slb template¶
Define an SLB template
template Specification¶
Type Intermediate Resource Element Name template Element URI /axapi/v3/slb/template Element Attributes template_attributes Schema template schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/slb/template | template_attributes |
template attributes¶
cache-list
Type: List
Reference Object: /axapi/v3/slb/template/cache/{name}
cipher-list
Type: List
Reference Object: /axapi/v3/slb/template/cipher/{name}
client-ssh-list
Type: List
Reference Object: /axapi/v3/slb/template/client-ssh/{name}
client-ssl-list
Type: List
Reference Object: /axapi/v3/slb/template/client-ssl/{name}
connection-reuse-list
Type: List
Reference Object: /axapi/v3/slb/template/connection-reuse/{name}
dblb-list
Type: List
Reference Object: /axapi/v3/slb/template/dblb/{name}
diameter-list
Type: List
Reference Object: /axapi/v3/slb/template/diameter/{name}
dns-list
Type: List
Reference Object: /axapi/v3/slb/template/dns/{name}
dynamic-service-list
Type: List
Reference Object: /axapi/v3/slb/template/dynamic-service/{name}
external-service-list
Type: List
Reference Object: /axapi/v3/slb/template/external-service/{name}
fix-list
Type: List
Reference Object: /axapi/v3/slb/template/fix/{name}
ftp-list
Type: List
Reference Object: /axapi/v3/slb/template/ftp/{name}
http-list
Type: List
Reference Object: /axapi/v3/slb/template/http/{name}
http-policy-list
Type: List
Reference Object: /axapi/v3/slb/template/http-policy/{name}
imap-pop3-list
Type: List
Reference Object: /axapi/v3/slb/template/imap-pop3/{name}
link-down-on-restart
Description: link-down-on-restart is a JSON Block. Please see below for link-down-on-restart
Type: Object
Reference Object: /axapi/v3/slb/template/link-down-on-restart
logging-list
Type: List
Reference Object: /axapi/v3/slb/template/logging/{name}
monitor-list
Type: List
Reference Object: /axapi/v3/slb/template/monitor/{id}
persist
Description: persist is a JSON Block. Please see below for persist
Type: Object
Reference Object: /axapi/v3/slb/template/persist
policy-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}
port-list
Type: List
Reference Object: /axapi/v3/slb/template/port/{name}
reqmod-icap-list
Type: List
Reference Object: /axapi/v3/slb/template/reqmod-icap/{name}
respmod-icap-list
Type: List
Reference Object: /axapi/v3/slb/template/respmod-icap/{name}
server-list
Type: List
Reference Object: /axapi/v3/slb/template/server/{name}
server-ssh-list
Type: List
Reference Object: /axapi/v3/slb/template/server-ssh/{name}
server-ssl-list
Type: List
Reference Object: /axapi/v3/slb/template/server-ssl/{name}
sip-list
Type: List
Reference Object: /axapi/v3/slb/template/sip/{name}
smpp-list
Type: List
Reference Object: /axapi/v3/slb/template/smpp/{name}
smtp-list
Type: List
Reference Object: /axapi/v3/slb/template/smtp/{name}
ssli-list
Type: List
Reference Object: /axapi/v3/slb/template/ssli/{name}
tcp-list
Type: List
Reference Object: /axapi/v3/slb/template/tcp/{name}
tcp-proxy-list
Type: List
Reference Object: /axapi/v3/slb/template/tcp-proxy/{name}
udp-list
Type: List
Reference Object: /axapi/v3/slb/template/udp/{name}
virtual-port-list
Type: List
Reference Object: /axapi/v3/slb/template/virtual-port/{name}
virtual-server-list
Type: List
Reference Object: /axapi/v3/slb/template/virtual-server/{name}
logging-list¶
Specification Type list Block object keys auto
Description ‘auto’: Configure auto NAT for logging, default is auto enabled;
Type: string
Supported Values: auto
Default: auto
Mutual Exclusion: auto and pool are mutually exclusive
format
Description Specfiy a format string for web logging (format string(less than 250 characters) for web logging)
Type: string
Format: string-rlx
Maximum Length: 250 characters
Maximum Length: 1 characters
keep-end
Description Number of unmasked characters at the end (default: 0)
Type: number
Range: 0-65535
Default: 0
keep-start
Description Number of unmasked characters at the beginning (default: 0)
Type: number
Range: 0-65535
Default: 0
local-logging
Description 1 to enable local logging (1 to enable local logging, default 0)
Type: number
Range: 0-1
Default: 0
mask
Description Character to mask the matched pattern (default: X)
Type: string
Maximum Length: 1 characters
Maximum Length: 1 characters
Default: X
name
Description Logging Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
pcre-mask
Description Mask matched PCRE pattern in the log
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
pool
Description Specify NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Mutual Exclusion: pool shared-partition-pool and auto are mutually exclusive
Reference Object: /axapi/v3/ip/nat/pool
pool-shared
Description Specify NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ip/nat/pool
service-group
Description Bind a Service Group to the logging template (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
shared-partition-pool
Description Reference a NAT pool or pool group from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-pool and pool are mutually exclusive
shared-partition-tcp-proxy-template
Description Reference a TCP Proxy template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-tcp-proxy-template and tcp-proxy are mutually exclusive
tcp-proxy
Description TCP proxy template (TCP Proxy Config name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: tcp-proxy and shared-partition-tcp-proxy-template are mutually exclusive
Reference Object: /axapi/v3/slb/template/tcp-proxy
template-tcp-proxy-shared
Description TCP Proxy Template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/tcp-proxy
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
cache-list¶
Specification Type list Block object keys accept-reload-req
Description Accept reload requests via cache-control directives in HTTP headers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
age
Description Specify duration in seconds cached content valid, default is 3600 seconds (seconds that the cached content is valid (default 3600 seconds))
Type: number
Range: 1-999999
Default: 3600
default-policy-nocache
Description Specify default policy to be to not cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-insert-age
Description Disable insertion of age header in response served from RAM cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-insert-via
Description Disable insertion of via header in response served from RAM cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
local-uri-policy
Type: Listlogging
Description Specify logging template (Logging Config name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/logging
max-cache-size
Description Specify maximum cache size in megabytes, default is 80MB (RAM cache size in megabytes (default 80MB))
Type: number
Range: 1-4096
Default: 80
max-content-size
Description Maximum size (bytes) of response that can be cached - default 81920 (80KB)
Type: number
Range: 0-268435455
Default: 81920
min-content-size
Description Minimum size (bytes) of response that can be cached - default 512
Type: number
Range: 0-268435455
Default: 512
name
Description Specify cache template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
remove-cookies
Description Remove cookies in response and cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
replacement-policy
Description ‘LFU’: LFU;
Type: string
Supported Values: LFU
Default: LFU
sampling-enable
Type: Listuri-policy
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
verify-host
Description Verify request using host before sending response from RAM cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cache-list_local-uri-policy¶
Specification Type list Block object keys local-uri
Description Specify Local URI for caching (Specify URI pattern that the policy should be applied to, maximum 63 charaters)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
cache-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: hits; ‘miss’: miss; ‘bytes_served’: bytes_served; ‘total_req’: total_req; ‘caching_req’: caching_req; ‘nc_req_header’: nc_req_header; ‘nc_res_header’: nc_res_header; ‘rv_success’: rv_success; ‘rv_failure’: rv_failure; ‘ims_request’: ims_request; ‘nm_response’: nm_response; ‘rsp_type_CL’: rsp_type_CL; ‘rsp_type_CE’: rsp_type_CE; ‘rsp_type_304’: rsp_type_304; ‘rsp_type_other’: rsp_type_other; ‘rsp_no_compress’: rsp_no_compress; ‘rsp_gzip’: rsp_gzip; ‘rsp_deflate’: rsp_deflate; ‘rsp_other’: rsp_other; ‘nocache_match’: nocache_match; ‘match’: match; ‘invalidate_match’: invalidate_match; ‘content_toobig’: content_toobig; ‘content_toosmall’: content_toosmall; ‘entry_create_failures’: entry_create_failures; ‘mem_size’: mem_size; ‘entry_num’: entry_num; ‘replaced_entry’: replaced_entry; ‘aging_entry’: aging_entry; ‘cleaned_entry’: cleaned_entry;
Type: string
Supported Values: all, hits, miss, bytes_served, total_req, caching_req, nc_req_header, nc_res_header, rv_success, rv_failure, ims_request, nm_response, rsp_type_CL, rsp_type_CE, rsp_type_304, rsp_type_other, rsp_no_compress, rsp_gzip, rsp_deflate, rsp_other, nocache_match, match, invalidate_match, content_toobig, content_toosmall, entry_create_failures, mem_size, entry_num, replaced_entry, aging_entry, cleaned_entry
cache-list_uri-policy¶
Specification Type list Block object keys cache-action
Description ‘cache’: Specify if certain URIs should be cached; ‘nocache’: Specify if certain URIs should not be cached;
Type: string
Supported Values: cache, nocache
cache-value
Description Specify seconds that content should be cached, default is age specified in cache template
Type: number
Range: 1-999999
invalidate
Description Specify if URI should invalidate cache entries matching pattern (pattern that would match entries to be invalidated (64 chars max))
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
uri
Description Specify URI for cache policy (Specify URI pattern that the policy should be applied to, maximum 63 charaters)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
port-list¶
Specification Type list Block object keys add
Description Slow start connection limit add by a number every interval (Add by this number every interval)
Type: number
Range: 1-4095
Mutual Exclusion: add and times are mutually exclusive
bw-rate-limit
Description Configure bandwidth rate limit on real server port (Bandwidth rate limit in Kbps)
Type: number
Range: 1-16777216
bw-rate-limit-duration
Description Duration in seconds the observed rate needs to honor
Type: number
Range: 1-250
bw-rate-limit-no-logging
Description Do not log bandwidth rate limit related state transitions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
bw-rate-limit-resume
Description Resume server selection after bandwidth drops below this threshold (in Kbps) (Bandwidth rate limit resume threshold (in Kbps))
Type: number
Range: 1-16777216
conn-limit
Description Connection limit
Type: number
Range: 1-64000000
Default: 64000000
conn-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit
Description Connection rate limit
Type: number
Range: 1-1048575
conn-rate-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dampening-flaps
Description service dampening flaps count (max-flaps allowed in flap period)
Type: number
Range: 1-255
decrement
Description Decrease after every round of DNS query (default is 0)
Type: number
Range: 0-7
Default: 0
del-session-on-server-down
Description Delete session if the server/port goes down (either disabled/hm down)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dest-nat
Description Destination NAT
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
down-grace-period
Description Port down grace period
Type: number
Range: 1-86400
down-timer
Description The timer to bring the marked down server/port to up (default is 0, never bring up) (The timer to bring up server (in second, default is 0))
Type: number
Range: 0-255
Default: 0
dscp
Description Differentiated Services Code Point (DSCP to Real Server IP Mapping Value)
Type: number
Range: 1-63
dynamic-member-priority
Description Set dynamic member’s priority (Initial priority (default is 16))
Type: number
Range: 1-16
Default: 16
every
Description Slow start connection limit increment interval (default 10)
Type: number
Range: 1-60
Default: 10
extended-stats
Description Enable extended statistics on real server port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
flap-period
Description take service out of rotation if max-flaps exceeded within time in seconds
Type: number
Range: 1-255
health-check
Description Health Check Monitor (Health monitor name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
inband-health-check
Description Use inband traffic to detect port’s health status
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
initial-slow-start
Description Initial slow start connection limit (default 128)
Type: number
Range: 1-4095
Default: 128
name
Description Port template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
no-ssl
Description No SSL
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
rate-interval
Description ‘100ms’: Use 100 ms as sampling interval; ‘second’: Use 1 second as sampling interval;
Type: string
Supported Values: 100ms, second
Default: second
reassign
Description Maximum reassign times before declear the server/port down (default is 25) (The maximum reassign number)
Type: number
Range: 0-255
Default: 25
request-rate-interval
Description ‘100ms’: Use 100 ms as sampling interval; ‘second’: Use 1 second as sampling interval;
Type: string
Supported Values: 100ms, second
Default: second
request-rate-limit
Description Request rate limit
Type: number
Range: 1-1048575
request-rate-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
resel-on-reset
Description When receiving reset from server, do the server/port reselection (default is 0, don’t do reselection)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset
Description Send client reset when connection rate over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
restore-svc-time
Description put the service back to the rotation after time in seconds
Type: number
Range: 1-4095
resume
Description Resume accepting new connection after connection number drops below threshold (Connection resume threshold)
Type: number
Range: 1-1048575
retry
Description Maximum retry times before reassign this connection to another server/port (default is 2) (The maximum retry number)
Type: number
Range: 0-7
Default: 2
shared-partition-pool
Description Reference a NAT pool or pool-group from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-pool and source-nat are mutually exclusive
slow-start
Description Slowly ramp up the connection number after port is up
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
source-nat
Description Source NAT (IP NAT Pool or pool group name)
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Mutual Exclusion: source-nat and shared-partition-pool are mutually exclusive
Reference Object: /axapi/v3/ip/nat/pool
stats-data-action
Description ‘stats-data-enable’: Enable statistical data collection for real server port; ‘stats-data-disable’: Disable statistical data collection for real server port;
Type: string
Supported Values: stats-data-enable, stats-data-disable
Default: stats-data-enable
sub-group
Description Divide service group members into different sub groups (Sub group ID (default is 0))
Type: number
Range: 0-15
Default: 0
template-port-pool-shared
Description Source NAT (IP NAT Pool or pool group name)
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ip/nat/pool
till
Description Slow start ends when slow start connection limit reaches a number (default 4096) (Slow start ends when connection limit reaches this number)
Type: number
Range: 1-65535
Default: 4096
times
Description Slow start connection limit multiply by a number every interval (default 2) (Multiply by this number every interval)
Type: number
Range: 2-10
Default: 2
Mutual Exclusion: times and add are mutually exclusive
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
weight
Description Weight (port weight)
Type: number
Range: 1-1000
Default: 1
connection-reuse-list¶
Specification Type list Block object keys keep-alive-conn
Description Keep a number of server connections open
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
limit-per-server
Description Max Server Connections allowed (Connections per Server Port (default 1000))
Type: number
Range: 0-65535
Default: 1000
name
Description Connection Reuse Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
num-conn-per-port
Description Connections per Server Port (default 100)
Type: number
Range: 1-1024
Default: 100
preopen
Description Preopen server connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
timeout
Description Timeout in seconds. Multiple of 60 (def 2400)
Type: number
Range: 60-3600
Default: 2400
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
reqmod-icap-list¶
Specification Type list Block object keys action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
allowed-http-methods
Description List of allowed HTTP methods. Default is “Allow All”. (List of HTTP methods allowed (default “Allow All”))
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
bypass-ip-cfg
Type: Listcylance
Description cylance external server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-http-server-reset
Description Don’t reset http server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fail-close
Description When template sg is down mark vport down
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
failure-action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
include-protocol-in-uri
Description Include protocol and port in HTTP URI
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-only-allowed-method
Description Only log allowed HTTP method
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
logging
Description logging template (Logging template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/logging
min-payload-size
Description min-payload-size value 1 - 65535, default is 0 (1 - 65536, default is 0)
Type: number
Range: 0-65535
Default: 0
name
Description Reqmod ICAP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
preview
Description Preview value 1 - 32768, default is 32768
Type: number
Range: 1-32768
Default: 32768
server-ssl
Description Server SSL template (Server SSL template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/server-ssl
service-group
Description Bind a Service Group to the template (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
service-url
Description URL to send to ICAP server (Service URL Name)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
shared-partition-persist-source-ip-template
Description Reference a persist source ip template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-persist-source-ip-template and source-ip are mutually exclusive
shared-partition-tcp-proxy-template
Description Reference a TCP Proxy template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-tcp-proxy-template and tcp-proxy are mutually exclusive
source-ip
Description Source IP persistence template (Source IP persistence template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: source-ip and shared-partition-persist-source-ip-template are mutually exclusive
Reference Object: /axapi/v3/slb/template/persist/source-ip
tcp-proxy
Description TCP proxy template (TCP proxy template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: tcp-proxy and shared-partition-tcp-proxy-template are mutually exclusive
template-persist-source-ip-shared
Description Source IP Persistence Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/persist/source-ip
template-tcp-proxy-shared
Description TCP Proxy Template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/tcp-proxy
timeout
Description Timeout value 1 - 200 in units of 200ms, default is 5 (default is 1000ms) (1 - 200 in units of 200ms, default is 5 (1000ms))
Type: number
Range: 1-200
Default: 5
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
x-auth-url
Description Use URL format for authentication
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reqmod-icap-list_bypass-ip-cfg¶
Specification Type list Block object keys bypass-ip
Description ip address to bypass reqmod-icap service
Type: string
Format: ipv4-address
mask
Description IP prefix mask
Type: string
Format: ipv4-netmask
smpp-list¶
Specification Type list Block object keys client-enquire-link
Description Respond client ENQUIRE_LINK packet directly instead of forwarding to server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description SMPP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
password
Description Configure the password used to bind
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
server-enquire-link
Description Send server ENQUIRE_LINK packet for every persist connection when enable conn-reuse
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-enquire-link-val
Description Set interval of keep-alive packet for each persistent connection (second, default is 30)
Type: number
Range: 5-300
Default: 30
server-selection-per-request
Description Force server selection on every SMPP request when enable conn-reuse
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user
Description Configure the user to bind (The name used to bind)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
smtp-list¶
Specification Type list Block object keys LF-to-CRLF
Description Change the LF to CRLF for smtp end of line
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-domain-switching
Type: Listclient-starttls-type
Description ‘optional’: STARTTLS is optional requirement; ‘enforced’: Must issue STARTTLS command before mail transaction;
Type: string
Supported Values: optional, enforced
command-disable
Type: Listerror-code-to-client
Description Would transfer error code(554) to client, when getting it from connection establishing with real-server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description SMTP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
server-domain
Description Config the domain of the email servers (Server’s domain, default is “mail-server-domain”)
