "priority": 1,
            "action": "BLOCk",
            "field": "country",
            "invert": false,
            "operator": "EQUALS",
            "values": [
                "KP",
                "CU",
                "SY",
                "IR",
                "CG",
                "ZW",
                "MM",
                "SD",
                "IQ",
                "CI"
            ]
        },
        {
   "action": "ALLOW",
   "field": "client_ip",
   "invert": false,
   "operator": "EQUALS",
   "priority": 2,
   "values": [
    "192.168.0.0/24",
    "2001:db8::/32"
   ]
  }
    ],
    "default_action": "ALLOW",
    "antilockout": false
}

Status: 200 OK

4. Get the Firewall rules

This GET method returns the firewall rules.

GET	{{url}}/api/settings/firewall

Request Example

curl --location '{{url}}/api/settings/firewall' \
--header 'Accept: application/json'

Response Example

{
  "rules" : [ {
    "priority" : 0,
    "action" : "ALLOW",
    "field" : "country",
    "invert" : true,
    "operator" : "equals",
    "values" : [ "UK" ]
  }, {
    "priority" : 1,
    "action" : "BLOCK",
    "field" : "country",
    "invert" : false,
    "operator" : "endswith",
    "values" : [ "US" ]
  }, {
    "priority" : 2,
    "action" : "BLOCK",
    "field" : "country",
    "invert" : false,
    "operator" : "equals",
    "values" : [ "KP", "CU", "SY", "IR", "CG", "ZW", "MM", "SD", "IQ", "CI" ]
  }, {
    "priority" : 3,
    "action" : "BLOCK",
    "field" : "client_ip",
    "invert" : false,
    "operator" : "contains",
    "values" : [ "122.171.22.229/32" ]
  }, {
    "priority" : 4,
    "action" : "BLOCK",
    "field" : "country",
    "invert" : false,
    "operator" : "startswith",
    "values" : [ "ja" ]
  } ],
  "default_action" : "BLOCK",
  "antilockout" : false
}

Status: 200 OK