All Products
Search

This Product

    Cloud Firewall:ModifyDnsFirewallPolicy

    Document Center

    Cloud Firewall:ModifyDnsFirewallPolicy

    Last Updated:Jan 14, 2026

    Modifies a DNS firewall rule.

    Operation description

    You can use this operation to modify a DNS firewall policy to accept, deny, or monitor traffic.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    No authorization for this operation. If you encounter issues with this operation, contact technical support.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    SourceIp

    string

    No

    The source IP address of the visitor.

    192.0.XX.XX
    Lang

    string

    No

    The language of the content within the request and response. Valid values:-zh: Chinese-en: English

    zh
    AclAction

    string

    No

    The action that is performed on traffic that hits the access control policy. Valid values:

    • accept: Allow

    • drop: Deny

    • log: Monitor

    log
    Description

    string

    No

    The description of the access control policy.

    test
    Destination

    string

    No

    The destination address in the access control policy.

    • If DestinationType is set to net, Destination specifies the destination CIDR block. For example: 1.2.3.4/24

    • If DestinationType is set to group, Destination specifies the name of the destination address book. For example: db_group

    • If DestinationType is set to domain, Destination specifies the destination domain name. For example: *.aliyuncs.com

    • If DestinationType is set to location, Destination specifies the destination region. For more information about the location codes, see the following description. For example: ["BJ11", "ZB"]

    db_group
    DestinationType

    string

    No

    The type of the destination address in the access control policy.

    Valid values:

    • net: destination CIDR block (CIDR address)

    • group: destination address book

    • domain: destination domain name

    net
    Source

    string

    No

    The source address in the access control policy. Valid values:

    • If SourceType is set to net, Source specifies the source CIDR block. For example: 10.2.21.**/24

    • If SourceType is set to group, Source specifies the name of the source address book. For example: db_group.

    192.0.21.**/24
    AclUuid

    string

    Yes

    The unique ID of the access control policy.

    00281255-d220-4db1-8f4f-c4df22****
    SourceType

    string

    No

    The type of the source address in the access control policy. Valid values:

    • net: source CIDR block (CIDR)

    • group: source address book

    net
    Release

    string

    No

    The status of the access control policy. By default, the policy is enabled after it is created. Valid values:

    • true: enables the access control policy.

    • false: disables the access control policy.

    true
    Priority

    string

    No

    The priority of the access control policy before the modification.

    1

    Response elements

    Element

    Type

    Description

    Example

    object

    RequestId

    string

    The ID of the request.

    9C50C2A9-4BBB-5504-8ADA-C41A79****

    Examples

    Success response

    JSON format

    {
  "RequestId": "9C50C2A9-4BBB-5504-8ADA-C41A79****"
}

    Error codes

    HTTP status code

    Error code

    Error message

    Description
    400 ErrorParametersUid The aliUid parameter is invalid. The aliUid parameter is invalid.
    400 ErrorDBSelect An error occurred while querying database. An error occurred while querying database.
    400 ErrorAclNotExist The ACL does not exist. The ACL does not exist.
    400 ErrorParameterIpVersion The IP version is invalid. The IP version is invalid.
    400 ErrorParametersSource The source is invalid. The source is invalid.
    400 ErrorParametersDestination The Destination parameter is invalid. The Destination parameter is invalid.
    400 ErrorParametersAction The action is invalid. The action is invalid.
    400 ErrorParametersNewOrder The newOrder is invalid. The newOrder is invalid.
    400 ErrorParameters Parameters error. Parameter error.
    400 ErrorAddressCountExceed The maximum number of addresses is exceeded. The maximum number of address is exceeded.
    400 ErrorDBUpdate internal error: sql updat. An error occurred while updating the database.
    400 ErrorDBInsert An error occurred while performing an insert operation in the database. An error occurred while performing an insert operation in the database.
    400 ErrorRecordLog An error occurred while updating the operation log. An error occurred while updating the operation log.
    400 ErrorMarshalJSON An error occurred while encoding JSON. An error occurred while encoding JSON.
    400 ErrorAclRuleDuplicate acl rule duplicate. The same strategy exists.

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.