Barrack API Documentation
  1. Firewall
Barrack API Documentation
  • Platform Documentation
    • Getting Started
    • Authentication & Access
    • Account Management
    • API Keys
    • GPU Models
    • Regions
    • Instance
      • OS Images
      • Bootsource Management
      • Deploy Instance
      • Instance Management
      • Hibernation
      • View Instances
    • SSH Keys
      • Add SSH Keys
      • Manage SSH Keys
    • Volumes
      • Overview
      • Create Volume
      • List and View Volumes
      • Attach Volumes
      • Detach Volumes
      • Clone Volumes
      • Resize Volume
      • Delete Volume
    • Advanced Configurations
      • Network And Security
      • Cloudinit Script
      • Startup Script
    • Firewall
      • Manage Firewall
      • Rules and Attachment
    • Snapshot
      • Overview
      • Manage Snapshots
      • Restore Snapshots
    • Custom Images
      • Overview
      • Create and Manage Images
    • dashboard
      • "Dashboard Overview"
      • "VM Management"
    • AI Chat
      • AI Chat
  • Balance
    • Get credit balance
      GET
  • GPU Stocks
    • Get GPU stock availability
      GET
  • GPU Specs
    • Get GPU specifications
      GET
  • Regions
    • List available regions
      GET
  • Pricing
    • Get pricing information
      GET
    • Get pricing information
      POST
  • Deploy Instance
    • Create a new instance
  • Instance management
    • List instances
    • Get instance details
    • Get instance billing
    • Start instance
    • Stop instance
    • Reboot instance
    • Hibernate instance
    • Restore hibernated instance
    • Toggle public IP for instance
    • Add instance security rule
    • Remove instance security rule
    • Delete instance
  • OS Images
    • List OS images
  • SSH Keys
    • List SSH keys
    • Get SSH key
    • Create SSH key
    • Delete SSH key
  • Volumes
    • List volumes
    • Create volume
    • Get volume details
    • Delete volume
    • Resize volume
    • Clone volume
    • Attach volumes to instance
    • Detach volumes from instance
    • List available volume types
    • Get volume billing
  • Firewalls
    • List firewalls
    • Get firewall details
    • Get supported protocols
    • Get firewalls attached to instance
    • List instances available for firewall attachment
    • Create firewall
    • Delete firewall
    • Add firewall rule
    • Remove firewall rule
    • Attach firewall to instances
  • Scripts
    • List all startup scripts
    • Get startup script details
    • Create a startup script
    • Update a startup script
    • Delete a startup script
    • Delete multiple startup scripts
  • Snapshots
    • List snapshots
    • Get snapshot details
    • List Instance eligible for snapshot creation
    • Get snapshot billing
    • Create snapshot
    • Delete snapshot
    • Restore snapshot
  • Images
    • List custom images
    • Get image details
    • Create image from snapshot
    • Delete custom image
    • Get snapshot-image relationship
    • Get snapshot-image relationship list
  • AI Chat
    • Get available AI models
    • Chat with AI
    • Get AI usage summary
    • Get AI usage history
  • Schemas
    • AITransaction
    • AddFirewallRuleRequest
    • AddFirewallRuleResponse
    • AddVMSecurityRuleResponse
    • AttachFirewallRequest
    • AggregatedBillingResponse
    • AttachFirewallResponse
    • AttachVolumesRequest
    • AttachVolumesResponse
    • AttachedFirewall
    • BatchSnapshotImageRelationshipResponse
    • Balance
    • Billing
    • ChatCompletionsRequest
    • ChatCompletionsResponse
    • CloneVolumeRequest
    • BillingRecord
    • CloneVolumeResponse
    • BillingSummary
    • CreateFirewallRequest
    • CreateFirewallResponse
    • CreateImageFromSnapshotRequest
    • CreateSSHKeyRequest
    • CreateScriptRequest
    • CreateSnapshotRequest
    • CreateSnapshotResponse
    • CreateSSHKeyResponse
    • CurrencyEnum
    • Data
    • CreditBalanceResponse
    • DeleteFirewallResponse
    • CreateVolumeRequest
    • DeleteSnapshotResponse
    • CreateVolumeResponse
    • DeleteVMResponse
    • DetachVolumesRequest
    • DetachVolumesResponse
    • DeploymentRequest
    • DirectionEnum
    • DeploymentResponse
    • EthertypeEnum
    • ErrorResponse
    • FirewallAttachment
    • DeleteVolumeResponse
    • DeleteSSHKeyResponse
    • FirewallEnvironment
    • FirewallResponse
    • FirewallRule
    • FirewallVM
    • GetBatchSnapshotImageRelationshipsRequest
    • GetFirewallDetailsResponse
    • GPUStockConfiguration
    • GPUSpec
    • GetHibernatedVMsResponse
    • GPUStockItem
    • GPUSpecsResponse
    • GetSupportedProtocolsResponse
    • GPUStocksResponse
    • GetVMAttachedFirewallsResponse
    • GetVolumeTypesResponse
    • HibernateVMResponse
    • HibernationBillingMetrics
    • ListFirewallsResponse
    • ListUserVMsResponse
    • ListVMsResponse
    • ModelsResponse
    • GetSSHKeysResponse
    • Pagination
    • PricingRequest
    • OSImage
    • PricingResponse
    • OSImagesResponse
    • Protocol
    • GpuCountEnum
    • ProtocolEnum
    • Image
    • GpuModelEnum
    • GetVolumeDetailsResponse
    • RebootVMResponse
    • ImageCreateResponse
    • RecentHibernation
    • ImageDeleteResponse
    • GetVolumesWithNextNameResponse
    • RemoveFirewallRuleResponse
    • ImageDetailResponse
    • RemoveVMSecurityRuleResponse
    • Region
    • ImageListResponse
    • ResizeVolumeRequest
    • RegionsResponse
    • Price
    • ResizeVolumeResponse
    • ResourceTypeEnum
    • RestoreSnapshotRequest
    • RestoreSnapshotResponse
    • RestoreVMResponse
    • Snapshot
    • SnapshotImageRelationshipResponse
    • Specs
    • StartVMResponse
    • StopVMResponse
    • TierEnum
    • UpdateScriptRequest
    • UsageHistoryResponse
    • UsageSummaryResponse
    • RegionEnum
    • UserVM
    • VMDetailsResponse
    • VMFlavor
    • VMImage
    • VMInstance
    • VMResponse
    • SpecsMetadata
    • VMSecurityRule
    • VMSecurityRuleRequest
    • VMStatus
    • VMVolumeAttachment
    • Script
    • VolumeTypeEnum
    • SSHKeyResponse
    • ScriptListResponse
    • ToggleVMPublicIPResponse
    • VolumeBillingRecord
    • VolumeBillingSummary
    • VolumeHourlyBillingResponse
    • VolumeResponse
  1. Firewall

