Queries an access control list (ACL).
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | No | DescribeACLAttribute |
The operation that you want to perform. Set the value to DescribeACLAttribute. |
| AclId | String | Yes | acl-ohlexqptfhy****** |
The ID of the ACL. |
| RegionId | String | Yes | cn-hangzhou |
The ID of the region where the ACL is deployed. |
| PageSize | Integer | No | 10 |
The number of entries to return on each page. Valid values: 1 to 50. Default value: 10. |
| PageNumber | Integer | No | 1 |
The number of the page to return. Default value: 1. |
| Direction | String | No | out |
The direction in which the ACL rule is applied. Valid values:
|
| Order | String | No | 1255444444 |
The ID of the order. |
| Name | String | No | doctest |
The name of the ACL. The name must be 2 to 100 characters in length, and can contain digits, periods (.), underscores (_), and hyphens (-). It must start with a letter. |
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| Acrs | Array of Acr |
The information about the ACL rules that belong to the ACL. |
|
| Acr | |||
| AclId | String | acl-7louazbja80bmgxxxx |
The ID of the ACL. |
| AcrId | String | acr-gxzxj5w9qqdf1cxxxx |
The ID of the ACL rule. |
| Description | String | Description |
The description of the ACL rule. The description must be 1 to 512 characters in length. |
| DestCidr | String | 0.0.0.0/0 |
The range of the destination IP addresses. Set this parameter in CIDR notation. Example: 192.168.10.0/24. |
| DestPortRange | String | 10000/20000 |
The range of the destination ports. Valid values: -1 and 1 to 65535. Set the destination port range in one of the following formats: 1/200 or 80/80. A value of -1/-1 indicates that all ports are available. |
| Direction | String | out |
The direction in which the ACL rule is applied. Valid values:
|
| DpiGroupIds | List | 20 |
The IDs of application groups that match the current ACL rule. You can call the ListDpiGroups operation to query application group IDs and information. |
| DpiSignatureIds | List | 1 |
The IDs of applications that match the current ACL rule. You can call the ListDpiSignatures operation to query application IDs and information. |
| GmtCreate | Long | 1580821597000 |
The timestamp when the ACL rule was created. The timestamp is in Long format. If ACL rules have the same priority, the one with the smallest timestamp prevails. |
| IpProtocol | String | UDP |
The protocol that is applied to the ACL rule. The supported protocols provided in this topic are for reference only. The actual protocols in the SAG console shall prevail. The value is not case-sensitive. |
| Name | String | doctest |
The name of the ACL. The name must be 2 to 100 characters in length, and can contain digits, periods (.), underscores (_), and hyphens (-). It must start with a letter. |
| Policy | String | drop |
The action policy of the ACL rule. Valid values:
|
| Priority | Integer | 70 |
The priority of the ACL rule. Valid values: 1 to 100. |
| SourceCidr | String | 0.0.0.0/0 |
The range of the source IP addresses. Set this parameter in CIDR notation. Example: 192.168.1.0/24. |
| SourcePortRange | String | 30000/40000 |
The range of the source ports. Valid values: -1 and 1 to 65535. Set the destination port range in one of the following formats: 1/200 or 80/80. A value of -1/-1 indicates that all ports are available. |
| Type | String | WAN |
The type of the ACL rule:
|
| PageNumber | Integer | 1 |
The page number of the returned page. |
| PageSize | Integer | 10 |
The number of entries returned per page. |
| RequestId | String | 8F62CE77-FBA2-4F8D-AED9-0A02814EDA69 |
The ID of the request. |
| TotalCount | Integer | 3 |
