1# @ohos.enterprise.networkManager (Network Management) 2 3The **networkManager** module provides APIs for network management of enterprise devices, including obtaining the device IP address and MAC address. 4 5> **NOTE** 6> 7> - The initial APIs of this module are supported since API version 12. Newly added APIs will be marked with a superscript to indicate their earliest API version. 8> 9> - The APIs of this module can be used only in the stage model. 10> 11> - The APIs of this module can be called only by a device administrator application that is enabled. For details, see [MDM Kit Development](../../mdm/mdm-kit-guide.md). 12> 13 14## Modules to Import 15 16```ts 17import { networkManager } from '@kit.MDMKit'; 18``` 19 20## networkManager.getAllNetworkInterfacesSync 21 22getAllNetworkInterfacesSync(admin: Want): Array<string> 23 24Obtains all activated wired network interfaces. 25 26**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 27 28**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 29 30 31**Parameters** 32 33| Name| Type | Mandatory| Description | 34| ------ | ------------------------------------------------------- | ---- | -------------- | 35| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 36 37**Return value** 38 39| Type | Description | 40| ------------------- | ---------------------- | 41| Array<string> | Names of all activated wired network interfaces.| 42 43**Error codes** 44 45For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 46 47| ID| Error Message | 48| -------- | ------------------------------------------------------------ | 49| 9200001 | The application is not an administrator application of the device. | 50| 9200002 | The administrator application does not have permission to manage the device. | 51| 201 | Permission verification failed. The application does not have the permission required to call the API. | 52| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 53 54**Example** 55 56```ts 57import { Want } from '@kit.AbilityKit'; 58 59let wantTemp: Want = { 60 bundleName: 'com.example.myapplication', 61 abilityName: 'EntryAbility', 62}; 63 64try { 65 let result: Array<string> = networkManager.getAllNetworkInterfacesSync(wantTemp); 66 console.info(`Succeeded in getting all network interfaces, result : ${JSON.stringify(result)}`); 67} catch (err) { 68 console.error(`Failed to get all network interfaces. Code: ${err.code}, message: ${err.message}`); 69} 70``` 71 72## networkManager.getIpAddressSync 73 74getIpAddressSync(admin: Want, networkInterface: string): string 75 76Obtains the device IP address based on the network interface. 77 78**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 79 80**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 81 82 83**Parameters** 84 85| Name | Type | Mandatory| Description | 86| ---------------- | ------------------------------------------------------- | ---- | -------------- | 87| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 88| networkInterface | string | Yes | Network port.| 89 90**Return value** 91 92| Type | Description | 93| ------ | ---------------- | 94| string | IP address of the network interface specified by the device.| 95 96**Error codes** 97 98For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 99 100| ID| Error Message | 101| -------- | ------------------------------------------------------------ | 102| 9200001 | The application is not an administrator application of the device. | 103| 9200002 | The administrator application does not have permission to manage the device. | 104| 201 | Permission verification failed. The application does not have the permission required to call the API. | 105| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 106 107**Example** 108 109```ts 110import { Want } from '@kit.AbilityKit'; 111 112let wantTemp: Want = { 113 bundleName: 'com.example.myapplication', 114 abilityName: 'EntryAbility', 115}; 116 117try { 118 let result: string = networkManager.getIpAddressSync(wantTemp, 'eth0'); 119 console.info(`Succeeded in getting ip address, result : ${result}`); 120} catch (err) { 121 console.error(`Failed to get ip address. Code: ${err.code}, message: ${err.message}`); 122} 123``` 124 125## networkManager.getMacSync 126 127getMacSync(admin: Want, networkInterface: string): string 128 129Obtains the MAC address of a device based on the network interface. 130 131**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 132 133**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 134 135 136**Parameters** 137 138| Name | Type | Mandatory| Description | 139| ---------------- | ------------------------------------------------------- | ---- | -------------- | 140| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 141| networkInterface | string | Yes | Network port.| 142 143**Return value** 144 145| Type | Description | 146| ------ | ----------------- | 147| string | MAC address of the network interface specified by the device.| 148 149**Error codes** 150 151For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 152 153| ID| Error Message | 154| -------- | ------------------------------------------------------------ | 155| 9200001 | The application is not an administrator application of the device. | 156| 9200002 | The administrator application does not have permission to manage the device. | 157| 201 | Permission verification failed. The application does not have the permission required to call the API. | 158| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 159 160**Example** 161 162```ts 163import { Want } from '@kit.AbilityKit'; 164 165let wantTemp: Want = { 166 bundleName: 'com.example.myapplication', 167 abilityName: 'EntryAbility', 168}; 169 170try { 171 let result: string = networkManager.getMacSync(wantTemp, 'eth0'); 172 console.info(`Succeeded in getting mac, result : ${result}`); 173} catch (err) { 174 console.error(`Failed to get mac. Code: ${err.code}, message: ${err.message}`); 175} 176``` 177 178## networkManager.isNetworkInterfaceDisabledSync 179 180isNetworkInterfaceDisabledSync(admin: Want, networkInterface: string): boolean 181 182Queries whether a specified network interface is disabled. 183 184**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 185 186**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 187 188 189**Parameters** 190 191| Name | Type | Mandatory| Description | 192| ---------------- | ------------------------------------------------------- | ---- | -------------- | 193| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 194| networkInterface | string | Yes | Network port.