slb template policy forward-policy¶
Forward Policy commands
forward-policy Specification¶
Parameter Value Type Configuration Resource Element Name forward-policy Element URI /axapi/v3/slb/template/policy/{name}/forward-policy Element Attributes forward-policy_attributes Partition Visibility shared Schema forward-policy schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/slb/template/policy/{name}/forward-policy | ||
Get Object | GET | /axapi/v3/slb/template/policy/{name}/forward-policy | ||
Modify Object | POST | /axapi/v3/slb/template/policy/{name}/forward-policy | ||
Replace Object | PUT | /axapi/v3/slb/template/policy/{name}/forward-policy | ||
Delete Object | DELETE | /axapi/v3/slb/template/policy/{name}/forward-policy |
forward-policy attributes¶
acos-event-log
Description Enable acos event logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
action-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/action/{name}
filtering
Type: Listlocal-logging
Description Enable local logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
no-client-conn-reuse
Description Inspects only first request of a connection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
require-web-category
Description Wait for web category to be resolved before taking proxy decision
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
san-filtering
Type: Listsource-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
filtering¶
Specification Value Type list Block object keys ssli-url-filtering
Description ‘bypassed-sni-disable’: Disable SNI filtering for bypassed URL’s(enabled by default); ‘intercepted-sni-enable’: Enable SNI filtering for intercepted URL’s(disabled by default); ‘intercepted-http-disable’: Disable HTTP(host/URL) filtering for intercepted URL’s(enabled by default); ‘no-sni-allow’: Allow connection if SNI filtering is enabled and SNI header is not present(Drop by default);
Type: string
Supported Values: bypassed-sni-disable, intercepted-sni-enable, intercepted-http-disable, no-sni-allow
san-filtering¶
Specification Value Type list Block object keys ssli-url-filtering-san
Description ‘enable-san’: Enable SAN filtering(disabled by default); ‘bypassed-san-disable’: Disable SAN filtering for bypassed URL’s(enabled by default); ‘intercepted-san-enable’: Enable SAN filtering for intercepted URL’s(disabled by default); ‘no-san-allow’: Allow connection if SAN filtering is enabled and SAN field is not present(Drop by default);
Type: string
Supported Values: enable-san, bypassed-san-disable, intercepted-san-enable, no-san-allow
action-list¶
Specification Value Type list Block object keys action1
Description ‘forward-to-internet’: Forward request to Internet; ‘forward-to-service-group’: Forward request to service group; ‘forward-to-proxy’: Forward request to HTTP proxy server; ‘drop’: Drop request;
Type: string
Supported Values: forward-to-internet, forward-to-service-group, forward-to-proxy, drop
drop-message
Description drop-message sent to the client as webpage(html tags are included and quotation marks are required for white spaces)
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
Mutual Exclusion: drop-message and drop-redirect-url are mutually exclusive
drop-redirect-url
Description Specify URL to which client request is redirected upon being dropped
Type: string
Format: string-rlx
Maximum Length: 1023 characters
Maximum Length: 1 characters
Mutual Exclusion: drop-redirect-url, drop-response-code, and drop-message are mutually exclusive
drop-response-code
Description Specify response code for drop action
Type: number
Range: 100-599
Mutual Exclusion: drop-response-code and drop-redirect-url are mutually exclusive
fake-sg
Description service group to forward the packets to Internet
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
fall-back
Description Fallback service group for Internet
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
fall-back-snat
Description Source NAT pool or pool group for fallback server
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
forward-snat
Description Source NAT pool or pool group
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http-status-code
Description ‘301’: Moved permanently; ‘302’: Found;
Type: string
Supported Values: 301, 302
Default: 302
log
Description enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Action policy name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
proxy-chaining
Description Enable proxy chaining feature
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
proxy-chaining-bypass
Description Forward all https packets to upstream proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
real-sg
Description service group to forward the packets
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listsupport-cert-fetch
Description Fetch server certificate by upstream proxy
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
action-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
source-list¶
Specification Value Type list Block object keys destination
Description: destination is a JSON Block. Please see below for source-list_destination
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination
match-any
Description Match any source
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: match-any and match-class-list are mutually exclusive
match-authorize-policy
Description Authorize-policy for user and group based policy
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
match-class-list
Description Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: match-class-list and match-any are mutually exclusive
name
Description source destination match rule name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority of the source(higher the number higher the priority, default 0)
Type: number
Range: 1-2000
sampling-enable
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
source-list_destination¶
Specification Value Type object any
Description: any is a JSON Block. Please see below for source-list_destination_any
Type: Object
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/any
class-list-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/class-list/{dest-class-list}
web-category-list-list
Type: List
Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/web-category-list/{web-category-list}
web-reputation-scope-list
source-list_destination_class-list-list¶
Specification Value Type list Block object keys action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
dest-class-list
Description Destination Class List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority value of the action(higher the number higher the priority)
Type: number
Range: 1-1024
sampling-enable
Type: Listtype
Description ‘host’: Match hostname; ‘url’: Match URL; ‘ip’: Match destination IP address;
Type: string
Supported Values: host, url, ip
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
source-list_destination_class-list-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
source-list_destination_web-category-list-list¶
Specification Value Type list Block object keys action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority value of the action(higher the number higher the priority)
Type: number
Range: 1-1024
sampling-enable
Type: Listtype
Description ‘host’: Match hostname; ‘url’: match URL;
Type: string
Supported Values: host, url
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
web-category-list
Description Destination Web Category List Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/web-category/category-list
source-list_destination_web-category-list-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
source-list_destination_any¶
Specification Value Type object action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
source-list_destination_any_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
source-list_destination_web-reputation-scope-list¶
Specification Value Type list Block object keys action
Description Action to be performed
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
priority
Description Priority value of the action(higher the number higher the priority)
Type: number
Range: 1-1024
sampling-enable
Type: Listtype
Description ‘host’: Match hostname; ‘url’: match URL;
Type: string
Supported Values: host, url
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
web-reputation-scope
Description Destination Web Reputation Scope Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/web-category/reputation-scope
source-list_destination_web-reputation-scope-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;
Type: string
Supported Values: all, hits
source-list_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘hits’: Number of requests matching this source rule; ‘destination-match-not-found’: Number of requests without matching destination rule; ‘no-host-info’: Failed to parse ip or host information from request;
Type: string
Supported Values: all, hits, destination-match-not-found, no-host-info