Type: string
Format: host
Maximum Length: 254 characters
Maximum Length: 1 characters
Default: mail-server-domain
server-starttls-type
Description ‘optional’: STARTTLS is optional requirement; ‘enforced’: Must issue STARTTLS command before mail transaction;
Type: string
Supported Values: optional, enforced
service-ready-msg
Description Set SMTP service ready message (SMTP service ready message, default is “ESMTP mail service ready”)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: ESMTP mail service ready
template
Description: template is a JSON Block. Please see below for smtp-list_template
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
smtp-list_client-domain-switching¶
Specification Type list Block object keys match-string
Description Domain name string
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
service-group
Description Select service group (Service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
switching-type
Description ‘contains’: Specify domain name string if domain contains another string; ‘ends-with’: Specify domain name string if domain ends with another string; ‘starts-with’: Specify domain string if domain starts with another string;
Type: string
Supported Values: contains, ends-with, starts-with
smtp-list_template¶
Specification Type object logging
Description Logging template (Logging Config name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/logging
smtp-list_command-disable¶
Specification Type list Block object keys disable-type
Description ‘expn’: Disable SMTP EXPN commands; ‘turn’: Disable SMTP TURN commands; ‘vrfy’: Disable SMTP VRFY commands;
Type: string
Supported Values: expn, turn, vrfy
external-service-list¶
Specification Type list Block object keys action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
bypass-ip-cfg
Type: Listfailure-action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
name
Description External Service Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
request-header-forward-list
Type: Listservice-group
Description Bind a Service Group to the template (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
shared-partition-persist-source-ip-template
Description Reference a persist source ip template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-persist-source-ip-template and source-ip are mutually exclusive
shared-partition-tcp-proxy-template
Description Reference a TCP Proxy template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-tcp-proxy-template and tcp-proxy are mutually exclusive
source-ip
Description Source IP persistence template (Source IP persistence template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: source-ip and shared-partition-persist-source-ip-template are mutually exclusive
Reference Object: /axapi/v3/slb/template/persist/source-ip
tcp-proxy
Description TCP proxy template (TCP proxy template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: tcp-proxy and shared-partition-tcp-proxy-template are mutually exclusive
template-persist-source-ip-shared
Description Source IP Persistence Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/persist/source-ip
template-tcp-proxy-shared
Description TCP Proxy Template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/tcp-proxy
timeout
Description Timeout value 1 - 200 in units of 200ms, default is 5 (default is 1000ms) (1 - 200 in units of 200ms, default is 5 (1000ms))
Type: number
Range: 1-200
Default: 5
type
Description ‘skyfire-icap’: Skyfire ICAP service; ‘url-filter’: URL filtering service;
Type: string
Supported Values: skyfire-icap, url-filter
Default: url-filter
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
external-service-list_bypass-ip-cfg¶
Specification Type list Block object keys bypass-ip
Description ip address to bypass external service
Type: string
Format: ipv4-address
mask
Description IP prefix mask
Type: string
Format: ipv4-netmask
external-service-list_request-header-forward-list¶
Specification Type list Block object keys request-header-forward
Description Request header to be forwarded to external service (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp-list¶
Specification Type list Block object keys alive-if-active
Description keep connection alive if active traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
del-session-on-server-down
Description Delete session if the server/port goes down (either disabled/hm down)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable
Description send reset to client when server is disabled
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: disable and down are mutually exclusive
down
Description send reset to client when server is down
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: down and disable are mutually exclusive
force-delete-timeout
Description The maximum time that a session can stay in the system before being delete (number (second))
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive
force-delete-timeout-100ms
Description The maximum time that a session can stay in the system before being delete (number in 100ms)
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive
half-close-idle-timeout
Description TCP Half Close Idle Timeout (sec), default off (half close idle timeout in second, default off)
Type: number
Range: 60-120
half-open-idle-timeout
Description TCP Half Open Idle Timeout (sec), default off (half open idle timeout in second, default off)
Type: number
Range: 1-60
idle-timeout
Description Idle Timeout value (default 120 seconds) (idle timeout in second, default 120)
Type: number
Range: 1-2097151
Default: 120
initial-window-size
Description Set the initial window size (number)
Type: number
Range: 1-65535
insert-client-ip
Description Insert client ip into TCP option
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
lan-fast-ack
Description Enable fast TCP ack on LAN
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
logging
Description ‘init’: init only log; ‘term’: termination only log; ‘both’: both initial and termination log;
Type: string
Supported Values: init, term, both
name
Description Fast TCP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
qos
Description QOS level (number)
Type: number
Range: 1-63
reset-follow-fin
Description send reset to client or server upon receiving first fin
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset-fwd
Description send reset to server if error happens
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset-rev
Description send reset to client if error happens
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
diameter-list¶
Specification Type list Block object keys avp-code
Description avp code
Type: number
Range: 1-2147483647
avp-list
Type: Listavp-string
Description pattern to be matched in the avp string name, max length 127 bytes
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
customize-cea
Description customizing cea response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dwr-time
Description dwr health-check timer interval (in 100 milli second unit, default is 100, 0 means unset this option)
Type: number
Range: 0-2147483647
Default: 100
dwr-up-retry
Description number of successful dwr health-check before declaring target up
Type: number
Range: 1-7
Default: 3
forward-to-latest-server
Description Forward client message to the latest server that sends message with the same session id
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-unknown-session-id
Description Forward server message even it has unknown session id
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
idle-timeout
Description user sesison idle timeout (in minutes, default is 5)
Type: number
Range: 1-65535
Default: 5
load-balance-on-session-id
Description Load balance based on the session id
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
message-code-list
Type: Listmultiple-origin-host
Description allowing multiple origin-host to a single server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description diameter template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
origin-host
Description: origin-host is a JSON Block. Please see below for diameter-list_origin-host
Type: Object
Reference Object: /axapi/v3/slb/template/diameter/{name}/origin-host
origin-realm
Description origin-realm name avp
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
product-name
Description product name avp
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
service-group-name
Description service group name, this is the service group that the message needs to be copied to
Type: string
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
session-age
Description user session age allowed (default 10), this is not idle-time (in minutes)
Type: number
Range: 1-65535
Default: 10
terminate-on-cca-t
Description remove diameter session when receiving CCA-T message
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vendor-id
Description vendor-id avp (Vendon Id)
Type: number
Range: 0-2147483647
Default: 0
diameter-list_message-code-list¶
Specification Type list Block object keys message-code
Description
Type: number
Range: 1-2147483647
diameter-list_avp-list¶
Specification Type list Block object keys avp
Description customize avps for cer to the server (avp number)
Type: number
Range: 0-2147483647
int32
Description 32 bits integer
Type: number
Range: 0-2147483647
Mutual Exclusion: int32 int64 and string are mutually exclusive
int64
Description 64 bits integer
Type: number
Range: 0-2147483647
Mutual Exclusion: int64 int32 and string are mutually exclusive
mandatory
Description mandatory avp
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
string
Description String (string name, max length 127 bytes)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: string int32 and int64 are mutually exclusive
diameter-list_origin-host¶
Specification Type object origin-host-name
Description origin-host name avp
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
udp-list¶
Specification Type list Block object keys age
Description short age
Type: number
Range: 1-31
avp
Description ‘4’: NAS-IP-address; ‘8’: Framed-IP-Address;
Type: string
Supported Values: 4, 8
disable-clear-session
Description Disable immediate clearing of session
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
idle-timeout
Description Idle Timeout value (default 120 seconds) (idle timeout in second, default 120)
Type: number
Range: 1-2097151
Default: 120
immediate
Description Immediate Removal after Transaction
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: immediate and short are mutually exclusive
name
Description Fast UDP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
qos
Description QOS level (number)
Type: number
Range: 1-63
radius-lb-method-hash-type
Description ‘ip’: IP-Hash;
Type: string
Supported Values: ip
re-select-if-server-down
Description re-select another server if service port is down
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
short
Description Short lived session
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: short and immediate are mutually exclusive
stateless-conn-timeout
Description Stateless Current Connection Timeout value (5 - 120 seconds) (idle timeout in second, default 120)
Type: number
Range: 5-120
Default: 120
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
link-down-on-restart¶
Specification Type object enable
Description
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
http-policy-list¶
Specification Type list Block object keys cookie-name
Description name of cookie to match (Cookie Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
geo-location-match
Type: Listhttp-policy-match
Type: Listname
Description http-policy template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
http-policy-list_http-policy-match¶
Specification Type list Block object keys match-string
Description URL String
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
match-type
Description ‘contains’: Select service group if URL string contains another string; ‘ends-with’: Select service group if URL string ends with another string; ‘equals’: Select service group if URL string equals another string; ‘starts-with’: Select service group if URL string starts with another string;
Type: string
Supported Values: contains, ends-with, equals, starts-with
service-group
Description Service Group to be used (Service Group Name)
Type: string
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
template
Description ‘waf’: waf; (WAF template to be used)
Type: string
Supported Values: waf
template-name
Description WAF template to be used (Template Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/waf/template
type
Description ‘cookie’: cookie value match; ‘host’: hostname match; ‘url’: URL match;
Type: string
Supported Values: cookie, host, url
http-policy-list_geo-location-match¶
Specification Type list Block object keys geo-location
Description Geolocation name
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
geo-location-service-group
Description Service Group to be used (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
geo-location-template
Description ‘waf’: waf; (WAF template to be used)
Type: string
Supported Values: waf
geo-location-template-name
Description WAF template to be used (Template Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/waf/template
client-ssl-list¶
Specification Type list Block object keys ad-group-list
Description Forward proxy bypass if ad-group matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
alert-type
Description ‘fatal’: Log fatal alerts;
Type: string
Supported Values: fatal
auth-sg
Description Specify authorization LDAP service group
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: auth-sg and authen-name are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
auth-sg-dn
Description Use Subject DN as LDAP search base DN
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
auth-sg-filter
Description Specify LDAP search filter
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
auth-username
Description Specify the Username Field in the Client Certificate(If multi-fields are specificed, prior one has higher priority)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
auth-username-attribute
Description Specify attribute name of username for client SSL authorization
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
authen-name
Description Specify authorization LDAP server name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: authen-name and auth-sg are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/server/ldap
authorization
Description Specify LDAP server for client SSL authorizaiton
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
bypass-cert-issuer-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-issuer-class-list-name and bypass-cert-issuer-multi-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
bypass-cert-issuer-multi-class-list
Type: Listbypass-cert-san-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-san-class-list-name and bypass-cert-san-multi-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
bypass-cert-san-multi-class-list
Type: Listbypass-cert-subject-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-subject-class-list-name and bypass-cert-subject-multi-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
bypass-cert-subject-multi-class-list
Type: Listca-certs
Type: Listcache-persistence-list-name
Description Class List Name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
case-insensitive
Description Case insensitive forward proxy bypass
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cert
Description Server Certificate (Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: cert and cert-shared-str are mutually exclusive
cert-alt-partition-shared
Description Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cert-alternate
Description Specify the second certificate (Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
cert-revoke-action
Description ‘bypass’: bypass SSLi processing; ‘continue’: continue the connection; ‘drop’: close the connection;
Type: string
Supported Values: bypass, continue, drop, block
Default: bypass
cert-shared-str
Description Certificate Name
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: cert-shared-str and cert are mutually exclusive
cert-unknown-action
Description ‘bypass’: bypass SSLi processing; ‘continue’: continue the connection; ‘drop’: close the connection;
Type: string
Supported Values: bypass, continue, drop, block
Default: bypass
certificate-issuer-contains-list
Type: Listcertificate-issuer-ends-with-list
Type: Listcertificate-issuer-equals-list
Type: Listcertificate-issuer-starts-with-list
Type: Listcertificate-san-contains-list
Type: Listcertificate-san-ends-with-list
Type: Listcertificate-san-equals-list
Type: Listcertificate-san-starts-with-list
Type: Listcertificate-subject-contains-list
Type: Listcertificate-subject-ends-with-list
Type: Listcertificate-subject-equals-list
Type: Listcertificate-subject-starts-with-list
Type: Listchain-cert
Description Chain Certificate (Chain Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: chain-cert and chain-cert-shared-str are mutually exclusive
chain-cert-shared-str
Description Chain Certificate Name
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: chain-cert-shared-str and chain-cert are mutually exclusive
cipher-without-prio-list
Type: Listclass-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: class-list-name and multi-clist-name are mutually exclusive
Reference Object: /axapi/v3/class-list
client-auth-case-insensitive
Description Case insensitive forward proxy client auth bypass
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-auth-class-list
Description Forward proxy client auth bypass if SNI string matches class-list (Class List Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-auth-contains-list
Type: Listclient-auth-ends-with-list
Type: Listclient-auth-equals-list
Type: Listclient-auth-starts-with-list
Type: Listclient-certificate
Description ‘Ignore’: Don’t request client certificate; ‘Require’: Require client certificate; ‘Request’: Request client certificate;
Type: string
Supported Values: Ignore, Require, Request
Default: Ignore
close-notify
Description Send close notification when terminate connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
contains-list
Type: Listcrl-certs
Type: Listdgversion
Description Lower TLS/SSL version can be downgraded
Type: number
Range: 30-33
Default: 31
dh-type
Description ‘1024’: 1024; ‘1024-dsa’: 1024-dsa; ‘2048’: 2048;
Type: string
Supported Values: 1024, 1024-dsa, 2048
direct-client-server-auth
Description Let backend server does SSL client authentication directly
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-sslv3
Description Reject Client requests for SSL version 3
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ec-list
Type: Listenable-ssli-ftp-alg
Description Enable SSLi FTP over TLS support at which port
Type: number
Range: 1-65535
enable-tls-alert-logging
Description Enable TLS alert logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ends-with-list
Type: Listequals-list
Type: Listexception-ad-group-list
Description Exceptions to forward proxy bypass if ad-group matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
exception-certificate-issuer-cl-name
Description Exceptions to forward-proxy-bypass
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
exception-certificate-san-cl-name
Description Exceptions to forward-proxy-bypass
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
exception-certificate-subject-cl-name
Description Exceptions to forward-proxy-bypass
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
exception-sni-cl-name
Description Exceptions to forward-proxy-bypass
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
exception-user-name-list
Description Exceptions to forward proxy bypass if user-name matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
expire-hours
Description Certificate lifetime in hours
Type: number
Range: 1-168
forward-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)forward-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
forward-proxy-alt-sign
Description Forward proxy alternate signing cert and key
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-block-message
Description Message to be included on the block page (Message, enclose in quotes if spaces are present)
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
forward-proxy-ca-cert
Description CA Certificate for forward proxy (SSL forward proxy CA Certificate Name)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
forward-proxy-ca-key
Description CA Private Key for forward proxy (SSL forward proxy CA Key Name)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
forward-proxy-cert-cache-limit
Description Certificate cache size limit, default is 524288 (set to 0 for unlimited size)
Type: number
Range: 0-2147483647
Default: 524288
forward-proxy-cert-cache-timeout
Description Certificate cache timeout, default is 1 hour (seconds, set to 0 for never timeout)
Type: number
Range: 0-2147483647
Default: 3600
forward-proxy-cert-expiry
Description Adjust certificate expiry relative to the time when it is created on the device
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-cert-not-ready-action
Description ‘bypass’: bypass the connection; ‘reset’: reset the connection;
Type: string
Supported Values: bypass, reset, intercept
Default: bypass
forward-proxy-cert-revoke-action
Description Action taken if a certificate is irreversibly revoked, bypass SSLi processing by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
forward-proxy-cert-unknown-action
Description Action taken if a certificate revocation status is unknown, bypass SSLi processing by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
forward-proxy-crl-disable
Description Disable Certificate Revocation List checking for forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-decrypted-dscp
Description Apply a DSCP to decrypted and bypassed traffic (DSCP to apply to decrypted traffic)
