Cisco Cisco Security Manager 4.4 Guia De Especificaciones
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 56
3.1.4.8 Standard ACE Policy Object
A StandardACEPolicyObject extends from the BasePolicyObject class and inherits all its attributes. A
StandardACEPolicyObject defines a standard IP access control entry. Policy definitions reference the
StandardACEPolicyObject via the gid value.
StandardACEPolicyObject defines a standard IP access control entry. Policy definitions reference the
StandardACEPolicyObject via the gid value.
Element.Sub Element
Type
Comment
networkGID
ObjectIdentifier
The source or destination of the traffic.
doLogging
boolean
Whether to create log entries when traffic meets the entry criteria.
permit
boolean
Indicates the action to be taken when a match is found
Table 28: StandardACEPolicyObject Class Definition
Figure 34: StandardACEPolicyObject XML Schema
3.1.4.9 Extended ACE Policy Object
An ExtendedACEPolicyObject extends from the BasePolicyObject class and inherits all its attributes. An
ExtendedACEPolicyObject defines an extended access control entry. Policy definitions reference the
ExtendedACEPolicyObject via the gid value.
ExtendedACEPolicyObject defines an extended access control entry. Policy definitions reference the
ExtendedACEPolicyObject via the gid value.
Element.Sub Element
Type
Comment
sourceGID
ObjectIdentifier
The source of the traffic.
destinationGID
ObjectIdentifier
Traffic destination.
serviceGID
ObjectIdentifier
The service that defines the type of traffice to act upon
doLogging
String
Contains value “true” if logging is enabled for PIX, ASA, FWSM
devices or “false” otherwise. If logInterval and logLevel elements are
not specified then it means “Default Logging” is enabled.
devices or “false” otherwise. If logInterval and logLevel elements are
not specified then it means “Default Logging” is enabled.
<
xs:complexType
name
="StandardACEPolicyObject">
<
xs:complexContent
>
<
xs:extension
base
="BasePolicyObject">
<
xs:sequence
minOccurs
="1"
maxOccurs
="1">
<
xs:element
name
="networkGID"
type
="ObjectIdentifier"
minOccurs
="1"
maxOccurs
="1"/>
<
xs:element
name
="doLogging"
type
="xs:boolean"
minOccurs
="1"
maxOccurs
="1"/>
<
xs:element
name
="permit"
type
="xs:boolean"
minOccurs
="1"
maxOccurs
="1"/>
</
xs:sequence
>
</
xs:extension
>
</
xs:complexContent
>
</
xs:complexType
>