proxy

12.1 and later Use this API to create proxy connections. Guardium® supports a web proxy to connect to a remote source that requires a proxy server to connect.

REST API syntax

This API is available as a REST service with the proxyConfig method. Call this API as follows:
 https://[Guardium hostname or IP address]:8443/restAPI/proxy

GuardAPI syntax

proxy parameter=value

Proxy API usage

grdapi proxy <options>
Options: list=true
clearall=true
reload=true
stop=true
setup=true proxy_host=<proxy_server> proxy_port=<proxy_port> target_host=<target_server> target_port=<target_port>
clear=true target_host=<target_server> target_port=<target_port> diagnostics=true

Parameters

Parameter Value type Valid values Description
clear Boolean Valid values:
  • false
  • true
Deletes the proxy connections from the system.
clearall Boolean Valid values:
  • false
  • true
Deletes all the proxy connections from the system.
diagnostics Boolean Valid values:
  • false
  • true)
Runs diagnostics on all the proxy connections and writes the output to a log file.
list Boolean Valid values:
  • false
  • ture
Lists the proxy connections.
proxy_host String   IP or hostname of the proxy server.
proxy_port String   Port number for the proxy connection.
reload Boolean Valid values:
  • false
  • true
Restart and refresh all the proxy connections.
setup Boolean Valid values:
  • false
  • true
Setup the proxy connection.
stop Boolean Valid values:
  • false
  • true
Stops all the proxy connections without deleting them from the system.
target_host String   Hostname/IP of the target resource for the proxy connection
target_port String   Port number of the target resource for the proxy connection.
api_target_host String  

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

Use cases

Setting up proxy
To configure a proxy for myhost.example.com:443 via proxy server proxy.example.com:3128, use the following command:
grdapi proxy setup=true proxy_host=myhost.example.com:443 proxy_port=3128 target_host=proxy.example.com target_port=443
Listing target and proxy hosts
To list all the proxy connections, use the following command:
grdapi proxy list=true

Output: myhost.example.com:443 via proxy proxy.example.com:3128

Testing proxy server
To troubleshoot the proxy server, use the following command:
grdapi proxy diagnostics=true

Output: Please view log/guard_proxy.txt using the fileserver.

Verify proxy connection
To verify the proxy connection, use the following command:
support show port open <target_server> <target_port>
For more information, see support show port open CLI Command.