Restricted IPs
Click here to see this page in full context

Restricted IPs

GET POST/api/2.0/fo/setup/restricted_ips/

Manage and update the list of restricted IPs within the user's subscription. Managers only have permission to perform these actions using this API.

Input ParametersInput Parameters

Parameter

Required/Optional

Data Type

Description

action={value}

 Required String 

One action must be defined

activate - enable or disable the restricted IPs feature

list - download list of all restricted IPs

clear - clear all restricted IPs and de-active this feature

add - add restricted IPs

delete - delete restricted IPs

replace - replace restricted IPs

echo_request={0|1}

 Optional Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.

enable={0|1}

 Optional and valid when action is activate Integer 

Enable or disable the restricted IPs list. Set enable=1 to enable the list; set enable=0 to clear any IPs in the list and disable the feature.

ips={value} -or- {CSV raw data upload}

 Optional and valid when action is add, replace or delete Integer/
File 

The hosts you want to add to, remove from or replace in the restricted IPs list. IPs must be specified by using the “ips” parameter (using the POST method) or by uploading CSV raw data (using the GET or POST method). To upload CSV raw data using POST, specify --data-binary <data>.

How to specify IP addresses. One or more IPs/ranges may be specified. Multiple IPs/ranges are comma separated. An IP range is specified with a hyphen (for example, 10.10.30.1-10.10.30.50). CIDR notation is supported.

output_format={CSV|XML}

 Optional and valid when action is list File 

The list output will be in XML format by default. For CSV format, set output_format=CSV.

Sample - Download Restricted IPsSample - Download Restricted IPs

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X "POST" -d "action=list" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE RESTRICTED_IPS_OUTPUT SYSTEM "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/restricted_ips_output.dtd">
<RESTRICTED_IPS_OUTPUT>
  <RESPONSE>
    <DATETIME>2018-03-22T11:12:56Z</DATETIME>
    <IP_SET>
      <IP_RANGE>10.10.10.1-10.10.10.255</IP_RANGE>
    </IP_SET>
    <STATUS>disabled</STATUS>
  </RESPONSE>
</RESTRICTED_IPS_OUTPUT>

Sample - Replace Restricted IPs (IPs in CIDR Notation)Sample - Replace Restricted IPs (IPs in CIDR Notation)

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X "POST" -d "action=replace&ips=10.0.0.0/8" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/" > output.txt

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-03-22T11:45:00Z</DATETIME>
    <TEXT>Successfully replaced restricted ips</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>STATUS</KEY>
        <VALUE>disabled</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample - Delete Restricted IPs (Upload CSV Raw Data)Sample - Delete Restricted IPs (Upload CSV Raw Data)

CSV File

$ cat file1.csv
10.0.0.1
10.0.0.2-10.0.0.100

API Request

curl -H "X-Requested-with:curl" -H "Content-type:text/csv" -u "USERNAME:PASSWORD"--data-binary "@file1.csv" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/?action=delete"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-03-22T11:45:34Z</DATETIME>
    <TEXT>Successfully deleted restricted ips</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>STATUS</KEY>
        <VALUE>disabled</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample - Activate Restricted IPs Feature and Enable ListSample - Activate Restricted IPs Feature and Enable List

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X "POST" -d "action=activate&enable=1" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/" > output.txt

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-03-22T11:46:45Z</DATETIME>
    <TEXT>Restricted IPs feature has been enabled successfully</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>STATUS</KEY>
        <VALUE>enabled</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample - Download Restricted IPs List in CSV FormatSample - Download Restricted IPs List in CSV Format

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X "POST" -d "action=list&output_format=csv" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/"

CSV Output

----BEGIN_RESPONSE_BODY_CSV
10.0.0.0
10.0.0.101-10.255.255.255
----END_RESPONSE_BODY_CSV
----BEGIN_RESPONSE_FOOTER_CSV
STATUS
enabled
----END_RESPONSE_FOOTER_CSV

Sample - Clear All Restricted IPs and Disable the FeatureSample - Clear All Restricted IPs and Disable the Feature

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -X "POST" -d "action=clear" "https://<qualys_base_url>/api/2.0/fo/setup/restricted_ips/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-03-22T12:04:34Z</DATETIME>
    <TEXT>Successfully cleared restricted ips</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>STATUS</KEY>
        <VALUE>disabled</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

DTD for Restricted IPs List

<platform API server>/api/2.0/fo/setup/restricted_ips/restricted_ips_output.dtd