LinodeClient linodeClient =newLinodeClient("apikey");// Get AllList<Firewall> list =awaitlinodeClient.Firewall.Get();
Get One
Get a specific Firewall resource by its ID. The Firewall’s Devices will not be returned in the response. Instead, use the List Firewall Devices endpoint to review them.
LinodeClient linodeClient =newLinodeClient("apikey");long firewallId =109478;// Get OneFirewall firewall =awaitlinodeClient.Firewall.Get(firewallId);
Create
Creates a Firewall to filter network traffic.
Use the rules property to create inbound and outbound access rules.
Use the devices property to assign the Firewall to a service and apply its Rules to the device. Requires read_writeUser’s Grants to the device. Currently, Firewalls can only be assigned to Linode instances.
A Firewall can be assigned to multiple Linode instances at a time.
A Linode instance can have one active, assigned Firewall at a time. Additional disabled Firewalls can be assigned to a service, but they cannot be enabled if another active Firewall is already assigned to the same service.
Firewalls apply to all of a Linode’s non-vlan purpose Configuration Profile Interfaces.
Assigned Linodes must not have any ongoing live migrations.
A firewall_create Event is generated when this endpoint returns successfully.
LinodeClient linodeClient =newLinodeClient("apikey");// New firewallFirewall firewall =newFirewall();// Namefirewall.Label="super-firewall";// By default, we establish that nothing can enter, except explicitly specified in the incoming rule as "Action ACCEPT."firewall.Rules.InboundPolicy=eFirewallRulAction.DROP;// Allow port 22 tcp INFirewallRule firewallRuleIn22Tcp =newFirewallRule();firewallRuleIn22Tcp.Label="tcp-22-in-allow";firewallRuleIn22Tcp.Description="Allow al traffic int 22 tcp";firewallRuleIn22Tcp.Action=eFirewallRulAction.ACCEPT;firewallRuleIn22Tcp.Protocol=eFirewallProtocol.TCP;firewallRuleIn22Tcp.Ports="22";firewallRuleIn22Tcp.Addresses=newFirewallRuleAddresses();firewallRuleIn22Tcp.Addresses.IPv4.Add("8.8.8.8/32");firewallRuleIn22Tcp.Addresses.IPv4.Add("1.1.1.1/32");firewallRuleIn22Tcp.Addresses.IPv6.Add("2a00:1450:4009:81f::200e/128");firewallRuleIn22Tcp.Addresses.IPv6.Add("2606:4700::6810:84e5/128");// Add rule to Firewallfirewall.Rules.Inbound.Add(firewallRuleIn22Tcp);// Allow port 80 tcp INFirewallRule firewallRuleIn80Tcp =newFirewallRule();firewallRuleIn80Tcp.Label="tcp-80-in-allow";firewallRuleIn80Tcp.Description="Allow al traffic int 80 tcp";firewallRuleIn80Tcp.Action=eFirewallRulAction.ACCEPT;firewallRuleIn80Tcp.Protocol=eFirewallProtocol.TCP;firewallRuleIn80Tcp.Ports="80";firewallRuleIn80Tcp.Addresses=newFirewallRuleAddresses();firewallRuleIn80Tcp.Addresses.IPv4.Add("8.8.8.8/32");firewallRuleIn80Tcp.Addresses.IPv6.Add("2606:4700::6810:84e5/128");// Add rule to Firewallfirewall.Rules.Inbound.Add(firewallRuleIn80Tcp);// By default, we establish that all traffic can exit, except explicitly specified in the outgoing rule as "Action DROP."firewall.Rules.OutboundPolicy=eFirewallRulAction.ACCEPT;// Deny port 27017 OUTFirewallRule firewallRuleOut27017Tcp =newFirewallRule();firewallRuleOut27017Tcp.Label="tcp-27017-out-deny";firewallRuleOut27017Tcp.Description="Allow al traffic int 27017 tcp";firewallRuleOut27017Tcp.Action=eFirewallRulAction.DROP;firewallRuleOut27017Tcp.Protocol=eFirewallProtocol.TCP;firewallRuleOut27017Tcp.Ports="27017";firewallRuleOut27017Tcp.Addresses=newFirewallRuleAddresses();firewallRuleOut27017Tcp.Addresses.IPv4.Add("0.0.0.0/0");firewallRuleOut27017Tcp.Addresses.IPv6.Add("::/0");// Add rule to Firewallfirewall.Rules.Outbound.Add(firewallRuleOut27017Tcp);// Tagsfirewall.Tags=newList<string> { "22 in allow","80 in allow","27017 out deny" };// Createfirewall =awaitlinodeClient.Firewall.Create(firewall);
Update
Updates information for a Firewall.
