Orchestration v2 Attributes for SecApplication

The following sample JSON shows the key attributes of the SecApplication object type. A description of each of the required and optional attributes of this object type is provided in the table that follows the JSON sample.

 {
          "name": "/Compute-acme/joe/wlsadmin_ssl",
          "dport": 7002,
          "protocol": "tcp"
 }
Parameter Required or Optional Description

name

required

The three-part name of the object (/Compute-identity_domain/user/object).

Object names can contain only alphanumeric characters, hyphens, underscores, and periods. Object names are case-sensitive.

When you specify the object name, ensure that an object of the same type and with the same name doesn’t already exist. If such an object already exists, another object of the same type and with the same name won’t be created and the existing object won’t be updated.

protocol

required

The protocol to use.

The value that you specify can be either a text representation of a protocol or any unsigned 8-bit assigned protocol number in the range 0–254. See Assigned Internet Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml).

For example, you can specify either tcp or the number 6.

The following text representations are allowed: tcp, udp, icmp, igmp, ipip, rdp, esp, ah, gre, icmpv6, ospf, pim, sctp, mplsip, all.

To specify all protocols, set this to all.

dport

optional

The TCP or UDP destination port number.

You can also specify a port range, such as 5900-5999 for TCP.

If you specify tcp or udp as the protocol, then the dport parameter is required; otherwise, it is optional.

This parameter isn’t used by the ICMP protocol or the GRE protocol.

Note: This request fails if the range-end is lower than the range-start. For example, if you specify the port range as 5000–4000.

icmptype

optional

The ICMP type.

This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

  • echo
  • reply
  • ttl
  • traceroute
  • unreachable

If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

icmpcode

optional

The ICMP code.

This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

  • network
  • host
  • protocol
  • port
  • df
  • admin

If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

description

optional

A description of the security application.