Networking

Firewall View

get
https://api.linode.com/v4/networking/firewalls/{firewallId}

Get a specific Firewall resource by its ID. The Firewall's Devices will not be returned in the response. Instead, use the List Firewall Devices endpoint to review them.

Path Parameters

firewallId
Required
integer

ID of the Firewall to access.

Request Samples

curl -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    https://api.linode.com/v4/networking/firewalls/123

Response Samples

{
  "status": "enabled",
  "created": "2018-01-01T00:01:01",
  "updated": "2018-01-02T00:01:01",
  "id": 1234,
  "label": "firewall123",
  "tags": [],
  "rules": {
    "inbound": "",
    "outbound": "",
    "inbound_policy": "DROP",
    "outbound_policy": "DROP"
  }
}

Responses

200: Returns information about this Firewall.

status
string
Enum: "enabled""disabled""deleted"

The status of this Firewall.

  • When a Firewall is first created its status is enabled.
  • Use the Update Firewall endpoint to set a Firewall's status to enabled or disabled.
  • Use the Delete Firewall endpoint to delete a Firewall.
created
Filterable
string <date-time>

When this Firewall was created.

updated
Filterable
string <date-time>

When this Firewall was last updated.

id
Filterable
integer

The Firewall's unique ID.

label
Filterable
string [3 .. 32] characters ^[a-zA-Z]((?!--|__|..)[a-zA-Z0-9-_.])+$

The Firewall's label, for display purposes only.

Firewall labels have the following constraints:

  • Must begin and end with an alphanumeric character.
  • May only consist of alphanumeric characters, dashes (-), underscores (_) or periods (.).
  • Cannot have two dashes (--), underscores (__) or periods (..) in a row.
  • Must be between 3 and 32 characters.
  • Must be unique.
tags
Filterable
array of objects

An array of tags applied to this object. Tags are for organizational purposes only.

rules
object

The inbound and outbound access rules to apply to the Firewall.

A Firewall may have up to 25 rules across its inbound and outbound rulesets.

Multiple rules are applied in order. If two rules conflict, the first rule takes precedence. For example, if the first rule accepts inbound traffic from an address, and the second rule drops inbound traffic the same address, the first rule applies and inbound traffic from that address is accepted.

inbound
array

The inbound rules for the firewall, as a JSON array.

outbound
array

The outbound rules for the firewall, as a JSON array.

inbound_policy
string
Enum: "ACCEPT""DROP"

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule.

outbound_policy
string
Enum: "ACCEPT""DROP"

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property of the Firewall Rule.

default: Error

errors
array of objects
reason
string

What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.

field
string

The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.

Firewall Update

put
https://api.linode.com/v4/networking/firewalls/{firewallId}

Updates information for a Firewall. Some parts of a Firewall's configuration cannot be manipulated by this endpoint:

  • A Firewall's Devices cannot be set with this endpoint. Instead, use the Create Firewall Device and Delete Firewall Device endpoints to assign and remove this Firewall from Linode services.

  • A Firewall's Rules cannot be changed with this endpoint. Instead, use the Update Firewall Rules endpoint to update your Rules.

  • A Firewall's status can be set to enabled or disabled by this endpoint, but it cannot be set to deleted. Instead, use the Delete Firewall endpoint to delete a Firewall.

If a Firewall's status is changed with this endpoint, a corresponding firewall_enable or firewall_disable Event will be generated.

Path Parameters

firewallId
Required
integer

ID of the Firewall to access.

Request Body Schema

label
Filterable
string [3 .. 32] characters ^[a-zA-Z]((?!--|__|..)[a-zA-Z0-9-_.])+$

The Firewall's label, for display purposes only.

Firewall labels have the following constraints:

  • Must begin and end with an alphanumeric character.
  • May only consist of alphanumeric characters, dashes (-), underscores (_) or periods (.).
  • Cannot have two dashes (--), underscores (__) or periods (..) in a row.
  • Must be between 3 and 32 characters.
  • Must be unique.
status
string
Enum: "enabled""disabled"

The status to be applied to this Firewall.

  • When a Firewall is first created its status is enabled.
  • Use the Delete Firewall endpoint to delete a Firewall.
tags
Filterable
array

An array of tags applied to this object. Tags are for organizational purposes only.

Request Samples

curl -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -X PUT -d '{
      "status": "disabled"
    }' \
    https://api.linode.com/v4/networking/firewalls/123

Response Samples

{
  "id": 1234,
  "label": "firewall123",
  "status": "enabled",
  "created": "2018-01-01T00:01:01",
  "updated": "2018-01-02T00:01:01",
  "tags": [],
  "rules": {
    "inbound": "",
    "outbound": "",
    "inbound_policy": "DROP",
    "outbound_policy": "DROP"
  }
}

Responses

200: Firewall updated successfully.

label
Filterable
string [3 .. 32] characters ^[a-zA-Z]((?!--|__|..)[a-zA-Z0-9-_.])+$

The Firewall's label, for display purposes only.

Firewall labels have the following constraints:

  • Must begin and end with an alphanumeric character.
  • May only consist of alphanumeric characters, dashes (-), underscores (_) or periods (.).
  • Cannot have two dashes (--), underscores (__) or periods (..) in a row.
  • Must be between 3 and 32 characters.
  • Must be unique.
status
string
Enum: "enabled""disabled"

The status to be applied to this Firewall.

  • When a Firewall is first created its status is enabled.
  • Use the Delete Firewall endpoint to delete a Firewall.
tags
Filterable
array of objects

An array of tags applied to this object. Tags are for organizational purposes only.

default: Error

errors
array of objects
reason
string

What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.

field
string

The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.

Firewall Delete

delete
https://api.linode.com/v4/networking/firewalls/{firewallId}

Delete a Firewall resource by its ID. This will remove all of the Firewall's Rules from any Linode services that the Firewall was assigned to.

A firewall_delete Event is generated when this endpoint returns successfully.

Path Parameters

firewallId
Required
integer

ID of the Firewall to access.

Request Samples

curl -H "Content-Type: application/json" \
    -H "Authorization: Bearer $TOKEN" \
    -X DELETE \
    https://api.linode.com/v4/networking/firewalls/123

Response Samples

{}

Responses

200: Delete Successful.

default: Error

errors
array of objects
reason
string

What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.

field
string

The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.