| 195 196**Return value** 197 198| Type | Description | 199| ------- | ------------------------------------------------------------ | 200| boolean | Returns **true** if the network port is disabled; returns **false** otherwise.| 201 202**Error codes** 203 204For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 205 206| ID| Error Message | 207| -------- | ------------------------------------------------------------ | 208| 9200001 | The application is not an administrator application of the device. | 209| 9200002 | The administrator application does not have permission to manage the device. | 210| 201 | Permission verification failed. The application does not have the permission required to call the API. | 211| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 212 213**Example** 214 215```ts 216import { Want } from '@kit.AbilityKit'; 217 218let wantTemp: Want = { 219 bundleName: 'com.example.myapplication', 220 abilityName: 'EntryAbility', 221}; 222 223try { 224 let result: boolean = networkManager.isNetworkInterfaceDisabledSync(wantTemp, 'eth0'); 225 console.info(`Succeeded in querying network interface is disabled or not, result : ${result}`); 226} catch (err) { 227 console.error(`Failed to query network interface is disabled or not. Code: ${err.code}, message: ${err.message}`); 228} 229``` 230 231## networkManager.setNetworkInterfaceDisabledSync 232 233setNetworkInterfaceDisabledSync(admin: Want, networkInterface: string, isDisabled: boolean): void 234 235Disables the device from using the specified network interface. 236 237**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 238 239**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 240 241 242**Parameters** 243 244| Name | Type | Mandatory| Description | 245| ---------------- | ------------------------------------------------------- | ---- | ------------------------------------------------- | 246| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 247| networkInterface | string | Yes | Network port. | 248| isDisabled | boolean | Yes | Network port status to set. The value **true** means to disable the network port, and **false** means to enable the network port.| 249 250**Error codes** 251 252For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 253 254| ID| Error Message | 255| -------- | ------------------------------------------------------------ | 256| 9200001 | The application is not an administrator application of the device. | 257| 9200002 | The administrator application does not have permission to manage the device. | 258| 201 | Permission verification failed. The application does not have the permission required to call the API. | 259| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 260 261**Example** 262 263```ts 264import { Want } from '@kit.AbilityKit'; 265import { BusinessError } from '@kit.BasicServicesKit'; 266 267let wantTemp: Want = { 268 bundleName: 'com.example.myapplication', 269 abilityName: 'EntryAbility', 270}; 271 272try { 273 networkManager.setNetworkInterfaceDisabledSync(wantTemp, 'eth0', true); 274 console.info(`Succeeded in setting network interface disabled`); 275} catch (err) { 276 console.error(`Failed to set network interface disabled. Code: ${err.code}, message: ${err.message}`); 277} 278``` 279 280## networkManager.setGlobalProxySync 281 282setGlobalProxySync(admin: Want, httpProxy: connection.HttpProxy): void 283 284Sets the global network proxy. 285 286**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 287 288**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 289 290 291**Parameters** 292 293| Name | Type | Mandatory| Description | 294| --------- | ------------------------------------------------------------ | ---- | -------------------------- | 295| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 296| httpProxy | [connection.HttpProxy](../apis-network-kit/js-apis-net-connection.md#httpproxy10) | Yes | Global HTTP proxy to set.| 297 298**Error codes** 299 300For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 301 302| ID| Error Message | 303| -------- | ------------------------------------------------------------ | 304| 9200001 | The application is not an administrator application of the device. | 305| 9200002 | The administrator application does not have permission to manage the device. | 306| 201 | Permission verification failed. The application does not have the permission required to call the API. | 307| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 308 309**Example** 310 311```ts 312import { Want } from '@kit.AbilityKit'; 313import { connection } from '@kit.NetworkKit'; 314 315let wantTemp: Want = { 316 bundleName: 'com.example.myapplication', 317 abilityName: 'EntryAbility', 318}; 319let exclusionStr: string = "192.168,baidu.com" 320let exclusionArray: Array<string> = exclusionStr.split(','); 321let httpProxy: connection.HttpProxy = { 322 host: "192.168.xx.xxx", 323 port: 8080, 324 exclusionList: exclusionArray 325}; 326 327try { 328 networkManager.setGlobalProxySync(wantTemp, httpProxy); 329 console.info(`Succeeded in setting network global proxy.`); 330} catch (err) { 331 console.error(`Failed to set network global proxy. Code: ${err.code}, message: ${err.message}`); 332} 333``` 334 335## networkManager.setGlobalProxyForAccount<sup>15+</sup> 336 337setGlobalProxyForAccount(admin: Want, httpProxy: connection.HttpProxy, accountId: number): void 338 339Sets the network proxy of a specified user. Currently, only 2-in-1 devices are supported. 340 341**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 342 343**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 344 345 346**Parameters** 347 348| Name | Type | Mandatory| Description | 349| --------- | ------------------------------------------------------------ | ---- | -------------------------- | 350| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application. | 351| accountId | number | Yes | User ID, which must be greater than or equal to 0.<br> You can call [getOsAccountLocalId](../apis-basic-services-kit/js-apis-osAccount.md#getosaccountlocalid9-1) of **@ohos.account.osAccount** to obtain the user ID.| 352| httpProxy | [connection.HttpProxy](../apis-network-kit/js-apis-net-connection.md#httpproxy10) | Yes | HTTP proxy configuration of the network.