Type: number
Range: 1-63
forward-proxy-decrypted-dscp-bypass
Description DSCP to apply to bypassed traffic
Type: number
Range: 1-63
forward-proxy-enable
Description Enable SSL forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-failsafe-disable
Description Disable Failsafe for SSL forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-hash-persistence-interval
Description Set the time interval to save the hash persistence certs (Interval value, in minutes)
Type: number
Range: 1-720
Default: 30
forward-proxy-log-disable
Description Disable SSL forward proxy logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-no-shared-cipher-action
Description Action taken if handshake fails due to no shared ciper, close the connection by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
forward-proxy-no-sni-action
Description ‘intercept’: intercept in no SNI case; ‘bypass’: bypass in no SNI case; ‘reset’: reset in no SNI case;
Type: string
Supported Values: intercept, bypass, reset
Default: intercept
forward-proxy-ocsp-disable
Description Disable ocsp-stapling for forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-require-sni-cert-matched
Description ‘no-match-action-inspect’: Inspected if not matched; ‘no-match-action-drop’: Dropped if not matched;
Type: string
Supported Values: no-match-action-inspect, no-match-action-drop
forward-proxy-selfsign-redir
Description Redirect connections to pages with self signed certs to a warning page
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-ssl-version
Description TLS/SSL version, default is TLS1.2 (TLS/SSL version: 31-TLSv1.0, 32-TLSv1.1 and 33-TLSv1.2)
Type: number
Range: 31-33
Default: 33
forward-proxy-trusted-ca-lists
Type: Listforward-proxy-verify-cert-fail-action
Description Action taken if certificate verification fails, close the connection by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
fp-alt-cert
Description CA Certificate for forward proxy alternate signing (Certificate name)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
fp-alt-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)fp-alt-key
Description CA Private Key for forward proxy alternate signing (Key name)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
fp-alt-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
fp-alt-shared
Description Alternate CA Certificate and Private Key Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fp-ca-key-shared
Description CA Private Key Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fp-ca-shared
Description CA Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fp-cert-ext-aia-ca-issuers
Description CA Issuers (Authority Information Access URI)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
Mutual Exclusion: fp-cert-ext-aia-ca-issuers and fp-cert-ext-aia-ocsp are mutually exclusive
fp-cert-ext-aia-ocsp
Description OCSP (Authority Information Access URI)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
Mutual Exclusion: fp-cert-ext-aia-ocsp and fp-cert-ext-aia-ca-issuers are mutually exclusive
fp-cert-ext-crldp
Description CRL Distribution Point (CRL Distribution Point URI)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
fp-cert-fetch-autonat
Description ‘auto’: Configure auto NAT for server certificate fetching;
Type: string
Supported Values: auto
Mutual Exclusion: fp-cert-fetch-autonat and fp-cert-fetch-natpool-name are mutually exclusive
fp-cert-fetch-autonat-precedence
Description Set this NAT pool as higher precedence than other source NAT like configued under template policy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fp-cert-fetch-natpool-name
Description Specify NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Mutual Exclusion: fp-cert-fetch-natpool-name shared-partition-pool and fp-cert-fetch-autonat are mutually exclusive
Reference Object: /axapi/v3/ip/nat/pool
fp-cert-fetch-natpool-name-shared
Description Specify NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ip/nat/pool
fp-cert-fetch-natpool-precedence
Description Set this NAT pool as higher precedence than other source NAT like configued under template policy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
handshake-logging-enable
Description Enable SSL handshake logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hsm-type
Description ‘thales-embed’: Thales embed key; ‘thales-hwcrhk’: Thales hwcrhk Key;
Type: string
Supported Values: thales-embed, thales-hwcrhk
inspect-certificate-issuer-cl-name
Description Forward proxy Inspect if Certificate issuer matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
inspect-certificate-san-cl-name
Description Forward proxy Inspect if Certificate Subject Alternative Name matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
inspect-certificate-subject-cl-name
Description Forward proxy Inspect if Certificate Subject matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
inspect-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
key
Description Server Private Key (Key Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: key and key-shared-str are mutually exclusive
key-alt-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)key-alt-partition-shared
Description Key Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
key-alt-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
key-alternate
Description Specify the second private key (Key Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
key-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)key-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
key-shared-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)key-shared-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
key-shared-str
Description Key Name
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: key-shared-str and key are mutually exclusive
ldap-base-dn-from-cert
Description Use Subject DN as LDAP search base DN
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ldap-search-filter
Description Specify LDAP search filter
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
local-logging
Description Enable local logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
multi-class-list
Type: Listname
Description Client SSL Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
no-shared-cipher-action
Description ‘bypass’: bypass SSLi processing; ‘drop’: close the connection;
Type: string
Supported Values: bypass, drop
Default: drop
non-ssl-bypass-l4session
Description Handle the non-ssl session as L4 for performance optimization
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
non-ssl-bypass-service-group
Description Service Group for Bypass non-ssl traffic (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
notafter
Description notAfter date
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
notafterday
Description Day
Type: number
Range: 1-31
notaftermonth
Description Month
Type: number
Range: 1-12
notafteryear
Description Year
Type: number
Range: 2005-2035
notbefore
Description notBefore date
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
notbeforeday
Description Day
Type: number
Range: 1-31
notbeforemonth
Description Month
Type: number
Range: 1-12
notbeforeyear
Description Year
Type: number
Range: 2005-2035
ocsp-stapling
Description Config OCSP stapling support
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ocspst-ca-cert
Description CA certificate
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
ocspst-ocsp
Description Specify OCSP Authentication
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ocspst-sg
Description Specify authentication service group
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: ocspst-sg and ocspst-srvr are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/service-group
ocspst-sg-days
Description Specify update period, in days
Type: number
Range: 1-31
Mutual Exclusion: ocspst-sg-days ocspst-sg-hours and ocspst-sg-minutes are mutually exclusive
ocspst-sg-hours
Description Specify update period, in hours
Type: number
Range: 1-23
Default: 1
Mutual Exclusion: ocspst-sg-hours ocspst-sg-days and ocspst-sg-minutes are mutually exclusive
ocspst-sg-minutes
Description Specify update period, in minutes
Type: number
Range: 1-59
Mutual Exclusion: ocspst-sg-minutes ocspst-sg-days and ocspst-sg-hours are mutually exclusive
ocspst-sg-timeout
Description Specify retry timeout (Default is 30 mins)
Type: number
Range: 1-44640
Default: 30
ocspst-srvr
Description Specify OCSP authentication server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: ocspst-srvr and ocspst-sg are mutually exclusive
Reference Object: /axapi/v3/aam/authentication/server/ocsp
ocspst-srvr-days
Description Specify update period, in days
Type: number
Range: 1-31
Mutual Exclusion: ocspst-srvr-days ocspst-srvr-hours and ocspst-srvr-minutes are mutually exclusive
ocspst-srvr-hours
Description Specify update period, in hours
Type: number
Range: 1-23
Default: 1
Mutual Exclusion: ocspst-srvr-hours ocspst-srvr-days and ocspst-srvr-minutes are mutually exclusive
ocspst-srvr-minutes
Description Specify update period, in minutes
Type: number
Range: 1-59
Mutual Exclusion: ocspst-srvr-minutes ocspst-srvr-days and ocspst-srvr-hours are mutually exclusive
ocspst-srvr-timeout
Description Specify retry timeout (Default is 30 mins)
Type: number
Range: 1-44640
Default: 30
renegotiation-disable
Description Disable SSL renegotiation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
req-ca-lists
Type: Listrequire-web-category
Description Wait for web category to be resolved before taking bypass decision
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sampling-enable
Type: Listserver-name-auto-map
Description Enable automatic mapping of server name indication in Client hello extension
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-name-list
Type: Listsession-cache-size
Description Session Cache Size (Specify 0 to disable Session ID reuse.)
Type: number
session-cache-timeout
Description Session Cache Timeout (Timeout value, in seconds)
Type: number
Range: 0-604800
Default: 0
session-ticket-lifetime
Description Session ticket lieftime in seconds from stateless session resumption (Lifetime value in seconds)
Type: number
Range: 0-2147483647
Default: 0
shared-partition-cipher-template
Description Reference a cipher template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-cipher-template and template-cipher are mutually exclusive
shared-partition-pool
Description Reference a NAT pool or pool group from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-pool and fp-cert-fetch-natpool-name are mutually exclusive
sni-enable-log
Description Enable logging of sni-auto-map failures. Disable by default
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ssl-false-start-disable
Description disable SSL False Start
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ssli-logging
Description SSLi logging level, default is error logging only
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sslilogging
Description ‘disable’: Disable all logging; ‘all’: enable all logging(error, info);
Type: string
Supported Values: disable, all
sslv2-bypass-service-group
Description Service Group for Bypass SSLV2 (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
starts-with-list
Type: Listtemplate-cipher
Description Cipher Template (Cipher Config Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: template-cipher shared-partition-cipher-template and cipher-wo-prio are mutually exclusive
Reference Object: /axapi/v3/slb/template/cipher
template-cipher-shared
Description Cipher Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/cipher
template-hsm
Description HSM Template (HSM Template Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/hsm/template
user-name-list
Description Forward proxy bypass if user-name matches class-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/class-list
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
verify-cert-fail-action
Description ‘bypass’: bypass SSLi processing; ‘continue’: continue the connection; ‘drop’: close the connection;
Type: string
Supported Values: bypass, continue, drop, block
Default: drop
version
Description TLS/SSL version, default is the highest number supported (TLS/SSL version: 30-SSLv3.0, 31-TLSv1.0, 32-TLSv1.1 and 33-TLSv1.2)
Type: number
Range: 30-33
Default: 33
web-category
Description: web-category is a JSON Block. Please see below for client-ssl-list_web-category
Type: Object
client-ssl-list_bypass-cert-subject-multi-class-list¶
Specification Type list Block object keys bypass-cert-subject-multi-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-subject-multi-class-list-name and bypass-cert-subject-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
client-ssl-list_certificate-san-contains-list¶
Specification Type list Block object keys certificate-san-contains
Description Forward proxy bypass if Certificate SAN contains another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_equals-list¶
Specification Type list Block object keys equals
Description Forward proxy bypass if SNI string equals another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_forward-proxy-trusted-ca-lists¶
Specification Type list Block object keys forward-proxy-trusted-ca
Description Forward proxy trusted CA file (CA file name)
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
fp-trusted-ca-shared
Description Trusted CA Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ssl-list_ec-list¶
Specification Type list Block object keys ec
Description ‘secp256r1’: X9_62_prime256v1; ‘secp384r1’: secp384r1;
Type: string
Supported Values: secp256r1, secp384r1
client-ssl-list_contains-list¶
Specification Type list Block object keys contains
Description Forward proxy bypass if SNI string contains another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_ends-with-list¶
Specification Type list Block object keys ends-with
Description Forward proxy bypass if SNI string ends with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_ca-certs¶
Specification Type list Block object keys ca-cert
Description CA Certificate (CA Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
ca-shared
Description CA Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ocsp
Description Specify ocsp authentication server(s) for client certificate verification
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ocsp-sg
Description Specify service-group (Service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/service-group
client-ocsp-srvr
Description Specify authentication server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/server/ocsp/instance
client-ssl-list_client-auth-contains-list¶
Specification Type list Block object keys client-auth-contains
Description Forward proxy bypass if SNI string contains another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-subject-contains-list¶
Specification Type list Block object keys certificate-subject-contains
Description Forward proxy bypass if Certificate Subject contains another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_req-ca-lists¶
Specification Type list Block object keys client-cert-req-ca-shared
Description CA Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-certificate-Request-CA
Description Send CA lists in certificate request (CA Certificate Name)
Type: string
Maximum Length: 245 characters
Maximum Length: 1 characters
client-ssl-list_certificate-subject-starts-with-list¶
Specification Type list Block object keys certificate-subject-starts
Description Forward proxy bypass if Certificate Subject starts with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘real-estate’: real estate category; ‘computer-and-internet-security’: computer and internet security category; ‘financial-services’: financial services category; ‘business-and-economy’: business and economy category; ‘computer-and-internet-info’: computer and internet info category; ‘auctions’: auctions category; ‘shopping’: shopping category; ‘cult-and-occult’: cult and occult category; ‘travel’: travel category; ‘drugs’: drugs category; ‘adult-and-pornography’: adult and pornography category; ‘home-and-garden’: home and garden category; ‘military’: military category; ‘social-network’: social network category; ‘dead-sites’: dead sites category; ‘stock-advice-and-tools’: stock advice and tools category; ‘training-and-tools’: training and tools category; ‘dating’: dating category; ‘sex-education’: sex education category; ‘religion’: religion category; ‘entertainment-and-arts’: entertainment and arts category; ‘personal-sites-and-blogs’: personal sites and blogs category; ‘legal’: legal category; ‘local-information’: local information category; ‘streaming-media’: streaming media category; ‘job-search’: job search category; ‘gambling’: gambling category; ‘translation’: translation category; ‘reference-and-research’: reference and research category; ‘shareware-and-freeware’: shareware and freeware category; ‘peer-to-peer’: peer to peer category; ‘marijuana’: marijuana category; ‘hacking’: hacking category; ‘games’: games category; ‘philosophy-and-politics’: philosophy and politics category; ‘weapons’: weapons category; ‘pay-to-surf’: pay to surf category; ‘hunting-and-fishing’: hunting and fishing category; ‘society’: society category; ‘educational-institutions’: educational institutions category; ‘online-greeting-cards’: online greeting cards category; ‘sports’: sports category; ‘swimsuits-and-intimate-apparel’: swimsuits and intimate apparel category; ‘questionable’: questionable category; ‘kids’: kids category; ‘hate-and-racism’: hate and racism category; ‘personal-storage’: personal storage category; ‘violence’: violence category; ‘keyloggers-and-monitoring’: keyloggers and monitoring category; ‘search-engines’: search engines category; ‘internet-portals’: internet portals category; ‘web-advertisements’: web advertisements category; ‘cheating’: cheating category; ‘gross’: gross category; ‘web-based-email’: web based email category; ‘malware-sites’: malware sites category; ‘phishing-and-other-fraud’: phishing and other fraud category; ‘proxy-avoid-and-anonymizers’: proxy avoid and anonymizers category; ‘spyware-and-adware’: spyware and adware category; ‘music’: music category; ‘government’: government category; ‘nudity’: nudity category; ‘news-and-media’: news and media category; ‘illegal’: illegal category; ‘CDNs’: content delivery networks category; ‘internet-communications’: internet communications category; ‘bot-nets’: bot nets category; ‘abortion’: abortion category; ‘health-and-medicine’: health and medicine category; ‘confirmed-SPAM-sources’: confirmed SPAM sources category; ‘SPAM-URLs’: SPAM URLs category; ‘unconfirmed-SPAM-sources’: unconfirmed SPAM sources category; ‘open-HTTP-proxies’: open HTTP proxies category; ‘dynamic-comment’: dynamic comment category; ‘parked-domains’: parked domains category; ‘alcohol-and-tobacco’: alcohol and tobacco category; ‘private-IP-addresses’: private IP addresses category; ‘image-and-video-search’: image and video search category; ‘fashion-and-beauty’: fashion and beauty category; ‘recreation-and-hobbies’: recreation and hobbies category; ‘motor-vehicles’: motor vehicles category; ‘web-hosting-sites’: web hosting sites category; ‘food-and-dining’: food and dining category; ‘uncategorised’: uncategorised; ‘other-category’: other category;
Type: string
Supported Values: all, real-estate, computer-and-internet-security, financial-services, business-and-economy, computer-and-internet-info, auctions, shopping, cult-and-occult, travel, drugs, adult-and-pornography, home-and-garden, military, social-network, dead-sites, stock-advice-and-tools, training-and-tools, dating, sex-education, religion, entertainment-and-arts, personal-sites-and-blogs, legal, local-information, streaming-media, job-search, gambling, translation, reference-and-research, shareware-and-freeware, peer-to-peer, marijuana, hacking, games, philosophy-and-politics, weapons, pay-to-surf, hunting-and-fishing, society, educational-institutions, online-greeting-cards, sports, swimsuits-and-intimate-apparel, questionable, kids, hate-and-racism, personal-storage, violence, keyloggers-and-monitoring, search-engines, internet-portals, web-advertisements, cheating, gross, web-based-email, malware-sites, phishing-and-other-fraud, proxy-avoid-and-anonymizers, spyware-and-adware, music, government, nudity, news-and-media, illegal, CDNs, internet-communications, bot-nets, abortion, health-and-medicine, confirmed-SPAM-sources, SPAM-URLs, unconfirmed-SPAM-sources, open-HTTP-proxies, dynamic-comment, parked-domains, alcohol-and-tobacco, private-IP-addresses, image-and-video-search, fashion-and-beauty, recreation-and-hobbies, motor-vehicles, web-hosting-sites, food-and-dining, uncategorised, other-category
client-ssl-list_bypass-cert-issuer-multi-class-list¶
Specification Type list Block object keys bypass-cert-issuer-multi-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-issuer-multi-class-list-name and bypass-cert-issuer-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
client-ssl-list_client-auth-equals-list¶
Specification Type list Block object keys client-auth-equals
Description Forward proxy bypass if SNI string equals another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-issuer-equals-list¶
Specification Type list Block object keys certificate-issuer-equals
Description Forward proxy bypass if Certificate issuer equals another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-san-ends-with-list¶
Specification Type list Block object keys certificate-san-ends-with
Description Forward proxy bypass if Certificate SAN ends with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_crl-certs¶
Specification Type list Block object keys crl
Description Certificate Revocation Lists (Certificate Revocation Lists file name)
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
crl-shared
Description Certificate Revocation Lists Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ssl-list_multi-class-list¶
