diff --git a/docs/cfw/api-ref/ALL_META.TXT.json b/docs/cfw/api-ref/ALL_META.TXT.json index c934959a..c52232a3 100644 --- a/docs/cfw/api-ref/ALL_META.TXT.json +++ b/docs/cfw/api-ref/ALL_META.TXT.json @@ -35,9 +35,9 @@ "metedata":[ { "documenttype":"api", - "prodname":"cfw", "IsBot":"Yes", - "opensource":"true" + "opensource":"true", + "prodname":"cfw" } ], "title":"API", @@ -146,7 +146,7 @@ "node_id":"listeastwestfirewall.xml", "product_code":"cfw", "code":"8", - "des":"This API is used to obtain east-west firewall information.GET /v1/{project_id}/firewall/east-westStatus code: 200Status code: 500Obtain the east-west firewall information", + "des":"This API is used to obtain east-west firewall information.GET /v1/{project_id}/firewall/east-westStatus code: 200Status code: 500Get EastWest Firewall ResponseStatus code", "doc_type":"api", "kw":"Obtaining East-West Firewall Information,Firewall Management,API Reference", "search_title":"", @@ -1497,9 +1497,9 @@ "metedata":[ { "documenttype":"api", - "prodname":"cfw", "IsBot":"Yes", - "opensource":"true" + "opensource":"true", + "prodname":"cfw" } ], "title":"Appendix", @@ -1517,9 +1517,9 @@ "metedata":[ { "documenttype":"api", - "prodname":"cfw", "IsBot":"Yes", - "opensource":"true" + "opensource":"true", + "prodname":"cfw" } ], "title":"Status Code", diff --git a/docs/cfw/api-ref/AddAclRule.html b/docs/cfw/api-ref/AddAclRule.html index 5189a60f..cbb11f3c 100644 --- a/docs/cfw/api-ref/AddAclRule.html +++ b/docs/cfw/api-ref/AddAclRule.html @@ -1,849 +1,909 @@

Creating an ACL Rule

-

Function

This API is used to create an ACL rule.

+

Function

This API is used to create an ACL rule.

-

URI

POST /v1/{project_id}/acl-rule

+

URI

POST /v1/{project_id}/acl-rule

-
Table 1 Path Parameters

Parameter

+
- - - - - - -
Table 1 Path Parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

project_id

+

project_id

Yes

+

Yes

String

+

String

Project ID

+

Project ID
-
Table 2 Query Parameters

Parameter

+
- - - - - - - - - - -
Table 2 Query Parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

enterprise_project_id

+

enterprise_project_id

No

+

No

String

+

String

Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+

Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

fw_instance_id

+

fw_instance_id

No

+

No

String

+

String

Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+

Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.
-

Request Parameters

-
Table 3 Request header parameters

Parameter

+

Request Parameters

+
- - - - - - -
Table 3 Request header parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

X-Auth-Token

+

X-Auth-Token

Yes

+

Yes

String

+

String

User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+

User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
-
Table 4 Request body parameters

Parameter

+
- - - - - - - - - - - - - - -
Table 4 Request body parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

object_id

+

object_id

Yes

+

Yes

String

+

String

Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+

Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

type

+

type

Yes

+

Yes

Integer

+

Integer

Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

-

Enumeration values:

-

  • 0

    -

  • 1

    -

  • 2

    -
+

Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

+

Enumeration values:

+
  • 0
  • 1
  • 2

rules

+

rules

Yes

+

Yes

Array of rules objects

+

Array of rules objects

rules

+

rules
-
Table 5 rules

Parameter

+
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + +
Table 5 rules

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

name

+

name

Yes

+

Yes

String

+

String

Rule name

+

Rule name

sequence

+

sequence

Yes

+

Yes

OrderRuleAclDto object

+

OrderRuleAclDto object

Rule sequence

+

Rule sequence

address_type

+

address_type

Yes

+

Yes

Integer

+

Integer

Address type. The value can be 0 (IPv4), 1 (IPv6), or 2 (domain).

-

Enumeration values:

-

  • 0

    -

  • 1

    -

  • 2

    -
+

Address type. The value can be 0 (IPv4), 1 (IPv6), or 2 (domain).

+

Enumeration values:

+
  • 0
  • 1
  • 2

action_type

+

action_type

Yes

+

Yes

Integer

+

Integer

Action. 0: allow; 1: deny

+

Action. 0: allow; 1: deny

status

+

status

Yes

+

Yes

Integer

+

Integer

Rule delivery status. 0: disabled; 1: enabled.

-

Enumeration values:

-

  • 0

    -

  • 1

    -
+

Rule delivery status. 0: disabled; 1: enabled.

+

Enumeration values:

+
  • 0
  • 1

long_connect_time

+

applications

No

+

No

Long

+

Array of strings

Persistent connection duration

+

applications

long_connect_time_hour

+

applicationsJsonString

No

+

No

Long

+

String

Persistent connection duration (hour)

+

applications json string

long_connect_time_minute

+

long_connect_time

No

+

No

Long

+

Long

Persistent connection duration (minute)

+

Persistent connection duration

long_connect_time_second

+

long_connect_time_hour

No

+

No

Long

+

Long

Persistent Connection Duration (second)

+

Persistent connection duration (hour)

long_connect_enable

+

long_connect_time_minute

Yes

+

No

Integer

+

Long

Whether to support persistent connections. 0: not supported; 1: supported.

-

Enumeration values:

-

  • 0

    -

  • 1

    -
+

Persistent connection duration (minute)

description

+

long_connect_time_second

No

+

No

String

+

Long

Description

+

Persistent Connection Duration (second)

direction

+

long_connect_enable

No

+

Yes

Integer

+

Integer

Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

-

Enumeration values:

-

  • 0

    -

  • 1

    -
+

Whether to support persistent connections. 0: not supported; 1: supported.

+

Enumeration values:

+
  • 0
  • 1

source

+

description

Yes

+

No

RuleAddressDto object

+

String

Source address transmission object

+

Description

destination

+

direction

Yes

+

No

RuleAddressDto object

+

Integer

Destination address transmission object

+

Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

+

Enumeration values:

+
  • 0
  • 1

service

+

source

Yes

+

Yes

RuleServiceDto object

+

RuleAddressDtoForRequest object

Service object

+

Source address transmission object

tag

+

destination

No

+

Yes

TagsVO object

+

RuleAddressDtoForRequest object

Tag value

+

Destination address transmission object

+

service

+

Yes

+

RuleServiceDto object

+

Service object

+

tag

+

No

+

TagsVO object

+

Tag value
-
Table 6 OrderRuleAclDto

Parameter

+
- - - - - - - - - - - + + + + +
Table 6 OrderRuleAclDto

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

dest_rule_id

+

dest_rule_id

No

+

No

String

+

String

ID of the rule that the added rule will follow. This parameter cannot be left blank if the rule is not pinned on top, and is empty when the added rule is pinned on top.

+

ID of the rule that the added rule will follow. This parameter cannot be left blank if the rule is not pinned on top, and is empty when the added rule is pinned on top.

top

+

top

No

+

No

Integer

+

Integer

Whether to pin on top. The options are as follows: 0: no; 1: yes.

+

Whether to pin on top. The options are as follows: 0: no; 1: yes.

+

bottom

+

No

+

Integer

+

Whether to pin on bottom. The options are as follows: 0: no; 1: yes.
-
Table 7 RuleAddressDto

Parameter

+
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Table 7 RuleAddressDtoForRequest

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

type

+

type

Yes

+

Yes

Integer

+

Integer

Source type. 0: manual input; 1: associated IP address group; 2: domain name

+

Source type. 0: manual input; 1: associated IP address group; 2: domain name; 3: region; 4: domain set 5: multi object, 6: domain set dns, 7: domain url profile

address_type

+

address_type

No

+

No

Integer

+

Integer

Source type. 0: IPv4; 1: IPv6

+

Source type. 0: IPv4; 1: IPv6

address

+

address

No

+

No

String

+

String

Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

+

Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

address_set_id

+

address_set_id

No

+

No

String

+

String

ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

+

ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

address_set_name

+

address_set_name

No

+

No

String

+

String

IP address group name

+

IP address group name

domain_address_name

+

domain_address_name

No

+

No

String

+

String

Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

+

Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

region_list_json

+

region_list_json

No

+

No

String

+

String

JSON value of the rule region list.

+

JSON value of the rule region list.

region_list

+

region_list

No

+

No

Array of IpRegionDto objects

+

Array of IpRegionDto objects

Region list of a rule

+

Region list of a rule

domain_set_id

+

domain_set_id

No

+

No

String

+

String

domain set id

+

domain set id

domain_set_name

+

domain_set_name

No

+

No

String

+

String

domain set name

+

domain set name

ip_address

+

ip_address

No

+

No

Array of strings

+

Array of strings

IP address list

+

IP address list

address_group

+

address_set_type

No

+

No

Array of strings

+

Integer

address group

+

Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

address_group_names

+

predefined_group

No

+

No

Array of AddressGroupVO objects

+

Array of strings

Address set list

+

predefined group
-
Table 8 IpRegionDto

Parameter

+
- - - - - - - - - - - - - - - - - - -
Table 8 IpRegionDto

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

region_id

+

region_id

No

+

No

String

+

String

region id

+

region id

description_cn

+

description_cn

No

+

No

String

+

String

cn description

+

cn description

description_en

+

description_en

No

+

No

String

+

String

en description

+

en description

region_type

+

region_type

No

+

No

Integer

+

Integer

Region type, 0 means country, 1 means province, 2 means continent

+

Region type, 0 means country, 1 means province, 2 means continent
-
Table 9 RuleServiceDto

Parameter

+
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + +
Table 9 RuleServiceDto

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

type

+

type

Yes

+

Yes

Integer

+

Integer

Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

+

Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

protocol

+

protocol

No

+

No

Integer

+

Integer

Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+

Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

source_port

+

protocols

No

+

No

String

+

Array of integers

Source port

+

Protocols

dest_port

+

source_port

No

+

No

String

+

String

Destination port

+

Source port

service_set_id

+

dest_port

No

+

No

String

+

String

Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

+

Destination port

service_set_name

+

service_set_id

No

+

No

String

+

String

Service group name

+

Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

custom_service

+

service_set_name

No

+

No

Array of ServiceItem objects

+

String

custom service

+

Service group name

service_group

+

custom_service

No

+

No

Array of strings

+

Array of ServiceItem objects

Service group list

+

custom service

service_group_names

+

predefined_group

No

+

No

Array of AddressGroupVO objects

+

Array of strings

Service group name list

+

predefined group

+

service_group

+

No

+

Array of strings

+

Service group list

+

service_group_names

+

No

+

Array of ServiceGroupVO objects

+

Service group name list

+

service_set_type

+

No

+

Integer

+

Service set type, 0 indicates a custom service set, 1 indicates a predefined service set, 2 indicates commonly used remote login and PING, 3 indicates commonly used databases
-
Table 10 ServiceItem

Parameter

+
- - - - - - - - - - - - - - - - - - - - - - -
Table 10 ServiceItem

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

protocol

+

protocol

No

+

No

Integer

+

Integer

Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+

Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

source_port

+

source_port

No

+

No

String

+

String

source port

+

source port

dest_port

+

dest_port

No

+

No

String

+

String

destination port

+

destination port

description

+

description

No

+

No

String

+

String

description

+

description

name

+

name

No

+

No

String

+

String

name

+

name
-
Table 11 AddressGroupVO

Parameter

+
- - - - - - - - - - - + + + + + + + + + +
Table 11 ServiceGroupVO

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

set_id

+

name

No

+

No

String

+

String

set id

+

service group name

name

+

protocols

No

+

No

String

+

Array of integers

name

+

protocols

+

service_set_type

+

No

+

Integer

+

Query service set type, 0 means custom define service set, 1 means predefine service set.