| 353 354**Error codes** 355 356For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 357 358| ID| Error Message | 359| -------- | ------------------------------------------------------------ | 360| 9200001 | The application is not an administrator application of the device. | 361| 9200002 | The administrator application does not have permission to manage the device. | 362| 201 | Permission verification failed. The application does not have the permission required to call the API. | 363| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 364 365**Example** 366 367```ts 368import { Want } from '@kit.AbilityKit'; 369import { connection } from '@kit.NetworkKit'; 370 371let wantTemp: Want = { 372 bundleName: 'com.example.myapplication', 373 abilityName: 'EntryAbility', 374}; 375let httpProxy: connection.HttpProxy = { 376 host: '192.168.xx.xxx', 377 port: 8080, 378 exclusionList: ['192.168', 'baidu.com'] 379}; 380 381try { 382 networkManager.setGlobalProxyForAccount(wantTemp, httpProxy, 100); 383 console.info(`Succeeded in setting network global proxy.`); 384} catch (err) { 385 console.error(`Failed to set network global proxy. Code: ${err.code}, message: ${err.message}`); 386} 387``` 388 389## networkManager.getGlobalProxySync 390 391getGlobalProxySync(admin: Want): connection.HttpProxy 392 393Obtains the global network proxy. 394 395**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 396 397**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 398 399 400**Parameters** 401 402| Name| Type | Mandatory| Description | 403| ------ | ------------------------------------------------------- | ---- | -------------- | 404| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 405 406**Return value** 407 408| Type | Description | 409| ------------------------------------------------------------ | ------------------------------ | 410| [connection.HttpProxy](../apis-network-kit/js-apis-net-connection.md#httpproxy10) | Global HTTP proxy configuration obtained.| 411 412**Error codes** 413 414For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 415 416| ID| Error Message | 417| -------- | ------------------------------------------------------------ | 418| 9200001 | The application is not an administrator application of the device. | 419| 9200002 | The administrator application does not have permission to manage the device. | 420| 201 | Permission verification failed. The application does not have the permission required to call the API. | 421| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 422 423**Example** 424 425```ts 426import { Want } from '@kit.AbilityKit'; 427import { connection } from '@kit.NetworkKit'; 428 429let wantTemp: Want = { 430 bundleName: 'com.example.myapplication', 431 abilityName: 'EntryAbility', 432}; 433 434try { 435 let result: connection.HttpProxy = networkManager.getGlobalProxySync(wantTemp); 436 console.info(`Succeeded in getting network global proxy, result : ${JSON.stringify(result)}`); 437} catch (err) { 438 console.error(`Failed to get network global proxy. Code: ${err.code}, message: ${err.message}`); 439} 440``` 441 442## networkManager.getGlobalProxyForAccount<sup>15+</sup> 443 444getGlobalProxyForAccount(admin: Want, accountId: number): connection.HttpProxy 445 446Obtains the network proxy of a specified user. Currently, only 2-in-1 devices are supported. 447 448**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 449 450**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 451 452 453**Parameters** 454 455| Name| Type | Mandatory| Description | 456| ------ | ------------------------------------------------------- | ---- | -------------- | 457| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | Device administrator application.| 458| accountId | number | Yes | User ID, which must be greater than or equal to 0.<br> You can call [getOsAccountLocalId](../apis-basic-services-kit/js-apis-osAccount.md#getosaccountlocalid9-1) of **@ohos.account.osAccount** to obtain the user ID.| 459 460**Return value** 461 462| Type | Description | 463| ------------------------------------------------------------ | ------------------------------ | 464| [connection.HttpProxy](../apis-network-kit/js-apis-net-connection.md#httpproxy10) | HTTP proxy configuration of the network.| 465 466**Error codes** 467 468For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 469 470| ID| Error Message | 471| -------- | ------------------------------------------------------------ | 472| 9200001 | The application is not an administrator application of the device. | 473| 9200002 | The administrator application does not have permission to manage the device. | 474| 201 | Permission verification failed. The application does not have the permission required to call the API. | 475| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 476 477**Example** 478 479```ts 480import { Want } from '@kit.AbilityKit'; 481import { connection } from '@kit.NetworkKit'; 482 483let wantTemp: Want = { 484 bundleName: 'com.example.myapplication', 485 abilityName: 'EntryAbility', 486}; 487 488try { 489 let result: connection.HttpProxy = networkManager.getGlobalProxyForAccount(wantTemp, 100); 490 console.info(`Succeeded in getting network global proxy, result : ${JSON.stringify(result)}`); 491} catch (err) { 492 console.error(`Failed to get network global proxy. Code: ${err.code}, message: ${err.message}`); 493} 494``` 495 496## networkManager.addFirewallRule 497 498addFirewallRule(admin: Want, firewallRule: FirewallRule): void 499 500Adds firewall rules for the device. Only IPv4 is supported.<br> 501After a rule with [Action](#action) set to **ALLOW** is added, a rule with **Action** set to **DENY** is added by default to discard or intercept all network data packets that do not meet the **ALLOW** rule. 502 503**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 504 505**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 506 507 508**Parameters** 509 510| Name | Type | Mandatory| Description | 511| ------------ | ------------------------------------------------------- | ---- | -------------------- | 512| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 513| firewallRule | [FirewallRule](#firewallrule) | Yes | Firewall rule to add.