{ "id":"/axapi/v3/ddos/zone-template/http/{http-tmpl-name}", "type":"object", "node-type":"list", "title":"http", "partition-visibility":"shared", "description":"HTTP template Configuration", "properties":{ "http-tmpl-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS HTTP Template Name", "optional":false }, "disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable this template", "optional":true }, "multi-pu-threshold-distribution":{ "type":"object", "properties":{ "multi-pu-threshold-distribution-value":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "not":"multi-pu-threshold-distribution-disable", "description":"Destination side rate limit only. Default: 0" }, "multi-pu-threshold-distribution-disable":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"multi-pu-threshold-distribution-value", "description":"'disable': Destination side rate limit only. Default: Enable; ", "enum":[ "disable" ] } } }, "mss-timeout":{ "type":"object", "properties":{ "mss-percent":{ "type":"number", "format":"number", "minimum":1, "maximum":100, "partition-visibility":"shared", "description":"Configure percentage of mss such that if a packet size is below the mss times mss-percent, packet is considered bad." }, "number-packets":{ "type":"number", "format":"number", "minimum":1, "maximum":31, "partition-visibility":"shared", "description":"Specify percentage of mss. Default is 0, mss-timeout is not enabled." }, "mss-timeout-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"mss-timeout-action", "description":"Configure action-list to take" }, "mss-timeout-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"mss-timeout-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'blacklist-src': Blacklist-src; 'reset': Reset client connection; ", "enum":[ "drop", "ignore", "blacklist-src", "reset" ] } } }, "disallow-connect-method":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Do not allow HTTP Connect method (asymmetric mode only)", "optional":true }, "challenge":{ "type":"object", "properties":{ "challenge-method":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'http-redirect': http-redirect; 'javascript': javascript; ", "enum":[ "http-redirect", "javascript" ] }, "challenge-redirect-code":{ "type":"string", "format":"enum", "default":"302", "partition-visibility":"shared", "description":"'302': 302 Found; '307': 307 Temporary Redirect; ", "enum":[ "302", "307" ] }, "challenge-uri-encode":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Encode the challenge phrase in uri instead of in http cookie. Default encoded in http cookie" }, "challenge-cookie-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "default":"sto-idd", "partition-visibility":"shared", "description":"Set the cookie name used to send back to client. Default is sto-idd" }, "challenge-keep-cookie":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Keep the challenge cookie from client and forward to backend. Default is do not keep" }, "challenge-interval":{ "type":"number", "format":"number", "minimum":1, "maximum":31, "default":8, "partition-visibility":"shared", "description":"Specify the challenge interval. Default is 8 seconds" }, "challenge-pass-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"challenge-pass-action", "description":"Configure action-list to take for passing the authentication" }, "challenge-pass-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"challenge-pass-action-list-name", "description":"'authenticate-src': Authenticate-src (Default); ", "enum":[ "authenticate-src" ] }, "challenge-fail-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"challenge-fail-action", "description":"Configure action-list to take for failing the authentication" }, "challenge-fail-action":{ "type":"string", "format":"enum", "default":"reset", "partition-visibility":"shared", "not":"challenge-fail-action-list-name", "description":"'blacklist-src': Blacklist-src; 'reset': Reset client connection(Default); ", "enum":[ "blacklist-src", "reset" ] } } }, "non-http-bypass":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Bypass non-http traffic instead of dropping", "optional":true }, "client-source-ip":{ "type":"object", "properties":{ "client-source-ip":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Mitigate on src ip specified by http header for example X-Forwarded-For header. Default is disabled" }, "http-header-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "default":"X-Forwarded-For", "partition-visibility":"shared", "description":"Set the http header name to parse for client ip. Default is X-Forwarded-For" } } }, "request-header":{ "type":"object", "properties":{ "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":63, "partition-visibility":"shared" }, "header-timeout-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"header-timeout-action", "description":"Configure action-list to take" }, "header-timeout-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"header-timeout-action-list-name", "description":"'drop': Drop packets (Default); 'blacklist-src': Blacklist-src; 'reset': Reset client connection; ", "enum":[ "drop", "blacklist-src", "reset" ] } } }, "src":{ "type":"object", "properties":{ "rate-limit":{ "type":"object", "properties":{ "http-post":{ "type":"object", "properties":{ "src-post-rate-limit":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared" }, "src-post-rate-limit-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"src-post-rate-limit-action", "description":"Configure action-list to