vRealize Blog

The following script enables the addition of a firewall rule to a vShield Edge Device

objVclGateway.updateInternalState();

var objVclFirewallRuleProtocols;
	objVclFirewallRuleProtocols = new VclFirewallRuleProtocols();
	objVclFirewallRuleProtocols["any"] = anyArg; // Boolean
	objVclFirewallRuleProtocols["tcp"] = tcpArg; // Boolean
	objVclFirewallRuleProtocols["udp"] = udpArg; // Boolean
	objVclFirewallRuleProtocols["icmp"] = icmpArg; // Boolean
	objVclFirewallRuleProtocols["other"] = otherArg; // String

var objVclFirewallRule;
	objVclFirewallRule = new VclFirewallRule();
	objVclFirewallRule["isEnabled"] = true;
	objVclFirewallRule["enableLogging"] = false;
	objVclFirewallRule["port"] = portArg; // Integer
	objVclFirewallRule["policy"] = policyArg; // String
	objVclFirewallRule["description"] = descriptionArg; // String
	objVclFirewallRule["protocols"] = objVclFirewallRuleProtocols; // VclFirewallRuleProtocols
	objVclFirewallRule["icmpSubType"] = icmpSubTypeArg; // String
	objVclFirewallRule["destinationPortRange"] = destinationPortRangeArg; // String
	objVclFirewallRule["destinationIp"] = destinationIpArg; // String
	objVclFirewallRule["destinationVm"] = destinationVmArg; // VclVmSelection
	objVclFirewallRule["sourcePort"] = sourcePortArg; // Integer
	objVclFirewallRule["sourcePortRange"] = sourcePortRangeArg; // String
	objVclFirewallRule["sourceIp"] = sourceIpArg; // String
	objVclFirewallRule["sourceVm"] = sourceVmArg; // VclVmSelection
	objVclFirewallRule["direction"] = directionArg; // String
	objVclFirewallRule["matchOnTranslate"] = matchOnTranslateArg; // Boolean

var objVclGatewayConfiguration;
	objVclGatewayConfiguration = objVclGateway.configuration;

var objVclGatewayFeatures;
	objVclGatewayFeatures = objVclGatewayConfiguration.edgeGatewayServiceConfiguration;

var objVclAbstractObjectSet;
	objVclAbstractObjectSet = objVclGatewayFeatures.networkService;

var arrVclFirewallService;
	arrVclFirewallService = objVclAbstractObjectSet.find(new VclFirewallService());

var objVclFirewallService;
	objVclFirewallService = arrVclFirewallService[0];
	objVclFirewallService.firewallRule.add(objVclFirewallRule);

var objVclTask;
	objVclTask = objVclGateway.update();

objCustomActions.waitVclTask(objVclTask);