Specification Type list Block object keys multi-clist-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: multi-clist-name and class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
client-ssl-list_certificate-issuer-ends-with-list¶
Specification Type list Block object keys certificate-issuer-ends-with
Description Forward proxy bypass if Certificate issuer ends with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_web-category¶
Specification Type object abortion
Description Category Abortion
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
adult-and-pornography
Description Category Adult and Pornography
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
alcohol-and-tobacco
Description Category Alcohol and Tobacco
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
auctions
Description Category Auctions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
bot-nets
Description Category Bot Nets
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
business-and-economy
Description Category Business and Economy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cdns
Description Category CDNs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cheating
Description Category Cheating
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
computer-and-internet-info
Description Category Computer and Internet Info
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
computer-and-internet-security
Description Category Computer and Internet Security
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
confirmed-spam-sources
Description Category Confirmed SPAM Sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cult-and-occult
Description Category Cult and Occult
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dating
Description Category Dating
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dead-sites
Description Category Dead Sites (db Ops only)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
drugs
Description Category Abused Drugs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dynamic-comment
Description Category Dynamic Comment
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
educational-institutions
Description Category Educational Institutions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
entertainment-and-arts
Description Category Entertainment and Arts
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fashion-and-beauty
Description Category Fashion and Beauty
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
financial-services
Description Category Financial Services
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
food-and-dining
Description Category Food and Dining
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
gambling
Description Category Gambling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
games
Description Category Games
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
government
Description Category Government
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
gross
Description Category Gross
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hacking
Description Category Hacking
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hate-and-racism
Description Category Hate and Racism
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
health-and-medicine
Description Category Health and Medicine
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
home-and-garden
Description Category Home and Garden
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hunting-and-fishing
Description Category Hunting and Fishing
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
illegal
Description Category Illegal
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
image-and-video-search
Description Category Image and Video Search
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
internet-communications
Description Category Internet Communications
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
internet-portals
Description Category Internet Portals
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
job-search
Description Category Job Search
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
keyloggers-and-monitoring
Description Category Keyloggers and Monitoring
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
kids
Description Category Kids
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
legal
Description Category Legal
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
local-information
Description Category Local Information
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
malware-sites
Description Category Malware Sites
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
marijuana
Description Category Marijuana
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
military
Description Category Military
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
motor-vehicles
Description Category Motor Vehicles
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
music
Description Category Music
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
news-and-media
Description Category News and Media
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
nudity
Description Category Nudity
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
online-greeting-cards
Description Category Online Greeting cards
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
open-http-proxies
Description Category Open HTTP Proxies
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
parked-domains
Description Category Parked Domains
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pay-to-surf
Description Category Pay to Surf
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
peer-to-peer
Description Category Peer to Peer
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
personal-sites-and-blogs
Description Category Personal sites and Blogs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
personal-storage
Description Category Personal Storage
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
philosophy-and-politics
Description Category Philosophy and Political Advocacy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
phishing-and-other-fraud
Description Category Phishing and Other Frauds
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
private-ip-addresses
Description Category Private IP Addresses
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
proxy-avoid-and-anonymizers
Description Category Proxy Avoid and Anonymizers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
questionable
Description Category Questionable
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
real-estate
Description Category Real Estate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
recreation-and-hobbies
Description Category Recreation and Hobbies
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reference-and-research
Description Category Reference and Research
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
religion
Description Category Religion
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
search-engines
Description Category Search Engines
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sex-education
Description Category Sex Education
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
shareware-and-freeware
Description Category Shareware and Freeware
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
shopping
Description Category Shopping
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
social-network
Description Category Social Network
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
society
Description Category Society
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
spam-urls
Description Category SPAM URLs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sports
Description Category Sports
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
spyware-and-adware
Description Category Spyware and Adware
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
stock-advice-and-tools
Description Category Stock Advice and Tools
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
streaming-media
Description Category Streaming Media
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
swimsuits-and-intimate-apparel
Description Category Swimsuits and Intimate Apparel
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
training-and-tools
Description Category Training and Tools
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
translation
Description Category Translation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
travel
Description Category Travel
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uncategorized
Description Uncategorized URLs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
unconfirmed-spam-sources
Description Category Unconfirmed SPAM Sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
violence
Description Category Violence
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
weapons
Description Category Weapons
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
web-advertisements
Description Category Web Advertisements
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
web-based-email
Description Category Web based email
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
web-hosting-sites
Description Category Web Hosting Sites
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ssl-list_certificate-san-equals-list¶
Specification Type list Block object keys certificate-san-equals
Description Forward proxy bypass if Certificate SAN equals another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-issuer-contains-list¶
Specification Type list Block object keys certificate-issuer-contains
Description Forward proxy bypass if Certificate issuer contains another string (Certificate issuer)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_client-auth-starts-with-list¶
Specification Type list Block object keys client-auth-starts-with
Description Forward proxy bypass if SNI string starts with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-subject-ends-with-list¶
Specification Type list Block object keys certificate-subject-ends-with
Description Forward proxy bypass if Certificate Subject ends with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_bypass-cert-san-multi-class-list¶
Specification Type list Block object keys bypass-cert-san-multi-class-list-name
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: bypass-cert-san-multi-class-list-name and bypass-cert-san-class-list-name are mutually exclusive
Reference Object: /axapi/v3/class-list
client-ssl-list_server-name-list¶
Specification Type list Block object keys server-cert
Description Server Certificate associated to SNI (Server Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
server-cert-regex
Description Server Certificate associated to SNI regex (Server Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
server-chain
Description Server Certificate Chain associated to SNI (Server Certificate Chain Name)
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
server-chain-regex
Description Server Certificate Chain associated to SNI regex (Server Certificate Chain Name)
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
server-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)server-encrypted-regex
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)server-key
Description Server Private Key associated to SNI (Server Private Key Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
server-key-regex
Description Server Private Key associated to SNI regex (Server Private Key Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
server-name
Description Server name indication in Client hello extension (Server name String)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
server-name-alternate
Description Specific the second certifcate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-name-regex
Description Server name indication in Client hello extension with regular expression (Server name String with regex)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
server-name-regex-alternate
Description Specific the second certifcate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-passphrase
Description help Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
server-passphrase-regex
Description help Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
server-shared
Description Server Name Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-shared-regex
Description Server Name Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-ssl-list_certificate-issuer-starts-with-list¶
Specification Type list Block object keys certificate-issuer-starts
Description Forward proxy bypass if Certificate issuer starts with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-san-starts-with-list¶
Specification Type list Block object keys certificate-san-starts
Description Forward proxy bypass if Certificate SAN starts with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_client-auth-ends-with-list¶
Specification Type list Block object keys client-auth-ends-with
Description Forward proxy bypass if SNI string ends with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_certificate-subject-equals-list¶
Specification Type list Block object keys certificate-subject-equals
Description Forward proxy bypass if Certificate Subject equals another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-ssl-list_cipher-without-prio-list¶
Specification Type list Block object keys cipher-wo-prio
Description ‘SSL3_RSA_DES_192_CBC3_SHA’: SSL3_RSA_DES_192_CBC3_SHA; ‘SSL3_RSA_RC4_128_MD5’: SSL3_RSA_RC4_128_MD5; ‘SSL3_RSA_RC4_128_SHA’: SSL3_RSA_RC4_128_SHA; ‘TLS1_RSA_AES_128_SHA’: TLS1_RSA_AES_128_SHA; ‘TLS1_RSA_AES_256_SHA’: TLS1_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_SHA256’: TLS1_RSA_AES_128_SHA256; ‘TLS1_RSA_AES_256_SHA256’: TLS1_RSA_AES_256_SHA256; ‘TLS1_DHE_RSA_AES_128_GCM_SHA256’: TLS1_DHE_RSA_AES_128_GCM_SHA256; ‘TLS1_DHE_RSA_AES_128_SHA’: TLS1_DHE_RSA_AES_128_SHA; ‘TLS1_DHE_RSA_AES_128_SHA256’: TLS1_DHE_RSA_AES_128_SHA256; ‘TLS1_DHE_RSA_AES_256_GCM_SHA384’: TLS1_DHE_RSA_AES_256_GCM_SHA384; ‘TLS1_DHE_RSA_AES_256_SHA’: TLS1_DHE_RSA_AES_256_SHA; ‘TLS1_DHE_RSA_AES_256_SHA256’: TLS1_DHE_RSA_AES_256_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256’: TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_SHA’: TLS1_ECDHE_ECDSA_AES_128_SHA; ‘TLS1_ECDHE_ECDSA_AES_128_SHA256’: TLS1_ECDHE_ECDSA_AES_128_SHA256; ‘TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384’: TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_ECDSA_AES_256_SHA’: TLS1_ECDHE_ECDSA_AES_256_SHA; ‘TLS1_ECDHE_RSA_AES_128_GCM_SHA256’: TLS1_ECDHE_RSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_RSA_AES_128_SHA’: TLS1_ECDHE_RSA_AES_128_SHA; ‘TLS1_ECDHE_RSA_AES_128_SHA256’: TLS1_ECDHE_RSA_AES_128_SHA256; ‘TLS1_ECDHE_RSA_AES_256_GCM_SHA384’: TLS1_ECDHE_RSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_RSA_AES_256_SHA’: TLS1_ECDHE_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_GCM_SHA256’: TLS1_RSA_AES_128_GCM_SHA256; ‘TLS1_RSA_AES_256_GCM_SHA384’: TLS1_RSA_AES_256_GCM_SHA384;
Type: string
Supported Values: SSL3_RSA_DES_192_CBC3_SHA, SSL3_RSA_RC4_128_MD5, SSL3_RSA_RC4_128_SHA, TLS1_RSA_AES_128_SHA, TLS1_RSA_AES_256_SHA, TLS1_RSA_AES_128_SHA256, TLS1_RSA_AES_256_SHA256, TLS1_DHE_RSA_AES_128_GCM_SHA256, TLS1_DHE_RSA_AES_128_SHA, TLS1_DHE_RSA_AES_128_SHA256, TLS1_DHE_RSA_AES_256_GCM_SHA384, TLS1_DHE_RSA_AES_256_SHA, TLS1_DHE_RSA_AES_256_SHA256, TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256, TLS1_ECDHE_ECDSA_AES_128_SHA, TLS1_ECDHE_ECDSA_AES_128_SHA256, TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA, TLS1_ECDHE_RSA_AES_128_GCM_SHA256, TLS1_ECDHE_RSA_AES_128_SHA, TLS1_ECDHE_RSA_AES_128_SHA256, TLS1_ECDHE_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA, TLS1_RSA_AES_128_GCM_SHA256, TLS1_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA384, TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256, TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256, TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256
Mutual Exclusion: cipher-wo-prio and template-cipher are mutually exclusive
client-ssl-list_starts-with-list¶
Specification Type list Block object keys starts-with
Description Forward proxy bypass if SNI string starts with another string
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
respmod-icap-list¶
Specification Type list Block object keys action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
bypass-ip-cfg
Type: Listcylance
Description cylance external server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-http-server-reset
Description Don’t reset http server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fail-close
Description When template sg is down mark vport down
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
failure-action
Description ‘continue’: Continue; ‘drop’: Drop; ‘reset’: Reset;
Type: string
Supported Values: continue, drop, reset
Default: continue
include-protocol-in-uri
Description Include protocol and port in HTTP URI
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-only-allowed-method
Description Only log allowed HTTP method
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
logging
Description logging template (Logging template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/logging
min-payload-size
Description min-payload-size value 1 - 65535, default is 0 (1 - 65530, default is 0)
Type: number
Range: 0-65535
Default: 0
name
Description Reqmod ICAP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
preview
Description Preview value 1 - 32768, default is 32768
Type: number
Range: 1-32768
Default: 32768
server-ssl
Description Server SSL template (Server SSL template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/server-ssl
service-group
Description Bind a Service Group to the template (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
service-url
Description URL to send to ICAP server (Service URL Name)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
shared-partition-persist-source-ip-template
Description Reference a persist source ip template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-persist-source-ip-template and source-ip are mutually exclusive
shared-partition-tcp-proxy-template
Description Reference a TCP Proxy template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-tcp-proxy-template and tcp-proxy are mutually exclusive
source-ip
Description Source IP persistence template (Source IP persistence template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: source-ip and shared-partition-persist-source-ip-template are mutually exclusive
Reference Object: /axapi/v3/slb/template/persist/source-ip
tcp-proxy
Description TCP proxy template (TCP proxy template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: tcp-proxy and shared-partition-tcp-proxy-template are mutually exclusive
template-persist-source-ip-shared
Description Source IP Persistence Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/persist/source-ip
template-tcp-proxy-shared
Description TCP Proxy Template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/tcp-proxy
timeout
Description Timeout value 1 - 200 in units of 200ms, default is 5 (default is 1000ms) (1 - 200 in units of 200ms, default is 5 (1000ms))
Type: number
Range: 1-200
Default: 5
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
x-auth-url
Description Use URL format for authentication
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
respmod-icap-list_bypass-ip-cfg¶
Specification Type list Block object keys bypass-ip
Description ip address to bypass respmod-icap service
Type: string
Format: ipv4-address
mask
Description IP prefix mask
Type: string
Format: ipv4-netmask
dynamic-service-list¶
Specification Type list Block object keys dns-server
Type: Listname
Description Dynamic Service Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dynamic-service-list_dns-server¶
Specification Type list Block object keys ipv4-dns-server
Description DNS Server IPv4 Address
Type: string
Format: ipv4-address
ipv6-dns-server
Description DNS Server IPv6 Address
Type: string
Format: ipv6-address
dblb-list¶
Specification Type list Block object keys calc-sha1
Description: calc-sha1 is a JSON Block. Please see below for dblb-list_calc-sha1
Type: Object
Reference Object: /axapi/v3/slb/template/dblb/{name}/calc-sha1
class-list
Description Specify user/password string class list (Class list name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
name
Description DBLB template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
server-version
Description ‘MSSQL2008’: MSSQL server 2008 or 2008 R2; ‘MSSQL2012’: MSSQL server 2012; ‘MySQL’: MySQL server (any version);
Type: string
Supported Values: MSSQL2008, MSSQL2012, MySQL
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dblb-list_calc-sha1¶
Specification Type object sha1-value
Description Cleartext password
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
fix-list¶
Specification Type list Block object keys insert-client-ip
Description Insert client ip to tag 11447
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
logging
Description ‘init’: init only log; ‘term’: termination only log; ‘both’: both initial and termination log;
Type: string
Supported Values: init, term, both
name
Description FIX Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
tag-switching
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
fix-list_tag-switching¶
Specification Type list Block object keys equals
Description Equals (Tag String)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
service-group
Description Create a Service Group comprising Servers (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
switching-type
Description ‘sender-comp-id’: Select service group based on SenderCompID; ‘target-comp-id’: Select service group based on TargetCompID;
Type: string
Supported Values: sender-comp-id, target-comp-id
persist¶
Specification Type object cookie-list
Type: List
Reference Object: /axapi/v3/slb/template/persist/cookie/{name}
destination-ip-list
Type: List
Reference Object: /axapi/v3/slb/template/persist/destination-ip/{name}
