Host Config
Configuration of known server ports that are applicable to a specific subset of IP addresses within a root scope
Add server port configuration
This API can be used to provide hints to Secure Workload algorithms about known server ports for a given root scope. You can provide a list of known TCP/UDP server ports for a set of IP addresses belonging to a root scope to aid Secure Workload algorithms with figuring out client server direction correct in flows.
POST /openapi/v1/adm/{root_scope_id}/server_ports
Parameters: The request URL contains the following parameters
|
Name |
Type |
Description |
|---|---|---|
|
root_scope_id |
string |
Unique identifier for the root scope. |
Additionally, a text file provided as input to this API contains the endpoint server port configuration in the following format:
Endpoint server port configuration
|
Attribute |
Type |
Description |
|---|---|---|
|
ip_address |
string |
IP Address (can be ipv4 or ipv6 address). Subnets are not allowed. |
|
tcp_server_ports |
List of int |
List of known TCP server ports corresponding to the ip_address. |
|
udp_server_ports |
List of int |
List of known UDP server ports corresponding to the ip_address. |
Bulk server port configuration
|
Attribute |
Type |
Description |
|---|---|---|
|
host_config |
List of Endpoint server port configuration objects. |
List of IP addresses with associated known server ports. |
Sample python code
# contents of below file:
# {"host_config": [
# {"ip_address": "1.1.1.1",
# "tcp_server_ports": [100, 101, 102],
# "udp_server_ports": [103]
# },
# {"ip_address": "1.1.1.2",
# "tcp_server_ports": [200, 201, 202]
# }
# ]
# }
file_path = '/<path_to_file>/server_ports.txt'
root_scope_id = '<root-scope-id>'
restclient.upload(file_path,
'/adm/%s/server_ports' % root_scope_id,
timeout=200) # seconds
|
Above API overwrites the full state of known server port configuration in the backend. If you need to modify anything, they need re-upload the full configuration after modifications. |
Get server port configuration
This API returns list of known uploaded server ports for endpoints in a root scope.
GET /openapi/v1/adm/{root_scope_id}/server_ports
Parameters: The request URL contains the following parameters
|
Name |
Type |
Description |
|---|---|---|
|
root_scope_id |
string |
Unique identifier for the root scope. |
Response object: A list of ref:ServerPortConfig objects.
Sample python code
root_scope_id = '<root-scope-id>'
restclient.get('/adm/%s/server_ports' % root_scope_id)
Delete server port configuration
This API deletes server port configuration for specified root scope.
DELETE /openapi/v1/adm/{root_scope_id}/server_ports
Parameters: The request URL contains the following parameters
|
Name |
Type |
Description |
|---|---|---|
|
root_scope_id |
string |
Unique identifier for the root scope. |
Response object: None.
Sample python code
root_scope_id = '<root-scope-id>'
restclient.delete('/adm/%s/server_ports' % root_scope_id)