take" }, "src-post-rate-limit-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"src-post-rate-limit-action-list-name", "description":"'drop': Drop packets(Default); 'ignore': Take no action; 'reset': Reset client connection; 'blacklist-src': Blacklist-src; ", "enum":[ "drop", "ignore", "reset", "blacklist-src" ] } } }, "http-request":{ "type":"object", "properties":{ "src-request-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared" }, "src-request-rate-limit-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"src-request-rate-limit-action", "description":"Configure action-list to take" }, "src-request-rate-limit-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"src-request-rate-limit-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'reset': Reset client connection; 'blacklist-src': Blacklist-src; ", "enum":[ "drop", "ignore", "reset", "blacklist-src" ] } } } } } } }, "dst":{ "type":"object", "properties":{ "rate-limit":{ "type":"object", "properties":{ "http-post":{ "type":"object", "properties":{ "dst-post-rate-limit":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared" }, "dst-post-rate-limit-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"dst-post-rate-limit-action", "description":"Configure action-list to take" }, "dst-post-rate-limit-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"dst-post-rate-limit-action-list-name", "description":"'drop': Drop packets(Default); 'ignore': Take no action; 'reset': Reset client connection; 'blacklist-src': Blacklist-src; ", "enum":[ "drop", "ignore", "reset", "blacklist-src" ] } } }, "http-request":{ "type":"object", "properties":{ "dst-request-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared" }, "dst-request-rate-limit-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"dst-request-rate-limit-action", "description":"Configure action-list to take" }, "dst-request-rate-limit-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"dst-request-rate-limit-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'reset': Reset client connection; 'blacklist-src': Blacklist-src; ", "enum":[ "drop", "ignore", "reset", "blacklist-src" ] } } }, "response-size":{ "type":"object", "properties":{ "less-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "obj-less":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response size configuration" }, "obj-less-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response rate limit" } } } ] }, "greater-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "obj-greater":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response size configuration" }, "obj-greater-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response rate limit" } } } ] }, "between-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "obj-between1":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response size configuration" }, "obj-between2":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response size configuration" }, "obj-between-rate":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Response rate limit" } } } ] }, "response-size-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"response-size-action", "description":"Configure action-list to take" }, "response-size-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"response-size-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'blacklist-src': Blacklist-src; 'reset': Reset client connection; ", "enum":[ "drop", "ignore", "blacklist-src", "reset" ] } } } } } } }, "slow-read":{ "type":"object", "properties":{ "min-window-size":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"minimum window size" }, "min-window-count":{ "type":"number", "format":"number", "minimum":1, "maximum":31, "partition-visibility":"shared", "description":"Number of packets" }, "slow-read-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"slow-read-action", "description":"Configure action-list to take" }, "slow-read-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"slow-read-action-list-name", "description":"'drop': Drop packets (Default); 'blacklist-src': Blacklist-src; 'ignore': Take no action; 'reset': Reset client connection; ", "enum":[ "drop", "blacklist-src", "ignore", "reset" ] } } }, "out-of-order-queue-size":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":3, "partition-visibility":"shared", "description":"Set the number of packets for the out-of-order HTTP queue (asym mode only)", "optional":true }, "out-of-order-queue-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":15, "default":3, "partition-visibility":"shared", "description":"Set the timeout value in seconds for out-of-order queue in HTTP (asym mode only)", "optional":true }, "idle-timeout":{ "type":"object", "properties":{ "idle-timeout-value":{ "type":"number", "format":"number", "minimum":1, "maximum":63, "partition-visibility":"shared", "description":"Set the the idle timeout value in seconds for HTTP connections" }, "ignore-zero-payload":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Don't reset idle timer on packets with zero payload length from clients" }, "idle-timeout-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"idle-timeout-action", "description":"Configure action-list to take" }, "idle-timeout-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"idle-timeout-action-list-name", "description":"'drop': Drop packets (Default); 'blacklist-src': Blacklist-src; 'reset': Reset client connection; ", "enum":[ "drop", "blacklist-src", "reset" ] } } }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "filter-list":{ "type":"array", "minItems":1, "items":{ "type":"filter" }, "uniqueItems":true, "$ref":"/axapi/v3/ddos/zone-template/http/{http-tmpl-name}/filter/{http-filter-name}", "array":[ { "properties":{ "http-filter-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "optional":false }, "http-filter-seq":{ "type":"number", "format":"number", "minimum":1, "maximum":200, "partition-visibility":"shared", "description":"Sequence number", "optional":true }, "http-header-cfg":{ "type":"object", "properties":{ "http-filter-header-regex":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1275, "partition-visibility":"shared", "description":"Regex Expression" }, "http-filter-header-inverse-match":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared" } } }, "http-referer-cfg":{ "type":"object", "properties":{ "referer-equals-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-referer-equals":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "referer-contains-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-referer-contains":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "referer-starts-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-referer-starts-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "referer-ends-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-referer-ends-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] } } }, "http-agent-cfg":{ "type":"object", "properties":{ "agent-equals-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-agent-equals":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "agent-contains-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-agent-contains":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "agent-starts-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-agent-starts-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] }, "agent-ends-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-agent-ends-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared" } } } ] } } }, "http-uri-cfg":{ "type":"object", "properties":{ "uri-equal-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-uri-equals":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared" } } } ] }, "uri-contains-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-uri-contains":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared" } } } ] }, "uri-starts-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-uri-starts-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared" } } } ] }, "uri-ends-cfg":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "http-filter-uri-ends-with":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared" } } } ] } } }, "dst":{ "type":"object", "properties":{ "http-filter-rate-limit":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Set rate limit" } } }, "http-filter-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"http-filter-action", "description":"Configure action-list to take", "optional":true }, "http-filter-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"http-filter-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'blacklist-src': Blacklist-src; 'authenticate-src': Authenticate-src; 'reset': Reset client connection; ", "enum":[ "drop", "ignore", "blacklist-src", "authenticate-src", "reset" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "http-filter-name" ] } ] }, "malformed-http":{ "type":"object", "$ref":"/axapi/v3/ddos/zone-template/http/{http-tmpl-name}/malformed-http", "properties":{ "malformed-http":{ "type":"string", "format":"enum", "default":"check", "partition-visibility":"shared", "description":"'check': Configure malformed HTTP parameters; ", "enum":[ "check" ] }, "malformed-http-max-line-size":{ "type":"number", "format":"number", "minimum":1, "maximum":65280, "default":32512, "partition-visibility":"shared", "description":"Set the maximum line size. Default value is 32512" }, "malformed-http-max-num-headers":{ "type":"number", "format":"number", "minimum":1, "maximum":90, "default":90, "partition-visibility":"shared", "description":"Set the maximum number of headers. Default value is 90" }, "malformed-http-max-req-line-size":{ "type":"number", "format":"number", "minimum":1, "maximum":65280, "default":32512, "partition-visibility":"shared", "description":"Set the maximum request line size. Default value is 32512" }, "malformed-http-max-header-name-size":{ "type":"number", "format":"number", "minimum":1, "maximum":64, "default":64, "partition-visibility":"shared", "description":"Set the maxinum header name length. Default value is 64." }, "malformed-http-max-content-length":{ "type":"number", "format":"number", "minimum":1, "maximum":4294967295, "default":4294967295, "partition-visibility":"shared", "description":"Set the maxinum content-length header. Default value is 4294967295 bytes" }, "malformed-http-bad-chunk-mon-enabled":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enabling bad chunk monitoring. Default is disabled" }, "malformed-http-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"malformed-http-action", "description":"Configure action-list to take" }, "malformed-http-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"malformed-http-action-list-name", "description":"'drop': Drop packets (Default); 'reset': Reset client connection; 'blacklist-src': Blacklist-src; ", "enum":[ "drop", "reset", "blacklist-src" ] }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" } } } }, "object-keys":[ "http-tmpl-name" ], "required":[ "http-tmpl-name" ] }