source-ip-list
Type: List
Reference Object: /axapi/v3/slb/template/persist/source-ip/{name}
ssl-sid-list
Type: List
Reference Object: /axapi/v3/slb/template/persist/ssl-sid/{name}
persist_destination-ip-list¶
Specification Type list Block object keys dont-honor-conn-rules
Description Do not observe connection rate rules
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hash-persist
Description Use hash value of destination IP address
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
match-type
Description Persistence type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Destination IP persistence template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
netmask
Description IP subnet mask
Type: string
Format: ipv4-netmask
Default: 255.255.255.255
netmask6
Description IPV6 subnet mask
Type: number
Range: 1-128
Default: 128
scan-all-members
Description Persist with SCAN of all members
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server
Description Persist to the same server, default is port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: server and service-group are mutually exclusive
service-group
Description Persist within the same service group
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: service-group and server are mutually exclusive
timeout
Description Persistence timeout (in minutes)
Type: number
Range: 1-2000
Default: 5
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
persist_source-ip-list¶
Specification Type list Block object keys dont-honor-conn-rules
Description Do not observe connection rate rules
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enforce-higher-priority
Description Enforce to use high priority node if available
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
hash-persist
Description Use hash value of source IP address
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
incl-dst-ip
Description Include destination IP on the persist
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
incl-sport
Description Include source port on the persist
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
match-type
Description Persistence type
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Source IP persistence template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
netmask
Description IP subnet mask
Type: string
Format: ipv4-netmask
Default: 255.255.255.255
netmask6
Description IPV6 subnet mask
Type: number
Range: 1-128
Default: 128
primary-port
Description Primary port to create the persist session
Type: number
Range: 1-65534
scan-all-members
Description Persist with SCAN of all members
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server
Description Persist to the same server, default is port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: server and service-group are mutually exclusive
service-group
Description Persist within the same service group
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: service-group and server are mutually exclusive
timeout
Description Persistence timeout (in minutes)
Type: number
Range: 1-2000
Default: 5
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
persist_cookie-list¶
Specification Type list Block object keys cookie-name
Description Set cookie name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Default: sto-id
domain
Description Set cookie domain
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
dont-honor-conn-rules
Description Do not observe connection rate rules
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
encrypt-level
Description Encryption level for cookie name / value
Type: number
Range: 0-1
Default: 1
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)expire
Description Set cookie expiration time (Expiration in seconds)
Type: number
Range: 0-31536000
Default: 31536000
httponly
Description Enable HttpOnly attribute
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
insert-always
Description Insert persist cookie to every reponse
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
match-type
Description Persist for server, default is port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Cookie persistence (Cookie persistence template name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
pass-phrase
Description Set passphrase for encryption
Type: string
Format: password
Maximum Length: 8 characters
Maximum Length: 8 characters
Default: ACOS4KEY
pass-thru
Description Pass thru mode - Server sends the persist cookie
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
path
Description Set cookie path (Cookie path, default is “/”)
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
Default: /
prefix
Description ‘host’: the cookie will have been set with a Secure attribute, a Path attribute with a value of /, and no Domain attribute; ‘secure’: the cookie will have been set with a Secure attribute;
Type: string
Supported Values: host, secure
samesite
Description ‘none’: none; ‘lax’: lax; ‘strict’: strict;
Type: string
Supported Values: none, lax, strict
scan-all-members
Description Persist within the same server SCAN
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
secure
Description Enable secure attribute
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server
Description Persist to the same server, default is port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: server and service-group are mutually exclusive
server-service-group
Description Persist to the same server and within the same service group
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
service-group
Description Persist within the same service group
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: service-group and server are mutually exclusive
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
persist_ssl-sid-list¶
Specification Type list Block object keys dont-honor-conn-rules
Description Do not observe connection rate rules
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description SSL session ID persistence template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
timeout
Description Persistence timeout (in minutes)
Type: number
Range: 1-2000
Default: 5
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sip-list¶
Specification Type list Block object keys acl-id
Description ACL id
Type: number
Range: 100-199
Mutual Exclusion: acl-id and acl-name-value are mutually exclusive
Reference Object: /axapi/v3/access-list/standard
acl-name-value
Description IPv4 Access List Name
Type: string
Maximum Length: 16 characters
Maximum Length: 1 characters
Mutual Exclusion: acl-name-value and acl-id are mutually exclusive
Reference Object: /axapi/v3/ip/access-list
alg-dest-nat
Description Translate VIP to real server IP in SIP message when destination NAT is used
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
alg-source-nat
Description Translate source IP to NAT IP in SIP message when source NAT is used
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
call-id-persist-disable
Description Disable call-ID persistence
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-keep-alive
Description Respond client keep-alive packet directly instead of forwarding to server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-request-header
Type: Listclient-response-header
Type: Listdialog-aware
Description Permit system processes dialog session
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
drop-when-client-fail
Description Drop current SIP message when select client fail
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: drop-when-client-fail and failed-client-selection-message are mutually exclusive
drop-when-server-fail
Description Drop current SIP message when select server fail
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: drop-when-server-fail and failed-server-selection-message are mutually exclusive
exclude-translation
Type: Listfailed-client-selection
Description Define action when select client fail
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
failed-client-selection-message
Description Send SIP message (includs status code) to server when select client fail(Format: 3 digits(1XX~6XX) space reason)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: failed-client-selection-message and drop-when-client-fail are mutually exclusive
failed-server-selection
Description Define action when select server fail
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
failed-server-selection-message
Description Send SIP message (includs status code) to client when select server fail(Format: 3 digits(1XX~6XX) space reason)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: failed-server-selection-message and drop-when-server-fail are mutually exclusive
insert-client-ip
Description Insert Client IP address into SIP header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
interval
Description The interval of keep-alive packet for each persist connection (second)
Type: number
Range: 5-300
Default: 30
keep-server-ip-if-match-acl
Description Use Real Server IP for addresses matching the ACL for a Call-Id
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description SIP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
pstn-gw
Description configure pstn gw host name for tel: uri translate to sip: uri (Hostname String, default is “pstn”)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Default: pstn
server-keep-alive
Description Send server keep-alive packet for every persist connection when enable conn-reuse
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-request-header
Type: Listserver-response-header
Type: Listserver-selection-per-request
Description Force server selection on every SIP request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
service-group
Description service group name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
smp-call-id-rtp-session
Description Create the across cpu call-id rtp session
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
timeout
Description Time in minutes
Type: number
Range: 1-250
Default: 30
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sip-list_server-request-header¶
Specification Type list Block object keys insert-condition-server-request
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
server-request-erase-all
Description Erase all headers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-request-header-erase
Description Erase a SIP header (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
server-request-header-insert
Description Insert a SIP header (Header Content (Format: “name: value”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
sip-list_server-response-header¶
Specification Type list Block object keys insert-condition-server-response
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
server-response-erase-all
Description Erase all headers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-response-header-erase
Description Erase a SIP header (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
server-response-header-insert
Description Insert a SIP header (Header Content (Format: “name: value”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
sip-list_client-request-header¶
Specification Type list Block object keys client-request-erase-all
Description Erase all headers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-request-header-erase
Description Erase a SIP header (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-request-header-insert
Description Insert a SIP header (Header Content (Format: “name: value”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
insert-condition-client-request
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
sip-list_client-response-header¶
Specification Type list Block object keys client-response-erase-all
Description Erase all headers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-response-header-erase
Description Erase a SIP header (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
client-response-header-insert
Description Insert a SIP header (Header Content (Format: “name: value”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
insert-condition-client-response
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
sip-list_exclude-translation¶
Specification Type list Block object keys header-string
Description SIP header name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
translation-value
Description ‘start-line’: SIP request line or status line; ‘header’: SIP message headers; ‘body’: SIP message body;
Type: string
Supported Values: start-line, header, body
virtual-server-list¶
Specification Type list Block object keys conn-limit
Description Connection limit
Type: number
Range: 1-64000000
Default: 64000000
conn-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-limit-reset
Description Send client reset when connection over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit
Description Connection rate limit
Type: number
Range: 1-1048575
conn-rate-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit-reset
Description Send client reset when connection rate over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
icmp-lockup
Description Enter lockup state when ICMP rate exceeds lockup rate limit (Maximum rate limit. If exceeds this limit, drop all ICMP packet for a time period)
Type: number
Range: 1-65535
icmp-lockup-period
Description Lockup period (second)
Type: number
Range: 1-16383
icmp-rate-limit
Description ICMP rate limit (Normal rate limit. If exceeds this limit, drop the ICMP packet that goes over the limit)
Type: number
Range: 1-65535
icmpv6-lockup
Description Enter lockup state when ICMP rate exceeds lockup rate limit (Maximum rate limit. If exceeds this limit, drop all ICMP packet for a time period)
Type: number
Range: 1-65535
icmpv6-lockup-period
Description Lockup period (second)
Type: number
Range: 1-16383
icmpv6-rate-limit
Description ICMPv6 rate limit (Normal rate limit. If exceeds this limit, drop the ICMP packet that goes over the limit)
Type: number
Range: 1-65535
name
Description Virtual server template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
rate-interval
Description ‘100ms’: Use 100 ms as sampling interval; ‘second’: Use 1 second as sampling interval;
Type: string
Supported Values: 100ms, second
Default: second
subnet-gratuitous-arp
Description Send gratuitous ARP for every IP in the subnet virtual server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
tcp-stack-tfo-active-conn-limit
Description The allowed active layer 7 tcp fast-open connection limit, default is zero (number)
Type: number
Range: 0-10000
Default: 0
tcp-stack-tfo-backoff-time
Description The time tcp stack will wait before allowing new fast-open requests after security condition, default 600 seconds (number)
Type: number
Range: 1-14400
Default: 600
tcp-stack-tfo-cookie-time-limit
Description The time limit (in seconds) that a layer 7 tcp fast-open cookie is valid, default is 60 seconds (number)
Type: number
Range: 1-14400
Default: 60
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
client-ssh-list¶
Specification Type list Block object keys encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)forward-proxy-enable
Description Enable SSH forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward-proxy-hostkey
Description Specify private-key (Key Name)
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
name
Description Client SSH Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
ssli-list¶
Specification Type list Block object keys name
Description SSLi Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
type
Description ‘http’: HTTP service; ‘xmpp’: XMPP service; ‘smtp’: SMTP service; ‘pop’: POP service;
Type: string
Supported Values: http, xmpp, smtp, pop, ldap, ftp
Default: http
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
server-ssh-list¶
Specification Type list Block object keys forward-proxy-enable
Description Enable SSH forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Server SSH Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
server-ssh-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘successful_handshakes’: successful_handshakes; ‘failed_handshakes’: failed_handshakes; ‘forwarding_errors’: forwarding_errors;
Type: string
Supported Values: all, successful_handshakes, failed_handshakes, forwarding_errors
dns-list¶
Specification Type list Block object keys class-list
Description: class-list is a JSON Block. Please see below for dns-list_class-list
Type: Object
Reference Object: /axapi/v3/slb/template/dns/{name}/class-list
default-policy
Description ‘nocache’: Cache disable; ‘cache’: Cache enable;
Type: string
Supported Values: nocache, cache
Default: nocache
disable-dns-template
Description Disable DNS template
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dnssec-service-group
Description Use different service group if DNSSEC DO bit set (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
drop
Description Drop the malformed query
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: drop and forward are mutually exclusive
enable-cache-sharing
Description Enable DNS cache sharing
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
forward
Description Forward to service group (Service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: forward and drop are mutually exclusive
Reference Object: /axapi/v3/slb/service-group
max-cache-entry-size
Description Define maximum cache entry size (Maximum cache entry size per VIP)
Type: number
Range: 1-4096
max-cache-size
Description Define maximum cache size (Maximum cache entry per VIP)
Type: number
max-query-length
Description Define Maximum DNS Query Length, default is unlimited (Specify Maximum Length)
Type: number
Range: 1-4095
name
Description DNS Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
period
Description Period in minutes
Type: number
Range: 1-10000
query-id-switch
Description Use DNS query ID to create sesion
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
redirect-to-tcp-port
Description Direct the client to retry with TCP for DNS UDP request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
response-rate-limiting
Description: response-rate-limiting is a JSON Block. Please see below for dns-list_response-rate-limiting
Type: Object
Reference Object: /axapi/v3/slb/template/dns/{name}/response-rate-limiting
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dns-list_class-list¶
Specification Type object lid-list
Type: List
Reference Object: /axapi/v3/slb/template/dns/{name}/class-list/lid/{lidnum}
name
Description Specify a class list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dns-list_class-list_lid-list¶
Specification Type list Block object keys action-value
Description ‘dns-cache-disable’: Disable DNS cache when it exceeds limit; ‘dns-cache-enable’: Enable DNS cache when it exceeds limit; ‘forward’: Forward the traffic even it exceeds limit;
Type: string
Supported Values: dns-cache-disable, dns-cache-enable, forward
conn-rate-limit
Description Connection rate limit
Type: number
Range: 1-2147483647
dns
Description: dns is a JSON Block. Please see below for dns-list_class-list_lid-list_dns
Type: Object
lidnum
Description Specify a limit ID
Type: number
Range: 1-1023
lockout
Description Don’t accept any new connection for certain time (Lockout duration in minutes)
Type: number
Range: 1-1023
log
Description Log a message
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-interval
Description Log interval (minute, by default system will log every over limit instance)
Type: number
Range: 1-255
over-limit-action
Description Action when exceeds limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
per
Description Per (Number of 100ms)
Type: number
Range: 1-65535
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dns-list_class-list_lid-list_dns¶
Specification Type object cache-action
Description ‘cache-disable’: Disable dns cache; ‘cache-enable’: Enable dns cache;
Type: string
Supported Values: cache-disable, cache-enable
Default: cache-disable
honor-server-response-ttl
Description Honor the server reponse TTL
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ttl
Description TTL for cache entry (TTL in seconds)
Type: number
Range: 1-65535
weight
Description Weight for cache entry
Type: number
Range: 1-7
dns-list_response-rate-limiting¶
Specification Type object action
Description ‘log-only’: Only log rate-limiting, do not actually rate limit. Requires enable-log configuration; ‘rate-limit’: Rate-Limit based on configuration (Default); ‘whitelist’: Whitelist, disable rate-limiting;
Type: string
Supported Values: log-only, rate-limit, whitelist
Default: rate-limit
enable-log
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
filter-response-rate
Description Maximum allowed request rate for the filter. This should match average traffic. (default 20 per two seconds)
Type: number
Range: 1-1000
Default: 20
response-rate
Description Responses exceeding this rate within the window will be dropped (default 5 per second)
Type: number
Range: 1-1000
Default: 5
slip-rate
Description Every n’th response that would be rate-limited will be let through instead
Type: number
Range: 2-10
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
window
Description Rate-Limiting Interval in Seconds (default is one)
Type: number
Range: 1-60
Default: 1
http-list¶
Specification Type list Block object keys 100-cont-wait-for-req-complete
Description When REQ has Expect 100 and response is not 100, then wait for whole request to be sent
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
bypass-sg
Description Select service group for non-http traffic (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
client-ip-hdr-replace
Description Replace the existing header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
client-port-hdr-replace
Description Replace the existing header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
compression-auto-disable-on-high-cpu
Description Auto-disable software compression on high cpu usage (Disable compression if cpu usage is above threshold. Default is off.)
