cgnv6 template policy¶
Policy config
policy Specification¶
Type Collection Object Key(s) name Collection Name policy-list Collection URI /axapi/v3/cgnv6/template/policy Element Name policy Element URI /axapi/v3/cgnv6/template/policy/{name} Element Attributes policy_attributes Schema policy schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/cgnv6/template/policy | ||
Create List | POST | /axapi/v3/cgnv6/template/policy | ||
Get Object | GET | /axapi/v3/cgnv6/template/policy/{name} | ||
Get List | GET | /axapi/v3/cgnv6/template/policy | ||
Modify Object | POST | /axapi/v3/cgnv6/template/policy/{name} | ||
Replace Object | PUT | /axapi/v3/cgnv6/template/policy/{name} | ||
Replace List | PUT | /axapi/v3/cgnv6/template/policy | ||
Delete Object | DELETE | /axapi/v3/cgnv6/template/policy/{name} |
policy-list¶
policy-list is JSON List of policy attributes
policy-list : [
]
policy attributes¶
class-list
Description: class-list is a JSON Block. Please see below for class-list
Type: Object
Reference Object: /axapi/v3/cgnv6/template/policy/{name}/class-list
name
Description Policy template name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
class-list¶
Specification Type object client-ip-l3-dest
Description Use destination IP as client IP address
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: client-ip-l3-dest and client-ip-l7-header are mutually exclusive
client-ip-l7-header
Description Use extract client IP address from L7 header
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: client-ip-l7-header and client-ip-l3-dest are mutually exclusive
header-name
Description Specify L7 header name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
lid-list
Type: List
Reference Object: /axapi/v3/cgnv6/template/policy/{name}/class-list/lid/{lidnum}
name
Description Class list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
class-list_lid-list¶
Specification Type list Block object keys action-value
Description ‘forward’: Forward the traffic even it exceeds limit; ‘reset’: Reset the connection when it exceeds limit;
Type: string
Supported Values: forward, reset
conn-limit
Description Connection limit
Type: number
Range: 0-1048575
conn-per
Description Per (Specify interval in number of 100ms)
Type: number
Range: 1-65535
conn-rate-limit
Description Specify connection rate limit
Type: number
Range: 1-2147483647
dns64
Description: dns64 is a JSON Block. Please see below for class-list_lid-list_dns64
Type: Object
interval
Description Specify log interval in minutes, by default system will log every over limit instance
Type: number
Range: 1-255
lidnum
Description Specify a limit ID
Type: number
Range: 1-31
lockout
Description Don’t accept any new connection for certain time (Lockout duration in minutes)
Type: number
Range: 1-1023
log
Description Log a message
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
over-limit-action
Description Set action when exceeds limit
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
request-limit
Description Request limit (Specify request limit)
Type: number
Range: 0-1048575
request-per
Description Per (Specify interval in number of 100ms)
Type: number
Range: 1-65535
request-rate-limit
Description Request rate limit (Specify request rate limit)
Type: number
Range: 1-4294967295
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
class-list_lid-list_dns64¶
Specification Type object disable
Description Disable
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
exclusive-answer
Description Exclusive Answer in DNS Response
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
prefix
Description IPv6 prefix
Type: string
Format: ipv6-address-plen