+

set_id

+

No

+

String

+

service set id
-
Table 12 TagsVO

Parameter

+
- - - - - - - - - - - - - - -
Table 12 TagsVO

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

tag_id

+

tag_id

No

+

No

String

+

String

tag id

+

tag id

tag_key

+

tag_key

No

+

No

String

+

String

tag key

+

tag key

tag_value

+

tag_value

No

+

No

String

+

String

tag value

+

tag value
-

Response Parameters

Status code: 200

+

Response Parameters

Status code: 200

-
Table 13 Response body parameters

Parameter

+
- - - - -
Table 13 Response body parameters

Parameter

Type

+

Type

Description

+

Description

data

+

data

RuleIdList object

+

RuleIdList object

Rule ID list

+

Rule ID list
-
Table 14 RuleIdList

Parameter

+
- - - - -
Table 14 RuleIdList

Parameter

Type

+

Type

Description

+

Description

rules

+

rules

Array of RuleId objects

+

Array of RuleId objects

Rule ID list

+

Rule ID list
-
Table 15 RuleId

Parameter

+
- - - - - - - -
Table 15 RuleId

Parameter

Type

+

Type

Description

+

Description

id

+

id

String

+

String

id

+

id

name

+

name

String

+

String

name

+

name
-

Status code: 400

+

Status code: 400

-
Table 16 Response body parameters

Parameter

+
- - - - - - - -
Table 16 Response body parameters

Parameter

Type

+

Type

Description

+

Description

error_code

+

error_code

String

+

String

Error code

-

Minimum: 8

-

Maximum: 36

+

Error code

+

Minimum: 8

+

Maximum: 36

error_msg

+

error_msg

String

+

String

Description

-

Minimum: 2

-

Maximum: 512

+

Description

+

Minimum: 2

+

Maximum: 512
-

Example Requests

The following example shows how to add an IPv4 inbound rule. The rule name is TestRule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rule
+
Example Requests
The following example shows how to add an IPv4 inbound rule. The rule name is TestRule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rule
 
 {
   "object_id" : "ae42418e-f077-41a0-9d3b-5b2f5ad9102b",
@@ -881,64 +941,64 @@
   "type" : 0
 }

 

-
Example Responses
Status code: 200

-
Response to the request for adding an ACL

-
{
+
Example Responses
Status code: 200

+
Response to the request for adding an ACL

+
{
   "data" : {
     "rules" : [ {
       "id" : "0475c516-0e41-4caf-990b-0c504eebd73f"
     } ]
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00900016",
   "error_msg" : "The import task is in progress. Please operate after the task is completed"
 }

 

-
Status Codes

-

-
diff --git a/docs/cfw/api-ref/AddServiceItems.html b/docs/cfw/api-ref/AddServiceItems.html
index 4fc04706..77a210ff 100644
--- a/docs/cfw/api-ref/AddServiceItems.html
+++ b/docs/cfw/api-ref/AddServiceItems.html
@@ -126,16 +126,7 @@
 
-
-
-
-
-
-
diff --git a/docs/cfw/api-ref/CLASS.TXT.json b/docs/cfw/api-ref/CLASS.TXT.json
index cb4fdb32..ceadb5e3 100644
--- a/docs/cfw/api-ref/CLASS.TXT.json
+++ b/docs/cfw/api-ref/CLASS.TXT.json
@@ -63,7 +63,7 @@
 		"code":"7"
 	},
 	{
-		"desc":"This API is used to obtain east-west firewall information.GET /v1/{project_id}/firewall/east-westStatus code: 200Status code: 500Obtain the east-west firewall information",
+		"desc":"This API is used to obtain east-west firewall information.GET /v1/{project_id}/firewall/east-westStatus code: 200Status code: 500Get EastWest Firewall ResponseStatus code",
 		"product_code":"cfw",
 		"title":"Obtaining East-West Firewall Information",
 		"uri":"ListEastWestFirewall.html",
diff --git a/docs/cfw/api-ref/CreateEastWestFirewall.html b/docs/cfw/api-ref/CreateEastWestFirewall.html
index cc5af112..92f58267 100644
--- a/docs/cfw/api-ref/CreateEastWestFirewall.html
+++ b/docs/cfw/api-ref/CreateEastWestFirewall.html
@@ -137,7 +137,7 @@
 
-
@@ -146,7 +146,7 @@
 
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Response to the request for adding an ACL

+
Response to the request for adding an ACL

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/AddDomainSet.html b/docs/cfw/api-ref/AddDomainSet.html
index a983896b..a08b8413 100644
--- a/docs/cfw/api-ref/AddDomainSet.html
+++ b/docs/cfw/api-ref/AddDomainSet.html
@@ -145,7 +145,7 @@
 
 
Integer

 
Domain set type, 0 means URL filtering, 1 means domain parse

+
Domain name group type. 0 means Application type and 1 means Network type.

 		
 

 
 
 
item_id

-
No

-
String

-
Service member ID

-
protocol

+
protocol

 		
 
Yes

 		
 
data

 
IdObject object

+
CreateEWFirewallResp object

 		
 
create east west firewall response

 

 

 
-

-
diff --git a/docs/cfw/api-ref/ListAclRules.html b/docs/cfw/api-ref/ListAclRules.html
index bce3a6e2..31772bf9 100644
--- a/docs/cfw/api-ref/ListAclRules.html
+++ b/docs/cfw/api-ref/ListAclRules.html
@@ -1,864 +1,878 @@
 
Querying a Protection Rule

-
Function
This API is used to query a protection rule.

+
Function
This API is used to query a protection rule.

 

-
URI
GET /v1/{project_id}/acl-rules

+
URI
GET /v1/{project_id}/acl-rules

 
-
Table 6 IdObject
Parameter

+

@@ -158,14 +158,73 @@
 
-
-
-
-
+
+
+
+
+
+
+
Table 6 CreateEWFirewallResp
Parameter

 		
 
Type

 		
 
String

 
ID

+
Id

 		
 
name

+
er

 
String

+
ER object

 
name

+
ER data

+
inspertion_vpc

+
CreateEWFirewallInspectVpcResp object

+
inspection vpc

+

+

+
+

+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 7 ER
Parameter

+
Type

+
Description

+
er_id

+
String

+
ER ID

+
er_attach_id

+
String

+
ER attach ID

+

+

+
+

+
+
+
+
+
+
+
+
+
+
+
@@ -185,7 +244,15 @@
 
Create East West Firewall Response Body
{
   "data" : {
-    "id" : "b6d4a7d5-388e-4594-b696-fb4bba1d2b9e"
+    "id" : "acc86ca7-818b-4c3d-8a9a-3915a2b21651",
+    "er" : {
+      "er_id" : "f0f5275a-40aa-4d1e-ac78-2550f7818d43",
+      "er_attach_id" : "bd62ddd3-5e20-482b-aefa-9e2940e2b1a9"
+    },
+    "inspertion_vpc" : {
+      "vpc_id" : "00672633-0466-4c35-99ef-5e3f5c813a4b",
+      "subnet_ids" : [ "294682a0-1e85-45f5-92c8-e52bee09c204", "a86277bb-35d5-4442-bc0b-2e9d4e6a9080", "95829240-14e0-47e6-b9e7-2ac228e7b00f" ]
+    }
   }
 }

diff --git a/docs/cfw/api-ref/CreateFirewall.html b/docs/cfw/api-ref/CreateFirewall.html
index 139d3841..2147d1d3 100644
--- a/docs/cfw/api-ref/CreateFirewall.html
+++ b/docs/cfw/api-ref/CreateFirewall.html
@@ -41,7 +41,7 @@
 
-
@@ -551,7 +551,28 @@
 
Example Responses
Status code: 200

 
Create Firewall Response

 
{
-  "data" : "6ed72853-34cb-4b97-9b87-cfc47087c96e"
+  "data" : {
+    "charge_info" : {
+      "charge_mode" : "prePaid",
+      "is_auto_pay" : true,
+      "is_auto_renew" : true,
+      "period_num" : 1,
+      "period_type" : "month"
+    },
+    "enterprise_project_id" : "0",
+    "flavor" : {
+      "extend_bandwidth" : 5000,
+      "extend_eip_count" : 2000,
+      "extend_vpc_count" : 100,
+      "version" : "Standard"
+    },
+    "name" : "CFW-TEST",
+    "tags" : [ {
+      "key" : "TagKey",
+      "value" : "TagVal"
+    } ]
+  },
+  "order_id" : "CS2403271050ZEM0L"
 }

 
Status code: 400

 
Bad Request

diff --git a/docs/cfw/api-ref/DeleteFirewall.html b/docs/cfw/api-ref/DeleteFirewall.html
index 735c9761..0a258743 100644
--- a/docs/cfw/api-ref/DeleteFirewall.html
+++ b/docs/cfw/api-ref/DeleteFirewall.html
@@ -50,7 +50,7 @@
 
 

-
diff --git a/docs/cfw/api-ref/ListAccessControlLogs.html b/docs/cfw/api-ref/ListAccessControlLogs.html
index 124c648c..a634a895 100644
--- a/docs/cfw/api-ref/ListAccessControlLogs.html
+++ b/docs/cfw/api-ref/ListAccessControlLogs.html
@@ -116,7 +116,7 @@
 
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
@@ -416,6 +470,62 @@
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 8 CreateEWFirewallInspectVpcResp
Parameter

+
Type

+
Description

+
vpc_id

+
String

+
vpc id

+
subnet_ids

+
Array of strings

+
subnet ids

 		
 

 
 
 
 
X-Auth-Token

 
No

+
Yes

 		
 
String

 
X-Auth-Token

 
No

+
Yes

 		
 
String

 		
 
String

 
Protocol

+
Protocol types, including TCP, UDP, ICMP, ICMPV6, etc.

 		
 

 
app

@@ -134,7 +134,7 @@
 		
 
String

 
Document ID. The value is null for the first page and not null for the rest of the pages.

+
Document ID, the first page is empty, the other pages are not empty, and the other pages can take the log_id of the last query record.

 		
 

 
next_date

@@ -143,7 +143,7 @@
 		
 
Integer

 
Date. The value is null for the first page and not null for the rest of the pages.

+
The next date is empty when it is the first page, not empty when it is not the first page, and the other pages can take the start_time of the last query record.

 		
 

 
offset

@@ -152,7 +152,7 @@
 		
 
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The first page is empty, and the non-first page is not empty.

 		
 

 
limit

@@ -211,7 +211,61 @@
 		
 
String

 
Action. 0: allow; 1: deny

+
Action. including allow and deny

+
src_region_name

+
No

+
String

+
source region name

+
dst_region_name

+
No

+
String

+
destination region name

+
src_province_name

+
No

+
String

+
source province name

+
dst_province_name

+
No

+
String

+
dst province name

+
src_city_name

+
No

+
String

+
source city name

+
dst_city_name

+
No

+
String

+
dst city name

 		
 

 
destination host

 		
 
src_province_id

+
String

+
source province id

+
src_province_name

+
String

+
source province name

+
src_city_id

+
String

+
source city id

+
src_city_name

+
String

+
source city name

+
dst_province_id

+
String

+
dst province id

+
dst_province_name

+
String

+
dst province name

+
dst_city_id

+
String

+
dst city id

+
dst_city_name

+
String

+
dst city name

+

 
 

 

@@ -470,7 +580,15 @@
       "rule_id" : "c755be1c-4b92-4ae7-a15e-c2d02b152538",
       "rule_name" : "eip_ipv4_w_n_default_deny",
       "src_ip" : "100.95.148.49",
-      "src_port" : 24954
+      "src_port" : 24954,
+      "src_province_id" : "source province id",
+      "src_province_name" : "source province name",
+      "src_city_id" : "source city id",
+      "src_city_name" : "source city name",
+      "dst_province_id" : "dst province id",
+      "dst_province_name" : "dst province name",
+      "dst_city_id" : "dst city id",
+      "dst_city_name" : "dst city name"
     } ],
     "total" : 1
   }
diff --git a/docs/cfw/api-ref/ListAclRuleHitCount.html b/docs/cfw/api-ref/ListAclRuleHitCount.html
index 175b4d5a..fc7a8a96 100644
--- a/docs/cfw/api-ref/ListAclRuleHitCount.html
+++ b/docs/cfw/api-ref/ListAclRuleHitCount.html
@@ -73,7 +73,7 @@
 

 
X-Auth-Token

 
No

+
Yes

 		
 
String

 		
 
 
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
object_id

+
object_id

 
Yes

+
Yes

 
String

+
String

 
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

 		
 
type

+
type

 
No

+
No

 
Integer

+
Integer

 
Specifies the rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-
  • 2
    
-

+
Specifies the rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

+
Enumeration values:

+
  • 0
  • 1
  • 2

 		
 
protocol

+
ip

 
No

+
No

 
Integer

+
String

 
Protocol type. The value is 6 for TCP, 17 for UDP, 1 for ICMP, 58 for ICMPv6, and -1 for any protocol.

-
Enumeration values:

-
  • 6
    
-
  • 17
    
-
  • 1
    
-
  • 58
    
-

+
IP address

 		
 
ip

+
name

 
No

+
No

 
String

+
String

 
IP address

+
Name

 		
 
name

+
direction

 
No

+
No

 
String

+
Integer

 
Name

+
Direction. 0: inbound; 1: outbound

 		
 
direction

+
status

 
No

+
No

 
Integer

+
Integer

 
Direction. 0: inbound; 1: outbound

+
Indicates the rule delivery status. 0: disabled; 1: enabled.

+
Enumeration values:

+
  • 0
  • 1

 		
 
status

+
action_type

 
No

+
No

 
Integer

+
Integer

 
Indicates the rule delivery status. 0: disabled; 1: enabled.

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Action. 0: allow; 1: deny

+
Enumeration values:

+
  • 0
  • 1

 		
 
action_type

+
address_type

 
No

+
No

 
Integer

+
Integer

 
Action. 0: allow; 1: deny

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Address type. The value can be 0 (IPv4).

+
Enumeration values:

+
  • 0
  • 1
  • 2

 		
 
address_type

+
limit

 
No

+
Yes

 
Integer

+
Integer

 
Address type. The value can be 0 (IPv4), 1 (IPv6), or 2 (domain).

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-
  • 2
    
-

+
Number of records displayed on each page, in the range 1-1024

 		
 
limit

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
offset

+
enterprise_project_id

 
Yes

+
No

 
Integer

+
String

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
enterprise_project_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

 		
 
fw_instance_id

+
tags_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
tags id

 		
 
tags_id

+
source

 
No

+
No

 
String

+
String

 
tags id

+
source address

 		
 
source

+
destination

 
No

+
No

 
String

+
String

 
source address

+
destination address

 		
 
destination

+
service

 
No

+
No

 
String

+
String

 
destination address

+
service port

 		
 
service

+
application

 
No

+
No

 
String

+
String

 
service port

+
application

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
data object

+
data object

 
data

+
data

 		
 

 
 

 

 
-
Table 5 data
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 data
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
total

+
total

 
Integer

+
Integer

 
Total number of queried records

+
Total number of queried records

 		
 
object_id

+
object_id

 
String

+
String

 
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

 		
 
records

+
records

 
Array of records objects

+
Array of records objects

 
records

+
records

 		
 

 
 

 

 
-
Table 6 records
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 records
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
rule_id

+
rule_id

 
String

+
String

 
Rule ID

+
Rule ID

 		
 
address_type

+
address_type

 
Integer

+
Integer

 
Address type. The value can be 0 (IPv4) or 1 (IPv6).