| 514 515**Error codes** 516 517For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 518 519| ID| Error Message | 520| -------- | ------------------------------------------------------------ | 521| 9200001 | The application is not an administrator application of the device. | 522| 9200002 | The administrator application does not have permission to manage the device. | 523| 201 | Permission verification failed. The application does not have the permission required to call the API. | 524| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 525 526**Example** 527 528```ts 529import { Want } from '@kit.AbilityKit'; 530 531let wantTemp: Want = { 532 bundleName: 'com.example.myapplication', 533 abilityName: 'EntryAbility', 534}; 535let firewallRule: networkManager.FirewallRule = { 536 "srcAddr": "192.168.1.1-192.188.22.66", 537 "destAddr": "10.1.1.1", 538 "srcPort": "8080", 539 "destPort": "8080", 540 "appUid": "9696", 541 "direction": networkManager.Direction.OUTPUT, 542 "action": networkManager.Action.DENY, 543 "protocol": networkManager.Protocol.UDP, 544} 545 546networkManager.addFirewallRule(wantTemp, firewallRule); 547``` 548 549## networkManager.removeFirewallRule 550 551removeFirewallRule(admin: Want, firewallRule?: FirewallRule): void 552 553Removes the firewall rules for the device. Only IPv4 is supported.<br> 554If there is no rule with [Action](#action) being **ALLOW** after the rule is removed, the **DENY** rules that are added by default with [addFirewallRule](#networkmanageraddfirewallrule) will be removed. 555 556**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 557 558**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 559 560 561**Parameters** 562 563| Name | Type | Mandatory| Description | 564| ------------ | ------------------------------------------------------- | ---- | ---------------------------------------------------- | 565| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 566| firewallRule | [FirewallRule](#firewallrule) | No | Firewall rule to remove. If the value is empty, all firewall rules will be removed.| 567 568**Error codes** 569 570For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 571 572| ID| Error Message | 573| -------- | ------------------------------------------------------------ | 574| 9200001 | The application is not an administrator application of the device. | 575| 9200002 | The administrator application does not have permission to manage the device. | 576| 201 | Permission verification failed. The application does not have the permission required to call the API. | 577| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 578 579**Example** 580 581```ts 582import { Want } from '@kit.AbilityKit'; 583 584let wantTemp: Want = { 585 bundleName: 'com.example.myapplication', 586 abilityName: 'EntryAbility', 587}; 588// Remove the specified firewall rule. 589let firewallRule: networkManager.FirewallRule = { 590 "srcAddr": "192.168.1.1-192.188.22.66", 591 "destAddr": "10.1.1.1", 592 "srcPort": "8080", 593 "destPort": "8080", 594 "appUid": "9696", 595 "direction": networkManager.Direction.OUTPUT, 596 "action": networkManager.Action.DENY, 597 "protocol": networkManager.Protocol.UDP, 598} 599networkManager.removeFirewallRule(wantTemp, firewallRule); 600 601// Remove all firewall rules. 602networkManager.removeFirewallRule(wantTemp); 603``` 604 605## networkManager.getFirewallRules 606 607getFirewallRules(admin: Want): Array\<FirewallRule> 608 609Queries firewall rules of a device. Only IPv4 is supported. 610 611**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 612 613**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 614 615 616**Parameters** 617 618| Name| Type | Mandatory| Description | 619| ------ | ------------------------------------------------------- | ---- | -------------- | 620| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 621 622**Return value** 623 624| Type | Description | 625| ------------------------------------- | ------------------------------------------------------------ | 626| Array\<[FirewallRule](#firewallrule)> | A list of firewall rules configured for the device is returned. If the operation fails, an exception will be thrown.| 627 628**Error codes** 629 630For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 631 632| ID| Error Message | 633| -------- | ------------------------------------------------------------ | 634| 9200001 | The application is not an administrator application of the device. | 635| 9200002 | The administrator application does not have permission to manage the device. | 636| 201 | Permission verification failed. The application does not have the permission required to call the API. | 637| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 638 639**Example** 640 641```ts 642import { Want } from '@kit.AbilityKit'; 643 644let wantTemp: Want = { 645 bundleName: 'com.example.myapplication', 646 abilityName: 'EntryAbility', 647}; 648let firewallRule: Array<networkManager.FirewallRule>; 649firewallRule = networkManager.getFirewallRules(wantTemp); 650``` 651 652## networkManager.addDomainFilterRule 653 654addDomainFilterRule(admin: Want, domainFilterRule: DomainFilterRule): void 655 656Adds domain name filtering rules for the device.<br> 657After a rule with [Action](#action) set to **ALLOW** is added, a rule with **Action** set to **DENY** is added by default to discard or intercept all packets for domain name resolution that do not meet the **ALLOW** rule. 658 659**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 660 661**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 662 663 664**Parameters** 665 666| Name | Type | Mandatory| Description | 667| ---------------- | ------------------------------------------------------- | ---- | ------------------ | 668| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 669| domainFilterRule | [DomainFilterRule](#domainfilterrule) | Yes | Domain name filtering rule to add.