Jump to

• Request
• Response

Add a new config element: SD.access-control

post

https://cloud-native-SBC-IP/config/v1/sd/access-control

Add a new config element: SD.access-control

Request

There are no request parameters for this operation.

Supported Media Types

• application/json

Request Body - application/json ()

Root Schema : schema

Type: object

configure a static or dynamic access control list

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• access: string
  Allowed Values: [ "deny", "permit" ]
• application-protocol(required): string
  Allowed Values: [ "SIP", "H323", "MGCP", "DIAMETER", "NONE" ]
• average-rate-limit: integer (int64)
  Minimum Value: 0

  Maximum Value: 100

  average data rate based on % of maximum signaling
• deny-period: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  blocked period in seconds for dynamic denied entries. e.g. 30
• description: string
  access control description
• destination-address: object FlowAddress
  destination ip address
• invalid-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  acceptable invalid signaling msgs rate within tolerance window. e.g. 30
• max-endpoints-per-nat: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  allowed maximum number of endpoints behind a NAT device
• maximum-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  allowed maximum number of signaling msgs within tolerance window. e.g. 1000
• minimum-reserved-bandwidth: integer (int64)
  Minimum Value: 0

  Maximum Value: 100

  minimum reserved bandwidth based on % of maximum signaling. Only valid when trust-level is high
• nat-invalid-message-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  acceptable number of invalid messages from behind a NAT
• nat-trust-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  number of endpoints behind a NAT that have to be denied. e.g. 30
• realm-id(required): string
  Minimum Length: 1

  Pattern: ^[A-Za-z0-9_][A-Za-z0-9._\-]{0,127}$

  name of realm for access control
• source-address: object FlowAddress
  destination ip address
• transport-protocol(required): string
  Allowed Values: [ "UDP", "TCP", "SCTP", "ALL" ]
• trust-level: string
  Allowed Values: [ "none", "low", "medium", "high" ]
• untrusted-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  allowed maximum number of signaling msgs within tolerance window, untrusted. e.g. 1000

{
    "required":[
        "realm-id",
        "application-protocol",
        "transport-protocol"
    ],
    "properties":{
        "realm-id":{
            "description":"name of realm for access control",
            "minLength":1,
            "pattern":"^[A-Za-z0-9_][A-Za-z0-9._\\-]{0,127}$",
            "type":"string"
        },
        "description":{
            "description":"access control description",
            "type":"string"
        },
        "source-address":{
            "$ref":"#/components/schemas/FlowAddress"
        },
        "destination-address":{
            "$ref":"#/components/schemas/FlowAddress"
        },
        "application-protocol":{
            "$ref":"#/components/schemas/AccessControlAppProtoConstraintEnum"
        },
        "transport-protocol":{
            "$ref":"#/components/schemas/AccessControlTransProtoConstraintEnum"
        },
        "access":{
            "$ref":"#/components/schemas/AccessControlTypeEnum"
        },
        "average-rate-limit":{
            "description":"average data rate based on % of maximum signaling",
            "format":"int64",
            "maximum":100,
            "minimum":0,
            "type":"integer"
        },
        "trust-level":{
            "$ref":"#/components/schemas/AccessControlTrustLevelEnum"
        },
        "minimum-reserved-bandwidth":{
            "description":"minimum reserved bandwidth based on % of maximum signaling. Only valid when trust-level is high",
            "format":"int64",
            "maximum":100,
            "minimum":0,
            "type":"integer"
        },
        "invalid-signal-threshold":{
            "description":"acceptable invalid signaling msgs rate within tolerance window. e.g. 30",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "maximum-signal-threshold":{
            "description":"allowed maximum number of signaling msgs within tolerance window. e.g. 1000",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "untrusted-signal-threshold":{
            "description":"allowed maximum number of signaling msgs within tolerance window, untrusted. e.g. 1000",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "deny-period":{
            "description":"blocked period in seconds for dynamic denied entries. e.g. 30",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "nat-trust-threshold":{
            "description":"number of endpoints behind a NAT that have to be denied. e.g. 30",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "max-endpoints-per-nat":{
            "description":"allowed maximum number of endpoints behind a NAT device",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "nat-invalid-message-threshold":{
            "description":"acceptable number of invalid messages from behind a NAT",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "description":"configure a static or dynamic access control list",
    "type":"object"
}

Nested Schema : FlowAddress

Type: object

destination ip address

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• ip-address(required): string
  Minimum Length: 1
• ip-port: integer (int32)
  Minimum Value: 0

  Maximum Value: 65535

  Enter a number in the range 0..65535. This will be an optional port number for both IPv4 and IPv6 addresses, (range: 0-65535 for both IPv4 and IPv6), e.g. 5000
• num-bits: integer (int64)
  Minimum Value: 0

  Maximum Value: 128

  Enter a number in the range 0..128. This will be an optional CIDR prefix for an IPv4 or IPv6 address (range: 0-32 for an IPv4 address) (range: 0-128 for an IPv6 address), e.g. 16(for IPv4) and 64(for IPv6)
• num-port-bits: integer (int64)
  Minimum Value: 0

