Create a traffic change request

The FireFlow REST API creates a Traffic Change Request.

FireFlow validates the API to ensure that mandatory elements are in place, such as permissions, template, date formats, that any specified device exists in AFA, and so on.

Note: For IPv6 addresses, you must use IPv6 format for both source and destination. For example: 2001:cdba::3257:9652 - 2001:cdba::3257:9657. See IPv6 traffic change workflow.

Notes: For IPv6 templates, only Cisco ASA devices are supported.

Resource Name: /FireFlow/api/change-requests/traffic

Request Method: POST

Header requirements:

Key Value
Cookie FireFlow_Session=[sessionId]. The sessionId is retrieved from the authentication request.

Request Body:

Parameter

Type

Description

trafficChangeRequestDetails

TrafficChangeRequest type

Object body containing details for creation of traffic change request.

TrafficChangeRequest

Parameter Type Description
fields array Array of Fields
template string Template string
traffic array Array of Traffic

Fields

Parameter Type Description
name string Custom field name
values array Custom field values

TrafficLineDetails (part of Traffic array)

Parameter Type Description
action string Action: Allow or Drop
application object Application details
destination object Destination details
fields array Array of Fields
natDetails object NAT details
service object Service details
source object Source details
user object User details

NameTrafficFieldDetails (part of Application, Destination, Source, and User)

Parameter Type Description
items array Array of NameTrafficItemDetails

NameTrafficItemDetails

Parameter Type Description
fields array Array of Fields
name string Name to match

AddressTrafficFieldDetails (part of Destination and Source)

Parameter Type Description
items array Array of AddressTrafficItemDetails

AddressTrafficItemDetails

Parameter Type Description
address string IP address
fields array Array of Fields

ServiceTrafficFieldDetails (part of Service)

Parameter Type Description
items array Array of ServiceTrafficItemDetails

ServiceTrafficItemDetails

Parameter Type Description
fields array Array of Fields
service string Service name

NatDetails (part of TrafficLineDetails)

Parameter Type Description
destination array Destination array
port array Port array
source array Source array
type string NAT type

Request example

{
  "template": "Basic Change Traffic Request",
  "fields": [
    {
      "key": "subject",
      "values": [
        "Traffic_Ticket_Via_REST_API"
      ]
    },
    {
      "key": "Change Request Description",
      "values": [
        "add here the change request description"
      ]
    },
    {
      "name": "AppViz Application Name",
      "values": [
        "app1"
      ]
    },
    {
      "name": "devices",
      "values": [
        "CKP1",
        "Cisco2"
      ]
    }
  ],
  "traffic": [
    {
      "source": {
        "items": [
          {
            "name": "1.1.1.0/24"
          },
          {
            "name": "host_object"
          }
        ]
      },
      "destination": {
        "items": [
          {
            "name": "2.2.2.2-2.2.2.150",
            "fields": [
              {
                "key": "CFPTI",
                "values": [
                  "destination1"
                ]
              }
            ]
          }
        ]
      },
      "service": {
        "items": [
          {
            "name": "https"
          },
          {
            "name": "service_object"
          }
        ]
      },
      "user": {
        "items": [
          {
            "name": "user1"
          }
        ]
      },
      "application": {
        "items": [
          {
            "name": "any"
          }
        ]
      },
      "action": "Allow",
      "natDetails": {
        "source": [
          "9.9.9.9"
        ],
        "destination": [
          "8.8.8.8"
        ],
        "port": [
          "tcp/8080"
        ],
        "type": "Static"
      },
      "fields": [
        {
          "key": "Requested Source Group Name",
          "values": [
            "sourceGroup100"
          ]
        }
      ]
    }
  ]
}				

IPv6 request example

Copy
{
                    "template":"170: Traffic Change Request (IPv6)",
                    "fields":[
                    {
                    "name":"subject",
                    "values":[
                    "IPv6_demo_3"
                    ]
                    },
                    {
                    "name":"devices",
                    "values":[
                    "10_132_16_2"
                    ]
                    }
                    ],
                    "traffic":[
                    {
                    "source":{
                    "items":[
                    {
                    "address":"fe80:2222::3333"
                    }
                    ]
                    },
                    "destination":{
                    "items":[
                    {
                    "address":"2001:cdba::3257:9652 - 2001:cdba::3257:9657"
                    }
                    ]
                    },
                    "service":{
                    "items":[
                    {
                    "name":"tcp/80-90"
 
                    }
                    ]
                    },
                    "action":"Allow"
                    }
                    ]
                }

cURL example

curl --request POST \
				--url https://<localhost>/FireFlow/api/change-requests/traffic \
				--header 'Content-Type: application/json' \
				--data '{
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				],
				"template": "string",
				"traffic": [
				{
				"action": "Allow/Drop",
				"application": {
				"items": [
				{
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				],
				"name": "name to match"
				}
				]
				},
				"destination": {
				"items": [
				{
				"address": "1.1.1.1",
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				]
				}
				]
				},
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				],
				"natDetails": {
				"destination": [
				"string"
				],
				"port": [
				"string"
				],
				"source": [
				"string"
				],
				"type": "Static/Dynamic"
				},
				"service": {
				"items": [
				{
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				],
				"service": "tcp/80"
				}
				]
				},
				"source": {
				"items": [
				{
				"address": "1.1.1.1",
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				]
				}
				]
				},
				"user": {
				"items": [
				{
				"fields": [
				{
				"name": "custom field name",
				"values": [
				"custom field value 1",
				"custom field value 2"
				]
				}
				],
				"name": "name to match"
				}
				]
				}
				}
				]
				}'
			

Status codes:

Code

Description

200

Traffic Change Request was created

400

Input validation failure

403

Authentication failure

50x

Internal Server Error

Response parameters

Parameter Data Type Description
data object Data object
messages array Array of messages
status string Status of request

MessageDetails (part of Messages array)

Parameter Type Description
code string Code
message string Message

Response Example Success 200

{ "data": {}, "messages": [ { "code": "string", "message": "string" } ], "status": "Success" }

Response Example Failure 400

{
  "data": {},
  "messages": [
    {
      "code": "string",
      "message": "string"
    }
  ],
  "status": "Failure"
}