| 670 671**Error codes** 672 673For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 674 675| ID| Error Message | 676| -------- | ------------------------------------------------------------ | 677| 9200001 | The application is not an administrator application of the device. | 678| 9200002 | The administrator application does not have permission to manage the device. | 679| 201 | Permission verification failed. The application does not have the permission required to call the API. | 680| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 681 682**Example** 683 684```ts 685import { Want } from '@kit.AbilityKit'; 686 687let wantTemp: Want = { 688 bundleName: 'com.example.myapplication', 689 abilityName: 'EntryAbility', 690}; 691let domainFilterRule: networkManager.DomainFilterRule = { 692 "domainName": "www.example.com", 693 "appUid": "9696", 694 "action": networkManager.Action.DENY, 695} 696 697networkManager.addDomainFilterRule(wantTemp, domainFilterRule); 698``` 699 700## networkManager.removeDomainFilterRule 701 702removeDomainFilterRule(admin: Want, domainFilterRule?: DomainFilterRule): void 703 704Removes the domain name filtering rules.<br> 705If there is no rule with [Action](#action) being **ALLOW** after the rule is removed, the **DENY** rules that are added by default with [addDomainFilterRule](#networkmanageradddomainfilterrule) will be removed. 706 707**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 708 709**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 710 711 712**Parameters** 713 714| Name | Type | Mandatory| Description | 715| ---------------- | ------------------------------------------------------- | ---- | ------------------------------------------------ | 716| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility. | 717| domainFilterRule | [DomainFilterRule](#domainfilterrule) | No | Domain name filtering rule to remove. If the value is empty, all domain name filtering rules will be removed.| 718 719**Error codes** 720 721For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 722 723| ID| Error Message | 724| -------- | ------------------------------------------------------------ | 725| 9200001 | The application is not an administrator application of the device. | 726| 9200002 | The administrator application does not have permission to manage the device. | 727| 201 | Permission verification failed. The application does not have the permission required to call the API. | 728| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 729 730**Example** 731 732```ts 733import { Want } from '@kit.AbilityKit'; 734 735let wantTemp: Want = { 736 bundleName: 'com.example.myapplication', 737 abilityName: 'EntryAbility', 738}; 739// Remove the specified domain name filtering rule. 740let domainFilterRule: networkManager.DomainFilterRule = { 741 "domainName": "www.example.com", 742 "appUid": "9696", 743 "action": networkManager.Action.DENY, 744} 745networkManager.removeDomainFilterRule(wantTemp, domainFilterRule); 746 747// Remove all domain name filtering rules. 748networkManager.removeDomainFilterRule(wantTemp); 749``` 750 751## networkManager.getDomainFilterRules 752 753getDomainFilterRules(admin: Want): Array\<DomainFilterRule> 754 755Queries domain name filtering rules. 756 757**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 758 759**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 760 761 762**Parameters** 763 764| Name| Type | Mandatory| Description | 765| ------ | ------------------------------------------------------- | ---- | -------------- | 766| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 767 768**Return value** 769 770| Type | Description | 771| --------------------------------------------- | ------------------------------------------------------------ | 772| Array\<[DomainFilterRule](#domainfilterrule)> | A list of domain name filtering rules configured for the device is returned. If the operation fails, an exception will be thrown.| 773 774**Error codes** 775 776For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 777 778| ID| Error Message | 779| -------- | ------------------------------------------------------------ | 780| 9200001 | The application is not an administrator application of the device. | 781| 9200002 | The administrator application does not have permission to manage the device. | 782| 201 | Permission verification failed. The application does not have the permission required to call the API. | 783| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types; 3. Parameter verification failed. | 784 785**Example** 786 787```ts 788import { Want } from '@kit.AbilityKit'; 789 790let wantTemp: Want = { 791 bundleName: 'com.example.myapplication', 792 abilityName: 'EntryAbility', 793}; 794let domainFilterRule: Array<networkManager.DomainFilterRule>; 795domainFilterRule = networkManager.getDomainFilterRules(wantTemp); 796``` 797 798## networkManager.turnOnMobileData<sup>20+</sup> 799 800turnOnMobileData(admin: Want, isForce: boolean): void 801 802Turns on mobile data. 803 804**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 805 806**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 807 808 809**Parameters** 810 811| Name| Type | Mandatory| Description | 812| ------ | ------------------------------------------------------- | ---- | -------------- | 813| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 814| isForce | boolean | Yes | Whether to forcibly enable mobile data. <br>The value **true** means to forcibly enable mobile data. Once enabled, it cannot be turned off manually; it can only be disabled via the [turnOffMobileData](#networkmanagerturnoffmobiledata20) API. The value **false** means not to forcibly enable mobile data. It can be turned off manually.| 815 816**Error codes** 817 818For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 819 820| ID| Error Message | 821| -------- | ------------------------------------------------------------ | 822| 9200001 | The application is not an administrator application of the device. | 823| 9200002 | The administrator application does not have permission to manage the device. | 824| 201 | Permission verification failed. The application does not have the permission required to call the API. | 825 826**Example** 827 828```ts 829import { Want } from '@kit.AbilityKit'; 830import { networkManager } from '@kit.MDMKit'; 831 832let wantTemp: Want = { 833 bundleName: 'com.example.myapplication', 834 abilityName: 'EntryAbility', 835}; 836try { 837 networkManager.turnOnMobileData(wantTemp, true); 838 console.info(`Turn on mobile data succeeded`); 839} catch (err) { 840 console.error(`Failed to turn on mobile data. Code: ${err.code}, message: ${err.message}`); 841} 842``` 843 844## networkManager.turnOffMobileData<sup>20+</sup> 845 846turnOffMobileData(admin: Want): void 847 848Turns off mobile data. 849 850**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_NETWORK 851 