  Maximum Value: 16

  Enter a number in the range 0..16. This will be an optional CIDR prefix for the port, (range: 0-16 for both IPv4 and IPv6), e.g. 14

{
    "required":[
        "ip-address"
    ],
    "properties":{
        "ip-address":{
            "minLength":1,
            "type":"string"
        },
        "num-bits":{
            "description":"Enter a number in the range 0..128. This will be an optional CIDR prefix for an IPv4 or IPv6 address (range: 0-32 for an IPv4 address) (range: 0-128 for an IPv6 address), e.g. 16(for IPv4) and 64(for IPv6)",
            "format":"int64",
            "maximum":128,
            "minimum":0,
            "type":"integer"
        },
        "num-port-bits":{
            "description":"Enter a number in the range 0..16. This will be an optional CIDR prefix for the port, (range: 0-16 for both IPv4 and IPv6), e.g. 14",
            "format":"int64",
            "maximum":16,
            "minimum":0,
            "type":"integer"
        },
        "ip-port":{
            "description":"Enter a number in the range 0..65535. This will be an optional port number for both IPv4 and IPv6 addresses, (range: 0-65535 for both IPv4 and IPv6), e.g. 5000",
            "format":"int32",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "description":"destination ip address",
    "type":"object"
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

return one config element: AccessControl

Body ()

Root Schema : schema

Type: object

configure a static or dynamic access control list

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• access: string
  Allowed Values: [ "deny", "permit" ]
• application-protocol(required): string
  Allowed Values: [ "SIP", "H323", "MGCP", "DIAMETER", "NONE" ]
• average-rate-limit: integer (int64)
  Minimum Value: 0

  Maximum Value: 100

  average data rate based on % of maximum signaling
• deny-period: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  blocked period in seconds for dynamic denied entries. e.g. 30
• description: string
  access control description
• destination-address: object FlowAddress
  destination ip address
• invalid-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  acceptable invalid signaling msgs rate within tolerance window. e.g. 30
• max-endpoints-per-nat: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  allowed maximum number of endpoints behind a NAT device
• maximum-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  allowed maximum number of signaling msgs within tolerance window. e.g. 1000
• minimum-reserved-bandwidth: integer (int64)
  Minimum Value: 0

  Maximum Value: 100

  minimum reserved bandwidth based on % of maximum signaling. Only valid when trust-level is high
• nat-invalid-message-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  acceptable number of invalid messages from behind a NAT
• nat-trust-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 65535

  number of endpoints behind a NAT that have to be denied. e.g. 30
• realm-id(required): string
  Minimum Length: 1

  Pattern: ^[A-Za-z0-9_][A-Za-z0-9._\-]{0,127}$

  name of realm for access control
• source-address: object FlowAddress
  destination ip address
• transport-protocol(required): string
  Allowed Values: [ "UDP", "TCP", "SCTP", "ALL" ]
• trust-level: string
  Allowed Values: [ "none", "low", "medium", "high" ]
• untrusted-signal-threshold: integer (int64)
  Minimum Value: 0

  Maximum Value: 4294967295

  allowed maximum number of signaling msgs within tolerance window, untrusted. e.g. 1000

{
    "required":[
        "realm-id",
        "application-protocol",
        "transport-protocol"
    ],
    "properties":{
        "realm-id":{
            "description":"name of realm for access control",
            "minLength":1,
            "pattern":"^[A-Za-z0-9_][A-Za-z0-9._\\-]{0,127}$",
            "type":"string"
        },
        "description":{
            "description":"access control description",
            "type":"string"
        },
        "source-address":{
            "$ref":"#/components/schemas/FlowAddress"
        },
        "destination-address":{
            "$ref":"#/components/schemas/FlowAddress"
        },
        "application-protocol":{
            "$ref":"#/components/schemas/AccessControlAppProtoConstraintEnum"
        },
        "transport-protocol":{
            "$ref":"#/components/schemas/AccessControlTransProtoConstraintEnum"
        },
        "access":{
            "$ref":"#/components/schemas/AccessControlTypeEnum"
        },
        "average-rate-limit":{
            "description":"average data rate based on % of maximum signaling",
            "format":"int64",
            "maximum":100,
            "minimum":0,
            "type":"integer"
        },
        "trust-level":{
            "$ref":"#/components/schemas/AccessControlTrustLevelEnum"
        },
        "minimum-reserved-bandwidth":{
            "description":"minimum reserved bandwidth based on % of maximum signaling. Only valid when trust-level is high",
            "format":"int64",
            "maximum":100,
            "minimum":0,
            "type":"integer"
        },
        "invalid-signal-threshold":{
            "description":"acceptable invalid signaling msgs rate within tolerance window. e.g. 30",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "maximum-signal-threshold":{
            "description":"allowed maximum number of signaling msgs within tolerance window. e.g. 1000",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "untrusted-signal-threshold":{
            "description":"allowed maximum number of signaling msgs within tolerance window, untrusted. e.g. 1000",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "deny-period":{
            "description":"blocked period in seconds for dynamic denied entries. e.g. 30",
            "format":"int64",
            "maximum":"4294967295",
            "minimum":0,
            "type":"integer"
        },
        "nat-trust-threshold":{
            "description":"number of endpoints behind a NAT that have to be denied. e.g. 30",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "max-endpoints-per-nat":{
            "description":"allowed maximum number of endpoints behind a NAT device",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "nat-invalid-message-threshold":{
            "description":"acceptable number of invalid messages from behind a NAT",
            "format":"int64",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "description":"configure a static or dynamic access control list",
    "type":"object"
}

