Firewalls
Manage firewalls via API.
Create a Firewall
Type: POST
- https://cloud.syminet.com/api/v1/firewalls/create
Create a new firewall.
Required JSON Properties:
- firewall_name
Name for new firewall.
curl --request POST \
--url https://cloud.syminet.com/api/v1/firewalls/create \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN" \
--data '
{
"firewall_name": "mynewfirewall"
}
'
{
"created" : "2025-02-06 17:19:36.925397",
"id" : 124,
"name" : "mynewfirewall",
"perms" : "rw"
}
Note
Default Inbound firewall rules will be created:
ICMP (All)
SSH port 22 (All)
HTTP port 80 (All)
HTTPS port 443 (All)
These can be cleared or updated with a call to Update Firewall Rules
List All Firewalls
Type: GET
- https://cloud.syminet.com/api/v1/firewalls
Return a paginated list of all firewalls.
Optional URL Parameters:
- ?query=FIREWALL_NAME
Filter on SLICE_NAME (partial match okay)
- ?page=PAGE_NUMBER
Return page PAGE_NUMBER
curl --request GET \
--url https://cloud.syminet.com/api/v1/firewalls \
--header "authorization:bearer $API_TOKEN"
{
"data" : [
{
"created" : "2025-02-06 17:19:36.925397",
"id" : 102,
"name" : "fwtest",
"rules_count" : 7,
"slices_count" : 0
},
{
"created" : "2025-01-14 08:22:36.925397",
"id" : 124,
"name" : "mynewfirewall",
"rules_count" : 7,
"slices_count" : 0
}
]
}
Delete a Firewall
Type: DELETE
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}/delete
Delete firewall
FIREWALL_ID.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to delete.
curl --request DELETE \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/delete \
--header "authorization:bearer $API_TOKEN"
Response: 202 OK
Fetch a Firewall
Type: GET
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}
Return details of firewall.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to fetch.
curl --request GET \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID \
--header "authorization:bearer $API_TOKEN"
{
"created": "2025-02-06 17:19:36.925397",
"id": 125,
"inbound_rules": [
{
"destination": null,
"fw_id": 125,
"id": 1076,
"name": "ICMP",
"outbound": null,
"pending": null,
"ports": "0",
"protocol": "icmp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0",
"status": null,
"user_id": 1
},
{
"destination": null,
"fw_id": 125,
"id": 1073,
"name": "SSH",
"outbound": null,
"pending": null,
"ports": "22",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0",
"status": null,
"user_id": 1
},
{
"destination": null,
"fw_id": 125,
"id": 1074,
"name": "HTTP",
"outbound": null,
"pending": null,
"ports": "80",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0",
"status": null,
"user_id": 1
},
{
"destination": null,
"fw_id": 125,
"id": 1075,
"name": "HTTPS",
"outbound": null,
"pending": null,
"ports": "443",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0",
"status": null,
"user_id": 1
}
],
"name": "mynewfirewall",
"outbound_rules": [
{
"destination": "0.0.0.0/0",
"fw_id": 125,
"id": 1079,
"name": "ICMP",
"outbound": true,
"pending": null,
"ports": "0",
"protocol": "icmp",
"rule_type": "ACCEPT",
"source": null,
"status": null,
"user_id": 1
},
{
"destination": "0.0.0.0/0",
"fw_id": 125,
"id": 1077,
"name": "All TCP",
"outbound": true,
"pending": null,
"ports": "0",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": null,
"status": null,
"user_id": 1
},
{
"destination": "0.0.0.0/0",
"fw_id": 125,
"id": 1078,
"name": "All UDP",
"outbound": true,
"pending": null,
"ports": "0",
"protocol": "udp",
"rule_type": "ACCEPT",
"source": null,
"status": null,
"user_id": 1
}
],
"perms": "rw",
"slices": [
{
"slice_id": 3828
}
],
"slices_count": 1
}
Rename a Firewall
Type: PUT
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}/rename
Rename
FIREWALL_IDto newfirewall_name.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to modify.