+
Address type. The value can be 0 (IPv4) or 1 (IPv6).

 		
 
name

+
name

 
String

+
String

 
Rule name

+
Rule name

 		
 
sequence

+
direction

 
OrderRuleAclDto object

+
Integer

 
UpdateRuleAclDto

+
Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

+
Enumeration values:

+
  • 0
  • 1end_time

 		
 
direction

+
action_type

 
Integer

+
Integer

 
Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

-
Enumeration values:

-
  • 0
    
-
  • 1end_time
    
-

+
Action. 0: allow; 1: deny

 		
 
action_type

+
status

 
Integer

+
Integer

 
Action. 0: allow; 1: deny

+
Rule delivery status. 0: disabled; 1: enabled.

 		
 
status

+
description

 
Integer

+
String

 
Rule delivery status. 0: disabled; 1: enabled.

+
Description

 		
 
description

+
long_connect_time

 
String

+
Long

 
Description

+
Persistent connection duration

 		
 
long_connect_time_hour

+
long_connect_enable

 
Long

+
Integer

 
Persistent connection duration (hour)

+
Persistent connection support

 		
 
long_connect_time_minute

+
long_connect_time_hour

 
Long

+
Long

 
Persistent connection duration (hour)

+
Persistent connection duration (hour)

 		
 
long_connect_time_second

+
long_connect_time_minute

 
Long

+
Long

 
Persistent connection duration (hour)

+
Persistent connection duration (hour)

 		
 
long_connect_time

+
long_connect_time_second

 
Long

+
Long

 
Persistent connection duration

+
Persistent connection duration (hour)

 		
 
long_connect_enable

+
source

 
Integer

+
RuleAddressDtoForResponse object

 
Persistent connection support

+
Source address transmission object

 		
 
source

+
destination

 
RuleAddressDto object

+
RuleAddressDtoForResponse object

 
Source address transmission object

+
destination

 		
 
destination

+
service

 
RuleAddressDto object

+
RuleServiceDtoForResponse object

 
destination

+
service

 		
 
service

+
type

 
RuleServiceDto object

+
Integer

 
service

+
Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

+
Enumeration values:

+
  • 0
  • 1
  • 2

 		
 
type

+
created_date

 
Integer

+
String

 
Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-
  • 2
    
-

+
Created time

 		
 
created_date

+
last_open_time

 
String

+
String

 
Created time

+
Last open time

 		
 
last_open_time

+
tag

 
String

+
TagsVO object

 
Last open time

-
tag

-
TagsVO object

-
tag

+
tag

 		
 

 
 

 

 
-
Table 7 OrderRuleAclDto
Parameter

+

-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 7 RuleAddressDtoForResponse
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
dest_rule_id

+
type

 
String

+
Integer

 
ID of the rule that the added rule will follow. This parameter cannot be left blank if the rule is not pinned on top, and is empty when the added rule is pinned on top.

+
Source type. 0: manual input; 1: associated IP address group; 2: domain name; 3: region; 4: domain set 5: multi object, 6: domain set dns, 7: domain url profile

 		
 
top

+
address_type

 
Integer

+
Integer

 
Whether to pin on top. The options are as follows: 0: no; 1: yes.

+
Source type. 0: IPv4; 1: IPv6

+
address

+
String

+
Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

+
address_set_id

+
String

+
ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

+
address_set_name

+
String

+
IP address group name

+
domain_address_name

+
String

+
Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

+
region_list_json

+
String

+
JSON value of the rule region list.

+
region_list

+
Array of IpRegionDto objects

+
Region list of a rule

+
domain_set_id

+
String

+
domain set id

+
domain_set_name

+
String

+
domain set name

+
ip_address

+
Array of strings

+
IP address list

+
address_group

+
Array of strings

+
address group

+
address_group_names

+
Array of AddressGroupVO objects

+
Address set list

+
address_set_type

+
Integer

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

 		
 

 
 

 

 
-
Table 8 RuleAddressDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 8 IpRegionDto
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
type

+
region_id

 
Integer

+
String

 
Source type. 0: manual input; 1: associated IP address group; 2: domain name

+
region id

 		
 
address_type

+
description_cn

 
Integer

+
String

 
Source type. 0: IPv4; 1: IPv6

+
cn description

 		
 
address

+
description_en

 
String

+
String

 
Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

+
en description

 		
 
address_set_id

+
region_type

 
String

+
Integer

 
ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

-
address_set_name

-
String

-
IP address group name

-
domain_address_name

-
String

-
Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

-
region_list_json

-
String

-
JSON value of the rule region list.

-
region_list

-
Array of IpRegionDto objects

-
Region list of a rule

-
domain_set_id

-
String

-
domain set id

-
domain_set_name

-
String

-
domain set name

-
ip_address

-
Array of strings

-
IP address list

-
address_group

-
Array of strings

-
address group

-
address_group_names

-
Array of AddressGroupVO objects

-
Address set list

+
Region type, 0 means country, 1 means province, 2 means continent

 		
 

 
 

 

 
-
Table 9 IpRegionDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 9 AddressGroupVO
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
region_id

+
address_set_type

 
String

+
Integer

 
region id

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

 		
 
description_cn

+
name

 
String

+
String

 
cn description

+
name

 		
 
description_en

+
set_id

 
String

+
String

 
en description

-
region_type

-
Integer

-
Region type, 0 means country, 1 means province, 2 means continent

+
address set id

 		
 

 
 

 

 
-
Table 10 RuleServiceDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
Table 10 RuleServiceDtoForResponse
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
type

+
type

 
Integer

+
Integer

 
Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

+
Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

 		
 
protocol

+
protocol

 
Integer

+
Integer

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

 		
 
source_port

+
protocols

 
String

+
Array of integers

 
Source port

+
Protocols

 		
 
dest_port

+
source_port

 
String

+
String

 
Destination port

+
Source port

 		
 
service_set_id

+
dest_port

 
String

+
String

 
Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

+
Destination port

 		
 
service_set_name

+
service_set_id

 
String

+
String

 
Service group name

+
Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

 		
 
custom_service

+
service_set_name

 
Array of ServiceItem objects

+
String

 
custom service

+
Service group name

 		
 
service_group

+
custom_service

 
Array of strings

+
Array of ServiceItem objects

 
Service group list

+
custom service

 		
 
service_group_names

+
service_group

 
Array of AddressGroupVO objects

+
Array of strings

 
Service group name list

+
Service group list

+
service_group_names

+
Array of ServiceGroupVO objects

+
Service group name list

+
service_set_type

+
Integer

+
Service set type, 0 indicates a custom service set, 1 indicates a predefined service set, 2 indicates commonly used remote login and PING, 3 indicates commonly used databases

 		
 

 
 

 

 
-
Table 11 ServiceItem
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 11 ServiceItem
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
protocol

+
protocol

 
Integer

+
Integer

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

 		
 
source_port

+
source_port

 
String

+
String

 
source port

+
source port

 		
 
dest_port

+
dest_port

 
String

+
String

 
destination port

+
destination port

 		
 
description

+
description

 
String

+
String

 
description

+
description

 		
 
name

+
name

 
String

+
String

 
name

+
name

 		
 

 
 

 

 
-
Table 12 AddressGroupVO
Parameter

+

-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
Table 12 ServiceGroupVO
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
set_id

+
name

 
String

+
String

 
set id

+
service group name

 		
 
name

+
protocols

 
String

+
Array of integers

 
name

+
protocols

+
service_set_type

+
Integer

+
Query service set type, 0 means custom define service set, 1 means predefine service set.

+
set_id

+
String

+
service set id

 		
 

 
 

 

 
-
Table 13 TagsVO
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 13 TagsVO
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
tag_id

+
tag_id

 
String

+
String

 
tag id

+
tag id

 		
 
tag_key

+
tag_key

 
String

+
String

 
tag key

+
tag key

 		
 
tag_value

+
tag_value

 
String

+
String

 
tag value

+
tag value

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-
Table 14 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 14 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query the data whose project ID is 9d80d070b6d44942af73c9c3d38e0429, project ID is e12bd2cd-ebfc-4af7-ad6f-ebe6da398029, and size is 10.

-
https://{Endpoint}/cfw/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rules?object_id=e12bd2cd-ebfc-4af7-ad6f-ebe6da398029&limit=10&offset=0

+
Example Requests
Query the data whose project ID is 9d80d070b6d44942af73c9c3d38e0429, project ID is e12bd2cd-ebfc-4af7-ad6f-ebe6da398029, and size is 10.

+
https://{Endpoint}/cfw/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rules?object_id=e12bd2cd-ebfc-4af7-ad6f-ebe6da398029&limit=10&offset=0

 

-
Example Responses
Status code: 200

-
OK

-
{
+
Example Responses
Status code: 200

+
OK

+
{
   "data" : {
     "limit" : 10,
     "object_id" : "cfebd347-b655-4b84-b938-3c54317599b2",
@@ -896,55 +910,55 @@
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.0020016",
   "error_msg" : "instance status error"
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
OK

+
OK

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListAddressItems.html b/docs/cfw/api-ref/ListAddressItems.html
index 762cbdef..a00e925c 100644
--- a/docs/cfw/api-ref/ListAddressItems.html
+++ b/docs/cfw/api-ref/ListAddressItems.html
@@ -1,286 +1,295 @@
 
 
 
Querying Address Set Members

-
Function
This API is used to query address group members.

+
Function
This API is used to query address group members.

 

-
URI
GET /v1/{project_id}/address-items

+
URI
GET /v1/{project_id}/address-items

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
set_id

+
set_id

 
Yes

+
Yes

 
String

+
String

 
ID of the IP address group

+
ID of the IP address group

 		
 
key_word

+
key_word

 
No

+
No

 
String

+
String

 
Keyword

+
Keyword

 		
 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
offset

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
address

+
address

 
No

+
No

 
String

+
String

 
IP address

+
IP address

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
query_address_set_type

+
No

+
Integer

+
Query address set type, 0 means custom define address set, 1 means predefined address set

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
data object

+
data object

 
Response for address group member query

+
Response for address group member query

 		
 

 
 

 

 
-
Table 5 data
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 data
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
total

+
total

 
Integer

+
Integer

 
Total

+
Total

 		
 
set_id

+
set_id

 
String

+
String

 
ID of the IP address group

+
ID of the IP address group

 		
 
records

+
records

 
Array of records objects

+
Array of records objects

 
Member information

+
Member information

 		
 

 
 

 

 
-
Table 6 records
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 records
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
item_id

+
item_id

 
String

+
String

 
ID of an address group member

+
ID of an address group member

 		
 
name

+
name

 
String

+
String

 
Name of an address group member

+
Name of an address group member

 		
 
description

+
description

 
String

+
String

 
Description

+
Description

 		
 
address_type

+
address_type

 
Integer

+
Integer

 
Address group type. The value can be 0 (IPv4) or 1 (IPv6).

+
Address group type. The value can be 0 (IPv4) or 1 (IPv6).

 		
 
address

+
address

 
String

+
String

 
Address group

+
Address group

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-

-
-
diff --git a/docs/cfw/api-ref/ListAttackLogs.html b/docs/cfw/api-ref/ListAttackLogs.html
index f85e31cb..1ba77b69 100644
--- a/docs/cfw/api-ref/ListAttackLogs.html
+++ b/docs/cfw/api-ref/ListAttackLogs.html
@@ -1,604 +1,698 @@
 
Querying Attack Logs

-
Function
This API is used to query attack logs.

+
Function
This API is used to query attack logs.

