Add a New Trusted Traffic

Adds a new trusted traffic configuration to the system, defining the source, destination, and service details along with traffic request specifics.

Resource name: /api/v1/trustedTraffic

Request Method: POST

Request parameters:

Parameter	Type	Description
source	string	Source can be host group, IP, or range
destination	string	Destination can be host group, IP, or range
service	object	Service details including the service name and optional service-specific configurations
create_new_object_if_not_exist	boolean	Create new object, if not exist already. - false: If no objects exist. In this case, enter service name only. - true: If objects exist. In this case, enter service name and service details.
service_name	string	Service name. Format: alphanumeric character only.
service_details	object	Specify at least one of the src_port_high, src_port_low, dest_port_high, or dest_port_low Details about the service, including: - dest_port_high: Destination port (highest value) for TCP/UDP. - dest_port_low: Destination port (lowest value) for TCP/UDP. - icmp_code: ICMP code standard. - icmp_type: ICMP type standard. - protocol: Protocol: TCP (default), UDP, ICMP. - src_port_high: Source port (highest value) for TCP/UDP. - src_port_low: Source port (lowest value) for TCP/UDP.
trusted_traffic_request	object	Details about the trusted traffic request
comment	string	Comment
expiration_date	integer	Milliseconds from 1.1.1970. See: https://currentmillis.com - UNIX time. Expiration date must be in the future.
tree_name mandatory	string	The firewall name. Do not use group or ALL_FIREWALLS here. Use the Devices Setup API GET /devices method to return the firewall name.
trust_Traffic_Level_To_apply mandatory	string	Trusted traffic level: ALL_FIREWALLS or the tree name of the firewall/group.
trust_future_host_groups_changes mandatory	boolean	Trust future host group changes. - true: Trust future changes to host groups. Changes to the IP addresses within the host group will not cancel the trusted traffic rules. - false (default): Only trust IP addresses. Changes to the IP addresses in this traffic rule will cancel this trust traffic rule.

Request example:

Copy

{
  "destination": "Any",
  "service": {
    "create_new_object_if_not_exist": true,
    "service_details": {
      "dest_port_low": "242",
      "dest_port_high": "34",
      "src_port_high": "24",
      "src_port_low": "20"
    },
    "service_name": "stoptogo"
  },
  "source": "Any",
  "trusted_traffic_request": {
    "tree_name": "Nachos",
    "trust_Traffic_Level_To_apply": "Nachos",
    "trust_future_host_groups_changes": true
  }


}

cUrl Example:

Copy

Add-curl -X POST "https://[machine IP]/afa/api/v1/trustedTraffic" -H "accept: */*" -H "Content-Type: application/json" -d "{ \"destination\": \"Any\", \"service\": { \"create_new_object_if_not_exist\": false, \"service_name\": \"icmp\" }, \"source\": \"Any\", \"trusted_traffic_request\": { \"tree_name\": \"10_20_244_3_prod1\", \"trust_Traffic_Level_To_apply\": \"10.20.244.3_prod1\", \"trust_future_host_groups_changes\": false }}"

Status codes:

Code	Description
200	OK
400	Validation error
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Response example success 200:

Copy

List [ OrderedMap {} ]

Response example failure 400:

Copy

{
  "cause": {
    "stackTrace": [
      {
        "moduleName": "string",
        "moduleVersion": "string",
        "classLoaderName": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "message": "string",
    "localizedMessage": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "moduleName": "string",
            "moduleVersion": "string",
            "classLoaderName": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ]
  },
  "stackTrace": [
    {
      "moduleName": "string",
      "moduleVersion": "string",
      "classLoaderName": "string",
      "methodName": "string",
      "fileName": "string",
      "lineNumber": 0,
      "className": "string",
      "nativeMethod": true
    }
  ],
  "httpStatus": "100 CONTINUE",
  "apiFailure": {
    "error": "string",
    "description": "string",
    "fieldErrors": [
      {
        "field": "string",
        "error": "string"
      }
    ]
  },
  "message": "string",
  "localizedMessage": "string",
  "suppressed": [
    {
      "stackTrace": [
        {
          "moduleName": "string",
          "moduleVersion": "string",
          "classLoaderName": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    }
  ]
}

Add a New Trusted Traffic

Sorry about that

Great!