Rules
A rule is a policy used to manage access control traffic on your network and devices. Each rule either blocks, allows, or time limits traffic matching a certain target and a certain device or set of devices. Rules can also have custom schedules. The targets for the rules can be applications, target lists, network flow information (IPs, domains, ports), Internet access, local networks, or activity categories (gaming, adult, video, etc.).
Get Rules MSP 2.7.0 or later
Gets all rules with given conditions.
GET https://msp_domain/v2/rules
Parameters
Header
Query String
Response
200 Success
{
"count": 1,
"results": [
{
"id": "00000000-0000-0000-0000-000000000001",
"action": "allow",
"direction": "bidirection",
"gid": "00000000-0000-0000-0000-000000000000",
"notes": "",
"status": "active",
"ts": 1730447709.791,
"target": {
"type": "domain",
"value": "firewalla.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
}
]
}
401 Permission Denied
Examples
// https://github.com/axios/axios
const axios = require("axios");
// Change these variables to what you have
const msp_domain = process.env.msp_domain || "mydomain.firewalla.net";
const token = process.env.token || "your_personal_access_token";
const gid = "00000000-0000-0000-0000-000000000000";
axios({
method: "get",
url: `https://${msp_domain}/v2/rules?query=box.id:${gid}`,
headers: {
"Authorization": `Token ${token}`
}
}).then(res => {
console.log(res.data);
})curl --request GET \
--url "https://${msp_domain}/v2/rules?query=box.id:00000000-0000-0000-0000-000000000000" \
--header "Authorization: Token ${your_personal_access_token}"Create A Rule MSP 2.10.0 or later
This API creates a new rule. Currently, only block and allow rules are supported.
POST https://msp_domain/v2/rules
Parameters
Header
Body
A Rule without id, ts, updateTs, and resumeTs. The action field must be either block or allow.
{
"action": "block",
"direction": "bidirection",
"gid": "00000000-0000-0000-0000-000000000000",
"notes": "Block example.com",
"target": {
"type": "domain",
"value": "example.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
}Response
200 Success
A JSON representation of Rule
{
"id": "00000000-0000-0000-0000-000000000001",
"action": "block",
"direction": "bidirection",
"gid": "00000000-0000-0000-0000-000000000000",
"notes": "Block example.com",
"status": "active",
"ts": 1730447709.791,
"target": {
"type": "domain",
"value": "example.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
}400 Bad Request
401 Permission Denied
Examples
// https://github.com/axios/axios
const axios = require("axios");
// Change these variables to what you have
const msp_domain = process.env.msp_domain || "mydomain.firewalla.net";
const token = process.env.token || "your_personal_access_token";
const gid = "00000000-0000-0000-0000-000000000000";
const rule = {
"action": "block",
"direction": "bidirection",
"gid": gid,
"notes": "Block example.com",
"target": {
"type": "domain",
"value": "example.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
};
axios({
method: "post",
url: `https://${msp_domain}/v2/rules`,
headers: {
"Authorization": `Token ${token}`,
"Content-Type": "application/json"
},
data: rule
}).then(res => {
console.log(res.data);
})curl --request POST \
--url "https://${msp_domain}/v2/rules" \
--header "Authorization: Token ${your_personal_access_token}" \
--header "Content-Type: application/json" \
--data '{
"action": "block",
"direction": "bidirection",
"gid": "00000000-0000-0000-0000-000000000000",
"notes": "Block example.com",
"target": {
"type": "domain",
"value": "example.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
}'Pause A Rule
This API pauses an existing rule. The Rule ID can be found by navigating to the Rules page in MSP, clicking a rule, then scrolling to the bottom of the dialog.
POST https://msp_domain/v2/rules/:id/pause
Header
Path
Response
200 Success
401 Permission Denied
404 Not Found
Examples
// https://github.com/axios/axios
const axios = require("axios");
// Change these variables to what you have
const msp_domain = process.env.msp_domain || "mydomain.firewalla.net";
const token = process.env.token || "your_personal_access_token";
const gid = "00000000-0000-0000-0000-000000000000";
const id = 1;
axios({
method: "post",
url: `https://${msp_domain}/v2/rules/${id}/pause`,
headers: {
"Authorization": `Token ${token}`
}
}).then(res => {
console.log(res.data);
})curl --request POST \
--url "https://${msp_domain}/v2/rules/${id}/pause" \
--header "Authorization: Token ${your_personal_access_token}"Resume A Rule
This API resumes an existing rule. The Rule ID can be found by navigating to the Rules page in MSP, clicking a rule, then scrolling to the bottom of the dialog.
POST https://msp_domain/v2/rules/:id/resume
Header
Path
Response
200 Success
401 Permission Denied
404 Not Found
Examples
// https://github.com/axios/axios
const axios = require("axios");
// Change these variables to what you have
const msp_domain = process.env.msp_domain || "mydomain.firewalla.net";
const token = process.env.token || "your_personal_access_token";
const gid = "00000000-0000-0000-0000-000000000000";
const id = 1;
axios({
method: "post",
url: `https://${msp_domain}/v2/rules/${id}/resume`,
headers: {
"Authorization": `Token ${token}`
}
}).then(res => {
console.log(res.data);
})curl --request POST \
--url "https://${msp_domain}/v2/rules/${id}/resume" \
--header "Authorization: Token ${your_personal_access_token}"