 

-
URI
GET /v1/{project_id}/cfw/logs/attack

+
URI
GET /v1/{project_id}/cfw/logs/attack

 
-
Table 7 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 7 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query members in address group 8773c082-2a6c-4529-939a-edc28ef1a67c of project 9d80d070b6d44942af73c9c3d38e0429.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/address-items?set_id=8773c082-2a6c-4529-939a-edc28ef1a67c&limit=10&offset=0

+
Example Requests
Query members in address group 8773c082-2a6c-4529-939a-edc28ef1a67c of project 9d80d070b6d44942af73c9c3d38e0429.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/address-items?set_id=8773c082-2a6c-4529-939a-edc28ef1a67c&limit=10&offset=0

 

-
Example Responses
Status code: 200

-
Return value for querying address group members

-
{
+
Example Responses
Status code: 200

+
Return value for querying address group members

+
{
   "data" : {
     "limit" : 10,
     "offset" : 0,
@@ -294,55 +303,55 @@
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00200005",
   "error_msg" : "operation content does not exist"
 }

 

-
Status Codes

-

+
+
+
+
+
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value for querying address group members

+
Return value for querying address group members

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListAddressSetDetail.html b/docs/cfw/api-ref/ListAddressSetDetail.html
index d4fc6828..9473b500 100644
--- a/docs/cfw/api-ref/ListAddressSetDetail.html
+++ b/docs/cfw/api-ref/ListAddressSetDetail.html
@@ -74,6 +74,15 @@
 
Query address set type, 0 indicates a custom address set and 1 indicates a predefined address set

 		
 
address_set_type

+
No

+
Integer

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

+

 
 

 

@@ -156,7 +165,7 @@
 
 
Integer

 
Address set type, 0 indicates a custom address set and 1 indicates a predefined address set

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

 		
 

 
address_type

diff --git a/docs/cfw/api-ref/ListAddressSets.html b/docs/cfw/api-ref/ListAddressSets.html
index 7251ca8f..f1bab9b7 100644
--- a/docs/cfw/api-ref/ListAddressSets.html
+++ b/docs/cfw/api-ref/ListAddressSets.html
@@ -266,7 +266,7 @@
 		
 
Integer

 
Address set type, 0 indicates a custom address set and 1 indicates a predefined address set

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

 		
 

 
 
 
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
start_time

+
start_time

 
Yes

+
Yes

 
Long

+
Long

 
Start time

+
Start time

 		
 
end_time

+
end_time

 
Yes

+
Yes

 
Long

+
Long

 
End time

+
End time

 		
 
src_ip

+
src_ip

 
No

+
No

 
String

+
String

 
Source IP address

+
Source IP address

 		
 
src_port

+
src_port

 
No

+
No

 
Integer

+
Integer

 
Source port number

-
Minimum: 0

-
Maximum: 65535

+
Source port number

+
Minimum: 0

+
Maximum: 65535

 		
 
dst_ip

+
dst_ip

 
No

+
No

 
String

+
String

 
Destination IP address

+
Destination IP address

 		
 
dst_port

+
dst_port

 
No

+
No

 
Integer

+
Integer

 
Destination port number

-
Minimum: 0

-
Maximum: 65535

+
Destination port number

+
Minimum: 0

+
Maximum: 65535

 		
 
protocol

+
protocol

 
No

+
No

 
String

+
String

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

-
Enumeration values:

-
  • 6
    
-
  • 17
    
-
  • 1
    
-
  • 58
    
-

+
Protocol types, including TCP, UDP, ICMP, ICMPV6, etc.

 		
 
app

+
app

 
No

+
No

 
String

+
String

 
Application protocol

+
Application protocol

 		
 
log_id

+
log_id

 
No

+
No

 
String

+
String

 
Log ID. The value is null for the first page and not null for the rest of the pages.

+
Document ID, the first page is empty, the other pages are not empty, and the other pages can take the log_id of the last query record.

 		
 
next_date

+
next_date

 
No

+
No

 
Long

+
Long

 
Next date. The value is null for the first page and not null for the rest of the pages.

+
The next date is empty when it is the first page, not empty when it is not the first page, and the other pages can take the start_time of the last query record.

 		
 
offset

+
offset

 
No

+
No

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The first page is empty, and the non-first page is not empty.

 		
 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
fw_instance_id

+
fw_instance_id

 
Yes

+
Yes

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.

 		
 
action

+
action

 
No

+
No

 
String

+
String

 
Action. 0: allow; 1: deny

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Action. including allow and deny

 		
 
direction

+
direction

 
No

+
No

 
String

+
String

 
Direction. 0: inbound; 1: outbound

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Direction. including in2out and out2in

 		
 
attack_type

+
attack_type

 
No

+
No

 
String

+
String

 
Intrusion event type

+
Intrusion event type

 		
 
attack_rule

+
attack_rule

 
No

+
No

 
String

+
String

 
Intrusion event rule

+
Intrusion event rule

 		
 
level

+
level

 
No

+
No

 
String

+
String

 
Threat level

+
Threat level

+
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

 		
 
source

+
source

 
No

+
No

 
String

+
String

 
Source

+
Source

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
dst_host

+
dst_host

 
No

+
No

 
String

+
String

 
destination host

+
destination host

 		
 
log_type

+
log_type

 
No

+
No

 
String

+
String

 
log_type

-
Enumeration values:

-
  • internet
    
-
  • nat
    
-
  • vpc
    
-

+
log_type

+
Enumeration values:

+
  • internet
  • nat
  • vpc

+
attack_rule_id

+
No

+
String

+
attack rule id

+
src_region_name

+
No

+
String

+
source region name

+
dst_region_name

+
No

+
String

+
destination region name

+
src_province_name

+
No

+
String

+
source province name

+
dst_province_name

+
No

+
String

+
dst province name

+
src_city_name

+
No

+
String

+
source city name

+
dst_city_name

+
No

+
String

+
dst city name

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
data object

+
data object

 
Return value of attack log query

+
Return value of attack log query

 		
 

 
 

 

 
-
Table 5 data
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 5 data
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
total

+
total

 
Integer

+
Integer

 
Returned quantity

+
Returned quantity

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
records

+
records

 
Array of records objects

+
Array of records objects

 
Record

+
Record

 		
 

 
 

 

 
-
Table 6 records
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 6 records
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
direction

+
direction

 
String

+
String

 
Direction, which can be inbound or outbound

-
Enumeration values:

-
  • out2in
    
-
  • in2out
    
-

+
Direction, which can be inbound or outbound

+
Enumeration values:

+
  • out2in
  • in2out

 		
 
action

+
action

 
String

+
String

 
Action

+
Action

 		
 
event_time

+
event_time

 
Long

+
Long

 
Event time

+
Event time

 		
 
attack_type

+
attack_type

 
String

+
String

 
Attack type

+
Attack type

 		
 
attack_rule

+
attack_rule

 
String

+
String

 
Attack rule

+
Attack rule

 		
 
level

+
level

 
String

+
String

 
Threat level

+
Threat level

 		
 
source

+
source

 
String

+
String

 
Source

+
Source

 		
 
packet_length

+
packet_length

 
Long

+
Long

 
Packet length

+
Packet length

 		
 
attack_rule_id

+
attack_rule_id

 
String

+
String

 
Attack rule ID

+
Attack rule ID

 		
 
hit_time

+
hit_time

 
Integer

+
Integer

 
Hit time

+
Hit time

 		
 
log_id

+
log_id

 
String

+
String

 
Log ID

+
Log ID

 		
 
src_ip

+
src_ip

 
String

+
String

 
Source IP address

+
Source IP address

 		
 
src_port

+
src_port

 
Integer

+
Integer

 
Source port

-
Minimum: 0

-
Maximum: 65535

+
Source port

+
Minimum: 0

+
Maximum: 65535

 		
 
dst_ip

+
dst_ip

 
String

+
String

 
Destination IP address

+
Destination IP address

 		
 
dst_port

+
dst_port

 
Integer

+
Integer

 
Destination port

-
Minimum: 0

-
Maximum: 65535

+
Destination port

+
Minimum: 0

+
Maximum: 65535

 		
 
protocol

+
protocol

 
String

+
String

 
Protocol

+
Protocol

 		
 
packet

+
packet

 
String

+
String

 
Attack log packet

+
Attack log packet

 		
 
app

+
app

 
String

+
String

 
Application protocol

+
Application protocol

 		
 
packetMessages

+
packetMessages

 
Array of PacketMessage objects

+
Array of PacketMessage objects

 
packet message

+
packet message

 		
 
dst_host

+
src_region_id

 
String

+
String

 
destination host

+
source region id

 		
 
src_region_id

+
src_region_name

 
String

+
String

 
source region id

+
source region name

 		
 
src_region_name

+
dst_region_id

 
String

+
String

 
source region name

+
destination region id

 		
 
dst_region_id

+
dst_region_name

 
String

+
String

 
destination region id

+
destination region name

 		
 
dst_region_name

+
src_province_id

 
String

+
String

 
destination region name

+
source province id

+
src_province_name

+
String

+
source province name

+
src_city_id

+
String

+
source city id

+
src_city_name

+
String

+
source city name

+
dst_province_id

+
String

+
dst province id

+
dst_province_name

+
String

+
dst province name

+
dst_city_id

+
String

+
dst city id

+
dst_city_name

+
String

+
dst city name

 		
 

 
 

 

 
-
Table 7 PacketMessage
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 7 PacketMessage
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
hex_index

+
hex_index

 
String

+
String

 
hex index

+
hex index

 		
 
hexs

+
hexs

 
Array of strings

+
Array of strings

 
hexs

+
hexs

 		
 
utf8_String

+
utf8_String

 
String

+
String

 
utf8 string

+
utf8 string

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-
Table 8 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 8 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query 10 records on the first page of the firewall with the ID 2af58b7c-893c-4453-a984-bdd9b1bd6318 in the project 9d80d070b6d44942af73c9c3d38e0429. The query time range is 1663567058000 to 1664171765000.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/cfw/logs/attack?fw_instance_id=2af58b7c-893c-4453-a984-bdd9b1bd6318&start_time=1663567058000&end_time=1664171765000&limit=10

+
Example Requests
Query 10 records on the first page of the firewall with the ID 2af58b7c-893c-4453-a984-bdd9b1bd6318 in the project 9d80d070b6d44942af73c9c3d38e0429. The query time range is 1663567058000 to 1664171765000.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/cfw/logs/attack?fw_instance_id=2af58b7c-893c-4453-a984-bdd9b1bd6318&start_time=1663567058000&end_time=1664171765000&limit=10

 

-
Example Responses
Status code: 200

-
OK

-
{
+
Example Responses
Status code: 200

+
OK

+
{
   "data" : {
     "limit" : 10,
     "records" : [ {
@@ -651,60 +745,68 @@
       "protocol" : "TCP",
       "source" : "0",
       "src_ip" : "100.85.238.144",
-      "src_port" : 50384
+      "src_port" : 50384,
+      "src_province_id" : "source province id",
+      "src_province_name" : "source province name",
+      "src_city_id" : "source city id",
+      "src_city_name" : "source city name",
+      "dst_province_id" : "dst province id",
+      "dst_province_name" : "dst province name",
+      "dst_city_id" : "dst city id",
+      "dst_city_name" : "dst city name"
     } ],
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "00500002",
   "error_msg" : "time range error"
 }

 

-
Status Codes

-

-
-
-
-
-
diff --git a/docs/cfw/api-ref/ListDnsServers.html b/docs/cfw/api-ref/ListDnsServers.html
index 232afe7f..8d116a34 100644
--- a/docs/cfw/api-ref/ListDnsServers.html
+++ b/docs/cfw/api-ref/ListDnsServers.html
@@ -1,188 +1,188 @@
 
Querying the DNS Server List

-
Function
This API is used to query the DNS server list.

+
Function
This API is used to query the DNS server list.

 

-
URI
GET /v1/{project_id}/dns/servers

+
URI
GET /v1/{project_id}/dns/servers

 
-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
OK

+
OK

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListBlackWhiteLists.html b/docs/cfw/api-ref/ListBlackWhiteLists.html
index 2f4a7524..8c6de449 100644
--- a/docs/cfw/api-ref/ListBlackWhiteLists.html
+++ b/docs/cfw/api-ref/ListBlackWhiteLists.html
@@ -185,14 +185,7 @@
 

 

 
object_id

-
String

-
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

-
offset

+
offset

 		
 
Integer

 		
 
 
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
limit

+
limit

 
No

+
No

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
offset

+
offset

 
No

+
No

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 

 
 

 

 
-
Request Parameters

-

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
Array of DnsServersResponseDTO objects

+
Array of DnsServersResponseDTO objects

 
dns server list

+
dns server list

 		
 
total

+
total

 
Integer

+
Integer

 
dns server total

+
dns server total

 		
 

 
 

 

 
-

-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cfw/api-ref/ListEastWestFirewall.html b/docs/cfw/api-ref/ListEastWestFirewall.html
index 46229fe4..4343fdca 100644
--- a/docs/cfw/api-ref/ListEastWestFirewall.html
+++ b/docs/cfw/api-ref/ListEastWestFirewall.html
@@ -344,6 +344,13 @@
 
+
+
+
+
Table 5 DnsServersResponseDTO
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 DnsServersResponseDTO
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
Integer

+
Integer

 
id

+
id

 		
 
is_applied

+
is_applied

 
Integer

+
Integer

 
Indicates whether to apply. 0: no; 1: yes

+
Indicates whether to apply. 0: no; 1: yes

 		
 
is_customized

+
is_customized

 
Integer

+
Integer

 
Indicates whether the DNS server is user-defined. 0: no; 1: yes

+
Indicates whether the DNS server is user-defined. 0: no; 1: yes

 		
 
server_ip

+
server_ip

 
String

+
String

 
DNS server IP address

+
DNS server IP address

 		
 
health_check_domain_name

+
health_check_domain_name

 
String

+
String

 
health check domain name

+
health check domain name

 		
 

 
 

 

 
-
Example Requests
Obtain the DNS server list of the project whose ID is 2349ba469daf4b7daf268bb0261d18b0.

-
https://endpoint/cfw/v1/2349ba469daf4b7daf268bb0261d18b0/dns/servers

+
Example Requests
Obtain the DNS server list of the project whose ID is 2349ba469daf4b7daf268bb0261d18b0.

+
https://console.xxxxxx.com/cfw/v1/2349ba469daf4b7daf268bb0261d18b0/dns/servers

 

-
Example Responses
Status code: 200

-
Response to the request for obtaining DNS servers

-
{
+
Example Responses
Status code: 200

+
Response to the request for obtaining DNS servers

+
{
   "data" : {
     "data" : [ {
       "health_check_domain_name" : "sslstatic.xiaoyusan.com",
@@ -201,43 +201,43 @@
   "total" : 2
 }

 

-
Status Codes

-

-
diff --git a/docs/cfw/api-ref/ListDomainSets.html b/docs/cfw/api-ref/ListDomainSets.html
index c359a0e8..d1506681 100644
--- a/docs/cfw/api-ref/ListDomainSets.html
+++ b/docs/cfw/api-ref/ListDomainSets.html
@@ -98,7 +98,7 @@
 
-
-
+
+
+
+
+
+
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Response to the request for obtaining DNS servers

+
Response to the request for obtaining DNS servers

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListDomainParseDetail.html b/docs/cfw/api-ref/ListDomainParseDetail.html
index 739328a3..1afd14db 100644
--- a/docs/cfw/api-ref/ListDomainParseDetail.html
+++ b/docs/cfw/api-ref/ListDomainParseDetail.html
@@ -69,7 +69,7 @@
 
 
No

 
String

+
Integer

 		
 
Specifies the address type. The value can be 0 (IPv4) or 1 (IPv6).

