Queries an access control list (ACL).
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | DescribeACLAttribute | The operation that you want to perform. Set the value to DescribeACLAttribute. |
RegionId | String | No | cn-hangzhou | The ID of the region where the ACL is deployed. |
AclId | String | No | acl-ohlexqptfhyaq**** | The ID of the ACL. |
PageSize | Integer | No | 10 | The number of entries to return on each page. Valid values: 1 to 50. Default value: 10. |
PageNumber | Integer | No | 1 | The number of the page to return. Default value: 1. |
Direction | String | No | out | The direction of traffic in which the ACL rule is applied. Valid values:
|
Order | String | No | 1255444444 | The ID of the order. |
Name | String | No | doctest | The name of the ACL. The name must be 2 to 100 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter.
Note This parameter supports fuzzy match.
|
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
TotalCount | Integer | 3 | The total number of entries returned. |
PageSize | Integer | 10 | The number of entries to return on each page. |
RequestId | String | 8F62CE77-FBA2-4F8D-AED9-0A02814EDA69 | The ID of the request. |
PageNumber | Integer | 1 | The page number of the returned page. |
Acrs | Array of Acr | The information about the ACL rules in the ACL. |
|
Acr | |||
Direction | String | out | The direction of traffic in which the ACL rule is applied.
|
Type | String | WAN | The type of the ACL rule:
|
DpiSignatureIds | Array of String | 1 | The IDs of the applications that match the current ACL rule. You can call the ListDpiSignatures operation to query application IDs and information about the applications. |
IpProtocol | String | UDP | The protocol used by the ACL rule. The supported protocols provided in this topic are for reference only. The actual protocols in the SAG console shall prevail. The value of the parameter is not case-sensitive. |
Priority | Integer | 70 | The priority of the ACL rule. Valid values: 1 to 100. |
AclId | String | acl-7louazbja80bmg**** | The ID of ACL. |
Policy | String | drop | The action of the ACL rule. Valid values:
|
Description | String | ACLRule | The description of the ACL rule. The description must be 1 to 512 characters in length. By default, this parameter is not returned. You can call the ModifyACLRule operation to add a description for the ACL rule. Then, this parameter is included in the response. |
GmtCreate | Long | 1580821597000 | The timestamp when the ACL rule was created. The timestamp is of the Long data type. If multiple ACL rules have the same priority, the rule with the earliest timestamp takes effect. |
DestCidr | String | 0.0.0.0/0 | The destination CIDR block. The value of this parameter is specified in CIDR notation. Example: 192.168.10.0/24. |
DestPortRange | String | 10000/20000 | The destination port range. Valid values: 1 to 65535 and -1. The destination port range is in one of the following formats: 1/200 or 80/80. A value of -1/-1 indicates all ports. |
Name | String | doctest | The name of the ACL. The name must be 2 to 100 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter. |
AcrId | String | acr-gxzxj5w9qqdf1c**** | The ID of the ACL rule. |
SourceCidr | String | 0.0.0.0/0 | The source CIDR block. The value of this parameter in is specified in CIDR notation. Example: 192.168.1.0/24. |
SourcePortRange | String | 30000/40000 | The source port range. Valid values: 1 to 65535 and -1. The source port range is in one of the following formats: 1/200 or 80/80. A value of -1/-1 indicates all ports. |
DpiGroupIds | Array of String | 20 | The IDs of the application groups that match the current ACL rule. You can call the ListDpiGroups operation to query application group IDs and information about the applications. |
AclType | String | acl-hardware | The number of SAG instances associated with the ACL. Valid values:
|
Examples
Sample requests
http(s)://[Endpoint]/?Action=DescribeACLAttribute
&RegionId=cn-hangzhou
&AclId=acl-ohlexqptfhyaq****
&PageSize=10
&PageNumber=1
&Direction=out
&Order=1255444444
&Name=doctest
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribeACLAttributeResponse>
<TotalCount>3</TotalCount>
<PageSize>10</PageSize>
<RequestId>8F62CE77-FBA2-4F8D-AED9-0A02814EDA69</RequestId>
<PageNumber>1</PageNumber>
<Acrs>
<Direction>out</Direction>
<Type>WAN</Type>
<DpiSignatureIds>1</DpiSignatureIds>
<IpProtocol>UDP</IpProtocol>
<Priority>70</Priority>
<AclId>acl-7louazbja80bmg****</AclId>
<Policy>drop</Policy>
<Description>ACLRule</Description>
<GmtCreate>1580821597000</GmtCreate>
<DestCidr>0.0.0.0/0</DestCidr>
<DestPortRange>10000/20000</DestPortRange>
<Name>doctest</Name>
<AcrId>acr-gxzxj5w9qqdf1c****</AcrId>
<SourceCidr>0.0.0.0/0</SourceCidr>
<SourcePortRange>30000/40000</SourcePortRange>
<DpiGroupIds>20</DpiGroupIds>
<AclType>acl-hardware</AclType>
</Acrs>
</DescribeACLAttributeResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"TotalCount" : 3,
"PageSize" : 10,
"RequestId" : "8F62CE77-FBA2-4F8D-AED9-0A02814EDA69",
"PageNumber" : 1,
"Acrs" : [ {
"Direction" : "out",
"Type" : "WAN",
"DpiSignatureIds" : [ "1" ],
"IpProtocol" : "UDP",
"Priority" : 70,
"AclId" : "acl-7louazbja80bmg****",
"Policy" : "drop",
"Description" : "ACLRule",
"GmtCreate" : 1580821597000,
"DestCidr" : "0.0.0.0/0",
"DestPortRange" : "10000/20000",
"Name" : "doctest",
"AcrId" : "acr-gxzxj5w9qqdf1c****",
"SourceCidr" : "0.0.0.0/0",
"SourcePortRange" : "30000/40000",
"DpiGroupIds" : [ "20" ],
"AclType" : "acl-hardware"
} ]
}
Error codes
HttpCode | Error code | Error message | Description |
---|---|---|---|
403 | Forbidden | User not authorized to operate on the specified resource. | The error message returned because you do not have the permissions to manage the specified resource. |
403 | MissingParameter | The input parameter is missing, please check your input. | The error message returned because one or more required parameters are empty. Check whether you have configured all required parameters. |
403 | InvalidParameter | The specified parameter is invalid. | The error message returned because a parameter is set to an invalid value. |
403 | InvalidId.ACL | The specified ACL ID is invalid. | The error message returned because the specified ACL ID is invalid. |
403 | InternalError | An internal server error occurred. | The error message returned because an internal server error occurred. |
For a list of error codes, see Service error codes.