Rules and Attachment

Firewall Rules & Attachments#

Configure security rules and attach firewalls to your legacy tier instances in the CANADA-1 region.

Understanding Firewall Rules#

Firewall rules control network traffic to and from your instances using a combination of direction, protocol, IP ranges, and port specifications.
Direction
Controls Traffic Flow
Ingress (Incoming):
Traffic TO your instance
Controls what can connect IN
Example: SSH, HTTP, HTTPS access
Egress (Outgoing):
Traffic FROM your instance
Controls what can connect OUT
Example: API calls, updates, downloads
Protocol
Communication Type
TCP:
Reliable, ordered delivery
Connection-oriented
Requires port range
UDP:
Fast, connectionless
No delivery guarantee
Requires port range
ICMP:
Diagnostic protocol
Ping requests
No port range needed
IP Range
Source/Destination
0.0.0.0/0:
Allow all IPv4 addresses
Most permissive
Specific CIDR:
Restrict to subnet
Example: 192.168.1.0/24
Single IP:
Lock to one address
Example: 203.0.113.5/32

Rule Configuration#

Rule Components#

Each firewall rule requires specific parameters based on the protocol and direction:
Required for All Rules:
Direction (ingress or egress)
Protocol (TCP, UDP, or ICMP)
Ethertype (IPv4 or IPv6)
Remote IP Prefix (CIDR notation)
Required for TCP/UDP Only:
Port Range Minimum (1-65535)
Port Range Maximum (1-65535)
Not Applicable for ICMP:
Port ranges (ICMP doesn't use ports)