Type: number
Range: 1-100
compression-content-type
Type: Listcompression-enable
Description Enable Compression
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
compression-exclude-content-type
Type: Listcompression-exclude-uri
Type: Listcompression-keep-accept-encoding
Description Keep accept encoding
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
compression-keep-accept-encoding-enable
Description Enable Server Accept Encoding
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
compression-level
Description compression level, default 1 (compression level value, default is 1)
Type: number
Range: 1-9
Default: 1
compression-minimum-content-length
Description Minimum Content Length (Minimum content length for compression in bytes. Default is 120.)
Type: number
Range: 1-2147483647
Default: 120
cookie-format
Description ‘rfc6265’: Follow rfc6265;
Type: string
Supported Values: rfc6265
cookie-samesite
Description ‘none’: none; ‘lax’: lax; ‘strict’: strict;
Type: string
Supported Values: none, lax, strict
failover-url
Description Failover to this URL (Failover URL Name)
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
frame-limit
Description Limit the number of CONTINUATION, PING, PRIORITY, RESET, SETTINGS and empty frames in one HTTP2 connection, default 10000
Type: number
Range: 0-65535
Default: 10000
host-switching
Type: Listinsert-client-ip
Description Insert Client IP address into HTTP header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
insert-client-ip-header-name
Description HTTP Header Name for inserting Client IP
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
insert-client-port
Description Insert Client Port address into HTTP header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
insert-client-port-header-name
Description HTTP Header Name for inserting Client Port
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
keep-client-alive
Description Keep client alive
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-retry
Description log when HTTP request retry
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
max-concurrent-streams
Description (http2 only) Max concurrent streams, default 100
Type: number
Range: 1-1000
Default: 100
name
Description HTTP Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
non-http-bypass
Description Bypass non-http traffic instead of dropping
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
persist-on-401
Description Persist to the same server if the response code is 401
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
prefix
Description ‘host’: the cookie will have been set with a Secure attribute, a Path attribute with a value of /, and no Domain attribute; ‘secure’: the cookie will have been set with a Secure attribute; ‘check’: check server prefix and enforce prefix format;
Type: string
Supported Values: host, secure, check
rd-port
Description Port (Port Number)
Type: number
Range: 1-65535
Mutual Exclusion: rd-port and rd-simple-loc are mutually exclusive
rd-resp-code
Description ‘301’: Moved Permanently; ‘302’: Found; ‘303’: See Other; ‘307’: Temporary Redirect;
Type: string
Supported Values: 301, 302, 303, 307
rd-secure
Description Use HTTPS
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: rd-secure and rd-simple-loc are mutually exclusive
rd-simple-loc
Description Redirect location tag absolute URI string
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
Mutual Exclusion: rd-simple-loc rd-secure and rd-port are mutually exclusive
redirect
Description Automatically send a redirect response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
redirect-rewrite
Description: redirect-rewrite is a JSON Block. Please see below for http-list_redirect-rewrite
Type: Object
req-hdr-wait-time
Description HTTP request header wait time before abort connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
req-hdr-wait-time-val
Description Number of seconds wait for client request header (default is 7)
Type: number
Range: 1-31
Default: 7
request-header-erase-list
Type: Listrequest-header-insert-list
Type: Listrequest-line-case-insensitive
Description Parse http request line as case insensitive
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
request-timeout
Description Request timeout if response not received (timeout in seconds)
Type: number
Range: 1-120
response-content-replace-list
Type: Listresponse-header-erase-list
Type: Listresponse-header-insert-list
Type: Listretry-on-5xx
Description Retry http request on HTTP 5xx code
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: retry-on-5xx and retry-on-5xx-per-req are mutually exclusive
retry-on-5xx-per-req
Description Retry http request on HTTP 5xx code for each request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: retry-on-5xx-per-req and retry-on-5xx are mutually exclusive
retry-on-5xx-per-req-val
Description Number of times to retry (default is 3)
Type: number
Range: 1-3
Default: 3
retry-on-5xx-val
Description Number of times to retry (default is 3)
Type: number
Range: 1-3
Default: 3
strict-transaction-switch
Description Force server selection on every HTTP request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
template
Description: template is a JSON Block. Please see below for http-list_template
Type: Object
term-11client-hdr-conn-close
Description Terminate HTTP 1.1 client when req has Connection: close
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
url-hash-first
Description Use the begining part of URL to calculate hash value (URL string length to calculate hash value)
Type: number
Range: 4-128
Mutual Exclusion: url-hash-first and url-hash-last are mutually exclusive
url-hash-last
Description Use the end part of URL to calculate hash value (URL string length to calculate hash value)
Type: number
Range: 4-128
Mutual Exclusion: url-hash-last and url-hash-first are mutually exclusive
url-hash-offset
Description Skip part of URL to calculate hash value (Offset of the URL string)
Type: number
Range: 0-255
url-hash-persist
Description Use URL’s hash value to select server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
url-switching
Type: Listuse-server-status
Description Use Server-Status header to do URL hashing
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
http-list_request-header-erase-list¶
Specification Type list Block object keys request-header-erase
Description Erase a header from HTTP request (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-list_redirect-rewrite¶
Specification Type object match-list
Type: Listredirect-secure
Description Use HTTPS
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
redirect-secure-port
Description Port (Port Number)
Type: number
Range: 1-65535
Default: 443
http-list_redirect-rewrite_match-list¶
Specification Type list Block object keys redirect-match
Description URL Matching (Pattern URL String)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
rewrite-to
Description Rewrite to Destination URL String
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-list_response-header-insert-list¶
Specification Type list Block object keys response-header-insert
Description Insert a header into HTTP response (Header Content (Format: “[name]: [value]”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
response-header-insert-type
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
http-list_response-header-erase-list¶
Specification Type list Block object keys response-header-erase
Description Erase a header from HTTP response (Header Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-list_template¶
Specification Type object logging
Description Logging template (Logging Config name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/logging
http-list_url-switching¶
Specification Type list Block object keys url-match-string
Description URL String
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
url-service-group
Description Create a Service Group comprising Servers (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
url-switching-type
Description ‘contains’: Select service group if URL string contains another string; ‘ends-with’: Select service group if URL string ends with another string; ‘equals’: Select service group if URL string equals another string; ‘starts-with’: Select service group if URL string starts with another string; ‘url-case-insensitive’: Case insensitive URL switching; ‘url-hits-enable’: Enables URL Hits;
Type: string
Supported Values: contains, ends-with, equals, starts-with, regex-match, url-case-insensitive, url-hits-enable
http-list_host-switching¶
Specification Type list Block object keys host-match-string
Description Hostname String
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
host-service-group
Description Create a Service Group comprising Servers (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/service-group
host-switching-type
Description ‘contains’: Select service group if hostname contains another string; ‘ends-with’: Select service group if hostname ends with another string; ‘equals’: Select service group if hostname equals another string; ‘starts-with’: Select service group if hostname starts with another string; ‘host-hits-enable’: Enables Host Hits counters;
Type: string
Supported Values: contains, ends-with, equals, starts-with, regex-match, host-hits-enable
http-list_response-content-replace-list¶
Specification Type list Block object keys response-content-replace
Description replace the data from HTTP response content (String in the http content need to be replaced)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
response-new-string
Description String will be in the http content
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
http-list_request-header-insert-list¶
Specification Type list Block object keys request-header-insert
Description Insert a header into HTTP request (Header Content (Format: “[name]: [value]”))
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
request-header-insert-type
Description ‘insert-if-not-exist’: Only insert the header when it does not exist; ‘insert-always’: Always insert the header even when there is a header with the same name;
Type: string
Supported Values: insert-if-not-exist, insert-always
http-list_compression-content-type¶
Specification Type list Block object keys content-type
Description Compression content-type
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
http-list_compression-exclude-uri¶
Specification Type list Block object keys exclude-uri
Description Compression exclude uri
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
http-list_compression-exclude-content-type¶
Specification Type list Block object keys exclude-content-type
Description Compression exclude content-type (Compression exclude content type)
Type: string
Format: string-rlx
Maximum Length: 31 characters
Maximum Length: 1 characters
virtual-port-list¶
Specification Type list Block object keys aflow
Description Use aFlow to eliminate the traffic surge
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
allow-syn-otherflags
Description Allow initial SYN packet with other flags
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
allow-vip-to-rport-mapping
Description Allow mapping of VIP to real port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-limit
Description Connection limit
Type: number
Range: 1-64000000
Default: 64000000
conn-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-limit-reset
Description Send client reset when connection over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit
Description Connection rate limit
Type: number
Range: 1-1048575
conn-rate-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit-reset
Description Send client reset when connection rate over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
drop-unknown-conn
Description Drop conection if receives TCP packet without SYN or RST flag and it does not belong to any existing connections
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dscp
Description Differentiated Services Code Point (DSCP to Real Server IP Mapping Value)
Type: number
Range: 1-63
ignore-tcp-msl
Description reclaim TCP resource immediately without MSL
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-options
Description ‘no-logging’: Do not log over limit event; ‘no-repeat-logging’: log once for over limit event. Default is log once per minute;
Type: string
Supported Values: no-logging, no-repeat-logging
name
Description Virtual port template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
non-syn-initiation
Description Allow initial TCP packet to be non-SYN
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pkt-rate-interval
Description ‘100ms’: Source IP and port rate limit per 100ms; ‘second’: Source IP and port rate limit per second (default);
Type: string
Supported Values: 100ms, second
Default: second
pkt-rate-limit-reset
Description send client-side reset (reset after packet limit)
Type: number
Range: 0-1048575
Default: 0
pkt-rate-type
Description ‘src-ip-port’: Source IP and port rate limit; ‘src-port’: Source port rate limit;
Type: string
Supported Values: src-ip-port, src-port
rate
Description Source IP and port rate limit (Packet rate limit)
Type: number
Range: 1-1048575
rate-interval
Description ‘100ms’: Use 100 ms as sampling interval; ‘second’: Use 1 second as sampling interval;
Type: string
Supported Values: 100ms, second
Default: second
reset-l7-on-failover
Description Send reset to L7 client and server connection upon a failover
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset-unknown-conn
Description Send reset back if receives TCP packet without SYN or RST flag and it does not belong to any existing connections
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
snat-msl
Description Source NAT MSL (Source NAT MSL value)
Type: number
Range: 1-1800
snat-port-preserve
Description Source NAT Port Preservation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
when-rr-enable
Description Only do rate limit if CPU RR triggered
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
cipher-list¶
Specification Type list Block object keys cipher-cfg
Type: Listname
Description Cipher Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
cipher-list_cipher-cfg¶
Specification Type list Block object keys cipher-suite
Description ‘SSL3_RSA_DES_192_CBC3_SHA’: SSL3_RSA_DES_192_CBC3_SHA; ‘SSL3_RSA_RC4_128_MD5’: SSL3_RSA_RC4_128_MD5; ‘SSL3_RSA_RC4_128_SHA’: SSL3_RSA_RC4_128_SHA; ‘TLS1_RSA_AES_128_SHA’: TLS1_RSA_AES_128_SHA; ‘TLS1_RSA_AES_256_SHA’: TLS1_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_SHA256’: TLS1_RSA_AES_128_SHA256; ‘TLS1_RSA_AES_256_SHA256’: TLS1_RSA_AES_256_SHA256; ‘TLS1_DHE_RSA_AES_128_GCM_SHA256’: TLS1_DHE_RSA_AES_128_GCM_SHA256; ‘TLS1_DHE_RSA_AES_128_SHA’: TLS1_DHE_RSA_AES_128_SHA; ‘TLS1_DHE_RSA_AES_128_SHA256’: TLS1_DHE_RSA_AES_128_SHA256; ‘TLS1_DHE_RSA_AES_256_GCM_SHA384’: TLS1_DHE_RSA_AES_256_GCM_SHA384; ‘TLS1_DHE_RSA_AES_256_SHA’: TLS1_DHE_RSA_AES_256_SHA; ‘TLS1_DHE_RSA_AES_256_SHA256’: TLS1_DHE_RSA_AES_256_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256’: TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_SHA’: TLS1_ECDHE_ECDSA_AES_128_SHA; ‘TLS1_ECDHE_ECDSA_AES_128_SHA256’: TLS1_ECDHE_ECDSA_AES_128_SHA256; ‘TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384’: TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_ECDSA_AES_256_SHA’: TLS1_ECDHE_ECDSA_AES_256_SHA; ‘TLS1_ECDHE_RSA_AES_128_GCM_SHA256’: TLS1_ECDHE_RSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_RSA_AES_128_SHA’: TLS1_ECDHE_RSA_AES_128_SHA; ‘TLS1_ECDHE_RSA_AES_128_SHA256’: TLS1_ECDHE_RSA_AES_128_SHA256; ‘TLS1_ECDHE_RSA_AES_256_GCM_SHA384’: TLS1_ECDHE_RSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_RSA_AES_256_SHA’: TLS1_ECDHE_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_GCM_SHA256’: TLS1_RSA_AES_128_GCM_SHA256; ‘TLS1_RSA_AES_256_GCM_SHA384’: TLS1_RSA_AES_256_GCM_SHA384;
Type: string
Supported Values: SSL3_RSA_DES_192_CBC3_SHA, SSL3_RSA_RC4_128_MD5, SSL3_RSA_RC4_128_SHA, TLS1_RSA_AES_128_SHA, TLS1_RSA_AES_256_SHA, TLS1_RSA_AES_128_SHA256, TLS1_RSA_AES_256_SHA256, TLS1_DHE_RSA_AES_128_GCM_SHA256, TLS1_DHE_RSA_AES_128_SHA, TLS1_DHE_RSA_AES_128_SHA256, TLS1_DHE_RSA_AES_256_GCM_SHA384, TLS1_DHE_RSA_AES_256_SHA, TLS1_DHE_RSA_AES_256_SHA256, TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256, TLS1_ECDHE_ECDSA_AES_128_SHA, TLS1_ECDHE_ECDSA_AES_128_SHA256, TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA, TLS1_ECDHE_RSA_AES_128_GCM_SHA256, TLS1_ECDHE_RSA_AES_128_SHA, TLS1_ECDHE_RSA_AES_128_SHA256, TLS1_ECDHE_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA, TLS1_RSA_AES_128_GCM_SHA256, TLS1_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA384, TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256, TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256, TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256
priority
Description Cipher priority (Cipher priority (default 1))
Type: number
Range: 1-100
Default: 1
policy-list¶
Specification Type list Block object keys bw-list-id
Type: Listbw-list-name
Description Specify a blacklist/whitelist name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
class-list
Description: class-list is a JSON Block. Please see below for policy-list_class-list
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/class-list
forward-policy
Description: forward-policy is a JSON Block. Please see below for policy-list_forward-policy
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy
full-domain-tree
Description Share counters between geo-location and sub regions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
interval
Description Log interval (minute)
Type: number
Range: 1-255
name
Description Policy template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
over-limit
Description Specify operation in case over limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
over-limit-lockup
Description Don’t accept any new connection for certain time (Lockup duration (minute))
Type: number
Range: 1-127
over-limit-logging
Description Log a message
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
over-limit-reset
Description Reset the connection when it exceeds limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
overlap
Description Use overlap mode for geo-location to do longest match
