Computer Firewall Rule Details

List firewall rules

get/computers/{computerID}/firewall/rules

Lists all firewall rules assigned to a computer.

Related SDK Methods:

Java

ComputerFirewallRuleDetailsApi.listFirewallRulesOnComputer([param1, param2, ...])

Python

ComputerFirewallRuleDetailsApi.list_firewall_rules_on_computer([param1, param2, ...])

JavaScript

ComputerFirewallRuleDetailsApi.listFirewallRulesOnComputer([param1, param2, ...])

Request

Security:

DefaultAuthentication

path Parameters

computerID

required

integer <int32> \d+

The ID number of the computer.

Example: 1

query Parameters

overrides

boolean

Show only rules assigned to the current computer.

header Parameters

api-version

required

string

The version of the api being called.

Example: YOUR VERSION

Responses

200

successful operation

403

Not authorized to view the computer.

404

The computer does not exist.

Request samples

Java
Python
JavaScript

import com.trendmicro.deepsecurity.ApiClient;
import com.trendmicro.deepsecurity.Configuration;
import com.trendmicro.deepsecurity.auth.ApiKeyAuth;
import com.trendmicro.deepsecurity.ApiException;
import com.trendmicro.deepsecurity.api.ComputerFirewallRuleDetailsApi;
import com.trendmicro.deepsecurity.model.FirewallRules;


public class ListFirewallRulesOnComputerExample {
	
	public static void main(String[] args) {
		// Setup
		ApiClient defaultClient = Configuration.getDefaultApiClient();
		defaultClient.setBasePath("YOUR HOST");

		// Authentication
		ApiKeyAuth DefaultAuthentication = (ApiKeyAuth) defaultClient.getAuthentication("DefaultAuthentication");
		DefaultAuthentication.setApiKey("YOUR API KEY");
		try {
			defaultClient.trustAllCertificates(false);
		} catch (Exception e) {
			System.err.println("An exception occurred when calling ApiClient.trustAllCertificates");
			e.printStackTrace();
		}
		
		// Initialization
		// Set Any Required Values
		ComputerFirewallRuleDetailsApi instance = new ComputerFirewallRuleDetailsApi();
		Integer computerID = 1;
		Boolean overrides = false;
		String apiVersion = "YOUR VERSION";
		try {
			// Please replace the parameter values with yours
			FirewallRules result = instance.listFirewallRulesOnComputer(computerID, overrides, apiVersion);
			System.out.println(result);
		} catch (ApiException e) {
			System.err.println("An exception occurred when calling ComputerFirewallRuleDetailsApi.listFirewallRulesOnComputer");
			e.printStackTrace();
		}
	}
}

Response samples

application/json

{"firewallRules": [{"name": "string",
"description": "string",
"action": "log-only",
"priority": "0",
"direction": "incoming",
"frameType": "any",
"frameNumber": 0,
"frameNot": true,
"protocol": "any",
"protocolNumber": 0,
"protocolNot": true,
"sourceIPType": "any",
"sourceIPValue": "string",
"sourceIPMask": "string",
"sourceIPRangeFrom": "string",
"sourceIPRangeTo": "string",
"sourceIPMultiple": ["string"
],
"sourceIPListID": 0,
"sourceIPNot": true,
"sourceMACType": "any",
"sourceMACValue": "string",
"sourceMACMultiple": ["string"
],
"sourceMACListID": 0,
"sourceMACNot": true,
"sourcePortType": "any",
"sourcePortMultiple": ["string"
],
"sourcePortListID": 0,
"sourcePortNot": true,
"destinationIPType": "any",
"destinationIPValue": "string",
"destinationIPMask": "string",
"destinationIPRangeFrom": "string",
"destinationIPRangeTo": "string",
"destinationIPMultiple": ["string"
],
"destinationIPListID": 0,
"destinationIPNot": true,
"destinationMACType": "any",
"destinationMACValue": "string",
"destinationMACMultiple": ["string"
],
"destinationMACListID": 0,
"destinationMACNot": true,
"destinationPortType": "any",
"destinationPortMultiple": ["string"
],
"destinationPortListID": 0,
"destinationPortNot": true,
"anyFlags": true,
"logDisabled": true,
"includePacketData": true,
"alertEnabled": true,
"scheduleID": 0,
"contextID": 0,
"tcpflags": ["fin"
],
"ID": 0,
"TCPNot": true,
"ICMPType": 0,
"ICMPCode": 0,
"ICMPNot": true
}
]
}

Describe a firewall rule

get/computers/{computerID}/firewall/rules/{firewallRuleID}

Describe a firewall rule including computer-level overrides.

