Hi all,

NSX-V environment DFW rule creation using API case. 

We are working with some code for an existing automated DFW rules creation in NSX-V, as per documentation and testing is very simple to pass a FW rule to be created and published. (the basic code is below as example)

The point here, and where im seeking help or comments is the idea is to post multiple FW rules in one go. Imagine I have a DFW with 10k rules, so the publish times are not the same as an empty DFW. So dealing with a request of 50 rules -that will be 50 different FW rules inside the DFW- and If I need to push 1 by 1 then the publish time will be complex and might generate another issues.

The question per se is: Is there a way to concatenate multiple rules to be pushed in the same (only 1) API call. Below the code for 1 rule (duplicating like in EDGE FW is not working :D)  I coulnd't find any details on this to the DFW, the EDGE FW yes.

Cheers
N

<rule disabled="false" logged="false">    
<name>TEST RULE 01</name>
<action>allow</action>
<notes></notes>
<appliedToList><appliedTo>
<name>DISTRIBUTED_FIREWALL</name>
<value>DISTRIBUTED_FIREWALL</value>
<type>DISTRIBUTED_FIREWALL</type>
<isValid>true</isValid>
</appliedTo>
</appliedToList>
<sectionId>1007</sectionId>
<sources excluded="false">
<source>
<value>30.30.30.101</value>
<type>Ipv4Address</type>
<isValid>true</isValid>
</source></sources>
<destinations excluded="false">
<destination>
<value>30.30.30.103</value>
<type>Ipv4Address</type>
<isValid>true</isValid>
</destination>           
</destinations>
<services><service>
<isValid>true</isValid>
<destinationPort>80</destinationPort
><protocol>6</protocol>
<protocolName>TCP</protocolName>
</service>
</services>
</rule>