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sampling-enable
Type: Listshare
Description Share counters between virtual ports and virtual servers
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
timeout
Description Define timeout value of PBSLB dynamic entry (Timeout value (minute, default is 5))
Type: number
Range: 1-127
Default: 5
use-destination-ip
Description Use destination IP to match the policy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy¶
Specification Type object acos-event-log
Description Enable acos event logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
action-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/action/{name}
filtering
Type: Listlocal-logging
Description Enable local logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
no-client-conn-reuse
Description Inspects only first request of a connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
require-web-category
Description Wait for web category to be resolved before taking proxy decision
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
san-filtering
Type: Listsource-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy_filtering¶
Specification Type list Block object keys ssli-url-filtering
Description ‘bypassed-sni-disable’: Disable SNI filtering for bypassed URL’s(enabled by default); ‘intercepted-sni-enable’: Enable SNI filtering for intercepted URL’s(disabled by default); ‘intercepted-http-disable’: Disable HTTP(host/URL) filtering for intercepted URL’s(enabled by default); ‘no-sni-allow’: Allow connection if SNI filtering is enabled and SNI header is not present(Drop by default);
Type: string
Supported Values: bypassed-sni-disable, intercepted-sni-enable, intercepted-http-disable, no-sni-allow
policy-list_forward-policy_san-filtering¶
Specification Type list Block object keys ssli-url-filtering-san
Description ‘enable-san’: Enable SAN filtering(disabled by default); ‘bypassed-san-disable’: Disable SAN filtering for bypassed URL’s(enabled by default); ‘intercepted-san-enable’: Enable SAN filtering for intercepted URL’s(disabled by default); ‘no-san-allow’: Allow connection if SAN filtering is enabled and SAN field is not present(Drop by default);
Type: string
Supported Values: enable-san, bypassed-san-disable, intercepted-san-enable, no-san-allow
policy-list_forward-policy_action-list¶
Specification Type list Block object keys action1
Description ‘forward-to-internet’: Forward request to Internet; ‘forward-to-service-group’: Forward request to service group; ‘drop’: Drop request;
Type: string
Supported Values: forward-to-internet, forward-to-service-group, forward-to-proxy, drop
drop-message
Description drop-message sent to the client as webpage(html tags are included and quotation marks are required for white spaces)
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
Mutual Exclusion: drop-message and drop-redirect-url are mutually exclusive
drop-redirect-url
Description Specify URL to which client request is redirected upon being dropped
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
Mutual Exclusion: drop-redirect-url drop-response-code and drop-message are mutually exclusive
drop-response-code
Description Specify response code for drop action
Type: number
Range: 100-599
Mutual Exclusion: drop-response-code and drop-redirect-url are mutually exclusive
fake-sg
Description service group to forward the packets to Internet
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
fall-back
Description Fallback service group for Internet
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
fall-back-snat
Description Source NAT pool or pool group for fallback server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
forward-snat
Description Source NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-status-code
Description ‘301’: Moved permanently; ‘302’: Found;
Type: string
Supported Values: 301, 302
Default: 302
log
Description enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Action policy name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
proxy-chaining
Description Enable proxy chaining feature
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
real-sg
Description service group to forward the packets
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy_action-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
policy-list_forward-policy_source-list¶
Specification Type list Block object keys destination
Description: destination is a JSON Block. Please see below for policy-list_forward-policy_source-list_destination
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination
match-any
Description Match any source
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: match-any and match-class-list are mutually exclusive
match-authorize-policy
Description Authorize-policy for user and group based policy
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
match-class-list
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: match-class-list and match-any are mutually exclusive
name
Description source destination match rule name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority of the source(higher the number higher the priority, default 0)
Type: number
Range: 1-2000
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy_source-list_destination¶
Specification Type object any
Description: any is a JSON Block. Please see below for policy-list_forward-policy_source-list_destination_any
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/any
class-list-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/class-list/{dest-class-list}
web-category-list-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/web-category-list/{web-category-list}
policy-list_forward-policy_source-list_destination_class-list-list¶
Specification Type list Block object keys action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
dest-class-list
Description Destination Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority value of the action(higher the number higher the priority)
Type: number
Range: 1-1024
sampling-enable
Type: Listtype
Description ‘host’: Match hostname; ‘url’: match URL;
Type: string
Supported Values: host, url, ip
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy_source-list_destination_class-list-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
policy-list_forward-policy_source-list_destination_web-category-list-list¶
Specification Type list Block object keys action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority value of the action(higher the number higher the priority)
Type: number
Range: 1-1024
sampling-enable
Type: Listtype
Description ‘host’: Match hostname; ‘url’: match URL;
Type: string
Supported Values: host, url
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
web-category-list
Description Destination Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/web-category/category-list
policy-list_forward-policy_source-list_destination_web-category-list-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
policy-list_forward-policy_source-list_destination_any¶
Specification Type object action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_forward-policy_source-list_destination_any_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
policy-list_forward-policy_source-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this source rule; ‘destination-match-not-found’: Number of requests without matching destination rule; ‘no-host-info’: Failed to parse ip or host information from request;
Type: string
Supported Values: all, hits, destination-match-not-found, no-host-info
policy-list_class-list¶
Specification Type object client-ip-l3-dest
Description Use destination IP as client IP address
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: client-ip-l3-dest and client-ip-l7-header are mutually exclusive
client-ip-l7-header
Description Use extract client IP address from L7 header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: client-ip-l7-header and client-ip-l3-dest are mutually exclusive
header-name
Description Specify L7 header name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
lid-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/class-list/lid/{lidnum}
name
Description Class list name or geo-location-class-list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_class-list_lid-list¶
Specification Type list Block object keys action-value
Description ‘forward’: Forward the traffic even it exceeds limit; ‘reset’: Reset the connection when it exceeds limit;
Type: string
Supported Values: forward, reset
bw-per
Description Per (Specify interval in number of 100ms)
Type: number
Range: 1-65535
bw-rate-limit
Description Specify bandwidth rate limit (Bandwidth rate limit in bytes)
Type: number
Range: 1-2147483647
conn-limit
Description Connection limit
Type: number
Range: 0-1048575
conn-per
Description Per (Specify interval in number of 100ms)
Type: number
Range: 1-65535
conn-rate-limit
Description Specify connection rate limit
Type: number
Range: 1-2147483647
direct-action
Description Set action when match the lid
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
direct-action-interval
Description Specify logging interval in minute (default is 3)
Type: number
Range: 0-60
Default: 3
direct-action-value
Description ‘drop’: drop the packet; ‘reset’: Send reset back;
Type: string
Supported Values: drop, reset
Mutual Exclusion: direct-action-value and direct-service-group are mutually exclusive
direct-fail
Description Only log unsuccessful connections
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
direct-logging-drp-rst
Description Configure PBSLB logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
direct-pbslb-interval
Description Specify logging interval in minutes(default is 3)
Type: number
Range: 0-60
Default: 3
direct-pbslb-logging
Description Configure PBSLB logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
direct-service-group
Description Specify a service group (Specify the service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: direct-service-group and direct-action-value are mutually exclusive
Reference Object: /axapi/v3/slb/service-group
dns64
Description: dns64 is a JSON Block. Please see below for policy-list_class-list_lid-list_dns64
Type: Object
interval
Description Specify log interval in minutes, by default system will log every over limit instance
Type: number
Range: 1-255
lidnum
Description Specify a limit ID
Type: number
Range: 1-1023
lockout
Description Don’t accept any new connection for certain time (Lockout duration in minutes)
Type: number
Range: 1-1023
log
Description Log a message
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
over-limit-action
Description Set action when exceeds limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
request-limit
Description Request limit (Specify request limit)
Type: number
Range: 1-1048575
request-per
Description Per (Specify interval in number of 100ms)
Type: number
Range: 1-65535
request-rate-limit
Description Request rate limit (Specify request rate limit)
Type: number
Range: 1-4294967295
response-code-rate-limit
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
policy-list_class-list_lid-list_dns64¶
Specification Type object disable
Description Disable
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
exclusive-answer
Description Exclusive Answer in DNS Response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
prefix
Description IPv6 prefix
Type: string
Format: ipv6-address-plen
policy-list_class-list_lid-list_response-code-rate-limit¶
Specification Type list Block object keys code-range-end
Description server response code range end
Type: number
Range: 100-600
code-range-start
Description server response code range start
Type: number
Range: 100-600
period
Description seconds
Type: number
Range: 1-127
threshold
Description the times of getting the response code
Type: number
Range: 1-15
policy-list_bw-list-id¶
Specification Type list Block object keys action-interval
Description Specify logging interval in minute (default is 3)
Type: number
Range: 0-60
Default: 3
bw-list-action
Description ‘drop’: drop the packet; ‘reset’: Send reset back;
Type: string
Supported Values: drop, reset
Mutual Exclusion: bw-list-action and service-group are mutually exclusive
fail
Description Only log unsuccessful connections
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
id
Description Specify id that maps to service group (The id number)
Type: number
Range: 0-1023
logging-drp-rst
Description Configure PBSLB logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pbslb-interval
Description Specify logging interval in minutes
Type: number
Range: 0-60
Default: 3
pbslb-logging
Description Configure PBSLB logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
service-group
Description Specify a service group (Specify the service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: service-group and bw-list-action are mutually exclusive
Reference Object: /axapi/v3/slb/service-group
policy-list_sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘fwd-policy-dns-unresolved’: Forward-policy unresolved DNS queries; ‘fwd-policy-dns-outstanding’: Forward-policy current DNS outstanding requests; ‘fwd-policy-snat-fail’: Forward-policy source-nat translation failure; ‘fwd-policy-hits’: Number of forward-policy requests for this policy template; ‘fwd-policy-forward-to-internet’: Number of forward-policy requests forwarded to internet; ‘fwd-policy-forward-to-service-group’: Number of forward-policy requests forwarded to service group; ‘fwd-policy-policy-drop’: Number of forward-policy requests dropped; ‘fwd-policy-source-match-not-found’: Forward-policy requests without matching source rule; ‘exp_client_hello_not_found’: Expected Client HELLO requests not found;
Type: string
Supported Values: all, fwd-policy-dns-unresolved, fwd-policy-dns-outstanding, fwd-policy-snat-fail, fwd-policy-hits, fwd-policy-forward-to-internet, fwd-policy-forward-to-service-group, fwd-policy-forward-to-proxy, fwd-policy-policy-drop, fwd-policy-source-match-not-found, exp-client-hello-not-found
server-list¶
Specification Type list Block object keys add
Description Slow start connection limit add by a number every interval (Add by this number every interval)
Type: number
Range: 1-4095
Mutual Exclusion: add and times are mutually exclusive
bw-rate-limit
Description Configure bandwidth rate limit on real server (Bandwidth rate limit in Kbps)
Type: number
Range: 1-16777216
bw-rate-limit-acct
Description ‘to-server-only’: Only account for traffic sent to server; ‘from-server-only’: Only account for traffic received from server; ‘all’: Account for all traffic sent to and received from server;
Type: string
Supported Values: to-server-only, from-server-only, all
Default: all
bw-rate-limit-duration
Description Duration in seconds the observed rate needs to honor
Type: number
Range: 1-250
bw-rate-limit-no-logging
Description Do not log bandwidth rate limit related state transitions
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
bw-rate-limit-resume
Description Resume server selection after bandwidth drops below this threshold (in Kbps) (Bandwidth rate limit resume threshold (in Kbps))
Type: number
Range: 1-16777216
conn-limit
Description Connection limit
Type: number
Range: 1-64000000
Default: 64000000
conn-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
conn-rate-limit
Description Connection rate limit
Type: number
Range: 1-1048575
conn-rate-limit-no-logging
Description Do not log connection over limit event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dns-fail-interval
Description The interval to retry when DNS failed to query (DNS failure interval (in second, default is 30))
Type: number
Range: 0-1800
Default: 30
dns-query-interval
Description The interval to query DNS server for the hostname (DNS query interval (in minute, default is 10))
Type: number
Range: 1-1440
Default: 10
dynamic-server-prefix
Description Prefix of dynamic server (Prefix of dynamic server (default is “DRS”))
Type: string
Maximum Length: 3 characters
Maximum Length: 1 characters
Default: DRS
every
Description Slow start connection limit increment interval (default 10)
Type: number
Range: 1-60
Default: 10
extended-stats
Description Enable extended statistics on real server
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
health-check
Description Health Check Monitor (Health monitor name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
Reference Object: /axapi/v3/health/monitor
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
initial-slow-start
Description Initial slow start connection limit (default 128)
Type: number
Range: 1-4095
Default: 128
log-selection-failure
Description Enable real-time logging for server selection failure event
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
max-dynamic-server
Description Maximum dynamic server number (Maximum dynamic server number (default is 255))
Type: number
Range: 1-1023
Default: 255
min-ttl-ratio
Description Minimum TTL to DNS query interval ratio (Minimum TTL ratio (default is 2))
Type: number
Range: 1-15
Default: 2
name
Description Server template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
rate-interval
Description ‘100ms’: Use 100 ms as sampling interval; ‘second’: Use 1 second as sampling interval;
Type: string
Supported Values: 100ms, second
Default: second
resume
Description Resume accepting new connection after connection number drops below threshold (Connection resume threshold)
Type: number
Range: 1-1048575
slow-start
Description Slowly ramp up the connection number after server is up
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
spoofing-cache
Description Servers under the template are spoofing cache
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
stats-data-action
Description ‘stats-data-enable’: Enable statistical data collection for real server; ‘stats-data-disable’: Disable statistical data collection for real server;
Type: string
Supported Values: stats-data-enable, stats-data-disable
Default: stats-data-enable
till
Description Slow start ends when slow start connection limit reaches a number (default 4096) (Slow start ends when connection limit reaches this number)
Type: number
Range: 1-65535
Default: 4096