Related SDK Methods:

Java

ComputerFirewallRuleDetailsApi.describeFirewallRuleOnComputer([param1, param2, ...])

Python

ComputerFirewallRuleDetailsApi.describe_firewall_rule_on_computer([param1, param2, ...])

JavaScript

ComputerFirewallRuleDetailsApi.describeFirewallRuleOnComputer([param1, param2, ...])

Request

Security:

DefaultAuthentication

path Parameters

computerID required	integer <int32> \d+ The ID number of the computer. Example: 1
firewallRuleID required	integer <int32> \d+ The ID number of the firewall rule. Example: 1

query Parameters

overrides

boolean

Show only overrides defined for the current computer.

header Parameters

api-version

required

string

The version of the api being called.

Example: YOUR VERSION

Responses

200

successful operation

403

Not authorized to view the computer.

404

The computer does not exist.

Request samples

Java
Python
JavaScript

import com.trendmicro.deepsecurity.ApiClient;
import com.trendmicro.deepsecurity.Configuration;
import com.trendmicro.deepsecurity.auth.ApiKeyAuth;
import com.trendmicro.deepsecurity.ApiException;
import com.trendmicro.deepsecurity.api.ComputerFirewallRuleDetailsApi;
import com.trendmicro.deepsecurity.model.FirewallRule;


public class DescribeFirewallRuleOnComputerExample {
	
	public static void main(String[] args) {
		// Setup
		ApiClient defaultClient = Configuration.getDefaultApiClient();
		defaultClient.setBasePath("YOUR HOST");

		// Authentication
		ApiKeyAuth DefaultAuthentication = (ApiKeyAuth) defaultClient.getAuthentication("DefaultAuthentication");
		DefaultAuthentication.setApiKey("YOUR API KEY");
		try {
			defaultClient.trustAllCertificates(false);
		} catch (Exception e) {
			System.err.println("An exception occurred when calling ApiClient.trustAllCertificates");
			e.printStackTrace();
		}
		
		// Initialization
		// Set Any Required Values
		ComputerFirewallRuleDetailsApi instance = new ComputerFirewallRuleDetailsApi();
		Integer computerID = 1;
		Integer firewallRuleID = 1;
		Boolean overrides = false;
		String apiVersion = "YOUR VERSION";
		try {
			// Please replace the parameter values with yours
			FirewallRule result = instance.describeFirewallRuleOnComputer(computerID, firewallRuleID, overrides, apiVersion);
			System.out.println(result);
		} catch (ApiException e) {
			System.err.println("An exception occurred when calling ComputerFirewallRuleDetailsApi.describeFirewallRuleOnComputer");
			e.printStackTrace();
		}
	}
}

Response samples

application/json

{"name": "string",
"description": "string",
"action": "log-only",
"priority": "0",
"direction": "incoming",
"frameType": "any",
"frameNumber": 0,
"frameNot": true,
"protocol": "any",
"protocolNumber": 0,
"protocolNot": true,
"sourceIPType": "any",
"sourceIPValue": "string",
"sourceIPMask": "string",
"sourceIPRangeFrom": "string",
"sourceIPRangeTo": "string",
"sourceIPMultiple": ["string"
],
"sourceIPListID": 0,
"sourceIPNot": true,
"sourceMACType": "any",
"sourceMACValue": "string",
"sourceMACMultiple": ["string"
],
"sourceMACListID": 0,
"sourceMACNot": true,
"sourcePortType": "any",
"sourcePortMultiple": ["string"
],
"sourcePortListID": 0,
"sourcePortNot": true,
"destinationIPType": "any",
"destinationIPValue": "string",
"destinationIPMask": "string",
"destinationIPRangeFrom": "string",
"destinationIPRangeTo": "string",
"destinationIPMultiple": ["string"
],
"destinationIPListID": 0,
"destinationIPNot": true,
"destinationMACType": "any",
"destinationMACValue": "string",
"destinationMACMultiple": ["string"
],
"destinationMACListID": 0,
"destinationMACNot": true,
"destinationPortType": "any",
"destinationPortMultiple": ["string"
],
"destinationPortListID": 0,
"destinationPortNot": true,
"anyFlags": true,
"logDisabled": true,
"includePacketData": true,
"alertEnabled": true,
"scheduleID": 0,
"contextID": 0,
"tcpflags": ["fin"
],
"ID": 0,
"TCPNot": true,
"ICMPType": 0,
"ICMPCode": 0,
"ICMPNot": true
}

