a10_ddos_zone_template_http
Synopsis
HTTP template Configuration
Parameters
Parameters |
Choices/Defaults |
Comment |
|
|---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
http_tmpl_name str/required |
DDOS HTTP Template Name |
||
disable bool |
Disable this template |
||
multi_pu_threshold_distribution dict |
Field multi_pu_threshold_distribution |
||
multi_pu_threshold_distribution_value int |
Destination side rate limit only. Default= 0 |
||
multi_pu_threshold_distribution_disable str |
‘disable’= Destination side rate limit only. Default= Enable; |
||
mss_timeout dict |
Field mss_timeout |
||
mss_percent int |
Configure percentage of mss such that if a packet size is below the mss times mss-percent, packet is considered bad. |
||
number_packets int |
Specify percentage of mss. Default is 0, mss-timeout is not enabled. |
||
mss_timeout_action_list_name str |
Configure action-list to take |
||
mss_timeout_action str |
‘drop’= Drop packets (Default); ‘ignore’= Take no action; ‘blacklist-src’= Blacklist-src; ‘reset’= Reset client connection; |
||
disallow_connect_method bool |
Do not allow HTTP Connect method (asymmetric mode only) |
||
challenge dict |
Field challenge |
||
challenge_method str |
‘http-redirect’= http-redirect; ‘javascript’= javascript; |
||
challenge_redirect_code str |
‘302’= 302 Found; ‘307’= 307 Temporary Redirect; |
||
challenge_uri_encode bool |
Encode the challenge phrase in uri instead of in http cookie. Default encoded in http cookie |
||
challenge_cookie_name str |
Set the cookie name used to send back to client. Default is sto-idd |
||
challenge_keep_cookie bool |
Keep the challenge cookie from client and forward to backend. Default is do not keep |
||
challenge_interval int |
Specify the challenge interval. Default is 8 seconds |
||
challenge_pass_action_list_name str |
Configure action-list to take for passing the authentication |
||
challenge_pass_action str |
‘authenticate-src’= Authenticate-src (Default); |
||
challenge_fail_action_list_name str |
Configure action-list to take for failing the authentication |
||
challenge_fail_action str |
‘blacklist-src’= Blacklist-src; ‘reset’= Reset client connection(Default); |
||
non_http_bypass bool |
Bypass non-http traffic instead of dropping |
||
client_source_ip dict |
Field client_source_ip |
||
client_source_ip bool |
Mitigate on src ip specified by http header for example X-Forwarded-For header. Default is disabled |
||
http_header_name str |
Set the http header name to parse for client ip. Default is X-Forwarded-For |
||
request_header dict |
Field request_header |
||
timeout int |
Field timeout |
||
header_timeout_action_list_name str |
Configure action-list to take |
||
header_timeout_action str |
‘drop’= Drop packets (Default); ‘blacklist-src’= Blacklist-src; ‘reset’= Reset client connection; |
||
src dict |
Field src |
||
rate_limit dict |
Field rate_limit |
||
dst dict |
Field dst |
||
rate_limit dict |
Field rate_limit |
||
slow_read dict |
Field slow_read |
||
min_window_size int |
minimum window size |
||
min_window_count int |
Number of packets |
||
slow_read_action_list_name str |
Configure action-list to take |
||
slow_read_action str |
‘drop’= Drop packets (Default); ‘blacklist-src’= Blacklist-src; ‘ignore’= Take no action; ‘reset’= Reset client connection; |
||
out_of_order_queue_size int |
Set the number of packets for the out-of-order HTTP queue (asym mode only) |
||
out_of_order_queue_timeout int |
Set the timeout value in seconds for out-of-order queue in HTTP (asym mode only) |
||
idle_timeout dict |
Field idle_timeout |
||
idle_timeout_value int |
Set the the idle timeout value in seconds for HTTP connections |
||
ignore_zero_payload bool |
Don’t reset idle timer on packets with zero payload length from clients |
||
idle_timeout_action_list_name str |
Configure action-list to take |
||
idle_timeout_action str |
‘drop’= Drop packets (Default); ‘blacklist-src’= Blacklist-src; ‘reset’= Reset client connection; |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
filter_list list |
Field filter_list |
||
http_filter_name str |
Field http_filter_name |
||
http_filter_seq int |
Sequence number |
||
http_header_cfg dict |
Field http_header_cfg |
||
http_referer_cfg dict |
Field http_referer_cfg |
||
http_agent_cfg dict |
Field http_agent_cfg |
||
http_uri_cfg dict |
Field http_uri_cfg |
||
dst dict |
Field dst |
||
http_filter_action_list_name str |
Configure action-list to take |
||
http_filter_action str |
‘drop’= Drop packets (Default); ‘ignore’= Take no action; ‘blacklist-src’= Blacklist-src; ‘authenticate-src’= Authenticate-src; ‘reset’= Reset client connection; |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
malformed_http dict |
Field malformed_http |
||
malformed_http str |
‘check’= Configure malformed HTTP parameters; |
||
malformed_http_max_line_size int |
Set the maximum line size. Default value is 32512 |
||
malformed_http_max_num_headers int |
Set the maximum number of headers. Default value is 90 |
||
malformed_http_max_req_line_size int |
Set the maximum request line size. Default value is 32512 |
||
malformed_http_max_header_name_size int |
Set the maxinum header name length. Default value is 64. |
||
malformed_http_max_content_length int |
Set the maxinum content-length header. Default value is 4294967295 bytes |
||
malformed_http_bad_chunk_mon_enabled bool |
Enabling bad chunk monitoring. Default is disabled |
||
malformed_http_action_list_name str |
Configure action-list to take |
||
malformed_http_action str |
‘drop’= Drop packets (Default); ‘reset’= Reset client connection; ‘blacklist- src’= Blacklist-src; |
||
uuid str |
uuid of the object |
||
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.