API ReferenceNew CentralGuidesMRT APIConfiguration API
GithubAirheads Developer Community
API Reference

Update an existing net-service

List of network service definitions. Each net-service defines
a named protocol/port combination that can be referenced in
policy rules to match specific types of network traffic. The
key 'name' uniquely identifies the net-service.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Path Params
string
required
length ≤ 9999

Unique name of the net-service. This is a required key field.
Maximum length is 63 characters.

Query Params
string

LOCAL - To update local objects. SHARED - To update shared objects. Default - Defaults to SHARED if not provided

string

Scope at which local object needs to be updated. Mandatory if object-type = LOCAL. Should not be provided for object-type = SHARED.

string

Device function for which the local object needs to be updated. Mandatory if object_type = LOCAL. Should not be provided for object_type = SHARED.

Body Params

net-servicebody object

alg-config
object

Grouping for SUN RPC ALG configuration. Defines SUNRPC program
identifiers and timeout for Distributed Services Switches (DSS).

string
enum

Specifies the Application Layer Gateway (ALG) service type
for this net-service. ALG enables deep packet inspection
for application-specific protocols, allowing the firewall
to handle dynamic port negotiation and NAT traversal. The
selected ALG must be compatible with the configured protocol
(TCP, UDP, or other). See the must constraint for valid
protocol/ALG combinations.

Show Details
DHCPEnables ALG for DHCP traffic allowing dynamic relay and inspection of DHCP messages. Requires UDP protocol.
DNSEnables ALG for DNS traffic allowing inspection and optional filtering of DNS queries and responses. Requires UDP protocol. Additional DNS ALG options can be configured via the alg-config container when this value is selected.
FACETIMEEnables ALG for Apple FaceTime video calling traffic. Requires TCP protocol.
FTPEnables ALG for FTP traffic allowing inspection and NAT traversal of FTP control and data connections. Requires TCP protocol. Additional FTP ALG options can be configured via the alg-config container when this value is selected.
H323Enables ALG for H.323 video conferencing and VoIP signaling traffic. Requires TCP or UDP protocol.
ICMPEnables ALG for ICMP traffic allowing inspection by type and code. Additional ICMP ALG options can be configured via the alg-config container when this value is selected.
JABBEREnables ALG for Cisco Jabber unified communications traffic. Requires TCP or UDP protocol.
MSRPCEnables ALG for Microsoft RPC (Remote Procedure Call) traffic. Requires TCP or UDP protocol on port 135. Additional MSRPC ALG options can be configured via the alg-config container.
NOEEnables ALG for Alcatel NOE (New Office Environment) VoIP traffic. Requires UDP protocol.
RTSPEnables ALG for RTSP (Real Time Streaming Protocol) media streaming traffic. Requires TCP or UDP protocol.
SCCPEnables ALG for SCCP (Skinny Client Control Protocol) used by Cisco IP phones. Requires TCP protocol.
SIPEnables ALG for SIP (Session Initiation Protocol) VoIP signaling traffic. Requires TCP or UDP protocol.
SIPSEnables ALG for SIPS (SIP over TLS) encrypted VoIP signaling traffic. Requires TCP protocol.
SUNRPCEnables ALG for SUN RPC (Remote Procedure Call) traffic. Requires TCP or UDP protocol on port 111. Additional SUNRPC ALG options can be configured via the alg-config container.
SVPEnables ALG for SVP (SpectraLink Voice Priority) wireless VoIP traffic. Requires a protocol other than TCP or UDP.
TFTPEnables ALG for TFTP (Trivial File Transfer Protocol) traffic. Requires UDP protocol.
VOCERAEnables ALG for Vocera badge communication traffic. Requires UDP protocol.
string
length between 1 and 128

An optional human-readable description for this net-service.
Can be used to document the purpose or intended use.
Maximum length is 128 characters.

boolean
Defaults to false

When set to true, marks this net-service port as an HTTP
proxy port for web traffic interception. Only applicable
when no ALG service is configured. Default: false.

boolean
Defaults to false

When set to true, marks this net-service port as an HTTPS
proxy port for secure web traffic interception. Only
applicable when no ALG service is configured. Default: false.

string
length between 1 and 63

Unique name of the net-service. This is a required key field.
Maximum length is 63 characters.

port-range
object

Port range specification for this net-service. If operator
is COMPARISON_RANGE, both min and max values define the range.
If operator is COMPARISON_EQ, only the min value is used as
the exact port match. Cannot be used together with the ports
leaf-list.

ports
array of int32s
length ≤ 2147483647
ports
0 to 255

Specifies the IP protocol for this net-service, expressed
either as an IP protocol number or a named identity (e.g.,
IP_TCP for 6, IP_UDP for 17). This determines which transport
protocol the service matches. Must not be set when alg-service
is ICMP.

Responses

Language
Credentials
OAuth2
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json