Assigned Linodes must not have any ongoing live migrations.
If a Firewall’s status is changed with this endpoint, a corresponding firewall_enable or firewall_disable Event will be generated.
Some parts of a Firewall’s configuration cannot be manipulated by this endpoint:
A Firewall’s Devices cannot be set with this endpoint. Instead, use the Create Firewall Device and Delete Firewall Device endpoints to assign and remove this Firewall from Linode services.
A Firewall’s Rules cannot be changed with this endpoint. Instead, use the Update Firewall Rules endpoint to update your Rules.
A Firewall’s status can be set to enabled or disabled by this endpoint, but it cannot be set to deleted. Instead, use the Delete Firewall endpoint to delete a Firewall.
LinodeClient linodeClient =newLinodeClient("apikey");// Get oneFirewall firewall =awaitlinodeClient.Firewall.Get(280563);// Changefirewall.Label="newName";firewall.Status=eFirewallStatus.disabled;// Updatefirewall =awaitlinodeClient.Firewall.Update(firewall);
Delete
Delete a Firewall resource by its ID. This will remove all of the Firewall’s Rules from any Linode services that the Firewall was assigned to.
Assigned Linodes must not have any ongoing live migrations.
A firewall_delete Event is generated when this endpoint returns successfully.
LinodeClient linodeClient =newLinodeClient("apikey");// Get oneFirewall firewall =awaitlinodeClient.Firewall.Get(280384);// You can delete it by passing the object as a parameterawaitlinodeClient.Firewall.Delete(firewall);// You can also delete it by passing the ID as a parameter.awaitlinodeClient.Firewall.Delete(280384);
Updates the inbound and outbound Rules for a Firewall.
Assigned Linodes must not have any ongoing live migrations.
Note: This command replaces all of a Firewall’s inbound and outbound rulesets with the values specified in your request.
LinodeClient linodeClient =newLinodeClient("apikey");long firewallId =280563;// GetFirewallRules firewallRules =awaitlinodeClient.Firewall.GetRules(firewallId);// Allow port 80 tcp INFirewallRule firewallRuleIn80Tcp =newFirewallRule();firewallRuleIn80Tcp.Label="tcp-80-in-allow";firewallRuleIn80Tcp.Description="Allow al traffic int 80 tcp";firewallRuleIn80Tcp.Action=eFirewallRulAction.ACCEPT;firewallRuleIn80Tcp.Protocol=eFirewallProtocol.TCP;firewallRuleIn80Tcp.Ports="80";firewallRuleIn80Tcp.Addresses=newFirewallRuleAddresses();firewallRuleIn80Tcp.Addresses.IPv4.Add("8.8.8.8/32");firewallRuleIn80Tcp.Addresses.IPv6.Add("2606:4700::6810:84e5/128");// Add rule to FirewallfirewallRules.Inbound.Add(firewallRuleIn80Tcp);// Update RulefirewallRules =awaitlinodeClient.Firewall.UpdateRule(firewallId, firewallRules);
Devices List
Returns a paginated list of a Firewall’s Devices. A Firewall Device assigns a Firewall to a Linode service (referred to as the Device’s entity). Currently, only Devices with an entity of type linode are accepted.
LinodeClient linodeClient =newLinodeClient("apikey");long firewallId =280563;// GetList<FirewallDevice> list =awaitlinodeClient.Firewall.DeviceGet(firewallId);
Device View
Returns information for a Firewall Device, which assigns a Firewall to a Linode service (referred to as the Device’s entity). Currently, only Devices with an entity of type linode are accepted.
Creates a Firewall Device, which assigns a Firewall to a service (referred to as the Device’s entity) and applies the Firewall’s Rules to the device.
Currently, only Devices with an entity of type linode are accepted.
A Firewall can be assigned to multiple Linode instances at a time.
A Linode instance can have one active, assigned Firewall at a time. Additional disabled Firewalls can be assigned to a service, but they cannot be enabled if another active Firewall is already assigned to the same service.
Assigned Linodes must not have any ongoing live migrations.
A firewall_device_add Event is generated when the Firewall Device is added successfully.
Removes a Firewall Device, which removes a Firewall from the Linode service it was assigned to by the Device. This will remove all of the Firewall’s Rules from the Linode service. If any other Firewalls have been assigned to the Linode service, then those Rules will remain in effect.
Assigned Linodes must not have any ongoing live migrations.
A firewall_device_remove Event is generated when the Firewall Device is removed successfully.