Page History

...

SDEWAN CNF will be created with Default sections initialized. Include section will not be included be implemented in this release.

SD-EWAN Firewall API provides support to get/create/update/delete Firewall Zone, Redirect, Rule and Forwardings

...

Response Parameters

Name	In	Type	Description
name	body	string	(Required) forwarding name
src	body	string	(Required for DNAT) traffic source zone

dest

src_ip

body

string

(Required) traffic destination zone

Match incoming traffic from the specified source ip address.

src_dip

family

body

string

Protocol family (ipv4, ipv6 or any) to generate iptables rules for.

(Required for SNAT) For DNAT, match incoming traffic directed at the given destination ip address. For SNAT rewrite the source address to the given address.
src_mac	body	string	Match incoming traffic from the specified mac address.
src_port	body	port or range	Match incoming traffic originating from the given source port or port range on the client host.
src_dport	body	port or range	For DNAT, match incoming traffic directed at the given destination port or port range on this host. For SNAT rewrite the source ports to the given value.
proto	body	string	Match incoming traffic using the given protocol. Can be one of `tcp`, `udp`, `tcpudp`, `udplite`, `icmp`, `esp`, `ah`, `sctp`, or `all`
dest	body	string	Specifies the traffic destination zone. Must refer to one of the defined zone names.
dest_ip	body	string	For DNAT, redirect matches incoming traffic to the specified internal host. For SNAT, it matches traffic directed at the given address.
dest_port	body	port or range	For DNAT, redirect matched incoming traffic to the given port on the internal host. For SNAT, match traffic directed at the given ports.
mark	body	string	match traffic against the given firewall mark
target	body	string	(Required) NAT target: SNAT, DNAT
family	body	string	Protocol family (`ipv4`, `ipv6` or `any`) to generate iptables rules for

...

Space shortcuts