times
Description Slow start connection limit multiply by a number every interval (default 2) (Multiply by this number every interval)
Type: number
Range: 2-10
Default: 2
Mutual Exclusion: times and add are mutually exclusive
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
weight
Description Weight for the Real Servers (Connection Weight)
Type: number
Range: 1-1000
Default: 1
monitor-list¶
Specification Type list Block object keys clear-cfg
Type: Listid
Description Monitor template ID Number
Type: number
Range: 1-16
link-disable-cfg
Type: Listlink-down-cfg
Type: Listlink-enable-cfg
Type: Listlink-up-cfg
Type: Listmonitor-relation
Description ‘monitor-and’: Configures the monitors in current template to work with AND logic; ‘monitor-or’: Configures the monitors in current template to work with OR logic;
Type: string
Supported Values: monitor-and, monitor-or
Default: monitor-and
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
monitor-list_clear-cfg¶
Specification Type list Block object keys clear-all-sequence
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
clear-sequence
Description Specify the port physical port number
Type: number
Range: 1-16
sessions
Description ‘all’: Clear all sessions; ‘sequence’: Sequence number;
Type: string
Supported Values: all, sequence
monitor-list_link-enable-cfg¶
Specification Type list Block object keys ena-sequence
Description Sequence number (Specify the physical port number)
Type: number
Range: 1-16
enaeth
Description Specify the physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
monitor-list_link-up-cfg¶
Specification Type list Block object keys link-up-sequence1
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
link-up-sequence2
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
link-up-sequence3
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
linkup-ethernet1
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
linkup-ethernet2
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
linkup-ethernet3
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
monitor-list_link-down-cfg¶
Specification Type list Block object keys link-down-sequence1
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
link-down-sequence2
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
link-down-sequence3
Description Sequence number (Specify the port physical port number)
Type: number
Range: 1-16
linkdown-ethernet1
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
linkdown-ethernet2
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
linkdown-ethernet3
Description Specify the port physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
monitor-list_link-disable-cfg¶
Specification Type list Block object keys dis-sequence
Description Sequence number (Specify the physical port number)
Type: number
Range: 1-16
diseth
Description Specify the physical port number (Ethernet interface number)
Type: number
Format: interface
Range: 3-103
tcp-proxy-list¶
Specification Type list Block object keys ack-aggressiveness
Description ‘low’: Delayed ACK; ‘medium’: Delayed ACK, with ACK on each packet with PUSH flag; ‘high’: ACK on each packet;
Type: string
Supported Values: low, medium, high
Default: low
alive-if-active
Description keep connection alive if active traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
backend-wscale
Description The TCP window scale used for the server side, default is off (number)
Type: number
Range: 1-14
del-session-on-server-down
Description Delete session if the server/port goes down (either disabled/hm down)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable
Description send reset to client when server is disabled
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: disable and down are mutually exclusive
disable-abc
Description Appropriate Byte Counting RFC 3465 Disabled, default is enabled (Appropriate Byte Counting (ABC) is enabled by default)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-sack
Description disable Selective Ack Option
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-tcp-timestamps
Description disable TCP Timestamps Option
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-window-scale
Description disable TCP Window-Scale Option
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
down
Description send reset to client when server is down
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: down and disable are mutually exclusive
dynamic-buffer-allocation
Description Optimally adjust the transmit and receive buffer sizes of TCP proxy while keeping their sum constant
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
early-retransmit
Description Configure the Early-Retransmit Algorithm (RFC 5827) (Early-Retransmit is disabled by default)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
fin-timeout
Description FIN timeout (sec), default is 5 (number)
Type: number
Range: 1-60
force-delete-timeout
Description The maximum time that a session can stay in the system before being deleted, default is off (number (second))
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive
force-delete-timeout-100ms
Description The maximum time that a session can stay in the system before being deleted, default is off (number in 100ms)
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive
half-close-idle-timeout
Description TCP Half Close Idle Timeout (sec), default is off (number)
Type: number
Range: 60-120
half-open-idle-timeout
Description TCP Half Open Idle Timeout (sec), default is off (number)
Type: number
Range: 1-60
idle-timeout
Description Idle Timeout (sec), default is 600 (number)
Type: number
Range: 1-2097151
Default: 600
init-cwnd
Description The initial congestion control window size (packets), default is 10 (number)
Type: number
Range: 1-15
Default: 10
initial-window-size
Description Set the initial window size, default is off (number)
Type: number
Range: 1-65535
insert-client-ip
Description Insert client ip into TCP option
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
invalid-rate-limit
Description Invalid Packet Response Rate Limit (ms), default is 500 (number default 500 challenges)
Type: number
Range: 0-60000000
Default: 500
keepalive-interval
Description Interval between keepalive probes (sec), default is off (number)
Type: number
Range: 60-12000
keepalive-probes
Description Number of keepalive probes sent, default is off
Type: number
Range: 2-10
limited-slowstart
Description RFC 3742 Limited Slow-Start for TCP with Large Congestion Windows (number)
Type: number
Range: 0-2147483647
Default: 0
maxburst
Description The max packet count sent per transmission event (number)
Type: number
Range: 1-100
Default: 25
min-rto
Description The minmum retransmission timeout, default is 200ms (number)
Type: number
Range: 100-1000
Default: 200
mss
Description Responding MSS to use if client MSS is large, default is off (number)
Type: number
Range: 128-9000
Default: 1460
nagle
Description Enable Nagle Algorithm
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description TCP Proxy Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Default: default
proxy-header
Description: proxy-header is a JSON Block. Please see below for tcp-proxy-list_proxy-header
Type: Object
psh-flag-optimization
Description Enable Optimized PSH Flag Use
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
qos
Description QOS level (number)
Type: number
Range: 1-63
reassembly-limit
Description The reassembly queuing limit, default is 25 segments (number)
Type: number
Range: 1-500
Default: 25
reassembly-timeout
Description The reassembly timeout, default is 30sec (number)
Type: number
Range: 1-300
Default: 30
receive-buffer
Description TCP Receive Buffer (default 200k) (number)
Type: number
Range: 1-2147483647
Default: 200000
reno
Description Enable Reno Congestion Control Algorithm
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset-fwd
Description send reset to server if error happens
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
reset-rev
Description send reset to client if error happens
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
retransmit-retries
Description Number of Retries for Retransmit, default is 5
Type: number
Range: 1-20
Default: 5
server-down-action
Description ‘FIN’: FIN Connection; ‘RST’: Reset Connection;
Type: string
Supported Values: FIN, RST
syn-retries
Description SYN Retry Numbers, default is 5
Type: number
Range: 1-20
Default: 5
timewait
Description Timewait Threshold (sec), default 5 (number)
Type: number
Range: 1-60
Default: 5
transmit-buffer
Description TCP Transmit Buffer (default 200k) (number)
Type: number
Range: 1-2147483647
Default: 200000
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp-proxy-list_proxy-header¶
Specification Type object proxy-header-action
Description ‘insert’: Insert proxy header;
Type: string
Supported Values: insert
version
Description ‘v1’: version 1; ‘v2’: version 2;
Type: string
Supported Values: v1, v2
ftp-list¶
Specification Type list Block object keys active-mode-port
Description Non-Standard FTP Active mode port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
active-mode-port-val
Description Non-Standard FTP Active mode port
Type: number
Range: 1-65534
Mutual Exclusion: active-mode-port-val and any are mutually exclusive
any
Description Allow any FTP Active mode port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: any and active-mode-port-val are mutually exclusive
name
Description FTP template name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
to
Description End range of FTP Active mode port
Type: number
Range: 1-65534
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
imap-pop3-list¶
Specification Type list Block object keys logindisabled
Description Disable Login before STARTTLS.Works only for imap
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description IMAP-POP3 Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
starttls
Description ‘disabled’: Disable STARTTLS; ‘optional’: STARTTLS is optional requirement; ‘enforced’: Must issue STARTTLS command before imap transaction;
Type: string
Supported Values: disabled, optional, enforced
Default: disabled
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
server-ssl-list¶
Specification Type list Block object keys alert-type
Description ‘fatal’: Log fatal alerts;
Type: string
Supported Values: fatal
ca-certs
Type: Listcert
Description Specify Client certificate (Certificate Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: cert and cert-shared-str are mutually exclusive
cert-shared-str
Description Certificate Name
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: cert-shared-str and cert are mutually exclusive
cipher-template
Description Cipher Template (Cipher Config Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Mutual Exclusion: cipher-template cipher-wo-prio and shared-partition-cipher-template are mutually exclusive
Reference Object: /axapi/v3/slb/template/cipher
cipher-without-prio-list
Type: Listclose-notify
Description Send close notification when terminate connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
crl-certs
Type: Listdgversion
Description Lower TLS/SSL version can be downgraded
Type: number
Range: 30-33
Default: 31
dh-short-key-action
Description ‘none’: no change; ‘prepend’: prepend dh key; ‘regenerate’: regenerate dh key;
Type: string
Supported Values: none, prepend, regenerate
Default: none
dh-type
Description ‘1024’: 1024; ‘1024-dsa’: 1024-dsa; ‘2048’: 2048;
Type: string
Supported Values: 1024, 1024-dsa, 2048
ec-list
Type: Listenable-ssli-ftp-alg
Description Enable SSLi FTP over TLS support at which port
Type: number
Range: 1-65535
enable-tls-alert-logging
Description Enable TLS alert logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)forward-proxy-enable
Description Enable SSL forward proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
handshake-logging-enable
Description Enable SSL handshake logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
key
Description Client private-key (Key Name)
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: key and key-shared-str are mutually exclusive
key-shared-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED password string)key-shared-passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
key-shared-str
Description Key Name
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
Mutual Exclusion: key-shared-str and key are mutually exclusive
name
Description Server SSL Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
ocsp-stapling
Description Enable ocsp-stapling support
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
passphrase
Description Password Phrase
Type: string
Format: password
Maximum Length: 63 characters
Maximum Length: 1 characters
renegotiation-disable
Description Disable SSL renegotiation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-certificate-error
Type: Listsession-cache-size
Description Session Cache Size (Specify 0 to disable Session ID reuse.)
Type: number
Range: 0-128
Default: 0
session-cache-timeout
Description Session Cache Timeout (Timeout value, in seconds)
Type: number
Range: 1-7200
session-ticket-enable
Description Enable server side session ticket support
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
shared-partition-cipher-template
Description Reference a cipher template from shared partition
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: shared-partition-cipher-template and cipher-template are mutually exclusive
ssli-logging
Description SSLi logging level, default is error logging only
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sslilogging
Description ‘disable’: Disable all logging; ‘all’: enable all logging(error, info);
Type: string
Supported Values: disable, all
template-cipher-shared
Description Cipher Template Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/slb/template/cipher
use-client-sni
Description use client SNI
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
version
Description TLS/SSL version, default is the highest number supported (TLS/SSL version: 30-SSLv3.0, 31-TLSv1.0, 32-TLSv1.1 and 33-TLSv1.2)
Type: number
Range: 30-33
Default: 33
server-ssl-list_crl-certs¶
Specification Type list Block object keys crl
Description Certificate Revocation Lists (Certificate Revocation Lists file name)
Type: string
Maximum Length: 255 characters
Maximum Length: 1 characters
crl-partition-shared
Description Certificate Revocation Lists Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-ssl-list_ec-list¶
Specification Type list Block object keys ec
Description ‘secp256r1’: X9_62_prime256v1; ‘secp384r1’: secp384r1;
Type: string
Supported Values: secp256r1, secp384r1
server-ssl-list_server-certificate-error¶
Specification Type list Block object keys error-type
Description ‘email’: Notify the error via email; ‘ignore’: Ignore the error, which mean the connection can continue; ‘logging’: Log the error; ‘trap’: Notify the error by SNMP trap;
Type: string
Supported Values: email, ignore, logging, trap
server-ssl-list_ca-certs¶
Specification Type list Block object keys ca-cert
Description Specify CA certificate
Type: string
Format: string-rlx
Maximum Length: 245 characters
Maximum Length: 1 characters
ca-cert-partition-shared
Description CA Certificate Partition Shared
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
server-ocsp-sg
Description Specify service-group (Service group name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/service-group
server-ocsp-srvr
Description Specify authentication server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/server/ocsp
server-ssl-list_cipher-without-prio-list¶
Specification Type list Block object keys cipher-wo-prio
Description ‘SSL3_RSA_DES_192_CBC3_SHA’: SSL3_RSA_DES_192_CBC3_SHA; ‘SSL3_RSA_RC4_128_MD5’: SSL3_RSA_RC4_128_MD5; ‘SSL3_RSA_RC4_128_SHA’: SSL3_RSA_RC4_128_SHA; ‘TLS1_RSA_AES_128_SHA’: TLS1_RSA_AES_128_SHA; ‘TLS1_RSA_AES_256_SHA’: TLS1_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_SHA256’: TLS1_RSA_AES_128_SHA256; ‘TLS1_RSA_AES_256_SHA256’: TLS1_RSA_AES_256_SHA256; ‘TLS1_DHE_RSA_AES_128_GCM_SHA256’: TLS1_DHE_RSA_AES_128_GCM_SHA256; ‘TLS1_DHE_RSA_AES_128_SHA’: TLS1_DHE_RSA_AES_128_SHA; ‘TLS1_DHE_RSA_AES_128_SHA256’: TLS1_DHE_RSA_AES_128_SHA256; ‘TLS1_DHE_RSA_AES_256_GCM_SHA384’: TLS1_DHE_RSA_AES_256_GCM_SHA384; ‘TLS1_DHE_RSA_AES_256_SHA’: TLS1_DHE_RSA_AES_256_SHA; ‘TLS1_DHE_RSA_AES_256_SHA256’: TLS1_DHE_RSA_AES_256_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256’: TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_ECDSA_AES_128_SHA’: TLS1_ECDHE_ECDSA_AES_128_SHA; ‘TLS1_ECDHE_ECDSA_AES_128_SHA256’: TLS1_ECDHE_ECDSA_AES_128_SHA256; ‘TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384’: TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_ECDSA_AES_256_SHA’: TLS1_ECDHE_ECDSA_AES_256_SHA; ‘TLS1_ECDHE_RSA_AES_128_GCM_SHA256’: TLS1_ECDHE_RSA_AES_128_GCM_SHA256; ‘TLS1_ECDHE_RSA_AES_128_SHA’: TLS1_ECDHE_RSA_AES_128_SHA; ‘TLS1_ECDHE_RSA_AES_128_SHA256’: TLS1_ECDHE_RSA_AES_128_SHA256; ‘TLS1_ECDHE_RSA_AES_256_GCM_SHA384’: TLS1_ECDHE_RSA_AES_256_GCM_SHA384; ‘TLS1_ECDHE_RSA_AES_256_SHA’: TLS1_ECDHE_RSA_AES_256_SHA; ‘TLS1_RSA_AES_128_GCM_SHA256’: TLS1_RSA_AES_128_GCM_SHA256; ‘TLS1_RSA_AES_256_GCM_SHA384’: TLS1_RSA_AES_256_GCM_SHA384;
Type: string
Supported Values: SSL3_RSA_DES_192_CBC3_SHA, SSL3_RSA_RC4_128_MD5, SSL3_RSA_RC4_128_SHA, TLS1_RSA_AES_128_SHA, TLS1_RSA_AES_256_SHA, TLS1_RSA_AES_128_SHA256, TLS1_RSA_AES_256_SHA256, TLS1_DHE_RSA_AES_128_GCM_SHA256, TLS1_DHE_RSA_AES_128_SHA, TLS1_DHE_RSA_AES_128_SHA256, TLS1_DHE_RSA_AES_256_GCM_SHA384, TLS1_DHE_RSA_AES_256_SHA, TLS1_DHE_RSA_AES_256_SHA256, TLS1_ECDHE_ECDSA_AES_128_GCM_SHA256, TLS1_ECDHE_ECDSA_AES_128_SHA, TLS1_ECDHE_ECDSA_AES_128_SHA256, TLS1_ECDHE_ECDSA_AES_256_GCM_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA, TLS1_ECDHE_RSA_AES_128_GCM_SHA256, TLS1_ECDHE_RSA_AES_128_SHA, TLS1_ECDHE_RSA_AES_128_SHA256, TLS1_ECDHE_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA, TLS1_RSA_AES_128_GCM_SHA256, TLS1_RSA_AES_256_GCM_SHA384, TLS1_ECDHE_RSA_AES_256_SHA384, TLS1_ECDHE_ECDSA_AES_256_SHA384, TLS1_ECDHE_RSA_CHACHA20_POLY1305_SHA256, TLS1_ECDHE_ECDSA_CHACHA20_POLY1305_SHA256, TLS1_DHE_RSA_CHACHA20_POLY1305_SHA256
Mutual Exclusion: cipher-wo-prio and cipher-template are mutually exclusive