 		
 
Integer

 
Domain set type, 0 means URL filtering, 1 means domain parse

+
Domain name group type. 0 means Application type and 1 means Network type.

 		
 

 
config_status

@@ -239,7 +239,7 @@
 		
 
Integer

 
domain set type

+
Domain name group type. 0 means Application type and 1 means Network type.

 		
 

 
config_status

@@ -256,6 +256,39 @@
 
message

 		
 
rules

+
Array of UseRuleVO objects

+
used rule list

+

+

+
+

+
+
+
+
+
+
+
+
+
+
+
+
Table 7 UseRuleVO
Parameter

+
Type

+
Description

+
id

+
String

+
rule id

+
name

+
String

+
rule name

+

 
 

 

diff --git a/docs/cfw/api-ref/ListDomains.html b/docs/cfw/api-ref/ListDomains.html
index 5c748126..d80f5cc3 100644
--- a/docs/cfw/api-ref/ListDomains.html
+++ b/docs/cfw/api-ref/ListDomains.html
@@ -92,24 +92,6 @@
 
domain name

 		
 
description

-
No

-
String

-
description

-
set_id

-
No

-
String

-
domain_set_id

-

 
object_Id

 		
 
No

@@ -136,7 +118,7 @@
 

 
X-Auth-Token

 
No

+
Yes

 		
 
String

 
Whether to enable IPv6

 		
 
attachment_id

+
String

+
ER attachment id

+

 
 

 

@@ -487,62 +494,75 @@
 

 

 

-
Example Requests
Obtain the east-west firewall information of the project whose ID is 09bb24e6f280d23d0f9fc0104b901480.

+
Example Requests
Get EastWest Firewall Response

 
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?limit=10&offset=0

 

 
Example Responses
Status code: 200

-
Response to the request for querying east-west firewall information

+
Get EastWest Firewall Response

 
{
   "data" : {
-    "ew_vpc_route_limit" : 5,
+    "er" : {
+      "id" : "f0f5275a-40aa-4d1e-ac78-2550f7818d43",
+      "name" : "er",
+      "project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
+      "attachment_id" : "e978c028-0ccf-4168-a015-0094ac631e88"
+    },
     "inspection_vpc" : {
-      "cidr" : "10.90.90.0/24",
-      "id" : "4471b50f-811a-4f9b-9575-a491e6c81dd0",
+      "cidr" : "10.13.13.0/24",
+      "id" : "3baa2248-03d4-47ac-aefa-ec6f9a30ed80",
       "name" : "inspection-vpc"
     },
     "limit" : 50,
-    "mode" : "peer",
-    "object_id" : "5681ed03-ff3f-4dab-9bb1-daf388121ad1",
+    "mode" : "er",
+    "object_id" : "6cc31075-0b03-461d-aa3a-73c4765bf9ac",
     "offset" : 0,
-    "project_id" : "28f403ddd3f141daa6e046e85cb15519",
+    "project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
     "protect_infos" : [ {
-      "protected_resource_id" : "4c51e814-03b5-4754-87cb-243701f5b4ff",
-      "protected_resource_mode" : "peer",
-      "protected_resource_name" : "vpc-c247",
-      "protected_resource_project_id" : "28f403ddd3f141daa6e046e85cb15519",
+      "protected_resource_id" : "09b26b83-4b7c-499f-805b-50820900cd9f",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "vpc-4",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
       "protected_resource_type" : 0,
       "status" : 0
     }, {
-      "protected_resource_id" : "af44c693-a13c-46a7-a6d2-eb2cb2570e57",
-      "protected_resource_mode" : "peer",
-      "protected_resource_name" : "vpc-10.1",
-      "protected_resource_project_id" : "28f403ddd3f141daa6e046e85cb15519",
+      "protected_resource_id" : "2956f917-af18-44a2-a0f2-f592633d4431",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "vpc-t3",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
       "protected_resource_type" : 0,
       "status" : 0
     }, {
-      "protected_resource_id" : "2ae53845-64b8-4cd5-bcbe-efb93a7c9207",
-      "protected_resource_mode" : "peer",
-      "protected_resource_name" : "vpc-test",
-      "protected_resource_project_id" : "28f403ddd3f141daa6e046e85cb15519",
+      "protected_resource_id" : "69d4c81f-80bd-4c28-9074-f26b400b3a34",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "vpc-t2",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
       "protected_resource_type" : 0,
-      "status" : 1
+      "status" : 0
     }, {
-      "protected_resource_id" : "8a51174b-376b-40e5-8ccf-89d33703842b",
-      "protected_resource_mode" : "peer",
-      "protected_resource_name" : "vpc-a0c1",
-      "protected_resource_project_id" : "28f403ddd3f141daa6e046e85cb15519",
+      "protected_resource_id" : "e1b18d3e-8f7d-4c4e-a326-37db7bd89a3a",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "vpc-t1",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
       "protected_resource_type" : 0,
-      "status" : 1
+      "status" : 0
     }, {
-      "protected_resource_id" : "9cccb096-31be-4d68-a7ee-156f0c947f0b",
-      "protected_resource_mode" : "peer",
-      "protected_resource_name" : "vpc-192.168",
-      "protected_resource_project_id" : "28f403ddd3f141daa6e046e85cb15519",
+      "protected_resource_id" : "f91c1747-1325-4b39-9d58-7fac0bd2786f",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "vpc-5",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
+      "protected_resource_type" : 0,
+      "status" : 0
+    }, {
+      "protected_resource_id" : "bd556a7d-447e-49eb-be17-f93af09769f5",
+      "protected_resource_mode" : "er",
+      "protected_resource_name" : "inspct-a",
+      "protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
       "protected_resource_type" : 0,
       "status" : 1
     } ],
     "status" : 0,
-    "total" : 5
+    "total" : 6,
+    "special_vpc" : [ ]
   }
 }

 

@@ -555,7 +575,7 @@
 

 
200

 
Response to the request for querying east-west firewall information

+
Get EastWest Firewall Response

 		
 

 
400

diff --git a/docs/cfw/api-ref/ListEips.html b/docs/cfw/api-ref/ListEips.html
index 7609042f..920cce0d 100644
--- a/docs/cfw/api-ref/ListEips.html
+++ b/docs/cfw/api-ref/ListEips.html
@@ -1,431 +1,438 @@
 
 
 
Querying the EIP List

-
Function
This API is used to query the EIP list.

+
Function
This API is used to query the EIP list.

 

-
URI
GET /v1/{project_id}/eips/protect

+
URI
GET /v1/{project_id}/eips/protect

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

-
Minimum: 32

-
Maximum: 32

+
Project ID

+
Minimum: 32

+
Maximum: 32

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
object_id

+
object_id

 
Yes

+
Yes

 
String

+
String

 
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

-
Minimum: 36

-
Maximum: 36

+
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+
Minimum: 36

+
Maximum: 36

 		
 
key_word

+
key_word

 
No

+
No

 
String

+
String

 
Public network ID or EIP

-
Minimum: 0

-
Maximum: 255

+
Public network ID or EIP

+
Minimum: 0

+
Maximum: 255

 		
 
status

+
status

 
No

+
No

 
String

+
String

 
Specifies the protection status. The value can be null, 0 (enabled), or 1 (disabled).

-
Enumeration values:

-
  • null
  • 0
  • 1

+
Specifies the protection status. The value can be null, 0 (enabled), or 1 (disabled).

+
Enumeration values:

+
  • null
    
+
  • 0
    
+
  • 1
    
+

 		
 
sync

+
sync

 
No

+
No

 
Integer

+
Integer

 
Specifies whether to synchronize tenant EIP data. The options are as follows: 0: no; 1: yes

-
Enumeration values:

-
  • 0
  • 1

+
Specifies whether to synchronize tenant EIP data. The options are as follows: 0: no; 1: yes

+
Enumeration values:

+
  • 0
    
+
  • 1
    
+

 		
 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

-
Minimum: 0

+
Number of records displayed on each page, in the range 1-1024

+
Minimum: 0

 		
 
offset

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

-
Minimum: 0

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Minimum: 0

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
device_key

+
device_key

 
No

+
No

 
String

+
String

 
Device key

+
Device key

 		
 
address_type

+
address_type

 
No

+
No

 
Integer

+
Integer

 
Specifies the address type. The value can be 0 (IPv4) or 1 (IPv6).

+
Specifies the address type. The value can be 0 (IPv4) or 1 (IPv6).

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

 		
 
fw_key_word

+
fw_key_word

 
No

+
No

 
String

+
String

 
The bound firewall name

+
The bound firewall name

 		
 
eps_id

+
eps_id

 
No

+
No

 
String

+
String

 
The enterprise project id of the eip

+
The enterprise project id of the eip

 		
 
tags

+
tags

 
No

+
No

 
String

+
String

 
Tag list

+
Tag list

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-

-
@@ -393,6 +441,90 @@
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
EipResponseData object

+
EipResponseData object

 
eip query response

+
eip query response

 		
 

 
 

 

 
-

-
@@ -408,39 +416,32 @@
 
-
-
-
-
-
-
-
-
-
-
-
-
@@ -456,38 +457,43 @@
 }
Example Responses
Status code: 200

-
list firewall list response

+
Get Firewall Instance Response

 
{
   "data" : {
-    "limit" : 10,
+    "limit" : 1,
     "offset" : 0,
     "project_id" : "14181c1245cf4fd786824efe1e2b9388",
     "records" : [ {
-      "charge_mode" : 0,
-      "engine_type" : 1,
-      "enterprise_project_id" : "default",
-      "flavor" : {
-        "bandwidth" : 60,
-        "eip_count" : 51,
-        "log_storage" : 0,
-        "version" : 1,
-        "vpc_count" : 8
-      },
-      "fw_instance_id" : "546af3f8-88e9-47f2-a205-2346d7090925",
+      "fw_instance_id" : "ebf891cd-2163-48a0-9963-6309f99dd3c4",
+      "resource_id" : "ebf891cd-2163-48a0-9963-6309f99dd3c4",
+      "name" : "1709176078374",
       "fw_instance_name" : "test",
-      "ha_type" : 1,
-      "name" : "1680054140516",
-      "resource_id" : "546af3f8-88e9-47f2-a205-2346d7090925",
+      "enterprise_project_id" : "default",
+      "tags" : "{\"key_test3\":\"value_test3\"}",
+      "ha_type" : 0,
+      "charge_mode" : 0,
       "service_type" : 0,
+      "engine_type" : 1,
+      "flavor" : {
+        "version" : 1,
+        "eip_count" : 50,
+        "vpc_count" : 6,
+        "bandwidth" : 50,
+        "log_storage" : 0,
+        "default_eip_count" : 50,
+        "default_vpc_count" : 2,
+        "default_bandwidth" : 50,
+        "default_log_storage" : 0
+      },
       "status" : 2
     } ],
-    "total" : 1
+    "total" : 18
   },
-  "user_support_eps" : false,
   "has_ndr" : false,
-  "is_support_postpaid" : false,
-  "is_support_basic_version" : false,
-  "is_support_buy_professional" : false
+  "is_support_basic_version" : true,
+  "is_support_buy_professional" : false,
+  "is_support_postpaid" : true,
+  "user_support_eps" : false
 }

 
Status Codes

@@ -499,7 +505,7 @@
 

-
diff --git a/docs/cfw/api-ref/ListFlowLogs.html b/docs/cfw/api-ref/ListFlowLogs.html
index 1be24fa9..c75bd293 100644
--- a/docs/cfw/api-ref/ListFlowLogs.html
+++ b/docs/cfw/api-ref/ListFlowLogs.html
@@ -53,7 +53,7 @@
 
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 5 EipResponseData
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 EipResponseData
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
total

+
total

 
Integer

+
Integer

 
total

+
total

 		
 
records

+
records

 
Array of EipResource objects

+
Array of EipResource objects

 
eip records

+
eip records

 		
 

 
 

 

 
-

-
@@ -395,39 +412,32 @@
 
-
-
-
-
-
-
-
-
-
-
-
-
@@ -571,8 +581,13 @@
         "used_rule_count" : 2136,
         "version" : 1,
         "vpc_bandwith" : 1400,
-        "vpc_count" : 8
+        "vpc_count" : 8,
+        "default_eip_count" : 20,
+        "default_vpc_count" : 0,
+        "default_bandwidth" : 10,
+        "default_log_storage" : 0
       },
+      "tags" : "{\"key1234\":\"1234\",\"key122\":\"2222\"}",
       "fw_instance_id" : "546af3f8-88e9-47f2-a205-2346d7090925",
       "fw_instance_name" : "test",
       "ha_type" : 1,
diff --git a/docs/cfw/api-ref/ListFirewallList.html b/docs/cfw/api-ref/ListFirewallList.html
index 631cb551..4fc01a03 100644
--- a/docs/cfw/api-ref/ListFirewallList.html
+++ b/docs/cfw/api-ref/ListFirewallList.html
@@ -353,6 +353,13 @@
 
+
+
+
+
Table 6 EipResource
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 EipResource
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
String

+
String

 
EIP ID

+
EIP ID

 		
 
public_ip

+
public_ip

 
String

+
String

 
EIP

+
EIP

 		
 
status

+
status

 
Integer

+
Integer

 
EIP protection status,0:protected,1:unprotected

-
Enumeration values:

-
  • 0
  • 1

+
EIP protection status,0:protected,1:unprotected

+
Enumeration values:

+
  • 0
    
+
  • 1
    
+

 		
 
public_ipv6

+
public_ipv6

 
String

+
String

 
EIP IPv6

+
EIP IPv6

 		
 
enterprise_project_id

+
enterprise_project_id

 
String

+
String

 
Enterprise project ID

+
Enterprise project ID

 		
 
device_id

+
device_id

 
String

+
String

 
Device ID

+
Device ID

 		
 
device_name

+
device_name

 
String

+
String

 
Device name

+
Device name

 		
 
device_owner

+
device_owner

 
String

+
String

 
Device owner

+
Device owner

 		
 
associate_instance_type

+
associate_instance_type

 
String

+
String

 
Type of the associated instance

+
Type of the associated instance

 		
 
fw_instance_name

+
fw_instance_name

 
String

+
String

 
firewall name

+
firewall name

 		
 
fw_instance_id

+
fw_instance_id

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.