Modify a firewall rule

post/computers/{computerID}/firewall/rules/{firewallRuleID}

Modify a firewall rule assigned to a computer. Any unset elements will be left unchanged.

Related SDK Methods:

Java

ComputerFirewallRuleDetailsApi.modifyFirewallRuleOnComputer([param1, param2, ...])

Python

ComputerFirewallRuleDetailsApi.modify_firewall_rule_on_computer([param1, param2, ...])

JavaScript

ComputerFirewallRuleDetailsApi.modifyFirewallRuleOnComputer([param1, param2, ...])

Request

Security:

DefaultAuthentication

path Parameters

computerID required	integer <int32> \d+ The ID number of the computer. Example: 1
firewallRuleID required	integer <int32> \d+ The ID number of the firewall rule to modify. Example: 1

query Parameters

overrides

boolean

Show only overrides defined for the current computer.

header Parameters

api-version

required

string

The version of the api being called.

Example: YOUR VERSION

Request Body schema: application/json

The settings of the firewall rule to modify.

action	string Action of the packet filter. Searchable as Choice. Enum: "log-only" "allow" "deny" "force-allow" "bypass"
alertEnabled	boolean Controls if this filter should be alerted on. Searchable as Boolean.
anyFlags	boolean True if any flags are used. Searchable as Boolean.
contextID	integer <int32> RuleContext that is applied to this filter. Set to 0 to remove any assignment. Searchable as Numeric.
description	string Description of the firewall rule. Searchable as String.
destinationIPListID	integer <int32> ID of destination IP list. Only applies to destination IP type "ip-list". Set to 0 to remove any assignment. Searchable as Numeric.
destinationIPMask	string Destination IP mask. Only applies to destination IP type "masked-ip". Searchable as String.
destinationIPMultiple	Array of strings List of comma-delimited destination IP addresses. Only applies to destination IP type "multiple". Searchable as String.
destinationIPNot	boolean Controls if the destination IP setting should be inverted. Set to true to invert. Searchable as Boolean.
destinationIPRangeFrom	string The first value for a range of destination IP addresses. Only applies to estination IP type "range". Searchable as String.
destinationIPRangeTo	string The last value for a range of destination IP addresses. Only applies to destination IP type "range". Searchable as String.
destinationIPType	string Destination IP type. Default is "any". Searchable as Choice. Enum: "any" "masked-ip" "range" "ip-list" "single" "multiple"
destinationIPValue	string Destination IP. Only applies to destination IP type "masked-ip" or "single". Searchable as String.
destinationMACListID	integer <int32> ID of MAC address list. Only applies to MAC type "mac-list". Set to 0 to remove any assignment. Searchable as Numeric.
destinationMACMultiple	Array of strings List of comma-delimited MAC addresses. Only applies to MAC type "multiple". Searchable as String.
destinationMACNot	boolean Controls if the destination MAC setting should be inverted. Set to true to invert. Searchable as Boolean.
destinationMACType	string Destination MAC type. Default is "any". Searchable as Choice. Enum: "any" "single" "mac-list" "multiple"
destinationMACValue	string Destination MAC address. Only applies to MAC type "single". Searchable as String.
destinationPortListID	integer <int32> ID of destination port list. Only applies to destination type "port-list". Set to 0 to remove any assignment. Searchable as Numeric.
destinationPortMultiple	Array of strings List of comma-delimited destination ports. Only applies to destination type "multiple". Searchable as String.
destinationPortNot	boolean Controls if the destination port setting should be inverted. Set to true to invert. Searchable as Boolean.
destinationPortType	string The type of destination port. Searchable as Choice. Enum: "any" "multiple" "port-list"