852**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 853 854 855**Parameters** 856 857| Name| Type | Mandatory| Description | 858| ------ | ------------------------------------------------------- | ---- | -------------- | 859| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 860 861**Error codes** 862 863For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 864 865| ID| Error Message | 866| -------- | ------------------------------------------------------------ | 867| 9200001 | The application is not an administrator application of the device. | 868| 9200002 | The administrator application does not have permission to manage the device. | 869| 201 | Permission verification failed. The application does not have the permission required to call the API. | 870 871**Example** 872 873```ts 874import { Want } from '@kit.AbilityKit'; 875import { networkManager } from '@kit.MDMKit'; 876 877let wantTemp: Want = { 878 bundleName: 'com.example.myapplication', 879 abilityName: 'EntryAbility', 880}; 881try { 882 networkManager.turnOffMobileData(wantTemp); 883 console.info(`Turn off mobile data succeeded`); 884} catch (err) { 885 console.error(`Failed to turn off mobile data. Code: ${err.code}, message: ${err.message}`); 886} 887``` 888 889## networkManager.addApn<sup>20+</sup> 890 891addApn(admin: Want, apnInfo: Record\<string, string>): void 892 893Adds an access point name (APN). 894 895**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 896 897**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 898 899 900**Parameters** 901 902| Name| Type | Mandatory| Description | 903| ------ | ------------------------------------------------------- | ---- | -------------- | 904| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 905| apnInfo | Record\<string, string> | Yes | APN information to be added.<br>- **apnName**: APN identifier, which is mandatory.<br>- **mcc**: 3-digit mobile country code (MCC), which is mandatory.<br>- **mnc**: 2-digit or 3-digit mobile network code (MNC), which is mandatory.<br>- **apn**: access point name, which is mandatory.<br>- **type**: APN service type, which is optional.<br>- **user**: user name for APN authentication, which is optional.<br>- **password**: password for APN authentication, which is optional.<br>- **proxy**: address of the proxy server for a common data connection, which is optional.<br>- **mmsproxy**: dedicated proxy address of the MMS service, which is optional.<br>- **authType**: authentication protocol type of the APN, which is optional.| 906 907**Error codes** 908 909For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 910 911| ID| Error Message | 912| -------- | ------------------------------------------------------------ | 913| 9200001 | The application is not an administrator application of the device. | 914| 9200002 | The administrator application does not have permission to manage the device. | 915| 201 | Permission verification failed. The application does not have the permission required to call the API. | 916 917**Example** 918 919```ts 920import { Want } from '@kit.AbilityKit'; 921import { networkManager } from '@kit.MDMKit'; 922 923let wantTemp: Want = { 924 // Replace it as required. 925 bundleName: 'com.example.myapplication', 926 abilityName: 'EntryAbility', 927}; 928let apnInfo: Record<string, string> = { 929 // Replace it as required. 930 "apnName": "CTNET", 931 "apn": "CTNET", 932 "mnc": "11", 933 "mcc": "460", 934}; 935try { 936 networkManager.addApn(wantTemp, apnInfo); 937 console.info(`Succeeded in adding apn.`); 938} catch (err) { 939 console.error(`Failed to add apn. Code: ${err.code}, message: ${err.message}`); 940} 941``` 942 943## networkManager.deleteApn<sup>20+</sup> 944 945deleteApn(admin: Want, apnId: string): void 946 947Deletes the APN. 948 949**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 950 951**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 952 953 954**Parameters** 955 956| Name| Type | Mandatory| Description | 957| ------ | ------------------------------------------------------- | ---- | -------------- | 958| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 959| apnId | string | Yes | APN ID to be deleted. You can obtain device information using [networkManager.queryApn](#networkmanagerqueryapn20).| 960 961**Error codes** 962 963For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 964 965| ID| Error Message | 966| -------- | ------------------------------------------------------------ | 967| 9200001 | The application is not an administrator application of the device. | 968| 9200002 | The administrator application does not have permission to manage the device. | 969| 201 | Permission verification failed. The application does not have the permission required to call the API. | 970 971**Example** 972 973```ts 974import { Want } from '@kit.AbilityKit'; 975import { networkManager } from '@kit.MDMKit'; 976 977let wantTemp: Want = { 978 // Replace it as required. 979 bundleName: 'com.example.myapplication', 980 abilityName: 'EntryAbility', 981}; 982let apnId: string = "1"; // Replace it as required. 983try { 984 networkManager.deleteApn(wantTemp, apnId); 985 console.info(`Succeeded in deleting apn.`); 986} catch (err) { 987 console.error(`Failed to delete apn. Code: ${err.code}, message: ${err.message}`); 988} 989``` 990 991## networkManager.updateApn<sup>20+</sup> 992 993updateApn(admin: Want, apnInfo: Record\<string, string>, apnId: string): void 994 995Updates the APN. 996 997**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 998 999**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1000 1001 1002**Parameters** 1003 1004| Name| Type | Mandatory| Description | 1005| ------ | ------------------------------------------------------- | ---- | -------------- | 1006| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 1007| apnInfo | Record\<string, string> | Yes | APN information to be updated.<br>- **apnName**: APN identifier, which is optional.<br>- **mcc**: 3-digit mobile country code (MCC), which is optional.<br>- **mnc**: 2-digit or 3-digit mobile network code (MNC), which is optional.<br>- **APN**: access point name, which is optional.<br>- **type**: APN service type, which is optional.<br>- **user**: user name for APN authentication, which is optional.<br>- **password**: password for APN authentication, which is optional.<br>- **proxy**: address of the proxy server for a common data connection, which is optional.