Citrix ADC 12.1 NITRO API Reference

nssimpleacl

Configuration for simple ACL resource.

Properties

(click to see Operations)

Name Data Type Permissions Description
aclname Read-write Name for the simple ACL rule. Must begin with an ASCII alphabetic or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the simple ACL rule is created.
Minimum length = 1
aclaction Read-write Drop incoming IPv4 packets that match the simple ACL rule.
Possible values = DENY
td Read-write Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
Minimum value = 0
Maximum value = 4094
srcip Read-write IP address to match against the source IP address of an incoming IPv4 packet.
destport Read-write Port number to match against the destination port number of an incoming IPv4 packet.

DestPort is mandatory while setting Protocol. Omitting the port number and protocol creates an all-ports and all protocols simple ACL rule, which matches any port and any protocol. In that case, you cannot create another simple ACL rule specifying a specific port and the same source IPv4 address.
Minimum value = 1
Maximum value = 65535
protocol Read-write Protocol to match against the protocol of an incoming IPv4 packet. You must set this parameter if you have set the Destination Port parameter.
Possible values = TCP, UDP
ttl Read-write Number of seconds, in multiples of four, after which the simple ACL rule expires. If you do not want the simple ACL rule to expire, do not specify a TTL value.
Minimum value = 4
Maximum value = 2147483647
estsessions Read-write .
hits Read-only Number of hits for this ACL rule.
__count Read-only count parameter

Operations

(click to see Properties)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

*Note:*

Mandatory parameters are marked in redand placeholder content is marked in <green>.

add

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"nssimpleacl":{ <b>"aclname":<String_value>, </b><b>"aclaction":<String_value>, </b>"td":<Double_value>, <b>"srcip":<String_value>, </b>"destport":<Integer_value>, "protocol":<String_value>, "ttl":<Double_value> }}

Response:

HTTP Status Code on Success: 201 Created HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

clear

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?action=clear

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"nssimpleacl":{ }}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

delete

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl/aclname_value<String>

HTTP Method:DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

flush

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?action=flush

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"nssimpleacl":{ <b>"estsessions":<Boolean_value> </b>}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

filter

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?filter=property-name1:property-val1,property-name2:property-val2

Use this query-parameter to get the filtered set of nssimpleacl resources configured on Citrix ADC. Filtering can be done on any of the properties of the resource.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

pagination

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?pagesize=#no;pageno=#no

Use this query-parameter to get the nssimpleacl resources in chunks.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "nssimpleacl": [ { "aclname":<String_value>, "aclaction":<String_value>, "td":<Double_value>, "srcip":<String_value>, "destport":<Integer_value>, "protocol":<String_value>, "ttl":<Double_value>, "hits":<Double_value> }]}

get

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl/aclname_value<String>

Query-parameters:

attrs

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl/aclname_value<String>?attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

view

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl/aclname_value<String>?view=summary

Note:By default, the retrieved results are displayed in detail view (?view=detail).

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "nssimpleacl": [ { "aclname":<String_value>, "aclaction":<String_value>, "td":<Double_value>, "srcip":<String_value>, "destport":<Integer_value>, "protocol":<String_value>, "ttl":<Double_value>, "hits":<Double_value> }]}

count

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/nssimpleacl?count=yes

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "nssimpleacl": [ { "__count": "#no"} ] }
nssimpleacl