The total number of entries returned. |
Examples
Sample requests
http(s)://[Endpoint]/? Action=DescribeACLAttribute
&AclId=acl-ohlexqptfhy******
&RegionId=cn-hangzhou
&<Common request parameters>Sample success responses
XML fomat
<DescribeACLAttribute>
<PageNumber>1</PageNumber>
<Acrs>
<Acr>
<IpProtocol>TCP</IpProtocol>
<SourceCidr>10.XX.XX.0/24</SourceCidr>
<SourcePortRange>1/65535</SourcePortRange>
<AclId>acl-7louazbja80bmg****</AclId>
<AcrId>acr-yjf99p2ffhw6cv****</AcrId>
<Type>WAN</Type>
<Policy>drop</Policy>
<DestPortRange>15000/15000</DestPortRange>
<DestCidr>39.XX.XX.0/24</DestCidr>
<GmtCreate>1580821598000</GmtCreate>
<Direction>out</Direction>
<Priority>49</Priority>
</Acr>
<Acr>
<IpProtocol>TCP</IpProtocol>
<SourceCidr>11.XX.XX.0/8</SourceCidr>
<SourcePortRange>1/65535</SourcePortRange>
<AclId>acl-7louazbja80bmg****</AclId>
<AcrId>acr-8jety1pnvarday****</AcrId>
<Type>WAN</Type>
<Policy>accept</Policy>
<DestPortRange>1/65535</DestPortRange>
<DestCidr>12.XX.XX.0/8</DestCidr>
<GmtCreate>1580821597000</GmtCreate>
<Direction>out</Direction>
<Priority>50</Priority>
</Acr>
<Acr>
<IpProtocol>UDP</IpProtocol>
<SourceCidr>0.0.0.0/0</SourceCidr>
<SourcePortRange>30000/40000</SourcePortRange>
<AclId>acl-7louazbja80bmg****</AclId>
<AcrId>acr-gxzxj5w9qqdf1c****</AcrId>
<Type>WAN</Type>
<Policy>drop</Policy>
<DestPortRange>10000/20000</DestPortRange>
<DestCidr>12.XX.XX.0/8</DestCidr>
<GmtCreate>1580821597000</GmtCreate>
<Direction>out</Direction>
<Priority>70</Priority>
</Acr>
</Acrs>
<TotalCount>3</TotalCount>
<PageSize>10</PageSize>
<RequestId>8F62CE77-FBA2-4F8D-AED9-0A02814EDA69</RequestId>
</DescribeACLAttribute>JSON format
{
"PageNumber": 1,
"Acrs": {
"Acr": [
{
"IpProtocol": "TCP",
"SourceCidr": "10.XX.XX.0/24",
"SourcePortRange": "1/65535",
"AclId": "acl-7louazbja80bmg****",
"AcrId": "acr-yjf99p2ffhw6cv****",
"Type": "WAN",
"Policy": "drop",
"DestPortRange": "15000/15000",
"DestCidr": "39.XX.XX.0/24",
"GmtCreate": 1580821598000,
"Direction": "out",
"Priority": 49
},
{
"IpProtocol": "TCP",
"SourceCidr": "11.XX.XX.0/8",
"SourcePortRange": "1/65535",
"AclId": "acl-7louazbja80bmg****",
"AcrId": "acr-8jety1pnvarday****",
"Type": "WAN",
"Policy": "accept",
"DestPortRange": "1/65535",
"DestCidr": "12.XX.XX.0/8",
"GmtCreate": 1580821597000,
"Direction": "out",
"Priority": 50
},
{
"IpProtocol": "UDP",
"SourceCidr": "0.0.0.0/0",
"SourcePortRange": "30000/40000",
"AclId": "acl-7louazbja80bmg****",
"AcrId": "acr-gxzxj5w9qqdf1c****",
"Type": "WAN",
"Policy": "drop",
"DestPortRange": "10000/20000",
"DestCidr": "12.XX.XX.0/8",
"GmtCreate": 1580821597000,
"Direction": "out",
"Priority": 70
}
]
},
"TotalCount": 3,
"PageSize": 10,
"RequestId": "8F62CE77-FBA2-4F8D-AED9-0A02814EDA69"
}Error codes
| HttpCode | Error code | Error message | Description |
|---|---|---|---|
| 403 | Forbidden | User not authorized to operate on the specified resource. | The error message returned because you do not have the permissions to manage the specified resource. |
| 403 | MissingParameter | The input parameter is missing, please check your input. | The error message returned because one or more required parameters are not set. Check whether you have set all required parameters. |
| 403 | InvalidParameter | The specified parameter is invalid. | The error message returned because a parameter is set to an invalid value. |
| 403 | InvalidId.ACL | The specified ACL ID is invalid. | The error message returned because the specified ACL ID is invalid. |
| 403 | InternalError | An internal server error occurred. | The error message returned because an internal server error occurred. |
For a list of error codes, visit the API Error Center.