<br>- **mmsproxy**: dedicated proxy address of the MMS service, which is optional.<br>- **authType**: authentication protocol type of the APN, which is optional.| 1008| apnId | string | Yes | APN ID to be updated. You can obtain device information using [networkManager.queryApn](#networkmanagerqueryapn20).| 1009 1010**Error codes** 1011 1012For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 1013 1014| ID| Error Message | 1015| -------- | ------------------------------------------------------------ | 1016| 9200001 | The application is not an administrator application of the device. | 1017| 9200002 | The administrator application does not have permission to manage the device. | 1018| 201 | Permission verification failed. The application does not have the permission required to call the API. | 1019 1020**Example** 1021 1022```ts 1023import { Want } from '@kit.AbilityKit'; 1024import { networkManager } from '@kit.MDMKit'; 1025 1026let wantTemp: Want = { 1027 // Replace it as required. 1028 bundleName: 'com.example.myapplication', 1029 abilityName: 'EntryAbility', 1030}; 1031let apnInfo: Record<string, string> = { 1032 // Replace it as required. 1033 "apnName": "CTNET", 1034 "apn": "CTNET", 1035 "mnc": "11", 1036 "mcc": "460", 1037}; 1038let apnId: string = "1"; // Replace it as required. 1039try { 1040 networkManager.updateApn(wantTemp, apnInfo, apnId); 1041 console.info(`Succeeded in updating apn.`); 1042} catch (err) { 1043 console.error(`Failed to update apn. Code: ${err.code}, message: ${err.message}`); 1044} 1045``` 1046 1047## networkManager.setPreferredApn<sup>20+</sup> 1048 1049setPreferredApn(admin: Want, apnId: string): void 1050 1051Sets the preferred APN. 1052 1053**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 1054 1055**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1056 1057 1058**Parameters** 1059 1060| Name| Type | Mandatory| Description | 1061| ------ | ------------------------------------------------------- | ---- | -------------- | 1062| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 1063| apnId | string | Yes | Preferred APN ID to be set. You can obtain device information using [networkManager.queryApn](#networkmanagerqueryapn20).| 1064 1065**Error codes** 1066 1067For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 1068 1069| ID| Error Message | 1070| -------- | ------------------------------------------------------------ | 1071| 9200001 | The application is not an administrator application of the device. | 1072| 9200002 | The administrator application does not have permission to manage the device. | 1073| 201 | Permission verification failed. The application does not have the permission required to call the API. | 1074 1075**Example** 1076 1077```ts 1078import { Want } from '@kit.AbilityKit'; 1079import { networkManager } from '@kit.MDMKit'; 1080 1081let wantTemp: Want = { 1082 // Replace it as required. 1083 bundleName: 'com.example.myapplication', 1084 abilityName: 'EntryAbility', 1085}; 1086let apnId: string = "1"; // Replace it as required. 1087try { 1088 networkManager.setPreferredApn(wantTemp, apnId); 1089 console.info(`Succeeded in setting preferred apn.`); 1090} catch (err) { 1091 console.error(`Failed to set preferred apn. Code: ${err.code}, message: ${err.message}`); 1092} 1093``` 1094 1095## networkManager.queryApn<sup>20+</sup> 1096 1097queryApn(admin: Want, apnInfo: Record\<string, string>): Array\<string> 1098 1099Queries the APN ID. 1100 1101**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 1102 1103**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1104 1105 1106**Parameters** 1107 1108| Name| Type | Mandatory| Description | 1109| ------ | ------------------------------------------------------- | ---- | -------------- | 1110| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 1111| apnInfo | Record\<string, string> | Yes | APN information.<br>- **apnName**: APN identifier, which is optional.<br>- **mcc**: 3-digit mobile country code (MCC), which is optional.<br>- **mnc**: 2-digit or 3-digit mobile network code (MNC), which is optional.<br>- **apn**: access point name, which is optional.<br>- **type**: APN service type, which is optional.<br>- **user**: user name for APN authentication, which is optional.<br>- **proxy**: address of the proxy server for a common data connection, which is optional.<br>- **mmsproxy**: dedicated proxy address of the MMS service, which is optional.<br>- **authType**: authentication protocol type of the APN, which is optional.| 1112 1113**Return value** 1114 1115| Type | Description | 1116| --------------------------------------------- | ------------------------------------------------------------ | 1117| Array\<string> | APN ID obtained.| 1118 1119**Error codes** 1120 1121For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 1122 1123| ID| Error Message | 1124| -------- | ------------------------------------------------------------ | 1125| 9200001 | The application is not an administrator application of the device. | 1126| 9200002 | The administrator application does not have permission to manage the device. | 1127| 201 | Permission verification failed. The application does not have the permission required to call the API. | 1128 1129**Example** 1130 1131```ts 1132import { Want } from '@kit.AbilityKit'; 1133import { networkManager } from '@kit.MDMKit'; 1134 1135let wantTemp: Want = { 1136 // Replace it as required. 1137 bundleName: 'com.example.myapplication', 1138 abilityName: 'EntryAbility', 1139}; 1140let apnInfo: Record<string, string> = { 1141 // Replace it as required. 1142 "apnName": "CTNET", 1143 "apn": "CTNET", 1144 "mnc": "11", 1145 "mcc": "460", 1146}; 1147try { 1148 let queryResult: Array<string> = networkManager.queryApn(wantTemp, apnInfo); 1149 console.info(`Succeeded in querying apn, result : ${JSON.stringify(queryResult)}`); 1150} catch (err) { 1151 console.error(`Failed to query apn. Code: ${err.code}, message: ${err.message}`); 1152} 1153``` 1154 1155## networkManager.queryApn<sup>20+</sup> 1156 1157queryApn(admin: Want, apnId: string): Record\<string, string> 1158 1159Queries the APN parameter information. 