Adding Firewall Rules#

1
Access Firewall
Navigate to the firewall where you want to add a rule
2
Click Add Rule
Click the Add Rule button to open the rule configuration modal
3
Configure Direction
Select traffic direction:
Ingress (Incoming):
Use for services your instance provides
Examples: Web server, SSH access, databases
Egress (Outgoing):
Use for outbound connections
Examples: API calls, software updates, DNS
4
Select Protocol
Choose communication protocol:
TCP: Most common (HTTP, HTTPS, SSH, databases)
UDP: Real-time applications (VoIP, gaming, streaming)
ICMP: Diagnostic tools (ping, traceroute)
5
Choose IP Version
IPv4: Standard internet addressing (most common)
IPv6: Modern internet addressing
6
Configure Remote IP Range
Enter source (ingress) or destination (egress) IP range:
Allow All:
IPv4: 0.0.0.0/0
IPv6: ::/0
Specific Subnet:
Example: 192.168.1.0/24 (256 addresses)
Example: 10.0.0.0/16 (65,536 addresses)
Single IP:
Example: 203.0.113.5/32 (one IPv4 address)
Example: 2001:db8::1/128 (one IPv6 address)
7
Set Port Range (TCP/UDP Only)
For Single Port:
Min: 22, Max: 22 (SSH)
Min: 443, Max: 443 (HTTPS)
For Port Range:
Min: 8000, Max: 8100 (custom services)
For All Ports:
Leave both fields empty
8
Add Rule
Click Add Rule to save the configuration
The rule appears immediately in your firewall's rules list

Common Rule Examples#

SSH Access
Web Server
Database Access
ICMP Ping
Custom Services
Allow SSH connections from anywhere
Direction: ingress
Protocol: tcp
Ethertype: IPv4
Remote IP: 0.0.0.0/0
Port Min: 22
Port Max: 22

Removing Firewall Rules#

1
Access Firewall Details
Navigate to the firewall containing the rule
2
View Rules Tab
Select the Rules tab to view all configured rules
3
Locate Rule
Find the rule you want to remove in the rules list
Each rule displays:
Direction badge (Ingress/Egress)
Protocol name
Ethertype
Port range (if applicable)
Remote IP prefix
4
Delete Rule
Click the Delete icon (trash icon) next to the rule
5
Confirm Deletion
Confirm deletion in the prompt

Firewall Attachments#

Attach firewalls to instances to apply security rules. Firewalls can be attached to multiple instances simultaneously.

Instance Requirements#

Tier Compatibility:
Legacy tier instances only
CANADA-1 region only
Instance Status:
RUNNING status required
Instance must be accessible
Cannot be in error state
Region Matching:
Instance must be in CANADA-1
Same region as firewall

Attaching Firewalls to Instances#

1
Access Firewall
Navigate to the firewall you want to attach
2
Click Attach
Click the Attach to VM button
3
View Available Instances
The attachment modal displays:
Desktop View:
Table with instance name, status, region
Checkboxes for selection
Already attached instances marked
Mobile View:
Card layout with instance details
Tap cards to select/deselect
Visual indicators for attached instances
4
Select Instance
Click the checkbox (desktop) or card (mobile) to select instance
Selection Indicators:
Checkmark appears when selected
Selected count updates (X VMs selected)
Already attached instances show "Attached" badge
5
Attach Firewall
Click Attach Firewall button
What Happens:
Firewall rules apply immediately to instance
Instance appears in firewall's "Attached VMs" tab
Attachment status shows as "SUCCESS"

Viewing Attached Firewalls#

Check which firewalls are attached to a specific instance:
1
Navigate to Instance
Go to Instances and select your instance
2
View Firewall Information
In the instance details, view:
Attached firewall names
Firewall IDs
Number of rules per firewall
Attachment status
3
View Rule Details
Click on a firewall name to view its complete rule configuration

Detaching Firewalls#

To remove a firewall from instances:
1.
Navigate to the firewall
2.
Click Delete button
3.
Confirm deletion
4.
Firewall is removed from all instances automatically

Rule Configuration Errors#

Invalid IP Address Format
Port Range Validation Error
ICMP Port Range Error
Port Value Out of Range
Duplicate Security Rule
Firewall Rule Not Found

Attachment Configuration Errors#

Invalid Instance ID Format
Instance Not Found
Instance Not Active
Tier Not Supported
Region Mismatch
Instance Already Attached
No VMs Selected

Support Resources#

Email Support
Technical Assistance
Email: [email protected]
Include in your message:
Your account email
Firewall ID or Instance ID
Description of the issue
Any error messages received
Screenshots of configuration
Firewall Management
Create and Manage Firewalls
Learn how to:
Create new firewalls
View firewall details
Delete firewalls
Understand firewall limits
Previous
Manage Firewall
Next
Overview
Built with