-
Notifications
You must be signed in to change notification settings - Fork 4
Firewall Rules
List of zone firewall rules. See api doc here: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/get/
Command: cf firewall list <zone>
Options:
Options:
--version Show version number [boolean]
--help Show help [boolean]
--format Format the output, value: table, string, json, list [string]
--separator Separator value when the output format is string [string] [default: " "]
--description Find rules that has case-insensitive text in description value [string]
--fields Fields to return [string] [default: "id,description,action"]
--perPage Number of zones per page [default: 20]
--page Page number of paginated results [default: 1]
Samples:
cf firewall list example.comcf firewall list example.com --description=sg
Get details of a zone firewall rule. See api doc here: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/get/
Command: cf firewall get <zone> <firewallId>
Options:
Options:
--version Show version number [boolean]
--help Show help [boolean]
--format Format the output, value: table, string, json, list [string]
--separator Separator value when the output format is string [string] [default: " "]
--fields Fields to return [string] [default: "id,description,paused,modified_on,filter.id,filter.expression,action"]
Samples:
cf firewall get example.com 69412a7c31944e1f9632bc7227919c72cf firewall get example.com 69412a7c31944e1f9632bc7227919c72 --fields=filter.expression,action
Create a firewall rule. See api doc here: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/post/
Command: cf firewall create <zone> --action=[allow|block] --expression=<expression> --description=<description>
Options:
Options:
--version Show version number [boolean]
--help Show help [boolean]
--format Format the output, value: table, string, json, list [string]
--separator Separator value when the output format is string [string] [default: " "]
--filterId Filter id to apply to this rule [string]
--expression Filter expression will created for this rule, and will ignore the filterId [string]
--action The firewall action to perform, values: log, bypass, allow. challenge, js_challenge, block
[string] [required]
--description To briefly describe the rule [string]
--paused Indicates if the rule is active [boolean] [default: false]
--priority The rule's priority, gets lowest priority if omitted [number]
--ref Unique, user-supplied identifier or reference [string]
--fields Fields to return [string] [default: "id,description,action"]
Samples:
cf firewall create example.com --action=allow --expression="ip.src eq 1.2.3.4"cf firewall create example.com --action=block --expression="ip.src eq 4.5.6.7"cf firewall create example.com --action=block --expression="$(cat ~/Downloads/filter.txt)" --description='Block Spammer'cf firewall create example.com --action=block --filterId="75aa6e3c9925412bb1f4363429192c82" --description='Block Spammer'
Delete a firewall rule. See api doc here: https://developers.cloudflare.com/firewall/api/cf-firewall-rules/delete/
Command: cf firewall delete <zone> <firewallId>
Options:
Options:
--version Show version number [boolean]
--help Show help [boolean]
Samples:
cf firewall delete example.com 75aa6e3c9925412bb1f4363429192c82
Note: Delete firewall rule will not delete the filter. You need to delete the filter separately.