direction	string Packet direction. Searchable as Choice. Enum: "incoming" "outgoing"
frameNot	boolean Controls if the frame setting should be inverted. Set to true to invert. Searchable as Boolean.
frameNumber	integer <int32> Ethernet frame number. Only required for FrameType "other". Searchable as Numeric.
frameType	string Supported frame types. Searchable as Choice. Enum: "any" "ip" "arp" "revarp" "ipv4" "ipv6" "other"
ICMPCode	integer <int32>
ICMPNot	boolean
ICMPType	integer <int32>
includePacketData	boolean Controls if this filter should capture data for every log. Searchable as Boolean.
logDisabled	boolean Controls if logging for this filter is disabled. Only applies to filter action "log-only" or "deny". Searchable as Boolean.
name	string Name of the firewall rule. Searchable as String.
priority	string Priority of the packet filter. Searchable as Choice. Enum: "0" "1" "2" "3" "4"
protocol	string Protocol. Searchable as Choice. Enum: "any" "icmp" "igmp" "ggp" "tcp" "pup" "udp" "idp" "nd" "raw" "tcp-udp" "icmpv6" "other"
protocolNot	boolean Controls if the protocol setting should be inverted. Set to true to invert. Searchable as Boolean.
protocolNumber	integer <int32> Two-byte protocol number. Searchable as Numeric.
scheduleID	integer <int32> ID of the schedule to control when this filter is "on". Set to 0 to remove any assignment. Searchable as Numeric.
sourceIPListID	integer <int32> ID of source IP list. Only applies to source IP type "ip-list". Set to 0 to remove any assignment. Searchable as Numeric.
sourceIPMask	string Source IP mask. Only applies to source IP type "masked-ip". Searchable as String.
sourceIPMultiple	Array of strings List of source IP addresses. Only applies to source IP type "multiple". Searchable as String.
sourceIPNot	boolean Controls if the source IP setting should be inverted. Set to true to invert. Searchable as Boolean.
sourceIPRangeFrom	string The first value for a range of source IP addresses. Only applies to source IP type "range". Searchable as String.
sourceIPRangeTo	string The last value for a range of source IP addresses. Only applies to source IP type "range". Searchable as String.
sourceIPType	string Source IP type. Default is "any". Searchable as Choice. Enum: "any" "masked-ip" "range" "ip-list" "single" "multiple"
sourceIPValue	string Source IP. Only applies to source IP type "masked-ip" or "single". Searchable as String.
sourceMACListID	integer <int32> ID of MAC address list. Only applies to MAC type "mac-list". Set to 0 to remove any assignment. Searchable as Numeric.
sourceMACMultiple	Array of strings List of MAC addresses. Only applies to MAC type "multiple". Searchable as String.
sourceMACNot	boolean Controls if the source MAC setting should be inverted. Set to true to invert. Searchable as Boolean.
sourceMACType	string Source MAC type. Default is "any". Searchable as Choice. Enum: "any" "single" "mac-list" "multiple"
sourceMACValue	string Source MAC address. Only applies to MAC type "single". Searchable as String.
sourcePortListID	integer <int32> ID of source port list. Only applies to source type "port-list". Set to 0 to remove any assignment. Searchable as Numeric.
sourcePortMultiple	Array of strings List of comma-delimited source ports. Only applies to source type "multiple". Searchable as String.
sourcePortNot	boolean Controls if the source port setting should be inverted. Set to true to invert. Searchable as Boolean.
sourcePortType	string The type of source port. Searchable as Choice. Enum: "any" "multiple" "port-list"
tcpflags	Array of strings Items Enum: "fin" "syn" "rst" "psh" "ack" "urg"
TCPNot	boolean

Responses

200

successful operation

403

Not authorized to modify the computer or the requested modification is not permitted.

404

The firewall rule does not exist or the computer does not exist.

