Create an Application
Create an application to include in an application list. Use application lists to build rules in a firewall policy.
- Name: A unique name you define for the application.
- Protocol: ICMP, or ICMPv6
- ICMP Type: 0-Echo reply, 3-Destination unreachable, 5-Redirect, 8-Echo.
- ICMP Code: Used when you select ICMP. 0-Net unreachable, 1-Host unreachable, 2-Protocol unreachable, 3-Port unreachable
For more information about ICMP types and codes, see Internet Control Message Protocol (ICMP) Parameters.
You can create applications one at a time using the following instructions, or you can import many at the same time using a .json
file. See Bulk Import Firewall Policy Components more information.
After you create applications, you can add them to an application list in the policy. You can't add applications from one policy to a list in a different policy. The application must be created within each policy you want to use it in.
Some names are reserved by Palo Alto Networks®. If you create a policy component with a reserved name, the process fails with an error. See Reserved Names.
Use the network-firewall application create command and required parameters to create an application:
oci network-firewall application create --name my_app --network-firewall-policy-id network firewall policy OCID --compartment-id compartment OCID[OPTIONS]
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the CreateApplication operation to create an application.