Nested Schema : FlowAddress

Type: object

destination ip address

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• ip-address(required): string
  Minimum Length: 1
• ip-port: integer (int32)
  Minimum Value: 0

  Maximum Value: 65535

  Enter a number in the range 0..65535. This will be an optional port number for both IPv4 and IPv6 addresses, (range: 0-65535 for both IPv4 and IPv6), e.g. 5000
• num-bits: integer (int64)
  Minimum Value: 0

  Maximum Value: 128

  Enter a number in the range 0..128. This will be an optional CIDR prefix for an IPv4 or IPv6 address (range: 0-32 for an IPv4 address) (range: 0-128 for an IPv6 address), e.g. 16(for IPv4) and 64(for IPv6)
• num-port-bits: integer (int64)
  Minimum Value: 0

  Maximum Value: 16

  Enter a number in the range 0..16. This will be an optional CIDR prefix for the port, (range: 0-16 for both IPv4 and IPv6), e.g. 14

{
    "required":[
        "ip-address"
    ],
    "properties":{
        "ip-address":{
            "minLength":1,
            "type":"string"
        },
        "num-bits":{
            "description":"Enter a number in the range 0..128. This will be an optional CIDR prefix for an IPv4 or IPv6 address (range: 0-32 for an IPv4 address) (range: 0-128 for an IPv6 address), e.g. 16(for IPv4) and 64(for IPv6)",
            "format":"int64",
            "maximum":128,
            "minimum":0,
            "type":"integer"
        },
        "num-port-bits":{
            "description":"Enter a number in the range 0..16. This will be an optional CIDR prefix for the port, (range: 0-16 for both IPv4 and IPv6), e.g. 14",
            "format":"int64",
            "maximum":16,
            "minimum":0,
            "type":"integer"
        },
        "ip-port":{
            "description":"Enter a number in the range 0..65535. This will be an optional port number for both IPv4 and IPv6 addresses, (range: 0-65535 for both IPv4 and IPv6), e.g. 5000",
            "format":"int32",
            "maximum":65535,
            "minimum":0,
            "type":"integer"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "description":"destination ip address",
    "type":"object"
}

404 Response

Not Found

Body ()

Root Schema : ApiValidationError

Type: object

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• code: string
• errors: array errors
• message: string
• timestamp: string

{
    "properties":{
        "timestamp":{
            "type":"string"
        },
        "code":{
            "type":"string"
        },
        "message":{
            "type":"string"
        },
        "errors":{
            "items":{
                "$ref":"#/components/schemas/Errors"
            },
            "type":"array"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "type":"object"
}

Nested Schema : errors

Type: array

Show Source

• Array of: object Errors

{
    "items":{
        "$ref":"#/components/schemas/Errors"
    },
    "type":"array"
}

Nested Schema : Errors

Type: object

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• attribute: string
• code: string
• message: string
• type: string
  Allowed Values: [ "error", "fatal", "warn" ]

{
    "properties":{
        "attribute":{
            "type":"string"
        },
        "type":{
            "$ref":"#/components/schemas/TypeEnum"
        },
        "message":{
            "type":"string"
        },
        "code":{
            "type":"string"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "type":"object"
}

406 Response

Validation Failure

Body ()

Root Schema : ApiValidationError

Type: object

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• code: string
• errors: array errors
• message: string
• timestamp: string

{
    "properties":{
        "timestamp":{
            "type":"string"
        },
        "code":{
            "type":"string"
        },
        "message":{
            "type":"string"
        },
        "errors":{
            "items":{
                "$ref":"#/components/schemas/Errors"
            },
            "type":"array"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "type":"object"
}

Nested Schema : errors

Type: array

Show Source

• Array of: object Errors

{
    "items":{
        "$ref":"#/components/schemas/Errors"
    },
    "type":"array"
}

Nested Schema : Errors

Type: object

Show Source

• _elementKey: string
  Read Only: true

  Identifier for the element or sub-element
• attribute: string
• code: string
• message: string
• type: string
  Allowed Values: [ "error", "fatal", "warn" ]

{
    "properties":{
        "attribute":{
            "type":"string"
        },
        "type":{
            "$ref":"#/components/schemas/TypeEnum"
        },
        "message":{
            "type":"string"
        },
        "code":{
            "type":"string"
        },
        "_elementKey":{
            "description":"Identifier for the element or sub-element",
            "readOnly":true,
            "type":"string"
        }
    },
    "type":"object"
}

Back to Top