Request samples

Payload
Java
Python
JavaScript

application/json

{"name": "string",
"description": "string",
"action": "log-only",
"priority": "0",
"direction": "incoming",
"frameType": "any",
"frameNumber": 0,
"frameNot": true,
"protocol": "any",
"protocolNumber": 0,
"protocolNot": true,
"sourceIPType": "any",
"sourceIPValue": "string",
"sourceIPMask": "string",
"sourceIPRangeFrom": "string",
"sourceIPRangeTo": "string",
"sourceIPMultiple": ["string"
],
"sourceIPListID": 0,
"sourceIPNot": true,
"sourceMACType": "any",
"sourceMACValue": "string",
"sourceMACMultiple": ["string"
],
"sourceMACListID": 0,
"sourceMACNot": true,
"sourcePortType": "any",
"sourcePortMultiple": ["string"
],
"sourcePortListID": 0,
"sourcePortNot": true,
"destinationIPType": "any",
"destinationIPValue": "string",
"destinationIPMask": "string",
"destinationIPRangeFrom": "string",
"destinationIPRangeTo": "string",
"destinationIPMultiple": ["string"
],
"destinationIPListID": 0,
"destinationIPNot": true,
"destinationMACType": "any",
"destinationMACValue": "string",
"destinationMACMultiple": ["string"
],
"destinationMACListID": 0,
"destinationMACNot": true,
"destinationPortType": "any",
"destinationPortMultiple": ["string"
],
"destinationPortListID": 0,
"destinationPortNot": true,
"anyFlags": true,
"logDisabled": true,
"includePacketData": true,
"alertEnabled": true,
"scheduleID": 0,
"contextID": 0,
"tcpflags": ["fin"
],
"TCPNot": true,
"ICMPType": 0,
"ICMPCode": 0,
"ICMPNot": true
}

Response samples

application/json

{"name": "string",
"description": "string",
"action": "log-only",
"priority": "0",
"direction": "incoming",
"frameType": "any",
"frameNumber": 0,
"frameNot": true,
"protocol": "any",
"protocolNumber": 0,
"protocolNot": true,
"sourceIPType": "any",
"sourceIPValue": "string",
"sourceIPMask": "string",
"sourceIPRangeFrom": "string",
"sourceIPRangeTo": "string",
"sourceIPMultiple": ["string"
],
"sourceIPListID": 0,
"sourceIPNot": true,
"sourceMACType": "any",
"sourceMACValue": "string",
"sourceMACMultiple": ["string"
],
"sourceMACListID": 0,
"sourceMACNot": true,
"sourcePortType": "any",
"sourcePortMultiple": ["string"
],
"sourcePortListID": 0,
"sourcePortNot": true,
"destinationIPType": "any",
"destinationIPValue": "string",
"destinationIPMask": "string",
"destinationIPRangeFrom": "string",
"destinationIPRangeTo": "string",
"destinationIPMultiple": ["string"
],
"destinationIPListID": 0,
"destinationIPNot": true,
"destinationMACType": "any",
"destinationMACValue": "string",
"destinationMACMultiple": ["string"
],
"destinationMACListID": 0,
"destinationMACNot": true,
"destinationPortType": "any",
"destinationPortMultiple": ["string"
],
"destinationPortListID": 0,
"destinationPortNot": true,
"anyFlags": true,
"logDisabled": true,
"includePacketData": true,
"alertEnabled": true,
"scheduleID": 0,
"contextID": 0,
"tcpflags": ["fin"
],
"ID": 0,
"TCPNot": true,
"ICMPType": 0,
"ICMPCode": 0,
"ICMPNot": true
}

Reset firewall rule overrides

delete/computers/{computerID}/firewall/rules/{firewallRuleID}

Remove all overrides for a firewall rule from a computer.

Related SDK Methods:

Java

ComputerFirewallRuleDetailsApi.resetFirewallRuleOnComputer([param1, param2, ...])

Python

ComputerFirewallRuleDetailsApi.reset_firewall_rule_on_computer([param1, param2, ...])

JavaScript

ComputerFirewallRuleDetailsApi.resetFirewallRuleOnComputer([param1, param2, ...])