1160 1161**Required permissions**: ohos.permission.ENTERPRISE_MANAGE_APN 1162 1163**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1164 1165 1166**Parameters** 1167 1168| Name| Type | Mandatory| Description | 1169| ------ | ------------------------------------------------------- | ---- | -------------- | 1170| admin | [Want](../apis-ability-kit/js-apis-app-ability-want.md) | Yes | EnterpriseAdminExtensionAbility.| 1171| apnId | string | Yes | Specified APN ID. You can obtain device information using [networkManager.queryApn](#networkmanagerqueryapn20).| 1172 1173**Return value** 1174 1175| Type | Description | 1176| --------------------------------------------- | ------------------------------------------------------------ | 1177| Record\<string, string> | APN parameter information of the specified APN ID.<br>- **apnName**: APN identifier.<br>- **mcc**: 3-digit mobile country code (MCC).<br>- **mnc**: 2-digit or 3-digit mobile network code (MNC).<br>- **apn**: access point name.<br>- **type**: APN service type.<br>- **user**: user name for APN authentication.<br>- **proxy**: address of the proxy server for a common data connection.<br>- **mmsproxy**: dedicated proxy address of the MMS service.<br>- **authType**: authentication protocol type of the APN.| 1178 1179**Error codes** 1180 1181For details about the error codes, see [Enterprise Device Management Error Codes](errorcode-enterpriseDeviceManager.md) and [Universal Error Codes](../errorcode-universal.md). 1182 1183| ID| Error Message | 1184| -------- | ------------------------------------------------------------ | 1185| 9200001 | The application is not an administrator application of the device. | 1186| 9200002 | The administrator application does not have permission to manage the device. | 1187| 201 | Permission verification failed. The application does not have the permission required to call the API. | 1188 1189**Example** 1190 1191```ts 1192import { Want } from '@kit.AbilityKit'; 1193import { networkManager } from '@kit.MDMKit'; 1194 1195let wantTemp: Want = { 1196 // Replace it as required. 1197 bundleName: 'com.example.myapplication', 1198 abilityName: 'EntryAbility', 1199}; 1200let apnId: string = "1"; // Replace it as required. 1201try { 1202 let queryResult: Record<string, string> = networkManager.queryApn(wantTemp, apnId); 1203 console.info(`Succeeded in querying apn, result : ${JSON.stringify(queryResult)}`); 1204} catch (err) { 1205 console.error(`Failed to query apn. Code: ${err.code}, message: ${err.message}`); 1206} 1207``` 1208 1209## FirewallRule 1210 1211Represents a firewall rule. 1212 1213**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1214 1215 1216| Name | Type | Read-only| Optional| Description | 1217| --------- | ----------------------- | ---- | ---- |------------------------------------------------------------ | 1218| srcAddr | string | No | Yes|Source IP address. An IP address segment, for example, **192.168.0.0/22** or **192.168.1.100-192.168.1.200** is supported.| 1219| destAddr | string | No | Yes|Destination IP address. An IP address segment, for example, **192.168.0.0/22** or **192.168.1.100-192.168.1.200** is supported.| 1220| srcPort | string | No | Yes|Source port. | 1221| destPort | string | No | Yes|Destination port. | 1222| appUid | string | No | Yes|UID of the application. | 1223| direction | [Direction](#direction) | No | Yes|Direction chains to which the rule applies.<br>This parameter is mandatory when a firewall rule is added.<br>This parameter is optional when a firewall is removed. If this parameter is left empty, all [Direction](#direction) chains are cleared, and **srcAddr**, **destAddr**, **srcPort**, **destPort**, and **appUid** must be also left empty.| 1224| action | [Action](#action) | No | Yes|Action to take, that is, receive or discard the data packets.<br>This parameter is mandatory when a firewall rule is added.<br>This parameter is optional when a firewall is removed. If this parameter is left empty, all [Action](#action) chains are cleared, and **srcAddr**, **destAddr**, **srcPort**, **destPort**, and **appUid** must be also left empty.| 1225| protocol | [Protocol](#protocol) | No | Yes|Network protocol. If this parameter is set to **ALL** or **ICMP**, **srcPort** and **destPort** cannot be set.| 1226 1227## DomainFilterRule 1228 1229Represents a domain name filtering rule. 1230 1231**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1232 1233 1234| Name | Type | Read-only| Optional| Description | 1235| ---------- | ----------------- | ---- | ---- | ------------------------------------------------------------ | 1236| domainName | string | No | Yes|Domain name. This parameter is mandatory when a domain name filtering rule is added. | 1237| appUid | string | No | Yes|UID of the application. | 1238| action | [Action](#action) | No | Yes|Action to take, that is, receive or discard the data packets.<br>This parameter is mandatory when a domain name filtering rule is added.<br>This parameter is optional when a domain name filtering rule is removed. If this parameter is left empty, all [Action](#action) chains are cleared, and **domainName** and **appUid** must be also left empty.| 1239| direction<sup>15+</sup> | [Direction](#direction) | No| Yes|Direction chains to which the rule applies.<br>This parameter is mandatory when a firewall rule is added.<br>This parameter is optional when a firewall is removed. If this parameter is left empty, all [Direction](#direction) chains are cleared, and **domainName** and **appUid** must be also left empty.| 1240 1241## Direction 1242 1243Direction chains to which the rule applies. 1244 1245**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1246 1247 1248| Name | Value | Description | 1249| ------ | ---- | -------- | 1250| INPUT | 0 | Input chain.| 1251| OUTPUT | 1 | Output chain.| 1252| FORWARD<sup>15+</sup> | 2 | Forward chain. | 1253 1254## Action 1255 1256Enumerates the actions that can be taken for data packets. 1257 1258**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1259 1260 1261| Name | Value | Description | 1262| ----- | ---- | ------------ | 1263| ALLOW | 0 | Receive data packets.| 1264| DENY | 1 | Discard data packets.| 1265| REJECT<sup>15+</sup> | 2 | Reject data packets.| 1266 1267## Protocol 1268 1269Network protocol. 1270 1271**System capability**: SystemCapability.Customization.EnterpriseDeviceManager 1272 1273 1274| Name| Value | Description | 1275| ---- | ---- | -------------- | 1276| ALL | 0 | All network protocols.| 1277| TCP | 1 | TCP. | 1278| UDP | 2 | UDP. | 1279| ICMP | 3 | ICMP.| 1280