Required JSON Properties:
- firewall_name
New firewall name.
curl --request PUT \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/rename \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN" \
--data '
{
"firewall_name": "mynewfirewallname"
}
'
Response: 202 OK
Assign Firewall
Type: POST
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}/assign/{SLICE_ID}
Assign
FIREWALL_IDtoSLICE_ID.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to assign.
- SLICE_ID
Slice ID to assign
FIREWALL_IDto.
curl --request POST \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/assign/SLICE_ID \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN"
Response: 202 OK
Unassign Firewall
Type: POST
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}/unassign/{SLICE_ID}
Unssign
FIREWALL_IDfromSLICE_ID.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to unassign.
- SLICE_ID
Slice ID to unassign from
FIREWALL_ID.
curl --request POST \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/unassign/SLICE_ID \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN"
Response: 202 OK
Update Firewall Rules
Type: PUT
- https://cloud.syminet.com/api/v1/firewalls/{FIREWALL_ID}/rules
Update firewall
FIREWALL_IDrules via JSON payload.
Required URL Parameters:
- FIREWALL_ID
Firewall ID to update.
Required JSON Properties:
- inbound_rules:
Inbound rules. The following JSON properties are required per-rule:
- rule_name
Name of the rule.
- ports
Integer between 1 - 65535. Or a range, specified by a hyphen e.g.
2000-3000- protocol
Protocol: “tcp”, “udp”, or “icmp”. Ports are ignored for “icmp”.
- source
The word
All, a single IP address, or a CIDR masked IP range.- rule_type
DROPorACCEPT.
- outbound_rules
Outbound rules. The following JSON properties are required per-rule:
- rule_name
Name of the rule.
- ports
An integer between 1 - 65535. Or a range, specified by a hyphen e.g.
2000-3000- protocol
Protocol: “tcp”, “udp”, or “icmp”. Ports are ignored for “icmp”.
- destination
The word
Allto spcify all. Or a single IP address or CIDR masked IP range.- rule_type
DROPorACCEPT.
The typical workflow is to retrieve existing rules via an API call to Fetch a Firewall. Modify the returned JSON, and PUT it back using this call. Only the above JSON properties are used when updating rules; others are silently ignored.
To clear all rules for a firewall, PUT a JSON payload with empty values for
inbound_rules and outbound_rules, like so:
curl --request PUT \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/rules \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN" \
--data '
{
"inbound_rules": [{}],
"outbound_rules": [{}]
}
'
The following will update a slice to the following default firewall rules:
ICMP (All)
SSH port 22 (All)
HTTP port 80 (All)
HTTPS port 443 (All)
Note
Only traffic you specify is allowed. All other traffic is dropped.
Note
A maximum of 100 rules are allowed per firewall.
curl --request PUT \
--url https://cloud.syminet.com/api/v1/firewalls/FIREWALL_ID/rules \
--header "content-type: application/json" \
--header "authorization:bearer $API_TOKEN" \
--data '
{
"inbound_rules": [
{
"name": "ICMP",
"ports": "0",
"protocol": "icmp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0"
},
{
"name": "SSH",
"ports": "22",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0"
},
{
"name": "HTTP",
"ports": "80",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0"
},
{
"name": "HTTPS",
"ports": "443",
"protocol": "tcp",
"rule_type": "ACCEPT",
"source": "0.0.0.0/0"
}
],
"outbound_rules": [
{
"destination": "0.0.0.0/0",
"name": "ICMP",
"ports": "0",
"protocol": "icmp",
"rule_type": "ACCEPT"
},
{
"destination": "0.0.0.0/0",
"name": "All TCP",
"ports": "0",
"protocol": "tcp",
"rule_type": "ACCEPT"
},
{
"destination": "0.0.0.0/0",
"name": "All UDP",
"ports": "0",
"protocol": "udp",
"rule_type": "ACCEPT"
}
]
}
'