Request

Security:

DefaultAuthentication

path Parameters

computerID required	integer <int32> \d+ The ID number of the computer. Example: 1
firewallRuleID required	integer <int32> \d+ The ID number of the firewall rule to reset. Example: 1

query Parameters

overrides

boolean

Show only overrides defined for the current computer.

header Parameters

api-version

required

string

The version of the api being called.

Example: YOUR VERSION

Responses

200

successful operation

403

Not authorized to modify the computer.

404

The computer does not exist.

Request samples

Java
Python
JavaScript

import com.trendmicro.deepsecurity.ApiClient;
import com.trendmicro.deepsecurity.Configuration;
import com.trendmicro.deepsecurity.auth.ApiKeyAuth;
import com.trendmicro.deepsecurity.ApiException;
import com.trendmicro.deepsecurity.api.ComputerFirewallRuleDetailsApi;
import com.trendmicro.deepsecurity.model.FirewallRule;


public class ResetFirewallRuleOnComputerExample {
	
	public static void main(String[] args) {
		// Setup
		ApiClient defaultClient = Configuration.getDefaultApiClient();
		defaultClient.setBasePath("YOUR HOST");

		// Authentication
		ApiKeyAuth DefaultAuthentication = (ApiKeyAuth) defaultClient.getAuthentication("DefaultAuthentication");
		DefaultAuthentication.setApiKey("YOUR API KEY");
		try {
			defaultClient.trustAllCertificates(false);
		} catch (Exception e) {
			System.err.println("An exception occurred when calling ApiClient.trustAllCertificates");
			e.printStackTrace();
		}
		
		// Initialization
		// Set Any Required Values
		ComputerFirewallRuleDetailsApi instance = new ComputerFirewallRuleDetailsApi();
		Integer computerID = 1;
		Integer firewallRuleID = 1;
		Boolean overrides = false;
		String apiVersion = "YOUR VERSION";
		try {
			// Please replace the parameter values with yours
			FirewallRule result = instance.resetFirewallRuleOnComputer(computerID, firewallRuleID, overrides, apiVersion);
			System.out.println(result);
		} catch (ApiException e) {
			System.err.println("An exception occurred when calling ComputerFirewallRuleDetailsApi.resetFirewallRuleOnComputer");
			e.printStackTrace();
		}
	}
}

Response samples

application/json

{"name": "string",
"description": "string",
"action": "log-only",
"priority": "0",
"direction": "incoming",
"frameType": "any",
"frameNumber": 0,
"frameNot": true,
"protocol": "any",
"protocolNumber": 0,
"protocolNot": true,
"sourceIPType": "any",
"sourceIPValue": "string",
"sourceIPMask": "string",
"sourceIPRangeFrom": "string",
"sourceIPRangeTo": "string",
"sourceIPMultiple": ["string"
],
"sourceIPListID": 0,
"sourceIPNot": true,
"sourceMACType": "any",
"sourceMACValue": "string",
"sourceMACMultiple": ["string"
],
"sourceMACListID": 0,
"sourceMACNot": true,
"sourcePortType": "any",
"sourcePortMultiple": ["string"
],
"sourcePortListID": 0,
"sourcePortNot": true,
"destinationIPType": "any",
"destinationIPValue": "string",
"destinationIPMask": "string",
"destinationIPRangeFrom": "string",
"destinationIPRangeTo": "string",
"destinationIPMultiple": ["string"
],
"destinationIPListID": 0,
"destinationIPNot": true,
"destinationMACType": "any",
"destinationMACValue": "string",
"destinationMACMultiple": ["string"
],
"destinationMACListID": 0,
"destinationMACNot": true,
"destinationPortType": "any",
"destinationPortMultiple": ["string"
],
"destinationPortListID": 0,
"destinationPortNot": true,
"anyFlags": true,
"logDisabled": true,
"includePacketData": true,
"alertEnabled": true,
"scheduleID": 0,
"contextID": 0,
"tcpflags": ["fin"
],
"ID": 0,
"TCPNot": true,
"ICMPType": 0,
"ICMPCode": 0,
"ICMPNot": true
}

➔ Next to Computer Groups