 		
 
fw_enterprise_project_id

+
fw_enterprise_project_id

 
String

+
String

 
Firewall enterprise project id bound to Eip

+
Firewall enterprise project id bound to Eip

 		
 
object_id

+
object_id

 
String

+
String

 
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

 		
 
tags

+
tags

 
String

+
String

 
tags

+
tags

 		
 
domain_id

+
domain_id

 
String

+
String

 
domain id

+
domain id

 		
 
owner

+
owner

 
String

+
String

 
owner

+
owner

 		
 
fw_domain_id

+
fw_domain_id

 
String

+
String

 
firewall domain id

+
firewall domain id

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-

+
+
+
+
Table 7 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 7 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query the data on the non-synchronized first page whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and protected object ID is cfebd347-b655-4b84-b938-3c54317599b2.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/eips/protect?object_id=cfebd347-b655-4b84-b938-3c54317599b2&limit=10&offset=0&sync=0

+
Example Requests
Query the data on the non-synchronized first page whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and protected object ID is cfebd347-b655-4b84-b938-3c54317599b2.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/eips/protect?object_id=cfebd347-b655-4b84-b938-3c54317599b2&limit=10&offset=0&sync=0

 

-
Example Responses
Status code: 200

-
Return value of EIP data query

-
{
+
Example Responses
Status code: 200

+
Return value of EIP data query

+
{
   "data" : {
     "limit" : 10,
     "offset" : 0,
@@ -433,7 +440,7 @@
       "associate_instance_type" : "PORT",
       "device_id" : "c87579ab-c76a-4afd-83ce-62e0f531f13e",
       "device_name" : "test",
-      "device_owner" : "compute:endpoint",
+      "device_owner" : "compute:test",
       "domain_id" : "7d07807209524a4280266db9df63c4fa",
       "enterprise_project_id" : "0",
       "fw_domain_id" : "7d07807209524a4280266db9df63c4fa",
@@ -449,55 +456,55 @@
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00109004",
   "error_msg" : "http to external service error"
 }

 

-
Status Codes

-

+
+
+
+
+
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value of EIP data query

+
Return value of EIP data query

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListFirewallDetail.html b/docs/cfw/api-ref/ListFirewallDetail.html
index 3d2eec73..ca3b8033 100644
--- a/docs/cfw/api-ref/ListFirewallDetail.html
+++ b/docs/cfw/api-ref/ListFirewallDetail.html
@@ -91,6 +91,15 @@
 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

 		
 
name

+
No

+
String

+
firewall instance name

+

 
 

 

@@ -340,6 +349,13 @@
 
whether to enable url filtering. The options are true (yes) and false (no).

 		
 
tags

+
String

+
tags

+

 
 

 

@@ -356,10 +372,11 @@
 
 
Integer

 
Firewall version. The value can be 0 (standard edition), 1 (professional edition), or 3 (basic edition).

+
Firewall version. The value can be 0 (standard edition), 1 (professional edition), 2 (platinum edition), or 3 (basic edition).

 
Enumeration values:

 
  • 0
    
 
  • 1
    
+
  • 2
    
 
  • 3
    
 

 
Log storage

 		
 
session_concurrent

+
default_bandwidth

 		
 
Integer

 
concurrent session

+
default bandwidth

 		
 
session_create

+
default_eip_count

 		
 
Integer

 
created session

+
default eip count

 		
 
total_rule_count

+
default_log_storage

 		
 
Integer

 
total rule count

+
default log storage

 		
 
used_rule_count

+
default_vpc_count

 		
 
Integer

 
used rule count

-
vpc_bandwith

-
Integer

-
vpc bandwith

+
default vpc count

 		
 

 
Firewall status list. The options are as follows: -1: waiting for payment; 0: creating; 1: deleting; 2: running; 3: upgrading; 4: deletion completed; 5: freezing; 6: creation failed; 7: deletion failed; 8: freezing failed; 9: storage in progress; 10: storage failed; 11: upgrade failed

 		
 
tags

+
String

+
tags

+

 
 

 

@@ -369,10 +376,11 @@
 
 
Integer

 
Firewall version. The value can be 0 (standard edition), 1 (professional edition), or 3 (basic edition).

+
Firewall version. The value can be 0 (standard edition), 1 (professional edition), 2 (platinum edition), or 3 (basic edition).

 
Enumeration values:

 
  • 0
    
 
  • 1
    
+
  • 2
    
 
  • 3
    
 

 
Log storage

 		
 
session_concurrent

+
default_bandwidth

 		
 
Integer

 
concurrent session

+
default bandwidth

 		
 
session_create

+
default_eip_count

 		
 
Integer

 
created session

+
default eip count

 		
 
total_rule_count

+
default_log_storage

 		
 
Integer

 
total rule count

+
default log storage

 		
 
used_rule_count

+
default_vpc_count

 		
 
Integer

 
used rule count

-
vpc_bandwith

-
Integer

-
vpc bandwith

+
default vpc count

 		
 

 
 
 
 
 
200

 
list firewall list response

+
Get Firewall Instance Response

 		
 

 
 
String

 
Direction

+
direction, including in2out and out2in

 		
 

 
log_type

@@ -134,13 +134,7 @@
 		
 
String

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

-
Enumeration values:

-
  • 6
    
-
  • 17
    
-
  • 1
    
-
  • 58
    
-

+
Protocol types, including TCP, UDP, ICMP, ICMPV6, etc.

 		
 

 
app

@@ -158,7 +152,7 @@
 		
 
String

 
Document ID. The value is null for the first page and not null for the rest of the pages.

+
Document ID, the first page is empty, the other pages are not empty, and the other pages can take the log_id of the last query record.

 		
 

 
next_date

@@ -167,7 +161,7 @@
 		
 
Long

 
Date. The value is null for the first page and not null for the rest of the pages.

+
The next date is empty when it is the first page, not empty when it is not the first page, and the other pages can take the start_time of the last query record.

 		
 

 
offset

@@ -176,7 +170,7 @@
 		
 
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The first page is empty, and the non-first page is not empty.

 		
 

 
limit

@@ -208,6 +202,60 @@
 
destination host

 		
 
src_region_name

+
No

+
String

+
source region name

+
dst_region_name

+
No

+
String

+
dst region name

+
src_province_name

+
No

+
String

+
source province name

+
dst_province_name

+
No

+
String

+
dst province name

+
src_city_name

+
No

+
String

+
source city name

+
dst_city_name

+
No

+
String

+
dst city name

+

 
 

 

@@ -300,7 +348,7 @@
 

 
bytes

 
Integer

+
Double

 		
 
Byte

 
destination host

 		
 
dst_region_id

+
String

+
destination region id

+
dst_region_name

+
String

+
destination region name

+
src_region_id

+
String

+
source region id

+
src_region_name

+
String

+
source region name

+
src_province_id

+
String

+
source province id

+
src_province_name

+
String

+
source province name

+
src_city_id

+
String

+
source city id

+
src_city_name

+
String

+
source city name

+
dst_province_id

+
String

+
dst province id

+
dst_province_name

+
String

+
dst province name

+
dst_city_id

+
String

+
dst city id

+
dst_city_name

+
String

+
dst city name

+

 
 

 

@@ -448,7 +580,15 @@
       "protocol" : "TCP",
       "src_ip" : "100.93.27.17",
       "src_port" : 49634,
-      "start_time" : 1664155428000
+      "start_time" : 1664155428000,
+      "src_province_id" : "source province id",
+      "src_province_name" : "source province name",
+      "src_city_id" : "source city id",
+      "src_city_name" : "source city name",
+      "dst_province_id" : "dst province id",
+      "dst_province_name" : "dst province name",
+      "dst_city_id" : "dst city id",
+      "dst_city_name" : "dst city name"
     } ],
     "total" : 1
   }
diff --git a/docs/cfw/api-ref/ListJob.html b/docs/cfw/api-ref/ListJob.html
index 1fbbc9de..2554bbde 100644
--- a/docs/cfw/api-ref/ListJob.html
+++ b/docs/cfw/api-ref/ListJob.html
@@ -1,153 +1,156 @@
 
 
 
List Job Status

-
Function
This API is used to obtain job status.

+
Function
This API is used to obtain job status.

 

-
URI
GET /v3/{project_id}/jobs/{job_id}

+
URI
GET /v3/{project_id}/jobs/{job_id}

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 
job_id

+
job_id

 
Yes

+
Yes

 
String

+
String

 
job id

+
job id

 		
 

 
 

 

 
-
Request Parameters

-
Table 2 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 2 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
No

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 3 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 3 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 
data

+
data

 
data object

+
data object

 
Job Result

+
Job Result

 		
 

 
 

 

 
-
Table 4 data
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 4 data
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
String

+
String

 
Job Id

+
Job Id

 		
 
status

+
status

 
String

+
String

 
Job execution status. Running means the job is being executed, Success means the job is successful, Failed means the job is failed.

-
Enumeration values:

-
  • Running
  • Success
  • Failed

+
Job execution status. Running means the job is being executed, Success means the job is successful, Failed means the job is failed.

+
Enumeration values:

+
  • Running
    
+
  • Success
    
+
  • Failed
    
+

 		
 
begin_time

+
begin_time

 
String

+
String

 
Creation time, in the format yyyy-mm-ddThh:mm:ssZ. where T refers to the beginning of a certain time; Z refers to the time zone offset.

+
Creation time, in the format yyyy-mm-ddThh:mm:ssZ. where T refers to the beginning of a certain time; Z refers to the time zone offset, for example, the Beijing time offset is displayed as +0800.

 		
 
end_time

+
end_time

 
String

+
String

 
End time, in the format "yyyy-mm-ddThh:mm:ssZ". where T refers to the beginning of a certain time; Z refers to the time zone offset.

+
End time, in the format "yyyy-mm-ddThh:mm:ssZ". where T refers to the beginning of a certain time; Z refers to the time zone offset, for example, the Beijing time offset is displayed as +0800.

 		
 

 
 

 

 
-
Example Requests
Get job status of the job which job id is f588ce71-e26c-400d-8981-f854355f6849 and project id is 09bb24e6fe80d23d2fa2c010b53b418c.

-
/v3/09bb24e6fe80d23d2fa2c010b53b418c/jobs/f588ce71-e26c-400d-8981-f854355f6849

+
Example Requests
Get job status of the job which job id is f588ce71-e26c-400d-8981-f854355f6849 and project id is 09bb24e6fe80d23d2fa2c010b53b418c.

+
/v3/09bb24e6fe80d23d2fa2c010b53b418c/jobs/f588ce71-e26c-400d-8981-f854355f6849

 

-
Example Responses
Status code: 200

-
Get Job Response

-
{
+
Example Responses
Status code: 200

+
Get Job Response

+
{
   "data" : {
     "begin_time" : 1641370501000,
     "end_time" : 1641370515000,
@@ -156,23 +159,23 @@
   }
 }

 

-
Status Codes

-

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

+
Status Codes

+

-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Get Job Response

+
Get Job Response

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListProtectedVpcs.html b/docs/cfw/api-ref/ListProtectedVpcs.html
index e6bcbc3f..13d3c34d 100644
--- a/docs/cfw/api-ref/ListProtectedVpcs.html
+++ b/docs/cfw/api-ref/ListProtectedVpcs.html
@@ -190,143 +190,40 @@
 

 

 
id

-
String

-
id

-
name

-
String

-
name

-
vpc_id

+
vpc_id

 		
 
String

 		
 
vpc id

 		
 
virsubnet_id

-
String

-
subnet id

-
state

-
String

-
state

-
created_at

-
String

-
create time

-
updated_at

-
String

-
update time

-
tags

-
Array of Tag objects

-
tag

-
description

-
String

-
description

-
project_id

-
String

-
project id

-
vpc_project_id

-
String

-
vpc project id

-
enterprise_project_id

-
String

-
enterprise project id

-

-

-
-

-
-
-
-
-
-
-
-
-
-
-
-
Table 7 Tag
Parameter

-
Type

-
Description

-
key

-
String

-
key

-
value

-
String

-
value

-

 
 

 

 
Status code: 500

 
-
Table 8 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
diff --git a/docs/cfw/api-ref/ListServiceItems.html b/docs/cfw/api-ref/ListServiceItems.html
index aab2070c..f97bc739 100644
--- a/docs/cfw/api-ref/ListServiceItems.html
+++ b/docs/cfw/api-ref/ListServiceItems.html
@@ -1,284 +1,293 @@
 
Querying the Service Set Member List

-
Function
This API is used to query service group members.

+
Function
This API is used to query service group members.

 

-
URI
GET /v1/{project_id}/service-items

+
URI
GET /v1/{project_id}/service-items

 
-
Table 7 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

+
Error code

 
Minimum: 8

 
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

+
Description

 
Minimum: 2

 
Maximum: 512

 		
 
 
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
set_id

+
set_id

 
Yes

+
Yes

 
String

+
String

 
Service group ID

+
Service group ID

 		
 
key_word

+
key_word

 
No

+
No

 
String

+
String

 
Query field

+
Query field

 		
 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
offset

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
query_service_set_type

+
No

+
Integer

+
Query service set type, 0 means custom define service set, 1 means predefine service set.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
data object

+
data object

 
Service group member list

+
Service group member list

 		
 

 
 

 

 
-
Table 5 data
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 data
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
total

+
total

 
Integer

+
Integer

 
Total number of records

+
Total number of records

 		
 
set_id

+
set_id

 
String

+
String

 
service set id

+
service set id

 		
 
records

+
records

 
Array of records objects

+
Array of records objects

 
Record

+
Record

 		
 

 
 

 

 
-
Table 6 records
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 records
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
item_id

+
item_id

 
String

+
String

 
Service member ID

+
Service member ID

 		
 
protocol

+
protocol

 
Integer

+
Integer

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

 		
 
source_port

+
source_port

 
String

+
String

 
Source port

+
Source port

 		
 
dest_port

+
dest_port

 
String

+
String

 
Destination port

+
Destination port

 		
 
name

+
name

 
String

+
String

 
Service member name

+
Service member name

 		
 
description

+
description

 
String

+
String

 
Service member description

+
Service member description

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-
Table 7 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 7 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query the member list of the service group whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and service group ID is 7cdebed3-af07-494e-a3c2-b88bb8d58b57.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/service-items?set_id=7cdebed3-af07-494e-a3c2-b88bb8d58b57&limit=10&offset=0

+
Example Requests
Query the member list of the service group whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and service group ID is 7cdebed3-af07-494e-a3c2-b88bb8d58b57.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/service-items?set_id=7cdebed3-af07-494e-a3c2-b88bb8d58b57&limit=10&offset=0

 

-
Example Responses
Status code: 200

-
Return value of the service group member list

-
{
+
Example Responses
Status code: 200

+
Return value of the service group member list

+
{
   "data" : {
     "limit" : 10,
     "offset" : 0,
@@ -293,55 +302,55 @@
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00200005",
   "error_msg" : "operation content does not exist"
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value of the service group member list

+
Return value of the service group member list

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListServiceSetDetail.html b/docs/cfw/api-ref/ListServiceSetDetail.html
index 01a18135..2eaf1fc3 100644
--- a/docs/cfw/api-ref/ListServiceSetDetail.html
+++ b/docs/cfw/api-ref/ListServiceSetDetail.html
@@ -1,255 +1,264 @@
 
 
 
Querying Service Set Details

-
Function
This API is used to query the details about a service group.

+
Function
This API is used to query the details about a service group.

 

-
URI
GET /v1/{project_id}/service-sets/{set_id}

+
URI
GET /v1/{project_id}/service-sets/{set_id}

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 
set_id

+
set_id

 
Yes

+
Yes

 
String

+
String

 
Service group ID

+
Service group ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
query_service_set_type

+
No

+
Integer

+
Query service set type, 0 means custom define service set, 1 means predefine service set.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
ServiceSetDetailResponseDto object

+
ServiceSetDetailResponseDto object

 
service set detail response

+
service set detail response

 		
 

 
 

 

 
-
Table 5 ServiceSetDetailResponseDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 ServiceSetDetailResponseDto
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
String

+
String

 
Service group ID

+
Service group ID

 		
 
name

+
name

 
String

+
String

 
Service group name

-
Minimum: 1

-
Maximum: 255

+
Service group name

+
Minimum: 1

+
Maximum: 255

 		
 
description

+
description

 
String

+
String

 
Service group description

-
Minimum: 1

-
Maximum: 255

+
Service group description

+
Minimum: 1

+
Maximum: 255

 		
 
service_set_type

+
service_set_type

 
Integer

+
Integer

 
Service set type, 0 indicates a custom service set and 1 indicates a predefined service set

+
Service set type, 0 indicates a custom service set, 1 indicates a predefined service set, 2 indicates commonly used remote login and PING, 3 indicates commonly used databases

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-
Table 6 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 6 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query details about the service group whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and service group ID is 221cfdca-3abf-4c30-ab0d-516a03c70866.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/service-sets/221cfdca-3abf-4c30-ab0d-516a03c70866

+
Example Requests
Query details about the service group whose project ID is 9d80d070b6d44942af73c9c3d38e0429 and service group ID is 221cfdca-3abf-4c30-ab0d-516a03c70866.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/service-sets/221cfdca-3abf-4c30-ab0d-516a03c70866

 

-
Example Responses
Status code: 200

-
Response to the request for querying details about a service group member

-
{
+
Example Responses
Status code: 200

+
Response to the request for querying details about a service group member

+
{
   "data" : {
     "service_set_type" : 0,
     "id" : "221cfdca-3abf-4c30-ab0d-516a03c70866",
     "name" : "ceshi2"
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00200005",
   "error_msg" : "operation content does not exist"
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Response to the request for querying details about a service group member

+
Response to the request for querying details about a service group member

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListServiceSets.html b/docs/cfw/api-ref/ListServiceSets.html
index 4c872826..a7197095 100644
--- a/docs/cfw/api-ref/ListServiceSets.html
+++ b/docs/cfw/api-ref/ListServiceSets.html
@@ -1,294 +1,303 @@
 
 
 
Obtaining the Service Set List

-
Function
This API is used to obtain the service group list.

+
Function
This API is used to obtain the service group list.

 

-
URI
GET /v1/{project_id}/service-sets

+
URI
GET /v1/{project_id}/service-sets

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
object_id

+
object_id

 
Yes

+
Yes

 
String

+
String

 
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

+
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

 		
 
key_word

+
key_word

 
No

+
No

 
String

+
String

 
Keyword

+
Keyword

 		
 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of queries on each page, in the range 1-1024

-
Minimum: 1

-
Maximum: 1024

+
Number of queries on each page, in the range 1-1024

+
Minimum: 1

+
Maximum: 1024

 		
 
offset

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

-
Minimum: 0

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Minimum: 0

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
query_service_set_type

+
No

+
Integer

+
Query service set type, 0 means custom define service set, 1 means predefine service set.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
No

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
ServiceSetRecords object

+
ServiceSetRecords object

 
QueryServiceSetResponse

+
QueryServiceSetResponse

 		
 

 
 

 

 
-
Table 5 ServiceSetRecords
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 ServiceSetRecords
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page, in the range 1-1024

+
Number of records displayed on each page, in the range 1-1024

 		
 
total

+
total

 
Integer

+
Integer

 
Total number of records queried

+
Total number of records queried

 		
 
records

+
records

 
Array of ServiceSet objects

+
Array of ServiceSet objects

 
Service group list

+
Service group list

 		
 

 
 

 

 
-
Table 6 ServiceSet
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 ServiceSet
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
set_id

+
set_id

 
String

+
String

 
Service group ID

+
Service group ID

 		
 
name

+
name

 
String

+
String

 
Name

+
Name

 		
 
description

+
description

 
String

+
String

 
Description

+
Description

 		
 
service_set_type

+
service_set_type

 
Integer

+
Integer

 
Service set type, 0 indicates a custom service set and 1 indicates a predefined service set

+
Service set type, 0 indicates a custom service set, 1 indicates a predefined service set, 2 indicates commonly used remote login and PING, 3 indicates commonly used databases

 		
 
ref_count

+
ref_count

 
Integer

+
Integer

 
Reference count

+
Reference count

 		
 
status

+
status

 
String

+
String

 
Status

+
Status

 		
 
project_id

+
project_id

 
String

+
String

 
Project ID

+
Project ID

 		
 
protocols

+
protocols

 
Array of integers

+
Array of integers

 
Protocols

+
Protocols

 		
 

 
 

 

-
Status code: 400

+
Status code: 400

 
-
Table 7 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 7 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Error code

+
Minimum: 8

+
Maximum: 36

 		
 
error_msg

+
error_msg

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
Query the service group list on the first page of protected object a37bb4eb-c49e-4e88-bf77-944a75b0ce8a in project 2349ba469daf4b7daf268bb0261d18b0.

-
https://{Endpoint}/v1/2349ba469daf4b7daf268bb0261d18b0/service-sets?object_id=a37bb4eb-c49e-4e88-bf77-944a75b0ce8a&limit=10&offset=0

+
Example Requests
Query the service group list on the first page of protected object a37bb4eb-c49e-4e88-bf77-944a75b0ce8a in project 2349ba469daf4b7daf268bb0261d18b0.

+
https://{Endpoint}/v1/2349ba469daf4b7daf268bb0261d18b0/service-sets?object_id=a37bb4eb-c49e-4e88-bf77-944a75b0ce8a&limit=10&offset=0

 

-
Example Responses
Status code: 200

-
Response to the request for querying service group information

-
{
+
Example Responses
Status code: 200

+
Response to the request for querying service group information

+
{
   "data" : {
     "limit" : 50,
     "offset" : 0,
@@ -303,55 +312,55 @@
     "total" : 1
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.0020016",
   "error_msg" : "instance status error"
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Response to the request for querying service group information

+
Response to the request for querying service group information

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/UpdateAclRule.html b/docs/cfw/api-ref/UpdateAclRule.html
index 4cef6250..23b005d6 100644
--- a/docs/cfw/api-ref/UpdateAclRule.html
+++ b/docs/cfw/api-ref/UpdateAclRule.html
@@ -1,806 +1,926 @@
 
 
 
Updating an ACL Rule

-
Function
This API is used to update an ACL rule.

+
Function
This API is used to update an ACL rule.

 

-
URI
PUT /v1/{project_id}/acl-rule/{acl_rule_id}

+
URI
PUT /v1/{project_id}/acl-rule/{acl_rule_id}

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID

+
Project ID

 		
 
acl_rule_id

+
acl_rule_id

 
Yes

+
Yes

 
String

+
String

 
Rule ID

+
Rule ID

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

+
Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.

 		
 
fw_instance_id

+
fw_instance_id

 
No

+
No

 
String

+
String

 
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

+
Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

+
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

 		
 

 
 

 

 
-
Table 4 Request body parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
Table 4 Request body parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
address_type

+
address_type

 
No

+
No

 
Integer

+
Integer

 
Address type. The value can be 0 (IPv4) or 1 (IPv6).

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Address type. The value can be 0 (IPv4) or 1 (IPv6).

+
Enumeration values:

+
  • 0
  • 1

 		
 
name

+
name

 
No

+
No

 
String

+
String

 
Rule name

+
Rule name

 		
 
sequence

+
sequence

 
No

+
No

 
OrderRuleAclDto object

+
OrderRuleAclDto object

 
UpdateRuleAclDto

+
UpdateRuleAclDto

 		
 
direction

+
direction

 
No

+
No

 
Integer

+
Integer

 
Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Direction: 0 means outside to inside, 1 means inside to outside, direction value is required when rule type is internet or nat.

+
Enumeration values:

+
  • 0
  • 1

 		
 
action_type

+
action_type

 
No

+
No

 
Integer

+
Integer

 
Action. 0: allow; 1: deny

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Action. 0: allow; 1: deny

+
Enumeration values:

+
  • 0
  • 1

 		
 
status

+
status

 
No

+
No

 
Integer

+
Integer

 
Rule delivery status. 0: disabled; 1: enabled.

+
Rule delivery status. 0: disabled; 1: enabled.

 		
 
description

+
applications

 
No

+
No

 
String

+
Array of strings

 
Description

+
applications

 		
 
long_connect_time_hour

+
applicationsJsonString

 
No

+
No

 
Long

+
String

 
Persistent connection duration (hour)

+
applications json string

 		
 
long_connect_time_minute

+
description

 
No

+
No

 
Long

+
String

 
Persistent connection duration (hour)

+
Description

 		
 
long_connect_time_second

+
long_connect_time_hour

 
No

+
No

 
Long

+
Long

 
Persistent connection duration (minute)

+
Persistent connection duration (hour)

 		
 
long_connect_time

+
long_connect_time_minute

 
No

+
No

 
Long

+
Long

 
Persistent connection duration

+
Persistent connection duration (hour)

 		
 
long_connect_enable

+
long_connect_time_second

 
No

+
No

 
Integer

+
Long

 
Whether to support persistent connections. 0: not supported; 1: supported.

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-

+
Persistent connection duration (minute)

 		
 
source

+
long_connect_time

 
No

+
No

 
RuleAddressDto object

+
Long

 
Rule address DTO

+
Persistent connection duration

 		
 
destination

+
long_connect_enable

 
No

+
No

 
RuleAddressDto object

+
Integer

 
Rule address DTO

+
Whether to support persistent connections. 0: not supported; 1: supported.

+
Enumeration values:

+
  • 0
  • 1

 		
 
service

+
source

 
No

+
No

 
RuleServiceDto object

+
RuleAddressDto object

 
RuleServiceDto

+
rule address dto

 		
 
type

+
destination

 
No

+
No

 
Integer

+
RuleAddressDto object

 
Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

-
Enumeration values:

-
  • 0
    
-
  • 1
    
-
  • 2
    
-

+
rule address dto

 		
 
tag

+
service

 
No

+
No

 
TagsVO object

+
RuleServiceDto object

 
tag

+
rule service dto

+
type

+
No

+
Integer

+
Rule type. The value can be 0 (Internet rule), 1 (VPC rule), or 2 (NAT rule).

+
Enumeration values:

+
  • 0
  • 1
  • 2

+
tag

+
No

+
TagsVO object

+
tag

 		
 

 
 

 

 
-
Table 5 OrderRuleAclDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
Table 5 OrderRuleAclDto
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
dest_rule_id

+
dest_rule_id

 
No

+
No

 
String

+
String

 
ID of the rule that the added rule will follow. This parameter cannot be left blank if the rule is not pinned on top, and is empty when the added rule is pinned on top.

+
ID of the rule that the added rule will follow. This parameter cannot be left blank if the rule is not pinned on top, and is empty when the added rule is pinned on top.

 		
 
top

+
top

 
No

+
No

 
Integer

+
Integer

 
Whether to pin on top. The options are as follows: 0: no; 1: yes.

+
Whether to pin on top. The options are as follows: 0: no; 1: yes.

+
bottom

+
No

+
Integer

+
Whether to pin on bottom. The options are as follows: 0: no; 1: yes.

 		
 

 
 

 

 
-
Table 6 RuleAddressDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
Table 6 RuleAddressDto
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
type

+
type

 
Yes

+
Yes

 
Integer

+
Integer

 
Source type. 0: manual input; 1: associated IP address group; 2: domain name

+
Source type. 0: manual input; 1: associated IP address group; 2: domain name; 3: region; 4: domain set 5: multi object, 6: domain set dns, 7: domain url profile

 		
 
address_type

+
address_type

 
No

+
No

 
Integer

+
Integer

 
Source type. 0: IPv4; 1: IPv6

+
Source type. 0: IPv4; 1: IPv6

 		
 
address

+
address

 
No

+
No

 
String

+
String

 
Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

+
Source IP address. The value cannot be empty for the manual type, and cannot be empty for the automatic or domain type.

 		
 
address_set_id

+
address_set_id

 
No

+
No

 
String

+
String

 
ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

+
ID of the associated IP address group. The value cannot be empty for the automatic type or for the manual or domain type.

 		
 
address_set_name

+
address_set_name

 
No

+
No

 
String

+
String

 
IP address group name

+
IP address group name

 		
 
domain_address_name

+
domain_address_name

 
No

+
No

 
String

+
String

 
Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

+
Name of the domain name address. This parameter cannot be left empty for the domain name type, and is empty for the manual or automatic type.

 		
 
region_list_json

+
region_list_json

 
No

+
No

 
String

+
String

 
JSON value of the rule region list.

+
JSON value of the rule region list.

 		
 
region_list

+
region_list

 
No

+
No

 
Array of IpRegionDto objects

+
Array of IpRegionDto objects

 
Region list of a rule

+
Region list of a rule

 		
 
domain_set_id

+
domain_set_id

 
No

+
No

 
String

+
String

 
domain set id

+
domain set id

 		
 
domain_set_name

+
domain_set_name

 
No

+
No

 
String

+
String

 
domain set name

+
domain set name

 		
 
ip_address

+
ip_address

 
No

+
No

 
Array of strings

+
Array of strings

 
IP address list

+
IP address list

 		
 
address_group

+
address_group

 
No

+
No

 
Array of strings

+
Array of strings

 
address group

+
address group

 		
 
address_group_names

+
address_group_names

 
No

+
No

 
Array of AddressGroupVO objects

+
Array of AddressGroupVO objects

 
Address set list

+
Address set list

+
address_set_type

+
No

+
Integer

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

+
predefined_group

+
No

+
Array of strings

+
predefined group

 		
 

 
 

 

 
-
Table 7 IpRegionDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 7 IpRegionDto
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
region_id

+
region_id

 
No

+
No

 
String

+
String

 
region id

+
region id

 		
 
description_cn

+
description_cn

 
No

+
No

 
String

+
String

 
cn description

+
cn description

 		
 
description_en

+
description_en

 
No

+
No

 
String

+
String

 
en description

+
en description

 		
 
region_type

+
region_type

 
No

+
No

 
Integer

+
Integer

 
Region type, 0 means country, 1 means province, 2 means continent

+
Region type, 0 means country, 1 means province, 2 means continent

 		
 

 
 

 

 
-
Table 8 RuleServiceDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 8 AddressGroupVO
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
type

+
address_set_type

 
Yes

+
No

 
Integer

+
Integer

 
Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

+
Address set type, 0 indicates a custom define address set, 1 indicates a WAF return-to-source IP address set, 2 indicates a DDoS return-to-source IP address set, and 3 indicates a NAT64 translation address set.

 		
 
protocol

+
name

 
No

+
No

 
Integer

+
String

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+
name

 		
 
source_port

+
set_id

 
No

+
No

 
String

+
String

 
Source port

-
dest_port

-
No

-
String

-
Destination port

-
service_set_id

-
No

-
String

-
Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

-
service_set_name

-
No

-
String

-
Service group name

-
custom_service

-
No

-
Array of ServiceItem objects

-
custom service

-
service_group

-
No

-
Array of strings

-
Service group list

-
service_group_names

-
No

-
Array of AddressGroupVO objects

-
Service group name list

+
address set id

 		
 

 
 

 

 
-
Table 9 ServiceItem
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 9 RuleServiceDto
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
protocol

+
type

 
No

+
Yes

 
Integer

+
Integer

 
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

+
Service input type. The value 0 indicates manual input, and the value 1 indicates automatic input.

 		
 
source_port

+
protocol

 
No

+
No

 
String

+
Integer

 
source port

+
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

 		
 
dest_port

+
protocols

 
No

+
No

 
String

+
Array of integers

 
destination port

+
Protocols

 		
 
description

+
source_port

 
No

+
No

 
String

+
String

 
description

+
Source port

 		
 
name

+
dest_port

 
No

+
No

 
String

+
String

 
name

+
Destination port

+
service_set_id

+
No

+
String

+
Service group ID. This parameter is left blank for the manual type and cannot be left blank for the automatic type.

+
service_set_name

+
No

+
String

+
Service group name

+
custom_service

+
No

+
Array of ServiceItem objects

+
custom service

+
predefined_group

+
No

+
Array of strings

+
predefined group

+
service_group

+
No

+
Array of strings

+
Service group list

+
service_group_names

+
No

+
Array of ServiceGroupVO objects

+
Service group name list

+
service_set_type

+
No

+
Integer

+
Service set type, 0 indicates a custom service set, 1 indicates a predefined service set, 2 indicates commonly used remote login and PING, 3 indicates commonly used databases

 		
 

 
 

 

 
-
Table 10 AddressGroupVO
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 10 ServiceItem
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
set_id

+
protocol

 
No

+
No

 
String

+
Integer

 
set id

+
Protocol type. The value 6 indicates TCP, 17 indicates UDP, 1 indicates ICMP, 58 indicates ICMPv6, and -1 indicates any protocol. Regarding the addition type, a null value indicates it is automatically added.

 		
 
name

+
source_port

 
No

+
No

 
String

+
String

 
name

+
source port

+
dest_port

+
No

+
String

+
destination port

+
description

+
No

+
String

+
description

+
name

+
No

+
String

+
name

 		
 

 
 

 

 
-
Table 11 TagsVO
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 11 ServiceGroupVO
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
tag_id

+
name

 
No

+
No

 
String

+
String

 
tag id

+
service group name

 		
 
tag_key

+
protocols

 
No

+
No

 
String

+
Array of integers

 
tag key

+
protocols

 		
 
tag_value

+
service_set_type

 
No

+
No

 
String

+
Integer

 
tag value

+
Query service set type, 0 means custom define service set, 1 means predefine service set.

 		
 

-

-
-
Response Parameters
Status code: 200

-
-

-
-
-
-
-
-
-
+
Table 12 Response body parameters
Parameter

-
Type

-
Description

-
data

+
set_id

 
RuleId object

+
No

 
Rule ID

+
String

+
service set id

 		
 

 
 

 

 
-
Table 13 RuleId
Parameter

+

-
-
+
-
-
-
+
-
-
-
+
+
+
+
+
+
Table 12 TagsVO
Parameter

 
Type

+
Mandatory

 
Description

+
Type

+
Description

 		
 

 
id

+
tag_id

 
String

+
No

 
id

+
String

+
tag id

 		
 
name

+
tag_key

 
String

+
No

 
name

+
String

+
tag key

+
tag_value

+
No

+
String

+
tag value

 		
 

 
 

 

-
Status code: 400

+
+
Response Parameters
Status code: 200

 
-

-
-
-
-
-
-
-
-
-
-
-
@@ -136,7 +136,7 @@
 
-
diff --git a/docs/cfw/api-ref/cfw_02_0016.html b/docs/cfw/api-ref/cfw_02_0016.html
index 969d86de..33682102 100644
--- a/docs/cfw/api-ref/cfw_02_0016.html
+++ b/docs/cfw/api-ref/cfw_02_0016.html
@@ -2,13 +2,19 @@
 
 
Change History

-
Table 14 Response body parameters
Parameter

+

-
-
-
-
-
-
+
Table 13 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
data

 
String

+
RuleId object

 
Error code

-
Minimum: 8

-
Maximum: 36

+
Rule ID

 		
 
error_msg

+

+

+
+

+
+
+
+
+
-
-
+
+
+
+
+
+
+
Table 14 RuleId
Parameter

+
Type

+
Description

+
id

 
String

+
String

 
Description

-
Minimum: 2

-
Maximum: 512

+
id

+
name

+
String

+
name

+

+

+
Status code: 400

+
+

+
+
+
+
+
+
+
+
+
+
+
Table 15 Response body parameters
Parameter

+
Type

+
Description

+
error_code

+
String

+
Error code

+
Minimum: 8

+
Maximum: 36

+
error_msg

+
String

+
Description

+
Minimum: 2

+
Maximum: 512

 		
 

 
 

 

 
-
Example Requests
The following example shows how to update an IPv4 inbound rule. The rule name is TestRule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.

-
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rule/ceaa0407-b9c8-4dfd-9eca-b6ead2dfd031
+
Example Requests
The following example shows how to update an IPv4 inbound rule. The rule name is TestRule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.

+
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rule/ceaa0407-b9c8-4dfd-9eca-b6ead2dfd031
 
 {
   "name" : "TestRule",
@@ -831,62 +951,62 @@
   "direction" : 0
 }

 

-
Example Responses
Status code: 200

-
OK

-
{
+
Example Responses
Status code: 200

+
OK

+
{
   "data" : {
     "id" : "ceaa0407-b9c8-4dfd-9eca-b6ead2dfd031"
   }
 }

-
Status code: 400

-
Bad Request

-
{
+
Status code: 400

+
Bad Request

+
{
   "error_code" : "CFW.00200005",
   "error_msg" : "operation content does not exist"
 }

 

-
Status Codes

-

+
+
+
+
+
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
OK

+
OK

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/UpdateAclRuleOrder.html b/docs/cfw/api-ref/UpdateAclRuleOrder.html
index 99356d71..fb56b80b 100644
--- a/docs/cfw/api-ref/UpdateAclRuleOrder.html
+++ b/docs/cfw/api-ref/UpdateAclRuleOrder.html
@@ -121,6 +121,15 @@
 
Whether to pin on top. The options are as follows: 0: no; 1: yes.

 		
 
bottom

+
No

+
Integer

+
Whether to pin on bottom. The options are as follows: 0: no; 1: yes.

+

 
 

 

diff --git a/docs/cfw/api-ref/UpdateBlackWhiteList.html b/docs/cfw/api-ref/UpdateBlackWhiteList.html
index ef2d71c2..7b3b0bab 100644
--- a/docs/cfw/api-ref/UpdateBlackWhiteList.html
+++ b/docs/cfw/api-ref/UpdateBlackWhiteList.html
@@ -148,28 +148,6 @@
 
Port

 		
 
list_type

-
No

-
Integer

-
Blacklist/Whitelist type. The options are 4 (blacklist) and 5 (whitelist).

-
Enumeration values:

-
  • 4
    
-
  • 5
    
-

-
object_id

-
No

-
String

-
Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.

-

 
description

 		
 
No

diff --git a/docs/cfw/api-ref/UpdateDomainSet.html b/docs/cfw/api-ref/UpdateDomainSet.html
index c2137d71..321e9243 100644
--- a/docs/cfw/api-ref/UpdateDomainSet.html
+++ b/docs/cfw/api-ref/UpdateDomainSet.html
@@ -58,7 +58,7 @@
 

 
fw_instance_id

 
No

+
Yes

 		
 
String

 		
 
Integer

 
domain set type

+
Domain name group type. 0 means Application type and 1 means Network type.

 		
 

 
 
Release Date

+

-
+
+
+
Release Date

 		
 
Description

 		
 

 
2024-04-30

+
2024-05-28

+
This issue is the second official release.

+
Modified the description about whether X-Auth-Token is mandatory.

+
2024-04-30

 		
 
This issue is the first official release.